x/build/cmd/coordinator: http://farmer.golang.org should redirect to https #27870
Comments
dmitshur
added
Security
Builders
|
Sounds fine. I had said no in the past when we did a bunch of the other service redirects because I didn't 100% trust the autocert code/cert caching and I didn't want to add more moving parts that might fail & hinder debugging of a production system, but I think it's time. Since I last said no, the reverse buildlets now connect to https anyway without using a hard-coded server cert like they used to, so we're already depending on LetsEncrypt/etc. |
|
@dmitshur, did you want to do this? |
|
Sure. This part still applies:
|
|
There's no config file if that's what you're asking. You just need to go add a few lines of code to a Handler somewhere, checking to see if req.TLS == nil. |
|
Change https://golang.org/cl/168138 mentions this issue: |
Unless there's a good reason why it doesn't/cannot, or it's extremely time-consuming.
build.golang.org, dev.golang.org, tip.golang.org, etc., already do it.
I'd also like to learn how to do this (so I can apply the knowledge in similar situations in the future). /cc @bradfitz
The text was updated successfully, but these errors were encountered: