User Request
Remove HMAC shared-secret authentication (DOCKER_RUNNER_SHARED_SECRET) from the docker-runner. Per the updated architecture (gaps/runner-hmac-removal.md), OpenZiti mTLS is now the sole authentication mechanism for Orchestrator ↔ Runner communication.
Status
✅ Phase 1: Platform client-side (agynio/platform) — MERGED
PR #1401 removed HMAC from the platform-server (orchestrator side).
Phase 2: Docker Runner server-side (agynio/docker-runner) — IN PROGRESS
The docker-runner service itself still contains the HMAC server-side verification logic that must be removed.
User Request
Remove HMAC shared-secret authentication (
DOCKER_RUNNER_SHARED_SECRET) from the docker-runner. Per the updated architecture (gaps/runner-hmac-removal.md), OpenZiti mTLS is now the sole authentication mechanism for Orchestrator ↔ Runner communication.Status
✅ Phase 1: Platform client-side (agynio/platform) — MERGED
PR #1401 removed HMAC from the platform-server (orchestrator side).
Phase 2: Docker Runner server-side (agynio/docker-runner) — IN PROGRESS
The docker-runner service itself still contains the HMAC server-side verification logic that must be removed.