b1aac0382c
Store OTP secret key in secrets.yml ## What does this MR do? Migrate the value of `.secret` to `config/secrets.yml` if present, so that `.secret` can be rotated without preventing all users with 2FA from logging in. (On a clean setup, generate different keys for each.) ## Are there points in the code the reviewer needs to double check? I'm not sure we actually need `.secret` at all after this, but it seems safer not to touch it. ## Why was this MR needed? We have some DB encryption keys in `config/secrets.yml`, and one in `.secret`. They should all be in the same place. ## What are the relevant issue numbers? #3963, which isn't closed until I make the relevant changes in Omnibus too. ## Does this MR meet the acceptance criteria? - [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - [x] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - ~~API support added~~ - Tests - [x] Added for this feature/bug - [x] All builds are passing - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if you do - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !5274 |
||
|---|---|---|
| .. | ||
| config | ||
| controllers | ||
| factories | ||
| features | ||
| finders | ||
| fixtures | ||
| helpers | ||
| initializers | ||
| javascripts | ||
| lib | ||
| mailers | ||
| models | ||
| requests | ||
| routing | ||
| services | ||
| support | ||
| tasks/gitlab | ||
| uploaders | ||
| views | ||
| workers | ||
| factories_spec.rb | ||
| rails_helper.rb | ||
| simplecov_env.rb | ||
| spec_helper.rb | ||
| teaspoon_env.rb | ||