Zeroconf / "cloud metadata" endpoints in GCP will be accessible via webhooks post-migration

From @kirstenabma

Who’s doing the move? I have a few hackers with me that are wondering if we have a test environment already running on google cloud? They think we’ll be vulnerable after moving

Team met on Zoom call, progress is developing.

GitLab blocks certain requests to "local" IPs to prevent exfiltration of data via webhooks. In GCP, there is one more IP we need to block (and its v4-in-v6 equivalent): 169.254.169.254