Merge pull request #100680 from smira/fix-100674

test/e2e: fix the OIDC discovery test with ECDSA service account key

build/dependencies.yaml

@@ -18,7 +18,7 @@ dependencies:
 
   # agnhost: bump this one first
   - name: "agnhost"
-    version: "2.30"
+    version: "2.31"
     refPaths:
     - path: test/images/agnhost/VERSION
       match: \d.\d

test/images/agnhost/VERSION

@@ -1 +1 @@
-2.30
+2.31

test/images/agnhost/agnhost.go

@@ -51,7 +51,7 @@ import (
 func main() {
 	rootCmd := &cobra.Command{
 		Use:     "app",
-		Version: "2.30",
+		Version: "2.31",
 	}
 
 	rootCmd.AddCommand(auditproxy.CmdAuditProxy)

test/images/agnhost/openidmetadata/openidmetadata.go

@@ -97,7 +97,10 @@ func main(cmd *cobra.Command, args []string) {
 	}
 	log.Printf("OK: Constructed OIDC provider for issuer %v", unsafeClaims.Issuer)
 
-	validTok, err := iss.Verifier(&oidc.Config{ClientID: audience}).Verify(ctx, raw)
+	validTok, err := iss.Verifier(&oidc.Config{
+		ClientID:             audience,
+		SupportedSigningAlgs: []string{oidc.RS256, oidc.ES256},
+	}).Verify(ctx, raw)
 	if err != nil {
 		log.Fatal(err)
 	}