Cleanup object storage config when using consolidated configuration

🔥 Problem

Using the following gitlab.rb:

gitlab.rb

# Consolidated object storage configuration
gitlab_rails['object_store']['enabled'] = true
gitlab_rails['object_store']['proxy_download'] = true
gitlab_rails['object_store']['connection'] = {
  'provider' => 'AWS',
  'region' => 'eu-central-1',
  'aws_access_key_id' => '<AWS_ACCESS_KEY_ID>',
  'aws_secret_access_key' => '<AWS_SECRET_ACCESS_KEY>'
}
# OPTIONAL: The following lines are only needed if server side encryption is required
gitlab_rails['object_store']['storage_options'] = {
  'server_side_encryption' => '<AES256 or aws:kms>',
  'server_side_encryption_kms_key_id' => '<arn:aws:kms:xxx>'
}
gitlab_rails['object_store']['objects']['artifacts']['bucket'] = 'gitlab-artifacts'
gitlab_rails['object_store']['objects']['external_diffs']['bucket'] = 'gitlab-mr-diffs'
gitlab_rails['object_store']['objects']['lfs']['bucket'] = 'gitlab-lfs'
gitlab_rails['object_store']['objects']['uploads']['bucket'] = 'gitlab-uploads'
gitlab_rails['object_store']['objects']['packages']['bucket'] = 'gitlab-packages'
gitlab_rails['object_store']['objects']['dependency_proxy']['bucket'] = 'gitlab-dependency-proxy'
gitlab_rails['object_store']['objects']['terraform_state']['bucket'] = 'gitlab-terraform-state'
gitlab_rails['object_store']['objects']['ci_secure_files']['bucket'] = 'gitlab-ci-secure-files'
gitlab_rails['object_store']['objects']['pages']['bucket'] = 'gitlab-pages'

(from https://docs.gitlab.com/ee/administration/object_storage.html?tab=Linux+package+%28Omnibus%29#full-example-using-the-consolidated-form-and-amazon-s3, tab Linux package (Omnibus))

after gitlab-ctl reconfigure, we get this in /var/opt/gitlab/gitlab-rails/etc/gitlab.yml:

gitlab.yml (snippets)

  object_store:
     enabled: true
     proxy_download: true
     connection: {"provider":"AWS","region":"eu-central-1","aws_access_key_id":"<AWS_ACCESS_KEY_ID>","aws_secret_access_key":"<AWS_SECRET_ACCESS_KEY>"}
     storage_options: {"server_side_encryption":"<AES256 or aws:kms>","server_side_encryption_kms_key_id":"<arn:aws:kms:xxx>"}
     objects: {"artifacts":{"bucket":"gitlab-artifacts"},"external_diffs":{"bucket":"gitlab-mr-diffs"},"lfs":{"bucket":"gitlab-lfs"},"uploads":{"bucket":"gitlab-uploads"},"packages":{"bucket":"gitlab-packages"},"dependency_proxy":{"bucket":"gitlab-dependency-proxy"},"terraform_state":{"bucket":"gitlab-terraform-state"},"ci_secure_files":{"bucket":"gitlab-ci-secure-files"},"pages":{"bucket":"gitlab-pages"}}

## Build Artifacts
  artifacts:
    enabled: true
    # The location where Build Artifacts are stored (default: shared/artifacts).
    path: /var/opt/gitlab/gitlab-rails/shared/artifacts
    object_store:
      enabled: false
      proxy_download: false
      remote_directory: "artifacts"
      connection: {}

  ## External merge request diffs
  external_diffs:
    enabled: 
    # The location where merge request diffs are stored (default: shared/external-diffs).
    storage_path: /var/opt/gitlab/gitlab-rails/shared/external-diffs
    object_store:
      enabled: false
      proxy_download: false
      remote_directory: "external-diffs"
      connection: {}

  ## Git LFS
  lfs:
    enabled: 
    # The location where LFS objects are stored (default: shared/lfs-objects).
    storage_path: /var/opt/gitlab/gitlab-rails/shared/lfs-objects
    object_store:
      enabled: false
      proxy_download: false
      remote_directory: "lfs-objects"
      connection: {}

  ## Uploads
  uploads:
    # The location where uploads objects are stored (default: public/).
    storage_path: /opt/gitlab/embedded/service/gitlab-rails/public
    object_store:
      enabled: false
      proxy_download: false
      remote_directory: "uploads"
      connection: {}

  ## Packages
  packages:
    enabled: 
    # The location where build packages are stored (default: shared/packages).
    storage_path: /var/opt/gitlab/gitlab-rails/shared/packages
    object_store:
      enabled: false
      proxy_download: false
      remote_directory: "packages"
      connection: {}

  ## Dependency proxy (EE only)
  dependency_proxy:
    enabled: 
    # The location where dependency_proxy blobs are stored (default: shared/dependency_proxy).
    storage_path: /var/opt/gitlab/gitlab-rails/shared/dependency_proxy
    object_store:
      enabled: false
      proxy_download: false
      remote_directory: "dependency_proxy"
      connection: {}

  ## Terraform state
  terraform_state:
    enabled: 
    # The location where terraform state files are stored (default: shared/terraform_state).
    storage_path: /var/opt/gitlab/gitlab-rails/shared/terraform_state
    object_store:
      enabled: false
      remote_directory: "terraform"
      connection: {}

  ## CI Secure Files
  ci_secure_files:
    enabled: 
    # The location where ci secure files are stored (default: shared/ci_secure_files).
    storage_path: /var/opt/gitlab/gitlab-rails/shared/ci_secure_files
    object_store:
      enabled: false
      remote_directory: "ci-secure-files"
      connection: {}

Embedded object_store.enabled gets defined (for example packages.object_store.enabled) and is set to false.

This is confusing given that we have object_store.enabled set to true.

🚒 Solution

Look at https://docs.gitlab.com/ee/administration/object_storage.html?tab=Self-compiled+%28source%29 Self-compiled (source) tab.

There is only a single object_store defined and it's much more readable.