SSH public keys no longer public accessible when restricted visibility is limited
Summary
On a GitLab instance configured with the limited restricted visibility, for authentication we use AuthorizedKeysCommand /usr/bin/curl --silent --fail https://gitlab.example.com/%u.keys
in our ssh docker containers. After upgrading to 13.7.1-ce.0 from 13.6.x this no longer works.
With the changes in the merge request !35507 (merged) public keys from /username.keys are no longer accessible. Similar problem as in #235756 (closed).
Steps to reproduce
curl https://gitlab.example.com/username.keys
What is the current bug behavior?
The GitLab server responds the body: <html><body>You are being <a href="https://gitlab.example.com/users/sign_in">redirected</a>.</body></html>
What is the expected correct behavior?
Get public keys for the user.
Possible fixes
Edited by Takuya Noguchi