| ▲ | jdeastwood a day ago |
| Yes, their oidc setup was probably their last good feature back when they were actually delivering features back in 2020ish. Everyone else copied it within a few months though. |
|
| ▲ | sofixa a day ago | parent [-] |
| Who is everyone? As with pretty much every GitHub feature, GitLab had them beat by a few years. |
| |
| ▲ | jdeastwood 15 hours ago | parent [-] | | Maybe in some other form, but the current style of injecting an oidc token was definitely in github actions first. Here is the gitlab issue tracking the final bit of it's implementation directly mentioning github: https://gitlab.com/gitlab-org/gitlab/-/issues/356986 | | |
| ▲ | sofixa 15 hours ago | parent [-] | | This is the more flexible and secure (specific aud) replacement for CI_JOB_JWT which has been there since at least 2017, if not before. Functionally it was exactly the same, a JWT token per pipeline allowing you to authenticate to third parties that support OIDC/JWT Auth. |
|
|
