fix(official-bots): resolve JWT verify key via MP env props
Delete PR Branch On Close / delete-branch (pull_request) Successful in 5s

The merged rollout set JWT_PUBLIC_KEY_PATH, but the running image's
config never references it, so mp.jwt.verify.publickey.location stayed
null and every token failed with "Verification key is unresolvable".

Replace it with the MicroProfile properties the runtime reads directly
(MP_JWT_VERIFY_PUBLICKEY_LOCATION, MP_JWT_VERIFY_ISSUER), pointing at the
already-mounted ncs-jwt-keys public key. No image rebuild needed.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
2026-06-17 10:01:11 +02:00
parent 4563782626
commit c64142ffed
+3 -1
View File
@@ -441,8 +441,10 @@ spec:
key: INTERNAL_SECRET key: INTERNAL_SECRET
- name: ACCOUNT_SERVICE_URL - name: ACCOUNT_SERVICE_URL
value: http://nowchess-account:8083 value: http://nowchess-account:8083
- name: JWT_PUBLIC_KEY_PATH - name: MP_JWT_VERIFY_PUBLICKEY_LOCATION
value: /secrets/jwt/public.pem value: /secrets/jwt/public.pem
- name: MP_JWT_VERIFY_ISSUER
value: nowchess
volumeMounts: volumeMounts:
- name: jwt-keys - name: jwt-keys
mountPath: /secrets/jwt mountPath: /secrets/jwt