secret: clean up init logic (!14653) · Merge requests · Administrator / sourcegraph

Administrator requested to merge jc/cleanup-secret-init into main Oct 13, 2020

Created by: unknwon

Notes:

We used to allow pass in the secret key via env var string SOURCEGRAPH_CRYPT_KEY, but the secret key we expect is an array of bytes not a string (so how is that possible? 🤔 ). Besides, the code logic for reading secret key from env var was actually not working, i.e. suppose to read envCryptKey but in fact we read encryptionKey (which by the time we read it, it is always an empty slice and guarantee to fail).
I realize the decision to automatically turn on encryption for single-docker-container was a mistake, the customer should explicitly chooses to do so (by specifying the SOURCEGRAPH_SECRET_FILE).

Part of #14644

secret: clean up init logic