generate_secrets

in files/gitlab-cookbooks/package/libraries/settings_dsl.rb [164:200]

• 23 lines of code
• 9 McCabe index (conditional complexity)

  def generate_secrets(node_name, path = SecretsHelper::SECRETS_FILE)
    
    
    
    
    
    return if Gitlab['node'][SecretsHelper::SKIP_GENERATE_SECRETS_CHEF_ATTR] == true

    force_write_secrets = !Gitlab['node'][SecretsHelper::SECRETS_FILE_CHEF_ATTR].nil?

    
    SecretsHelper.read_gitlab_secrets(path)
    generate_default_secrets = Gitlab['package']['generate_default_secrets'] != false

    Chef::Log.info("Generating default secrets") if generate_default_secrets
    
    sorted_settings.each do |_key, value|
      handler = value.handler
      handler.parse_secrets if handler.respond_to?(:parse_secrets) && generate_default_secrets
      handler.validate_secrets if handler.respond_to?(:validate_secrets)
    end

    if Gitlab['package']['generate_secrets_json_file'] == false && !force_write_secrets
      return unless generate_default_secrets

      warning_message = <<~EOS
        You've enabled generating default secrets but have disabled writing them to #{path} file.
        This results in secrets not persisting across `gitlab-ctl reconfigure` runs and can cause issues with functionality.
      EOS

      LoggingHelper.warning(warning_message)
    else
      Chef::Log.info("Generating #{path} file")
      SecretsHelper.write_to_gitlab_secrets(path)
    end
  end