diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-05-04 12:13:07 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-05-04 12:13:07 +0300 |
| commit | 6cd4578a23ffe0fb94632f83a07a25d01f8d6821 (patch) | |
| tree | d21e9881e4ceb8ae6f28451f0797acc59e7cd1e8 /doc/ci | |
| parent | b6a194f6625042a09e083443c3326cc61aefc4c0 (diff) | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc/ci')
| -rw-r--r-- | doc/ci/secrets/id_token_authentication.md | 10 | ||||
| -rw-r--r-- | doc/ci/yaml/index.md | 7 |
2 files changed, 11 insertions, 6 deletions
diff --git a/doc/ci/secrets/id_token_authentication.md b/doc/ci/secrets/id_token_authentication.md index c5b19797a05..c1a6282447b 100644 --- a/doc/ci/secrets/id_token_authentication.md +++ b/doc/ci/secrets/id_token_authentication.md @@ -130,7 +130,13 @@ manual_authentication: You can use ID tokens to automatically fetch secrets from HashiCorp Vault with the [`secrets`](../yaml/index.md#secrets) keyword. -### Enable automatic ID token authentication +<!--- start_remove The following content will be removed on remove_date: '2023-05-11' --> + +### Enable automatic ID token authentication (deprecated) + +WARNING: +This setting was [removed](https://gitlab.com/gitlab-org/gitlab/-/issues/391886) in GitLab 16.0. +ID token authentication is now always available, and JSON Web Token access is always limited. To enable automatic ID token authentication: @@ -139,6 +145,8 @@ To enable automatic ID token authentication: 1. Expand **Token Access**. 1. Toggle **Limit JSON Web Token (JWT) access** to enabled. +<!--- end_remove --> + ### Configure automatic ID Token authentication If one ID token is defined, the `secrets` keyword automatically uses it to authenticate with Vault. For example: diff --git a/doc/ci/yaml/index.md b/doc/ci/yaml/index.md index 39f979d98d5..9cf718573ec 100644 --- a/doc/ci/yaml/index.md +++ b/doc/ci/yaml/index.md @@ -3831,9 +3831,6 @@ job: Use `secrets:token` to explicitly select a token to use when authenticating with Vault by referencing the token's CI/CD variable. -This keyword has no effect if [**Limit JSON Web Token (JWT) access**](../secrets/id_token_authentication.md#enable-automatic-id-token-authentication) -is disabled. - **Keyword type**: Job keyword. You can use it only as part of a job. **Possible inputs**: @@ -3857,8 +3854,8 @@ job: **Additional details**: -- When the `token` keyword is not set and **Limit JSON Web Token (JWT) access** enabled, the first ID token - is used to authenticate. +- When the `token` keyword is not set, the first ID token is used to authenticate. +- In GitLab 15.8 to 15.11, you must enable [**Limit JSON Web Token (JWT) access**](../secrets/id_token_authentication.md#enable-automatic-id-token-authentication-deprecated) for this keyword to be available. - When **Limit JSON Web Token (JWT) access** is disabled, the `token` keyword is ignored and the `CI_JOB_JWT` CI/CD variable is used to authenticate. |