Require the secret config to be configured #31492
Conversation
CarlSchwan
requested review from
blizzz,
skjnldsv,
come-nc and
juliushaertl
and removed request for
a team
|
|
szaimen
added
2. developing
CarlSchwan
force-pushed
the
fix/check-secret-configured
branch
from
38d4865
to
bd6033c
Compare
|
Still breaking many tests? |
|
Generally nice to have this checked 👍 We just should probably not backport and only show a setup warning on stable releases so that admins already get aware that this might be an issue. The one failing test case looks interesting, I'm wondering a bit why the occ installation does not add the secret then: |
If it's not configured the instance will look like it is working but various features will silently break (end to end encryption, setting alternate email and probably more). One issue is that changing the secret from empty to something will break various other stuff (app token). I don't think there is a good way to solve this issue other than breaking early instead of having to handle a painful migration later on. Signed-off-by: Carl Schwan <carl@carlschwan.eu>
CarlSchwan
force-pushed
the
fix/check-secret-configured
branch
from
c0e8b80
to
7496bf3
Compare
shall I create a setup check for this? |
I mean a setup check could be an alternative approach to this (instead of breaking hard)... |
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
ping |
|
state is still set to "developing"? |
The idea is to have a migration path, see #31499 |
nice 👍 |
|
So merge then? |
skjnldsv
added
4. to release
If it's not configured the instance will look like it is working but
various features will silently break (end to end encryption, setting
alternate email and probably more).
One issue is that changing the secret from empty to something will
break various other stuff (app token). I don't think there is a good way
to solve this issue other than breaking early instead of having to
handle a painful migration later on.