kotovalexarian-likes-gitlab
/
gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity
gitlab-org--gitlab-foss/config/initializers
History
Douwe Maan b1aac0382c Merge branch 'decouple-secret-keys' into 'master' 
Store OTP secret key in secrets.yml

## What does this MR do?

Migrate the value of `.secret` to `config/secrets.yml` if present, so that `.secret` can be rotated without preventing all users with 2FA from logging in. (On a clean setup, generate different keys for each.)

## Are there points in the code the reviewer needs to double check?

I'm not sure we actually need `.secret` at all after this, but it seems safer not to touch it.

## Why was this MR needed?

We have some DB encryption keys in `config/secrets.yml`, and one in `.secret`. They should all be in the same place.

## What are the relevant issue numbers?

#3963, which isn't closed until I make the relevant changes in Omnibus too.

## Does this MR meet the acceptance criteria?

- [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added
- [x] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)
- ~~API support added~~
- Tests
  - [x] Added for this feature/bug
  - [x] All builds are passing
- [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [x] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)

See merge request !5274
 		2016-08-10 16:54:54 +00:00
..
1_settings.rb using shared path for project import uploads and refactored gitlab remove export worker 2016-08-04 12:51:55 +02:00
2_app.rb
4_ci_app.rb
5_backend.rb
6_validations.rb Add ENV variable to skip repository storages validations 2016-07-25 13:48:40 -04:00
active_record_query_trace.rb
attr_encrypted_no_db_connection.rb
backtrace_silencers.rb
bullet.rb
carrierwave.rb
chronic_duration.rb
connection_fix.rb
cookies_serializer.rb
date_time_formats.rb
default_url_options.rb
devise.rb Update to send changed password notification emails 2016-08-05 19:27:36 +01:00
devise_password_length.rb.example
disable_email_interceptor.rb
doorkeeper.rb
gitlab_shell_secret_token.rb
go_get.rb
gollum.rb
hamlit.rb
health_check.rb
inflections.rb
kaminari_config.rb
metrics.rb Instrument Gitlab::Highlight 2016-08-03 17:08:41 +02:00
mime_types.rb Don't allow `.ogg` as a valid video extension 2016-07-21 08:56:57 +02:00
mysql_ignore_postgresql_options.rb
omniauth.rb
postgresql_limit_fix.rb
postgresql_opclasses_support.rb
premailer.rb
public_key.rb
rack_attack.rb.example
rack_attack_git_basic_auth.rb
rack_lineprof.rb
relative_naming_ci_namespace.rb
relative_url.rb.sample
request_profiler.rb Fix RequestProfiler::Middleware error when code is reloaded in development 2016-08-01 14:26:11 +02:00
secret_token.rb Ignore Rails/Exit cop in initializer 2016-08-04 10:17:35 +01:00
sentry.rb
session_store.rb Deduplicated resque.yml loading from several places 2016-08-04 18:55:37 +02:00
sherlock.rb
sidekiq.rb Make sidekiq get config settings from Gitlab::RedisConfig 2016-08-04 18:55:37 +02:00
smtp_settings.rb.sample
static_files.rb
time_zone.rb
trusted_proxies.rb Ignore invalid IPs in X-Forwarded-For when trusted proxies are configured. 2016-07-31 15:36:11 -04:00
wrap_parameters.rb