Spike: Explore commonalities between options 1 and 2
There are several things that both options considered in &10808 (closed) share, such as:
-
CDot becoming an identity provider / token issuer. This requires that at minimum, it must be able to: - Sign JWTs with a signing key issued by GitLab Inc (this key needs to be provisioned with
customers.gitlab.com
) - Dispense these JWTs through an endpoint or GraphQL operation when presented with a license key
- POC: https://gitlab.com/gitlab-org/customers-gitlab-com/-/merge_requests/7669
- Sign JWTs with a signing key issued by GitLab Inc (this key needs to be provisioned with
-
Making AI features such as CS available to SM end-user by means of the AI abstraction layer - While the actual work to make CS available through Rails is not our task, we should at least verify that the tokens we issue can be used to access these resources as described
- UPDATE: This is being worked on already in https://gitlab.com/gitlab-org/gitlab/-/issues/415581 but until this work is complete, we can add our own temporary CS endpoint
- POC: !124592 (closed)
-
Verifying license and subscription data, which may involve calling through to Zuora. We should clarify when exactly this needs to happen, and whether this puts Zuora on the critical path, which could be an issue. - It sounds like Option 1 is the favorite so far, in which case this becomes a non-issue because we would use the existing
SyncSeatLinkWorker
for this. See also #415793 (comment 1439495940).
- It sounds like Option 1 is the favorite so far, in which case this becomes a non-issue because we would use the existing
Edited by Matthias Käppler