Add project_visibility JWT claim
What does this MR do and why?
Adds a new claim called project_visibility
to Ci::JwtV2
. This claim will be used by Fulcio to generate certificates for keyless signing.
Related to #418810 (closed)
Screenshots or screen recordings
{
...
"sha": "4e9b7dbc7e42626ca4f4676ad91f17951f97af9a",
"project_visibility": "public",
"ci_config_ref_uri": "gitlab.localdev:3000/gitlab-org/gitlab-shell//.gitlab-ci.yml@refs/heads/memory-limit",
...
}
[8] pry(main)> build.project.visibility_level
=> 20
How to set up and validate locally
build = Ci::Build.last
Gitlab::Ci::JwtV2.new(build, aud: 'my-aud', ttl: 1.hour).payload
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Alishan Ladhani