Sylvain Tremblay
d0fff742f4
All checks were successful
Run Check Script / check (pull_request) Successful in 2m50s
Net-diff PR (3 of 4) splitting feat/unified-config-and-secrets. harmony modules + harmony-k8s; independent of the config/secret crates. Zitadel: wait for gRPC backend + embed userinfo in id_token; reconcile OIDC config on existing apps + treat "no changes" as idempotent; refresh-token grant on the device-code app; password_change_required flag on ZitadelScore. OpenBao: authoritative init (drop brittle pre-check); declarative file audit device for who-changed-what attribution. harmony-k8s: exec_pod_capture returns both streams. The fleet_staging_install ZitadelScore literal gains ..Default::default() so the new password_change_required field doesn't break that consumer. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>