Remove secret from request headers (!689) · Merge requests · GitLab.org / gitlab-shell

Igor Drozdov requested to merge id-remove-secret-from-headers into main Oct 17, 2022

Now the requests are verified via JWT. The feature flag has been enabled for a while. It also has been enabled by default in the previous release, so the self-managed will be able to turn it off if it doesn't work for their setups: gitlab!100929 (merged)

Introduced in: !596 (merged) and gitlab!86148 (merged)

Rollout issue: gitlab#360808 (closed)

Remove secret from request headers

Merge request reports