Enable use of Rails' new cookie encryption

Old cookies are still valid and are automatically upgraded by Rails
2019-08-05 14:51:15 +08:00 · 2019-08-05 14:51:15 +08:00 · d470f429fb
commit d470f429fb
parent 9757636074
4 changed files with 29 additions and 19 deletions
--- a/changelogs/unreleased/63942-remove-config-action_dispatch-use_authenticated_cookie_encryption-configuration.yml
+++ b/changelogs/unreleased/63942-remove-config-action_dispatch-use_authenticated_cookie_encryption-configuration.yml
@ -0,0 +1,5 @@
+---
+title: Enable authenticated cookie encryption
+merge_request: 31463
+author:
+type: other
--- a/config/application.rb
+++ b/config/application.rb
@ -293,10 +293,5 @@ module Gitlab
      Gitlab::Routing.add_helpers(project_url_helpers)
      Gitlab::Routing.add_helpers(MilestonesRoutingHelper)
    end
-
-    # This makes generated cookies to be compatible with Rails 5.1 and older
-    # We can remove this when we're confident that there are no issues with the Rails 5.2 upgrade
-    # and we won't need to rollback to older versions
-    config.action_dispatch.use_authenticated_cookie_encryption = false
  end
 end
--- a/doc/update/README.md
+++ b/doc/update/README.md
@ -135,6 +135,30 @@ If you need to downgrade your Enterprise Edition installation back to Community
 Edition, you can follow [this guide][ee-ce] to make the process as smooth as
 possible.

+## Version specific upgrading instructions
+
+### 12.2.0
+
+In 12.2.0, we enabled Rails' authenticated cookie encryption. Old sessions are
+automatically upgraded.
+
+However, session cookie downgrades are not supported. So after upgrading to 12.2.0,
+any downgrades would result to all sessions being invalidated and users are logged out.
+
+### 12.0.0
+
+In 12.0.0 we made various database related changes. These changes require that
+users first upgrade to the latest 11.11 patch release. Once upgraded to 11.11.x,
+users can upgrade to 12.x. Failure to do so may result in database migrations
+not being applied, which could lead to application errors.
+
+Example 1: you are currently using GitLab 11.11.3, which is the latest patch
+release for 11.11.x. You can upgrade as usual to 12.0.0, 12.1.0, etc.
+
+Example 2: you are currently using a version of GitLab 10.x. To upgrade, first
+upgrade to 11.11.3. Once upgraded to 11.11.3 you can safely upgrade to 12.0.0
+or future versions.
+
 ## Miscellaneous

 - [MySQL to PostgreSQL](mysql_to_postgresql.md) guides you through migrating
--- a/doc/update/upgrading_from_source.md
+++ b/doc/update/upgrading_from_source.md
@ -378,20 +378,6 @@ Example:
 Additional instructions here.
 -->

-### 12.0.0
-
-In 12.0.0 we made various database related changes. These changes require that
-users first upgrade to the latest 11.11 patch release. Once upgraded to 11.11.x,
-users can upgrade to 12.x. Failure to do so may result in database migrations
-not being applied, which could lead to application errors.
-
-Example 1: you are currently using GitLab 11.11.3, which is the latest patch
-release for 11.11.x. You can upgrade as usual to 12.0.0, 12.1.0, etc.
-
-Example 2: you are currently using a version of GitLab 10.x. To upgrade, first
-upgrade to 11.11.3. Once upgraded to 11.11.3 you can safely upgrade to 12.0.0
-or future versions.
-
 ## Things went south? Revert to previous version

 ### 1. Revert the code to the previous version