Safely upgrade `doorkeeper-openid_connect` to 1.8.5

An incident gitlab-com/gl-infra/production#8664 (closed) (related FCL &10270 (closed)) has uncovered a gotcha to do with upgrading doorkeeper-openid_connect to 1.8.5 in future.

The upgrade to 1.8.5 contains a breaking change that affects oauth/discovery/keys.

There are issues to do with mixed version deployments, and potential client caching of keys, described here &10270 (comment 1344485253).

This issue is to strategize how to go about safely upgrading that gem.