Use dedicated signing key for CI_JOB_JWT
Replace openid_connect_signing_key with the new ci_jwt_signing_key when generating CI_JOB_JWT. This also implements /-/jwks endpoint instead of delegating to Doorkeper. Response will still include openid_connect_signing_key for seamless rollout. Related to https://gitlab.com/gitlab-org/gitlab/-/issues/214607.
Showing
Please register or sign in to comment