Backend: Gitlab CI_JOB_JWT token does not use job/project/runner’s timeout

Summary

According to the Gitlab documentation The expire time for the token is set to job’s timeout, if specified, or 5 minutes if it is not.. This does not seem to work when increasing the job timeout (which is validated as it is visible on the UI that it has changed to the specified value i.e. 1 hour). The project and runner timeout also seem not to effect the CI_JOB_JWT value (They have also been validated to have changed the job timeout in the UI).

So this seems like a bug as the CI_JOB_JWT expire time value cannot be changed from its default which is 5 minutes.

Steps to reproduce

1. Create CI pipeline job with timeout: 2 hour and echo CI_JOB_JWT to build log
2. use https://jwt.io/ to decode the JWT and check the nbf and exp for the difference
3. the difference is always 5 minutes despite setting the job timeout to 2 hours.
4. you can also validate that the timeout configuration has taken affect by checking the timeout in the top right of the UI in the job build log page

Example Project

What is the current bug behavior?

the difference between exp and nbf in CI_JOB_JWT does not change from 5 minutes despite the documentation saying it uses the job timeout value

What is the expected correct behavior?

the exp and nbf value in CI_JOB_JWT should have a difference of job timeout.

Relevant logs and/or screenshots

Output of checks

Results of GitLab environment info

This bug happens on GitLab.com

Results of GitLab application Check

This bug happens on GitLab.com

Possible fixes

User Impact

Users don't have the ability to set the timeout configuration and as a result, the default 5 minute timeout setting is always used, no matter what other configuration is attempted to be set.