Make all oidc-token-verifier parameters configurable #11000
Labels
area/ci
Issues or PRs related to CI related topics
image-builder
lifecycle/stale
Denotes an issue or PR has remained open with no activity and has become stale.
oidc-token-verifier
Description
oidc-token-verifier checks the value of job_workflow_ref claim against an expected trusted workflow value. The expected workflow value is hardcoded along with trusted issuer data. These configuration data should be provided as flags or configuration file. The same approach must be applied for supported signing algorithms.
The configuration must allow providing multiple values.
Reasons
Hardcoding configuration values together with code is an anti pattern. It's not flexible and doesn't allow to use a tool for multiple use cases without code change.
Acceptance Criteria
The text was updated successfully, but these errors were encountered: