release-it/release-it

Allow insecure connections to self-hosted Gitlab instances

Closed this issue ยท 1 comments

Hi! ๐Ÿ‘‹

Firstly, thanks for your work on this project! ๐Ÿ™‚

Today I used patch-package to patch release-it@17.4.1 for the project I'm working on.

The problem we have is that we host our own private Gitlab instance deployed to our internal network using a self signed certificate.

I understand there is already an option to pass our certificate to release-it, but it is not very ergonomic since we need to keep passing the certificate around to everyone in the project before they can create a release.

The got library used internally by release-it already provides an option to allow insecure https connection.

I was wondering if it would be possible to extend the Gitlab options to also accept a secure flag and pass it down to got?

I'll be more than happy to open a PR if you accept this suggestion.

Here is the diff that solved our problem:

diff --git a/node_modules/release-it/lib/plugin/gitlab/GitLab.js b/node_modules/release-it/lib/plugin/gitlab/GitLab.js
index 60dc8ac..fd20c81 100644
--- a/node_modules/release-it/lib/plugin/gitlab/GitLab.js
+++ b/node_modules/release-it/lib/plugin/gitlab/GitLab.js
@@ -169,7 +169,13 @@ class GitLab extends Release {
   }
 
   async request(endpoint, options) {
-    const { baseUrl } = this.getContext();
+    const { baseUrl, secure } = this.getContext();
+    
+    if (secure === false) {
+      options.https = options.https || {};
+      options.https.rejectUnauthorized = false;
+    }
+
     this.debug(Object.assign({ url: `${baseUrl}/${endpoint}` }, options));
     const method = (options.method || 'POST').toLowerCase();
     const response = await this.client[method](endpoint, options);

This issue body was partially generated by patch-package.

I was wondering if it would be possible to extend the Gitlab options to also accept a secure flag and pass it down to got?

I'll be more than happy to open a PR if you accept this suggestion.

Sounds good! Looks all reasonable and sound :)