poudriere overlay: passing down git ENV variables (problem: self signed certificates)

Reply: Michael Gmelin : "Re: poudriere overlay: passing down git ENV variables (problem: self signed certificates)"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: FreeBSD User <freebsd_at_walstatt-de.de>
Date: Wed, 03 Aug 2022 10:38:26 UTC

Hello,

I try to acconplish tasks in maintaining ports via poudriere-devel's OVERLAY option. First of
all:

it is a pain in the a... not having ANY suitable hint how to perform this, a single line like
that I found after a couple of hours searching here: https://github.com/decke/ports would have
been of help, really.

So, I'm facing the all-time-present problem of having my own git server based on HTTPS with
self signed certificate. git rejects connecting to those servers in the default configuration
setting. Usually, I've to set via
git config http.sslVerify false
to not verify the certificate.
Following the instructions given at https://github.com/decke/ports with my existing poudriere
setup incorporating a ports folder, adjusting the URI with the one appropriate for my case,
like:

env GIT_NO_SSL_VERIFY=true poudriere ports -c -U https://myname@my.server.de/git/ports.git -m
"git+https" -B master -p ov-freebsd

fails with the well known "... problem: self signed certificate".

Obviously poudriere is spawning its own environment within git operates (so it seems to me)
and is not passing the given environment variable GIT_NO_SSL_VERIFY=true down to git.

Now, I'm stuck here. I tried, anticpating that the "overlay port's folder" will be located at
the same root as my "head" foleder for the port's collection will be rooted at, creating an
folder "ov-freebsd" and creating the .git folder and config file with
git init --bare ov-freebsd
and then manually config this according to the specifications given by the initial poudriere
command as seen above - does NOT WORK. It seems git is called to early or never access the
given preexisting folder - or I'm wrong in the assumption of the location of the overlay
folder.

Also, checking out the "personal" git repo at the anticipated correct location and
configuring "http.sslVerify false" does not succeed as expected.

I guess this problem must be very common amongst those having their own git repository servers
backed via a webserver secured via SSL self signed certificates, so I wonder whether there is
a solution or not.

Can someone enlighten my? How can I pass the specified env varibale down poudriere to git to
achive the desired task? Assuming this procedure is correct. If not, what is the proper way to
achive that task?

Many thanks in advance.
Kind regards

--
O. Hartmann