git protocol is in clear text, s we should avoid it since a attackant could do mitm and inject code that will be built (and likely executed) on user system.
The intention here was to reduce the load on Gerrit servers. We should do the following to fix this up: * Remove Giturl from the config so it's not advertised over the UI * Setup a read-only replica of git repos on Gerrit for CI to consume. * Get that to serve over HTTPS for CI system to clone. The git clone is actively used by the CI system because it doesn't place load on Gerrit itself.
We already have a reverse proxy in front of gerrit, so we can (maybe with lots of hack in the automation) do some magic to bypass gerrit for a specific url and/or vhost.
The interest in the less hacky solution is so that we can bring down gerrit without majority affecting CI jobs, which will clone of our replicated git.
Are there plans to do further/additional work on this? If not, I'd request a CLOSED DEFERRED.
Dunno, I think Nigel had a specific plan for this, but that's not on my radar. I would however keep it open so we do not forget, once more urgent stuff are done (or once we get more ressources, who would have a side effect of fixing more urgent stuff)
This bug is moved to https://github.com/gluster/project-infrastructure/issues/25, and will be tracked there from now on. Visit GitHub issues URL for further details