Use subjectAltName in TLS for gitaly on gitlab-qa
We need to use TLS certificate for with subjectAltName
(not only with commonName
) on gitaly server (built with Go 1.15+) in gitlab-qa.
Due to breaking change on Golang 1.15, this happens only in gitaly, not in gitlab or the CA certificate.
See https://golang.org/doc/go1.15#commonname
upstream: gitlab#324622 (closed)
This causes failures on ce:mtls
and ee:mtls
jobs in gitlab-qa pipelines: e.g., https://gitlab.com/gitlab-org/gitlab-qa-mirror/-/jobs/1049504877
Edited by Takuya Noguchi