Add warning about updating Omnibus is secrets are updated

[ci skip]
author: Stan Hu <stanhu@gmail.com> 2019-05-10 21:38:23 +0300
committer: Stan Hu <stanhu@gmail.com> 2019-05-10 21:41:32 +0300
commit: 33aa185d83e3fc8ed4e2e2fbb8aad97e3a6d8011 (patch)
tree: 66f0cc88585950b598a22cc2cc07e49f0b280852
parent: 4828ef52edee8d23ce564e9d3fe91bdb187a73e3 (diff)
1 files changed, 11 insertions, 0 deletions
diff --git a/config/initializers/01_secret_token.rb b/config/initializers/01_secret_token.rb
index 4328ca509ba..e24b5cbd510 100644
--- a/config/initializers/01_secret_token.rb
+++ b/config/initializers/01_secret_token.rb
@@ -1,3 +1,14 @@
+# WARNING: If you add a new secret to this file, make sure you also
+# update Omnibus GitLab or updates will fail. Omnibus is responsible for
+# writing the `secrets.yml` file.  If Omnibus doesn't know about a
+# secret, Rails will attempt to write to the file, but this will fail
+# because Rails doesn't have write access.
+#
+# As an example:
+# * https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/27581
+# * https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests/3267
+#
+#
 # This file needs to be loaded BEFORE any initializers that attempt to
 # prepend modules that require access to secrets (e.g. EE's 0_as_concern.rb).
 #
author	Stan Hu <stanhu@gmail.com>	2019-05-10 21:38:23 +0300
committer	Stan Hu <stanhu@gmail.com>	2019-05-10 21:41:32 +0300
commit	33aa185d83e3fc8ed4e2e2fbb8aad97e3a6d8011 (patch)
tree	66f0cc88585950b598a22cc2cc07e49f0b280852
parent	4828ef52edee8d23ce564e9d3fe91bdb187a73e3 (diff)