Make location of gitlab_workhorse_secret configurable

Hard-coding location of configuration files is very bad practice. This
patch applies the same approach as currently used for
gitlab_shell_secret file.

config/gitlab.yml.example

@@ -505,6 +505,11 @@ production: &base
     # If you use non-standard ssh port you need to specify it
     # ssh_port: 22
 
+  workhorse:
+    # File that contains the secret key for verifying access for gitlab-workhorse.
+    # Default is '.gitlab_workhorse_secret' relative to Rails.root (i.e. root of the GitLab app).
+    # secret_file: /home/git/gitlab/.gitlab_workhorse_secret
+
   ## Git settings
   # CAUTION!
   # Use the default values unless you really know what you are doing

config/initializers/1_settings.rb

@@ -387,6 +387,12 @@ Settings.gitlab_shell['ssh_user']     ||= Settings.gitlab.user
 Settings.gitlab_shell['owner_group']  ||= Settings.gitlab.user
 Settings.gitlab_shell['ssh_path_prefix'] ||= Settings.__send__(:build_gitlab_shell_ssh_path_prefix)
 
+#
+# Workhorse
+#
+Settings['workhorse'] ||= Settingslogic.new({})
+Settings.workhorse['secret_file'] ||= Rails.root.join('.gitlab_workhorse_secret')
+
 #
 # Repositories
 #

lib/gitlab/workhorse.rb

@@ -168,7 +168,7 @@ module Gitlab
       end
 
       def secret_path
-        Rails.root.join('.gitlab_workhorse_secret')
+        Gitlab.config.workhorse.secret_file
       end
 
       def set_key_and_notify(key, value, expire: nil, overwrite: true)