Handling of the authentication token rotation
Status Update - 2024-05-07
The MR gitlab-org/gitlab-runner!4721 (merged) adds the support for FF_DISABLE_AUTOMATIC_TOKEN_ROTATION
which can be used to disable automatic token rotation
As long as
gitlab-runner
is running, it will attempt to rotate the token itself when it reaches 75% of its lifetime, saving back the new token to theconfig.toml
file
Extract of this post
GitLab Runner is able to rotate its authentication token automatically when this one is close to expiration. However there is no existing mechanism to handle this rotation with the GitLab Runner Operator:
- How the operator is notified of this update ?
- How the new token is transmitted to the Operator ?
- etc ...
This functionality is currently missing and should/must be implemented before the removal of the legacy registration token
This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.