Skip to content
Snippets Groups Projects
Commit 780e56d5 authored by Kamil Trzcinski's avatar Kamil Trzcinski
Browse files

Update docs and CHANGELOG

parent 01715d85
Branches
Tags
No related merge requests found
Hide whitespace changes
Inline Side-by-side
CHANGELOG.md
+ 9
0
View file @ 780e56d5
...@@ -3,6 +3,15 @@ v 0.7.0 (unreleased) ...@@ -3,6 +3,15 @@ v 0.7.0 (unreleased)
- Refactor bash script adding pre-build and post-build steps - Refactor bash script adding pre-build and post-build steps
- Add support for build artifacts - Add support for build artifacts
- Add support for caching build directories - Add support for caching build directories
- Add command to generate archive with cached folders or artifacts
- Use separate containers to run pre-build (git clonning), build (user scripts) and post-build (uploading artifacts)
- Expand variables, allowing to use $CI_BUILD_TAG in image names, or in other variables
- Make shell executor to use absolute path for project dir
- Be strict about code formatting
- Move network related code to separate package
- Automatically load TLS certificates stored in /etc/gitlab-runner/certs/<hostname>.crt
- Allow to specify tls-ca-file during registration
- Allow to disable tls verification during registration
v 0.6.1 v 0.6.1
- Revert: Fix tags handling when using git fetch: fetch all tags and prune the old ones - Revert: Fix tags handling when using git fetch: fetch all tags and prune the old ones
......
docs/configuration/tls-self-signed.md
+ 10
9
View file @ 780e56d5
...@@ -10,12 +10,12 @@ The GitLab Runner provides these options: ...@@ -10,12 +10,12 @@ The GitLab Runner provides these options:
2. GitLab Runner reads the PEM (**DER format is not supported**) certificate from predefined file: 2. GitLab Runner reads the PEM (**DER format is not supported**) certificate from predefined file:
- `/etc/gitlab-runner/certs/hostname.crt` on *nix systems when gitlab-runner is executed as root. - `/etc/gitlab-runner/certs/hostname.crt` on *nix systems when gitlab-runner is executed as root.
- `~/.gitlab-runner/certs/hostname.crt` on *nix systems when gitlab-runner is executed as non-root, - `~/.gitlab-runner/certs/hostname.crt` on *nix systems when gitlab-runner is executed as non-root,
- `./certs/hostname.crt` on other systems. - `./certs/hostname.crt` on other systems.
If address of your server is: `https://my.gitlab.server.com:8443/`. If address of your server is: `https://my.gitlab.server.com:8443/`.
Create the certificate file at: `/etc/gitlab-runner/certs/my.gitlab.server.com`. Create the certificate file at: `/etc/gitlab-runner/certs/my.gitlab.server.com`.
3. GitLab Runner exposes `tls-ca-file` option during registration and in [`config.toml`](advanced-configuration.md) 3. GitLab Runner exposes `tls-ca-file` option during registration and in [`config.toml`](advanced-configuration.md)
which allows you to specify custom file with certificates. This file will be read everytime when runner tries to which allows you to specify custom file with certificates. This file will be read everytime when runner tries to
...@@ -25,9 +25,10 @@ access the GitLab server. ...@@ -25,9 +25,10 @@ access the GitLab server.
which allows you to skip TLS verification when connecting to server. which allows you to skip TLS verification when connecting to server.
**This approach is INSECURE! Use at your own risk!** **This approach is INSECURE! Use at your own risk!**
Anyone can eavesdrop your connection: Anyone can eavesdrop your connection:
- see the runner token which is used to authenticate against GitLab,
- see tokens which are used to clone GitLab projects, - see the runner token which is used to authenticate against GitLab,
- see the secure variables that are passed to runner. - see tokens which are used to clone GitLab projects,
- see the secure variables that are passed to runner.
### Git cloning ### Git cloning
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment