Fix OIDC authentication with internal CA and improve job storage type clarity

[IgnisDa]

Update the reqwest dependency to use rustls-tls-native-roots for proper certificate verification with internal CAs, resolving OIDC authentication issues. Additionally, refactor the job storage function to define a clearer type alias for improved code readability.

Fixes #1740

Summary by CodeRabbit

• Chores
  • Updated HTTP client's TLS certificate validation backend for enhanced compatibility
  • Refactored internal code organization for improved maintainability

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 4983f5a3-4521-493e-b763-2335f5535c42

📥 Commits

Reviewing files that changed from the base of the PR and between 28fab1b and d8b92c0.

⛔ Files ignored due to path filters (1)

• Cargo.lock is excluded by !**/*.lock

📒 Files selected for processing (2)

• Cargo.toml
• apps/backend/src/main.rs

---

Walkthrough

The PR updates the reqwest TLS backend from rustls-tls to rustls-tls-native-roots to enable OS-level root certificate verification, and introduces a type alias JobStoragePair<T> in the job storage function for improved code clarity.

Changes

Cohort / File(s)	Summary
TLS Backend Configuration Cargo.toml	Changed reqwest dependency feature from rustls-tls to rustls-tls-native-roots to use OS root certificates instead of embedded Mozilla bundle.
Type Alias Refactoring apps/backend/src/main.rs	Introduced JobStoragePair<T> type alias for the tuple return type of make_job_storage(), replacing inline tuple type annotation with named type for improved readability.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Possibly related PRs

• PR #1722: Modifies the job storage construction in apps/backend/src/main.rs, including related changes to the make_job_storage function and job storage types.

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately reflects the main changes: fixing OIDC authentication with internal CA (Cargo.toml feature change) and improving job storage type clarity (main.rs refactor).
Linked Issues check	✅ Passed	The pull request successfully addresses issue #1740 by switching from rustls-tls to rustls-tls-native-roots feature, enabling native certificate store verification for OIDC validation.
Out of Scope Changes check	✅ Passed	All changes are scoped to the objectives: Cargo.toml dependency feature update for OIDC fix and main.rs type alias refactor for clarity, with no extraneous modifications.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch IgnisDa/issue1740

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}