summaryrefslogtreecommitdiff
path: root/config
diff options
context:
space:
mode:
authorStan Hu <stanhu@gmail.com>2019-05-10 13:38:23 -0500
committerStan Hu <stanhu@gmail.com>2019-05-10 13:41:32 -0500
commit33aa185d83e3fc8ed4e2e2fbb8aad97e3a6d8011 (patch)
tree66f0cc88585950b598a22cc2cc07e49f0b280852 /config
parent4828ef52edee8d23ce564e9d3fe91bdb187a73e3 (diff)
downloadgitlab-ce-33aa185d83e3fc8ed4e2e2fbb8aad97e3a6d8011.tar.gz
Add warning about updating Omnibus is secrets are updatedsh-add-omnibus-secrets
[ci skip]
Diffstat (limited to 'config')
-rw-r--r--config/initializers/01_secret_token.rb11
1 files changed, 11 insertions, 0 deletions
diff --git a/config/initializers/01_secret_token.rb b/config/initializers/01_secret_token.rb
index 4328ca509ba..e24b5cbd510 100644
--- a/config/initializers/01_secret_token.rb
+++ b/config/initializers/01_secret_token.rb
@@ -1,3 +1,14 @@
+# WARNING: If you add a new secret to this file, make sure you also
+# update Omnibus GitLab or updates will fail. Omnibus is responsible for
+# writing the `secrets.yml` file. If Omnibus doesn't know about a
+# secret, Rails will attempt to write to the file, but this will fail
+# because Rails doesn't have write access.
+#
+# As an example:
+# * https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/27581
+# * https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests/3267
+#
+#
# This file needs to be loaded BEFORE any initializers that attempt to
# prepend modules that require access to secrets (e.g. EE's 0_as_concern.rb).
#