For security reasons, you should add a trusted CA source secret to the BuildConfig. To answer your question, you can disable TLS verification by setting an environment variable GIT_SSL_NO_VERIFYto falsein the BuildConfig. Checks the docs herefor more info.

出于安全原因，您应该向 BuildConfig添加受信任的 CA 源机密。要回答您的问题，您可以通过在 BuildConfig 中设置环境变量GIT_SSL_NO_VERIFY来禁用 TLS 验证false。查看此处的文档以获取更多信息。

To pass this directly to the oc new-appcommand run oc new-app --build-env GIT_SSL_NO_VERIFY=false

将此直接传递给oc new-app命令运行oc new-app --build-env GIT_SSL_NO_VERIFY=false

Alternatively, I'd suggest just importing the root CA such that TLS validation works. Won't attempt to speak to all the reasons why this should be a must, but here's how you'd do it:

或者，我建议只导入根 CA，以便 TLS 验证工作。不会试图说明为什么这应该是必须的所有原因，但您可以这样做：

1) Grab the root certificate file.

1) 获取根证书文件。

If you're running an internal Gitlab instance, whoever set it up should be able to point you to the root CA they're using.

如果您正在运行内部 Gitlab 实例，那么设置它的人应该能够将您指向他们正在使用的根 CA。

2) Create a new secret with the certificate file

2）用证书文件创建一个新的秘密

#oc secrets new [secret name] ca.crt=[local .crt file]
oc secrets new tls-root-ca ca.crt=my-it-ca.crt

3) Attach your newly created secret to the build config

3）将您新创建的秘密附加到构建配置

    #oc patch bc/[build config name] --patch '{ "spec": {"source": { "sourceSecret": { "name": "[secret name]" } } } }'
    oc patch bc/my-build --patch '{ "spec": {"source": { "sourceSecret": { "name": "tls-root-ca" } } } }'

In case you're not familiar with the patch command, this is just adding a "sourceSecret" block like this:

如果您不熟悉 patch 命令，这只是添加一个“sourceSecret”块，如下所示：

  source:
    git:
      uri: https://your.gitlab.org/your-app
    sourceSecret:
      name: tls-root-ca

See also the openshift guide on build input secrets

另请参阅有关构建输入机密的openshift 指南