Skip to content

Remove jira_connect_asymmetric_jwt feature flag

What does this MR do and why?

Removes the jira_connect_asymmetric_jwt feature flag. It was introduced to avoid the following scenario during deployment:

  1. Atlassian loads the old version of app_descriptor_controller.rb from production.
  2. A user installs the app and the installed request hits canary.
  3. The JWT header does not contain a kid and the JWT verification fails.
  • Activated on staging on Oct 11, 2021 7:59pm GMT+0200
  • Activated on production on Oct 11, 2021 9:09pm GMT+0200

After a little hiccup the feature is now stable since Oct 12, 2021 7:25am GMT+0200

How to set up and validate locally

  1. Start a Gitpod from this branch. (Read more about Gitpod and GDK here)
  2. Follow the install the app in Jira guide using your Gitpod instance.
  3. The installation should succeed.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #342808 (closed)

Edited by Andy Schoenen

Merge request reports