diff --git a/applicationset/generators/scm_provider.go b/applicationset/generators/scm_provider.go index 207cff8e9623b..54edac62e4b8c 100644 --- a/applicationset/generators/scm_provider.go +++ b/applicationset/generators/scm_provider.go @@ -200,7 +200,7 @@ func (g *SCMProviderGenerator) GenerateParams(appSetGenerator *argoprojiov1alpha if err != nil { return nil, fmt.Errorf("error fetching SCM-Manager token: %v", err) } - provider, err = scm_provider.NewScmManagerProvider(ctx, token, providerConfig.ScmManager.API, providerConfig.ScmManager.AllBranches, providerConfig.ScmManager.Insecure) + provider, err = scm_provider.NewScmManagerProvider(ctx, token, providerConfig.ScmManager.API, providerConfig.ScmManager.AllBranches, providerConfig.ScmManager.Insecure, g.scmRootCAPath) if err != nil { return nil, fmt.Errorf("error initializing SCM-Manager provider: %v", err) } diff --git a/applicationset/services/scm_provider/scm-manager.go b/applicationset/services/scm_provider/scm-manager.go index f233175d23755..d91f06ffd6772 100644 --- a/applicationset/services/scm_provider/scm-manager.go +++ b/applicationset/services/scm_provider/scm-manager.go @@ -2,11 +2,10 @@ package scm_provider import ( "context" - "crypto/tls" "errors" "fmt" + "github.com/argoproj/argo-cd/v2/applicationset/utils" "net/http" - "net/http/cookiejar" "os" scmm "github.com/scm-manager/goscm" @@ -19,25 +18,23 @@ type ScmManagerProvider struct { var _ SCMProviderService = &ScmManagerProvider{} -func NewScmManagerProvider(ctx context.Context, token, url string, allBranches, insecure bool) (*ScmManagerProvider, error) { +func NewScmManagerProvider(ctx context.Context, token, url string, allBranches, insecure bool, scmRootCAPath string) (*ScmManagerProvider, error) { if token == "" { token = os.Getenv("SCMM_TOKEN") } httpClient := &http.Client{} - if insecure { - cookieJar, _ := cookiejar.New(nil) - - httpClient = &http.Client{ - Jar: cookieJar, - Transport: &http.Transport{ - TLSClientConfig: &tls.Config{InsecureSkipVerify: true}, - }} - } + tr := http.DefaultTransport.(*http.Transport).Clone() + tr.TLSClientConfig = utils.GetTlsConfig(scmRootCAPath, insecure) + httpClient.Transport = tr + client, err := scmm.NewClient(url, token) + if err != nil { return nil, fmt.Errorf("error creating a new SCM-Manager client: %w", err) } + client.SetHttpClient(httpClient) + return &ScmManagerProvider{ client: client, allBranches: allBranches, diff --git a/applicationset/services/scm_provider/scm-manager_test.go b/applicationset/services/scm_provider/scm-manager_test.go index a1af31f9f9710..9211426f9f43d 100644 --- a/applicationset/services/scm_provider/scm-manager_test.go +++ b/applicationset/services/scm_provider/scm-manager_test.go @@ -137,7 +137,7 @@ func TestScmManagerListRepos(t *testing.T) { defer ts.Close() for _, c := range cases { t.Run(c.name, func(t *testing.T) { - provider, _ := NewScmManagerProvider(context.Background(), "", ts.URL, c.allBranches, false) + provider, _ := NewScmManagerProvider(context.Background(), "", ts.URL, c.allBranches, false, "") rawRepos, err := ListRepos(context.Background(), provider, c.filters, c.proto) if c.hasError { assert.NotNil(t, err) @@ -166,7 +166,7 @@ func TestScmManagerHasPath(t *testing.T) { scmManagerMockHandler(t)(w, r) })) defer ts.Close() - host, _ := NewScmManagerProvider(context.Background(), "", ts.URL, false, false) + host, _ := NewScmManagerProvider(context.Background(), "", ts.URL, false, false, "") repo := &Repository{ Organization: "test-argocd", Repository: "pr-test",