Feature proposal: Refuse to start GitLab if encrypted values cannot be decrypted
Problem to solve
Currently GitLab can not access encrypted data when restored from a backup, the users need to manually backup and add the secrets from gitlab-secrets.json
to be able to access encrypted database records. See also here. A check at startup which stops GitLab from starting and give a meaningful error message about the missing secrets would help to let users not run into seemingly random 500
errors.
@ayufan already proposed a check for the secret here
Further details
Proposal
GitLab should, at startup, check if the current secret is actually usable with the encrypted database fields and refuse to start if not. In case of a mis-match also a verbose explanation should be displayed about the problem.
Documentation
Links / references
cc: @dzaporozhets