Related Problem
#10583 requests GitLab, but I think there's more value in adding a 'general' OIDC configuration option.
The Elevator Pitch
The GitHub Trusted Publisher feature uses OIDC under the hood, it's just that the UI is constructed to help users construct valid subject claims. Many other tools support OIDC token handling but we currently cannot use them to safely publish our packages; instead we have to stay with the (relatively riskier) static API token approach.
Additional Context and Details
At work we built two wizards, one for GHA because it was so prevalent, and another with generic inputs: https://octopus.com/docs/octopus-rest-api/openid-connect#create-an-oidc-identity-for-a-service-account
Related Problem
#10583 requests GitLab, but I think there's more value in adding a 'general' OIDC configuration option.
The Elevator Pitch
The GitHub Trusted Publisher feature uses OIDC under the hood, it's just that the UI is constructed to help users construct valid subject claims. Many other tools support OIDC token handling but we currently cannot use them to safely publish our packages; instead we have to stay with the (relatively riskier) static API token approach.
Additional Context and Details
At work we built two wizards, one for GHA because it was so prevalent, and another with generic inputs: https://octopus.com/docs/octopus-rest-api/openid-connect#create-an-oidc-identity-for-a-service-account