delta/gitlab/gitlab-ce.git/config/initializers/secret_token.rb, branch docs-pages-https gitlab.com: gitlab-org/gitlab-ce.git Upgrade doorkeeper-openid_connect 2017-09-20T15:38:33+00:00 Markus Koller markus-koller@gmx.ch 2017-09-19T15:20:49+00:00 26eadca48cc58e53e5e060efe6424f63377c7663 






Implement OpenID Connect identity provider
2017-03-07T13:54:35+00:00

Markus Koller
markus-koller@gmx.ch

2016-12-09T17:36:50+00:00

c4982890489d254da2fe998aab30bf257767ed5e












Ignore Rails/Exit cop in initializer
2016-08-04T09:17:35+00:00

Sean McGivern
sean@gitlab.com

2016-08-04T09:17:35+00:00

c19fa02fa020d4b7aa69b3bbc51a4a257163325b

We do not want to proceed with loading the app in this case, as it could
lose a secret needed to decrypt values in the database.





We do not want to proceed with loading the app in this case, as it could
lose a secret needed to decrypt values in the database.







Clarify intentions of secret token initializer
2016-08-03T14:48:48+00:00

Sean McGivern
sean@gitlab.com

2016-07-20T14:10:28+00:00

732ad2f6c1cfe126c0b2080c6e8d0fe3e77c4d1e












Give priority to environment variables
2016-08-03T14:48:48+00:00

Sean McGivern
sean@gitlab.com

2016-07-19T14:12:40+00:00

90565b5f95ce3d6d0b81078fe9fa9a9f196b4cde

If an environment variable exists for secret_key_base, use that -
always. But don't save it to secrets.yml.

Also ensure that we never write to secrets.yml if there's a non-blank
value there.





If an environment variable exists for secret_key_base, use that -
always. But don't save it to secrets.yml.

Also ensure that we never write to secrets.yml if there's a non-blank
value there.







Store all secret keys in secrets.yml
2016-08-03T14:48:47+00:00

Sean McGivern
sean@gitlab.com

2016-07-17T10:01:38+00:00

379c2cbcbd1544a1f80135c491937dabb04821df

Move the last secret from .secret to config/secrets.yml, and delete
.secret if it exists.





Move the last secret from .secret to config/secrets.yml, and delete
.secret if it exists.







Store OTP secret key in secrets.yml
2016-08-03T14:46:37+00:00

Sean McGivern
sean@gitlab.com

2016-07-15T12:19:29+00:00

405379bbfcb7821b3dae77e5254362f2d696bb7d

.secret stores the secret token used for both encrypting login cookies
and for encrypting stored OTP secrets. We can't rotate this, because
that would invalidate all existing OTP secrets.

If the secret token is present in the .secret file or an environment
variable, save it as otp_key_base in secrets.yml. Now .secret can be
rotated without invalidating OTP secrets.

If the secret token isn't present (initial setup), then just generate a
separate otp_key_base and save in secrets.yml.

Update the docs to reflect that secrets.yml needs to be retained past
upgrades, but .secret doesn't.





.secret stores the secret token used for both encrypting login cookies
and for encrypting stored OTP secrets. We can't rotate this, because
that would invalidate all existing OTP secrets.

If the secret token is present in the .secret file or an environment
variable, save it as otp_key_base in secrets.yml. Now .secret can be
rotated without invalidating OTP secrets.

If the secret token isn't present (initial setup), then just generate a
separate otp_key_base and save in secrets.yml.

Update the docs to reflect that secrets.yml needs to be retained past
upgrades, but .secret doesn't.







Rails update to 4.2.4
2015-11-25T16:18:44+00:00

Valery Sizov
vsv2711@gmail.com

2015-11-25T16:18:44+00:00

40ff1318d29884e4d17e7e450d8a7633e5ac36a9












Groundwork for merging CI into CE
2015-08-26T01:42:46+00:00

Douwe Maan
douwe@gitlab.com

2015-08-26T01:42:46+00:00

046b28312704f3131e72dcd2dbdacc5264d4aa62












Allow to specify secret token via environment variable.
2014-04-15T18:27:25+00:00

Cyril Rohr
cyril.rohr@gmail.com

2014-04-15T16:57:07+00:00

b29171d9ec430c35413335eb6a8cbe83383c46c6