Enable use of Rails' new cookie encryption
Old cookies are still valid and are automatically upgraded by Rails
This commit is contained in:
parent
9757636074
commit
d470f429fb
4 changed files with 29 additions and 19 deletions
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
title: Enable authenticated cookie encryption
|
||||
merge_request: 31463
|
||||
author:
|
||||
type: other
|
|
@ -293,10 +293,5 @@ module Gitlab
|
|||
Gitlab::Routing.add_helpers(project_url_helpers)
|
||||
Gitlab::Routing.add_helpers(MilestonesRoutingHelper)
|
||||
end
|
||||
|
||||
# This makes generated cookies to be compatible with Rails 5.1 and older
|
||||
# We can remove this when we're confident that there are no issues with the Rails 5.2 upgrade
|
||||
# and we won't need to rollback to older versions
|
||||
config.action_dispatch.use_authenticated_cookie_encryption = false
|
||||
end
|
||||
end
|
||||
|
|
|
@ -135,6 +135,30 @@ If you need to downgrade your Enterprise Edition installation back to Community
|
|||
Edition, you can follow [this guide][ee-ce] to make the process as smooth as
|
||||
possible.
|
||||
|
||||
## Version specific upgrading instructions
|
||||
|
||||
### 12.2.0
|
||||
|
||||
In 12.2.0, we enabled Rails' authenticated cookie encryption. Old sessions are
|
||||
automatically upgraded.
|
||||
|
||||
However, session cookie downgrades are not supported. So after upgrading to 12.2.0,
|
||||
any downgrades would result to all sessions being invalidated and users are logged out.
|
||||
|
||||
### 12.0.0
|
||||
|
||||
In 12.0.0 we made various database related changes. These changes require that
|
||||
users first upgrade to the latest 11.11 patch release. Once upgraded to 11.11.x,
|
||||
users can upgrade to 12.x. Failure to do so may result in database migrations
|
||||
not being applied, which could lead to application errors.
|
||||
|
||||
Example 1: you are currently using GitLab 11.11.3, which is the latest patch
|
||||
release for 11.11.x. You can upgrade as usual to 12.0.0, 12.1.0, etc.
|
||||
|
||||
Example 2: you are currently using a version of GitLab 10.x. To upgrade, first
|
||||
upgrade to 11.11.3. Once upgraded to 11.11.3 you can safely upgrade to 12.0.0
|
||||
or future versions.
|
||||
|
||||
## Miscellaneous
|
||||
|
||||
- [MySQL to PostgreSQL](mysql_to_postgresql.md) guides you through migrating
|
||||
|
|
|
@ -378,20 +378,6 @@ Example:
|
|||
Additional instructions here.
|
||||
-->
|
||||
|
||||
### 12.0.0
|
||||
|
||||
In 12.0.0 we made various database related changes. These changes require that
|
||||
users first upgrade to the latest 11.11 patch release. Once upgraded to 11.11.x,
|
||||
users can upgrade to 12.x. Failure to do so may result in database migrations
|
||||
not being applied, which could lead to application errors.
|
||||
|
||||
Example 1: you are currently using GitLab 11.11.3, which is the latest patch
|
||||
release for 11.11.x. You can upgrade as usual to 12.0.0, 12.1.0, etc.
|
||||
|
||||
Example 2: you are currently using a version of GitLab 10.x. To upgrade, first
|
||||
upgrade to 11.11.3. Once upgraded to 11.11.3 you can safely upgrade to 12.0.0
|
||||
or future versions.
|
||||
|
||||
## Things went south? Revert to previous version
|
||||
|
||||
### 1. Revert the code to the previous version
|
||||
|
|
Loading…
Reference in a new issue