ISSUE TYPE

• Bug Report

COMPONENT NAME

• API
• UI

SUMMARY

I am trying to clone a repository from our internal Bitbucket server. The server runs with a self signed certificate. The clone operation breaks due to Peer's Certificate issuer is not recognized.

As a workaround, I tried to disabled SSL verification via the .gitconfig for the root user on the awx-task container, but with no luck. The process forked by AWX seems to ignore that. Second problem would be that this is just a transient solution.

The following Stackoverflow post describes another issue related to this:
https://serverfault.com/questions/877530/git-called-by-awx-ignores-manually-installed-root-ca

This is essentially a showstopper for us, as we cannot clone Ansible provisioning code without pain.

ENVIRONMENT

• AWX version: 1.0.1.81
• AWX install method: docker on CentOS 7
• Ansible version: 2.4.0.0
• Web Browser: Chrome 62.0.3202.62

STEPS TO REPRODUCE

• Create new credential entity for your repo via UI
• Create new Project via the UI
  • Use afore created credentials
  • Use HTTPS protocol, use Git repo secured by self signed certificate

EXPECTED RESULTS

• Add a checkbox to the Project creation page that disables SSL verification for the given project
• The forked git clone task command needs to leverage that setting
• In result, the repo with the self-signed cert can be cloned

ACTUAL RESULTS

• Repo cannot be cloned due to certificate trust error

ADDITIONAL INFORMATION