Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
What you expected to happen:
How to reproduce it (as minimally and precisely as possible):
Anything else we need to know?:
And actually, in order to be compatible for when k8s starts to fill in the kid, I think this is the safest keys.json for now:
This will generate a keys.json like the following:
A PR was merged into k8s recently which will cause k8s to fill in the kid with that value, allowing rotation of keys. I can't find the PR anymore though, @micahhausler knows perhaps? Anyway, that keys.json should allow your keys to still be validated when suddenly tokens are issued with the non-empty kid.