Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add Chainguard OIDC provider. #1703

Merged
merged 1 commit into from
Jun 25, 2024
Merged

Conversation

mattmoor
Copy link
Member

Summary

This adds support for Chainguard issued tokens, so that users can sign with their Chainguard-issued identity, and so that we can explore signing our own content with our internal service principal construct (see issue).

Related: #1702

Release Note

Add support for signing with Chainguard-issued tokens.

Documentation

This is mostly intended for our own use, but I'd be happy to document how folks can make use of this with chainctl auth token --audience sigstore if someone points me in the right direction.

@haydentherapper
Copy link
Contributor

Is this a provider you would want enabled in the public instance as well? If so, do you have an estimated QPS we should expect?

go.mod Outdated Show resolved Hide resolved
@mattmoor
Copy link
Member Author

Is this a provider you would want enabled in the public instance as well? If so, do you have an estimated QPS we should expect?

Yes. No real estimation, but I would expect that if anything this would cannibalize QPS we are currently sending with github actions tokens. I could work with someone on the rotation to try and figure out what that might look like, if it's important.

@mattmoor
Copy link
Member Author

Rebased on @cpanato go change

@mattmoor mattmoor marked this pull request as ready for review June 24, 2024 17:04
This adds support for Chainguard issued tokens, so that users can sign with their Chainguard-issued identity, and so that we can explore signing our own content with our internal service principal construct (see issue).

Related: sigstore#1702

Signed-off-by: Matt Moore <mattmoor@chainguard.dev>
@mattmoor
Copy link
Member Author

... and fixed merge conflict that drops CompactSerialize() method.

Copy link

codecov bot commented Jun 24, 2024

Codecov Report

Attention: Patch coverage is 78.94737% with 8 lines in your changes missing coverage. Please review.

Project coverage is 48.79%. Comparing base (cf238ac) to head (d87bb86).
Report is 126 commits behind head on main.

Files Patch % Lines
pkg/identity/chainguard/principal.go 77.77% 3 Missing and 3 partials ⚠️
pkg/identity/chainguard/issuer.go 71.42% 1 Missing and 1 partial ⚠️
Additional details and impacted files
@@            Coverage Diff             @@
##             main    #1703      +/-   ##
==========================================
- Coverage   57.93%   48.79%   -9.14%     
==========================================
  Files          50       69      +19     
  Lines        3119     4082     +963     
==========================================
+ Hits         1807     1992     +185     
- Misses       1154     1869     +715     
- Partials      158      221      +63     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

Copy link
Contributor

@haydentherapper haydentherapper left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM - Do you want to hold off until you've added the custom OIDs, or merge this as is?

@mattmoor
Copy link
Member Author

I'd say we land this as-is and we can make additive changes as the need for enriching things under our own OID arises. 👍

@priyawadhwa priyawadhwa merged commit 0445bbd into sigstore:main Jun 25, 2024
13 checks passed
Copy link
Member

@cpanato cpanato left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

late lgtm

@mattmoor mattmoor deleted the chainguard-issuer branch June 26, 2024 01:44
@mattmoor
Copy link
Member Author

Let me know if there are instructions to test against staging (and when I can expect that to work!) 🙏

@haydentherapper
Copy link
Contributor

I queued up the change in staging, I'll update here once it's rolled out. https://docs.sigstore.dev/system_config/public_deployment/#usage has instructions on how to test.

@mattmoor
Copy link
Member Author

@haydentherapper this seems out of date:

curl -O https://raw.githubusercontent.com/sigstore/root-signing/main/staging/repository/1.root.json

I poked around in the repo, and I don't see an obvious replacement for the staging root.

@haydentherapper
Copy link
Contributor

sigstore/docs#315 for the doc fix

lance pushed a commit to lance/fulcio that referenced this pull request Sep 5, 2024
This adds support for Chainguard issued tokens, so that users can sign with their Chainguard-issued identity, and so that we can explore signing our own content with our internal service principal construct (see issue).

Related: sigstore#1702

Signed-off-by: Matt Moore <mattmoor@chainguard.dev>
lance added a commit to securesign/fulcio that referenced this pull request Sep 5, 2024
* Bump github.com/sigstore/sigstore/pkg/signature/kms/gcp

Bumps [github.com/sigstore/sigstore/pkg/signature/kms/gcp](https://github.com/sigstore/sigstore) from 1.8.1 to 1.8.2.
- [Release notes](https://github.com/sigstore/sigstore/releases)
- [Commits](https://github.com/sigstore/sigstore/compare/v1.8.1...v1.8.2)

---
updated-dependencies:
- dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/gcp
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump google.golang.org/grpc from 1.62.0 to 1.62.1

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.62.0 to 1.62.1.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.62.0...v1.62.1)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump github.com/spiffe/go-spiffe/v2 from 2.1.7 to 2.2.0

Bumps [github.com/spiffe/go-spiffe/v2](https://github.com/spiffe/go-spiffe) from 2.1.7 to 2.2.0.
- [Release notes](https://github.com/spiffe/go-spiffe/releases)
- [Changelog](https://github.com/spiffe/go-spiffe/blob/main/CHANGELOG.md)
- [Commits](https://github.com/spiffe/go-spiffe/compare/v2.1.7...v2.2.0)

---
updated-dependencies:
- dependency-name: github.com/spiffe/go-spiffe/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump sigs.k8s.io/release-utils from 0.7.7 to 0.8.1

Bumps [sigs.k8s.io/release-utils](https://github.com/kubernetes-sigs/release-utils) from 0.7.7 to 0.8.1.
- [Release notes](https://github.com/kubernetes-sigs/release-utils/releases)
- [Commits](https://github.com/kubernetes-sigs/release-utils/compare/v0.7.7...v0.8.1)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/release-utils
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump codecov/codecov-action from 4.1.1 to 4.2.0

Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.1.1 to 4.2.0.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/c16abc29c95fcf9174b58eb7e1abf4c866893bc8...7afa10ed9b269c561c2336fd862446844e0cbf71)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Upgrade go to 1.22 (#1625)

* upgrade go to 1.22

Signed-off-by: cpanato <ctadeu@gmail.com>

* ci housekeeping

Signed-off-by: cpanato <ctadeu@gmail.com>

* fix lints

Signed-off-by: cpanato <ctadeu@gmail.com>

* update go.mod to pin on go1.21.9

Signed-off-by: cpanato <ctadeu@gmail.com>

---------

Signed-off-by: cpanato <ctadeu@gmail.com>

* Bump codecov/codecov-action from 4.2.0 to 4.3.0 in the all group

Bumps the all group with 1 update: [codecov/codecov-action](https://github.com/codecov/codecov-action).


Updates `codecov/codecov-action` from 4.2.0 to 4.3.0
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/7afa10ed9b269c561c2336fd862446844e0cbf71...84508663e988701840491b86de86b666e8a86bed)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump the all group with 4 updates

Bumps the all group with 4 updates: [chainguard.dev/go-grpc-kit](https://github.com/chainguard-dev/go-grpc-kit), [github.com/prometheus/client_model](https://github.com/prometheus/client_model), [github.com/sigstore/sigstore/pkg/signature/kms/aws](https://github.com/sigstore/sigstore) and [go.step.sm/crypto](https://github.com/smallstep/crypto).

Updates `chainguard.dev/go-grpc-kit` from 0.17.2 to 0.17.3
- [Release notes](https://github.com/chainguard-dev/go-grpc-kit/releases)
- [Commits](https://github.com/chainguard-dev/go-grpc-kit/compare/v0.17.2...v0.17.3)

Updates `github.com/prometheus/client_model` from 0.6.0 to 0.6.1
- [Release notes](https://github.com/prometheus/client_model/releases)
- [Commits](https://github.com/prometheus/client_model/compare/v0.6.0...v0.6.1)

Updates `github.com/sigstore/sigstore/pkg/signature/kms/aws` from 1.8.2 to 1.8.3
- [Release notes](https://github.com/sigstore/sigstore/releases)
- [Commits](https://github.com/sigstore/sigstore/compare/v1.8.2...v1.8.3)

Updates `go.step.sm/crypto` from 0.44.2 to 0.44.3
- [Release notes](https://github.com/smallstep/crypto/releases)
- [Commits](https://github.com/smallstep/crypto/compare/v0.44.2...v0.44.3)

---
updated-dependencies:
- dependency-name: chainguard.dev/go-grpc-kit
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/prometheus/client_model
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/aws
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: go.step.sm/crypto
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>

* switch to community repo of reusable-release (#1636)

Signed-off-by: Bob Callaway <bcallaway@google.com>

* Bump github.com/googleapis/api-linter in /hack/tools in the all group

Bumps the all group in /hack/tools with 1 update: [github.com/googleapis/api-linter](https://github.com/googleapis/api-linter).


Updates `github.com/googleapis/api-linter` from 1.64.0 to 1.65.0
- [Release notes](https://github.com/googleapis/api-linter/releases)
- [Changelog](https://github.com/googleapis/api-linter/blob/main/CHANGELOG.md)
- [Commits](https://github.com/googleapis/api-linter/compare/v1.64.0...v1.65.0)

---
updated-dependencies:
- dependency-name: github.com/googleapis/api-linter
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump sigstore/cosign-installer from 3.4.0 to 3.5.0 in the all group

Bumps the all group with 1 update: [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer).


Updates `sigstore/cosign-installer` from 3.4.0 to 3.5.0
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](https://github.com/sigstore/cosign-installer/compare/e1523de7571e31dbe865fd2e80c5c7c23ae71eb4...59acb6260d9c0ba8f4a2f9d9b48431a222b68e20)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump the all group with 2 updates

Bumps the all group with 2 updates: [actions/checkout](https://github.com/actions/checkout) and [actions/upload-artifact](https://github.com/actions/upload-artifact).


Updates `actions/checkout` from 4.1.2 to 4.1.3
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/9bb56186c3b09b4f86b1c65136769dd318469633...1d96c772d19495a3b5c517cd2bc0cb401ea0529f)

Updates `actions/upload-artifact` from 4.3.1 to 4.3.2
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/5d5d22a31266ced268874388b861e4b58bb5c2f3...1746f4ab65b179e0ea60a494b83293b640dd5bba)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump go.step.sm/crypto from 0.44.3 to 0.44.6 in the all group

Bumps the all group with 1 update: [go.step.sm/crypto](https://github.com/smallstep/crypto).

Updates `go.step.sm/crypto` from 0.44.3 to 0.44.6
- [Release notes](https://github.com/smallstep/crypto/releases)
- [Commits](https://github.com/smallstep/crypto/compare/v0.44.3...v0.44.6)

---
updated-dependencies:
- dependency-name: go.step.sm/crypto
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump the all group with 2 updates

Bumps the all group with 2 updates: [actions/checkout](https://github.com/actions/checkout) and [actions/upload-artifact](https://github.com/actions/upload-artifact).


Updates `actions/checkout` from 4.1.3 to 4.1.4
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/1d96c772d19495a3b5c517cd2bc0cb401ea0529f...0ad4b8fadaa221de15dcec353f45205ec38ea70b)

Updates `actions/upload-artifact` from 4.3.2 to 4.3.3
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/1746f4ab65b179e0ea60a494b83293b640dd5bba...65462800fd760344b1a7b4382951275a0abb4808)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump golangci/golangci-lint-action from 4.0.0 to 5.0.0

Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 4.0.0 to 5.0.0.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](https://github.com/golangci/golangci-lint-action/compare/3cfe3a4abbb849e10058ce4af15d205b6da42804...82d40c283aeb1f2b6595839195e95c2d6a49081b)

---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump the all group with 2 updates

Bumps the all group with 2 updates: [go.step.sm/crypto](https://github.com/smallstep/crypto) and [google.golang.org/api](https://github.com/googleapis/google-api-go-client).

Updates `go.step.sm/crypto` from 0.44.6 to 0.44.8
- [Release notes](https://github.com/smallstep/crypto/releases)
- [Commits](https://github.com/smallstep/crypto/compare/v0.44.6...v0.44.8)

Updates `google.golang.org/api` from 0.175.0 to 0.176.0
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.175.0...v0.176.0)

---
updated-dependencies:
- dependency-name: go.step.sm/crypto
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump the all group with 3 updates

Bumps the all group with 3 updates: [actions/setup-go](https://github.com/actions/setup-go), [codecov/codecov-action](https://github.com/codecov/codecov-action) and [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action).


Updates `actions/setup-go` from 5.0.0 to 5.0.1
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/0c52d547c9bc32b1aa3301fd7a9cb496313a4491...cdcb36043654635271a94b9a6d1392de5bb323a7)

Updates `codecov/codecov-action` from 4.3.0 to 4.3.1
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/84508663e988701840491b86de86b666e8a86bed...5ecb98a3c6b747ed38dc09f787459979aebb39be)

Updates `golangci/golangci-lint-action` from 5.0.0 to 5.3.0
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](https://github.com/golangci/golangci-lint-action/compare/82d40c283aeb1f2b6595839195e95c2d6a49081b...38e1018663fa5173f3968ea0777460d3de38f256)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: golangci/golangci-lint-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump golangci/golangci-lint-action from 5.3.0 to 6.0.1

Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 5.3.0 to 6.0.1.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](https://github.com/golangci/golangci-lint-action/compare/38e1018663fa5173f3968ea0777460d3de38f256...a4f60bb28d35aeee14e6880718e0c85ff1882e64)

---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump the all group with 2 updates

Bumps the all group with 2 updates: [actions/checkout](https://github.com/actions/checkout) and [ossf/scorecard-action](https://github.com/ossf/scorecard-action).


Updates `actions/checkout` from 4.1.4 to 4.1.5
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/0ad4b8fadaa221de15dcec353f45205ec38ea70b...44c2b7a8a4ea60a981eaca3cf939b5f4305c123b)

Updates `ossf/scorecard-action` from 2.3.1 to 2.3.3
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](https://github.com/ossf/scorecard-action/compare/0864cf19026789058feabb7e87baa5f140aac736...dc50aa9510b46c811795eb24b2f1ba02a914e534)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump the all group across 1 directory with 2 updates

Bumps the all group with 2 updates in the / directory: [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) and [sigs.k8s.io/release-utils](https://github.com/kubernetes-sigs/release-utils).


Updates `github.com/prometheus/client_golang` from 1.19.0 to 1.19.1
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prometheus/client_golang/compare/v1.19.0...v1.19.1)

Updates `sigs.k8s.io/release-utils` from 0.8.1 to 0.8.2
- [Release notes](https://github.com/kubernetes-sigs/release-utils/releases)
- [Commits](https://github.com/kubernetes-sigs/release-utils/compare/v0.8.1...v0.8.2)

---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: sigs.k8s.io/release-utils
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>

* docs: Fix extensions for digest values requiring a type prefix (#1661)

* docs: Fix extensions for digest values requiring a type prefix

Signed-off-by: Facundo Tuesca <facundo.tuesca@trailofbits.com>

* docs: Reformat table mapping OIDC token claims to Fulcio OIDs

Signed-off-by: Facundo Tuesca <facundo.tuesca@trailofbits.com>

---------

Signed-off-by: Facundo Tuesca <facundo.tuesca@trailofbits.com>

* oid-info: fix table render (#1662)

Signed-off-by: William Woodruff <william@trailofbits.com>

* update jobs to use go1.22.3 (#1660)

Signed-off-by: cpanato <ctadeu@gmail.com>

* Bump golang.org/x/net (#1640)

Bumps the go_modules group with 1 update in the /hack/tools directory: [golang.org/x/net](https://github.com/golang/net).


Updates `golang.org/x/net` from 0.21.0 to 0.23.0
- [Commits](https://github.com/golang/net/compare/v0.21.0...v0.23.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: indirect
  dependency-group: go_modules
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump the all group with 3 updates

Bumps the all group with 3 updates: [actions/checkout](https://github.com/actions/checkout), [google-github-actions/auth](https://github.com/google-github-actions/auth) and [codecov/codecov-action](https://github.com/codecov/codecov-action).


Updates `actions/checkout` from 4.1.5 to 4.1.6
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/44c2b7a8a4ea60a981eaca3cf939b5f4305c123b...a5ac7e51b41094c92402da3b24376905380afc29)

Updates `google-github-actions/auth` from 2.1.2 to 2.1.3
- [Release notes](https://github.com/google-github-actions/auth/releases)
- [Changelog](https://github.com/google-github-actions/auth/blob/main/CHANGELOG.md)
- [Commits](https://github.com/google-github-actions/auth/compare/55bd3a7c6e2ae7cf1877fd1ccb9d54c0503c457c...71fee32a0bb7e97b4d33d548e7d957010649d8fa)

Updates `codecov/codecov-action` from 4.3.1 to 4.4.0
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/5ecb98a3c6b747ed38dc09f787459979aebb39be...6d798873df2b1b8e5846dba6fb86631229fbcb17)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: google-github-actions/auth
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump go.step.sm/crypto from 0.44.8 to 0.45.0

Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto) from 0.44.8 to 0.45.0.
- [Release notes](https://github.com/smallstep/crypto/releases)
- [Commits](https://github.com/smallstep/crypto/compare/v0.44.8...v0.45.0)

---
updated-dependencies:
- dependency-name: go.step.sm/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump codecov/codecov-action from 4.4.0 to 4.4.1 in the all group

Bumps the all group with 1 update: [codecov/codecov-action](https://github.com/codecov/codecov-action).


Updates `codecov/codecov-action` from 4.4.0 to 4.4.1
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/6d798873df2b1b8e5846dba6fb86631229fbcb17...125fc84a9a348dbcf27191600683ec096ec9021c)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump protocolbuffers/protobuf from 26.1 to 27.0 (#1674)

* Bump protocolbuffers/protobuf from 26.1 to 27.0

Bumps [protocolbuffers/protobuf](https://github.com/protocolbuffers/protobuf) from 26.1 to 27.0.
- [Release notes](https://github.com/protocolbuffers/protobuf/releases)
- [Changelog](https://github.com/protocolbuffers/protobuf/blob/main/protobuf_release.bzl)
- [Commits](https://github.com/protocolbuffers/protobuf/compare/v26.1...v27.0)

---
updated-dependencies:
- dependency-name: protocolbuffers/protobuf
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update main.yml

Signed-off-by: Carlos Tadeu Panato Junior <ctadeu@gmail.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Carlos Tadeu Panato Junior <ctadeu@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Carlos Tadeu Panato Junior <ctadeu@gmail.com>

* Bump github.com/spf13/viper from 1.18.2 to 1.19.0

Bumps [github.com/spf13/viper](https://github.com/spf13/viper) from 1.18.2 to 1.19.0.
- [Release notes](https://github.com/spf13/viper/releases)
- [Commits](https://github.com/spf13/viper/compare/v1.18.2...v1.19.0)

---
updated-dependencies:
- dependency-name: github.com/spf13/viper
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Adding support for configuration from yaml file (#1687)

* Create support for configuration from yaml file

Signed-off-by: Javan lacerda <javanlacerda@google.com>

* conform code to lint

Signed-off-by: Javan lacerda <javanlacerda@google.com>

---------

Signed-off-by: Javan lacerda <javanlacerda@google.com>

* Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity

Bumps the go_modules group with 1 update: [github.com/Azure/azure-sdk-for-go/sdk/azidentity](https://github.com/Azure/azure-sdk-for-go).


Updates `github.com/Azure/azure-sdk-for-go/sdk/azidentity` from 1.5.2 to 1.6.0
- [Release notes](https://github.com/Azure/azure-sdk-for-go/releases)
- [Changelog](https://github.com/Azure/azure-sdk-for-go/blob/main/documentation/release.md)
- [Commits](https://github.com/Azure/azure-sdk-for-go/compare/sdk/internal/v1.5.2...sdk/azcore/v1.6.0)

---
updated-dependencies:
- dependency-name: github.com/Azure/azure-sdk-for-go/sdk/azidentity
  dependency-type: indirect
  dependency-group: go_modules
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump the all group across 1 directory with 6 updates (#1699)

* Bump the all group across 1 directory with 6 updates

Bumps the all group with 3 updates in the / directory: [chainguard.dev/go-grpc-kit](https://github.com/chainguard-dev/go-grpc-kit), [github.com/spf13/cobra](https://github.com/spf13/cobra) and google.golang.org/protobuf.

Updates `chainguard.dev/go-grpc-kit` from 0.17.3 to 0.17.5
- [Release notes](https://github.com/chainguard-dev/go-grpc-kit/releases)
- [Commits](https://github.com/chainguard-dev/go-grpc-kit/compare/v0.17.3...v0.17.5)

Updates `github.com/grpc-ecosystem/grpc-gateway/v2` from 2.19.1 to 2.20.0
- [Release notes](https://github.com/grpc-ecosystem/grpc-gateway/releases)
- [Changelog](https://github.com/grpc-ecosystem/grpc-gateway/blob/main/.goreleaser.yml)
- [Commits](https://github.com/grpc-ecosystem/grpc-gateway/compare/v2.19.1...v2.20.0)

Updates `github.com/spf13/cobra` from 1.8.0 to 1.8.1
- [Release notes](https://github.com/spf13/cobra/releases)
- [Commits](https://github.com/spf13/cobra/compare/v1.8.0...v1.8.1)

Updates `google.golang.org/genproto/googleapis/api` from 0.0.0-20240513163218-0867130af1f8 to 0.0.0-20240520151616-dc85e6b867a5
- [Commits](https://github.com/googleapis/go-genproto/commits)

Updates `google.golang.org/grpc` from 1.63.2 to 1.64.0
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.63.2...v1.64.0)

Updates `google.golang.org/protobuf` from 1.34.1 to 1.34.2

---
updated-dependencies:
- dependency-name: chainguard.dev/go-grpc-kit
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/grpc-ecosystem/grpc-gateway/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: github.com/spf13/cobra
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: google.golang.org/genproto/googleapis/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: google.golang.org/protobuf
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix deprecation

Signed-off-by: cpanato <ctadeu@gmail.com>

* update e2e tests

Signed-off-by: cpanato <ctadeu@gmail.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: cpanato <ctadeu@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: cpanato <ctadeu@gmail.com>

* Bump go.step.sm/crypto from 0.45.0 to 0.47.1

Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto) from 0.45.0 to 0.47.1.
- [Release notes](https://github.com/smallstep/crypto/releases)
- [Commits](https://github.com/smallstep/crypto/compare/v0.45.0...v0.47.1)

---
updated-dependencies:
- dependency-name: go.step.sm/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* bump to go1.22.4 and update goreleaser and golangci-lint

Signed-off-by: cpanato <ctadeu@gmail.com>

* update deprecated flags

Signed-off-by: cpanato <ctadeu@gmail.com>

* Bump google.golang.org/api from 0.183.0 to 0.185.0

Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.183.0 to 0.185.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.183.0...v0.185.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump github.com/spiffe/go-spiffe/v2 from 2.2.0 to 2.3.0

Bumps [github.com/spiffe/go-spiffe/v2](https://github.com/spiffe/go-spiffe) from 2.2.0 to 2.3.0.
- [Release notes](https://github.com/spiffe/go-spiffe/releases)
- [Changelog](https://github.com/spiffe/go-spiffe/blob/main/CHANGELOG.md)
- [Commits](https://github.com/spiffe/go-spiffe/compare/v2.2.0...v2.3.0)

---
updated-dependencies:
- dependency-name: github.com/spiffe/go-spiffe/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump github.com/google/certificate-transparency-go from 1.1.8 to 1.2.1

Bumps [github.com/google/certificate-transparency-go](https://github.com/google/certificate-transparency-go) from 1.1.8 to 1.2.1.
- [Release notes](https://github.com/google/certificate-transparency-go/releases)
- [Changelog](https://github.com/google/certificate-transparency-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/google/certificate-transparency-go/compare/v1.1.8...v1.2.1)

---
updated-dependencies:
- dependency-name: github.com/google/certificate-transparency-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump the all group across 1 directory with 4 updates

Bumps the all group with 4 updates in the / directory: [actions/checkout](https://github.com/actions/checkout), [ko-build/setup-ko](https://github.com/ko-build/setup-ko), [codecov/codecov-action](https://github.com/codecov/codecov-action) and [protocolbuffers/protobuf](https://github.com/protocolbuffers/protobuf).


Updates `actions/checkout` from 4.1.6 to 4.1.7
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/a5ac7e51b41094c92402da3b24376905380afc29...692973e3d937129bcbf40652eb9f2f61becf3332)

Updates `ko-build/setup-ko` from 0.6 to 0.7
- [Release notes](https://github.com/ko-build/setup-ko/releases)
- [Commits](https://github.com/ko-build/setup-ko/compare/ace48d793556083a76f1e3e6068850c1f4a369aa...3aebd0597dc1e9d1a26bcfdb7cbeb19c131d3037)

Updates `codecov/codecov-action` from 4.4.1 to 4.5.0
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/125fc84a9a348dbcf27191600683ec096ec9021c...e28ff129e5465c2c0dcc6f003fc735cb6ae0c673)

Updates `protocolbuffers/protobuf` from 27.0 to 27.1
- [Release notes](https://github.com/protocolbuffers/protobuf/releases)
- [Changelog](https://github.com/protocolbuffers/protobuf/blob/main/protobuf_release.bzl)
- [Commits](https://github.com/protocolbuffers/protobuf/compare/v27.0...v27.1)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: ko-build/setup-ko
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: protocolbuffers/protobuf
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update README.md (#1700)

Signed-off-by: Carlos Tadeu Panato Junior <ctadeu@gmail.com>

* replace gopkg.in/square/go-jose.v2 to github.com/go-jose/go-jose/v4 (#1686)

Signed-off-by: cpanato <ctadeu@gmail.com>

* Add Chainguard OIDC provider. (#1703)

This adds support for Chainguard issued tokens, so that users can sign with their Chainguard-issued identity, and so that we can explore signing our own content with our internal service principal construct (see issue).

Related: https://github.com/sigstore/fulcio/issues/1702

Signed-off-by: Matt Moore <mattmoor@chainguard.dev>

* Bump github.com/hashicorp/go-retryablehttp in the go_modules group

Bumps the go_modules group with 1 update: [github.com/hashicorp/go-retryablehttp](https://github.com/hashicorp/go-retryablehttp).


Updates `github.com/hashicorp/go-retryablehttp` from 0.7.6 to 0.7.7
- [Changelog](https://github.com/hashicorp/go-retryablehttp/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/go-retryablehttp/compare/v0.7.6...v0.7.7)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-retryablehttp
  dependency-type: indirect
  dependency-group: go_modules
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump github.com/prometheus/common from 0.54.0 to 0.55.0

Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.54.0 to 0.55.0.
- [Release notes](https://github.com/prometheus/common/releases)
- [Changelog](https://github.com/prometheus/common/blob/main/RELEASE.md)
- [Commits](https://github.com/prometheus/common/compare/v0.54.0...v0.55.0)

---
updated-dependencies:
- dependency-name: github.com/prometheus/common
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump protocolbuffers/protobuf from 27.1 to 27.2 in the all group

Bumps the all group with 1 update: [protocolbuffers/protobuf](https://github.com/protocolbuffers/protobuf).


Updates `protocolbuffers/protobuf` from 27.1 to 27.2
- [Release notes](https://github.com/protocolbuffers/protobuf/releases)
- [Changelog](https://github.com/protocolbuffers/protobuf/blob/main/protobuf_release.bzl)
- [Commits](https://github.com/protocolbuffers/protobuf/compare/v27.1...v27.2)

---
updated-dependencies:
- dependency-name: protocolbuffers/protobuf
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update main.yml

Signed-off-by: Carlos Tadeu Panato Junior <ctadeu@gmail.com>

* Bump actions/upload-artifact from 4.3.3 to 4.3.4 in the all group

Bumps the all group with 1 update: [actions/upload-artifact](https://github.com/actions/upload-artifact).


Updates `actions/upload-artifact` from 4.3.3 to 4.3.4
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/65462800fd760344b1a7b4382951275a0abb4808...0b2256b8c012f0828dc542b3febcab082c67f72b)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>

* Add changelog for v1.5.0 (#1723)

Signed-off-by: Hayden Blauzvern <hblauzvern@google.com>

* CiProvider as a new OIDCIssuer type (#1679)

This adds a new generic CI provider so that new CI providers can be added via configuration without any code changes. The existing CI providers will be migrated over.

Ref: #1111

Signed-off-by: Javan lacerda <javanlacerda@google.com>

* Bump google.golang.org/grpc in the go_modules group (#1724)

Bumps the go_modules group with 1 update: [google.golang.org/grpc](https://github.com/grpc/grpc-go).


Updates `google.golang.org/grpc` from 1.64.0 to 1.64.1
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.64.0...v1.64.1)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  dependency-group: go_modules
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Surface the right `Name()` from our principal. (#1726)

The cosign logic for interacting with Fulcio treats identity tokens as *largely* opaque, and most of the logic for how issuers and subjects and whatnot is handled happens server-side.  However, for the "proof of possession" `cosign` has some logic (from `sigstore/sigstore`) that fumbles with `email` and `sub` claims in ways that have (until now) been compatible with Fulcio principals.

The Chainguard provider is the first provider that optionally includes an `email` claim, but we always want the subject we use to be our opaque identifier string (from `sub`).  This creates a tear in the fulcio/cosign continuum, and so we must surface what `cosign` is signing as `Name()` even though that isn't necessarily what we embed in the certificate.

The only correct way to implement `Name()` today is to match what this function does, and current implementations happen to align, but unfortunately because of how this abstraction is formulated it is challenging to actually change how we confirm the proof of possession to use this directly in place of the principal itself.

Fixes: https://github.com/sigstore/cosign/issues/3777

Signed-off-by: Matt Moore <mattmoor@chainguard.dev>

* Revert "CiProvider as a new OIDCIssuer type (#1679)" (#1727)

This reverts commit 66485b693867adc650aea85777f1899286c3c7ce.

* Changelog for v1.5.1 (#1728)

Signed-off-by: Hayden Blauzvern <hblauzvern@google.com>

* CiProvider as a new OIDCIssuer type (#1729)

This adds a new generic CI provider so that new CI providers can be added via configuration without any code changes. The existing CI providers will be migrated over.

Ref: #1111
Add back #1679

Signed-off-by: Javan lacerda javanlacerda@google.com

* Bump the all group across 1 directory with 8 updates (#1719)

* Bump the all group across 1 directory with 8 updates

Bumps the all group with 6 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [cloud.google.com/go/security](https://github.com/googleapis/google-cloud-go) | `1.17.0` | `1.17.2` |
| [github.com/sigstore/sigstore](https://github.com/sigstore/sigstore) | `1.8.4` | `1.8.6` |
| [github.com/sigstore/sigstore/pkg/signature/kms/aws](https://github.com/sigstore/sigstore) | `1.8.4` | `1.8.6` |
| [github.com/sigstore/sigstore/pkg/signature/kms/azure](https://github.com/sigstore/sigstore) | `1.8.4` | `1.8.6` |
| [github.com/sigstore/sigstore/pkg/signature/kms/gcp](https://github.com/sigstore/sigstore) | `1.8.4` | `1.8.6` |
| [github.com/sigstore/sigstore/pkg/signature/kms/hashivault](https://github.com/sigstore/sigstore) | `1.8.4` | `1.8.6` |

Updates `cloud.google.com/go/security` from 1.17.0 to 1.17.2
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/kms/v1.17.0...asset/v1.17.2)

Updates `github.com/sigstore/sigstore` from 1.8.4 to 1.8.6
- [Release notes](https://github.com/sigstore/sigstore/releases)
- [Commits](https://github.com/sigstore/sigstore/compare/v1.8.4...v1.8.6)

Updates `github.com/sigstore/sigstore/pkg/signature/kms/aws` from 1.8.4 to 1.8.6
- [Release notes](https://github.com/sigstore/sigstore/releases)
- [Commits](https://github.com/sigstore/sigstore/compare/v1.8.4...v1.8.6)

Updates `github.com/sigstore/sigstore/pkg/signature/kms/azure` from 1.8.4 to 1.8.6
- [Release notes](https://github.com/sigstore/sigstore/releases)
- [Commits](https://github.com/sigstore/sigstore/compare/v1.8.4...v1.8.6)

Updates `github.com/sigstore/sigstore/pkg/signature/kms/gcp` from 1.8.4 to 1.8.6
- [Release notes](https://github.com/sigstore/sigstore/releases)
- [Commits](https://github.com/sigstore/sigstore/compare/v1.8.4...v1.8.6)

Updates `github.com/sigstore/sigstore/pkg/signature/kms/hashivault` from 1.8.4 to 1.8.6
- [Release notes](https://github.com/sigstore/sigstore/releases)
- [Commits](https://github.com/sigstore/sigstore/compare/v1.8.4...v1.8.6)

Updates `google.golang.org/api` from 0.185.0 to 0.187.0
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.185.0...v0.187.0)

Updates `google.golang.org/genproto/googleapis/api` from 0.0.0-20240610135401-a8a62080eff3 to 0.0.0-20240617180043-68d350f18fd4
- [Commits](https://github.com/googleapis/go-genproto/commits)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/security
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/sigstore/sigstore
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/aws
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/azure
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/gcp
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/hashivault
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: google.golang.org/genproto/googleapis/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>

* update test

Signed-off-by: cpanato <ctadeu@gmail.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: cpanato <ctadeu@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: cpanato <ctadeu@gmail.com>

* Bump go.step.sm/crypto from 0.47.1 to 0.50.0

Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto) from 0.47.1 to 0.50.0.
- [Release notes](https://github.com/smallstep/crypto/releases)
- [Commits](https://github.com/smallstep/crypto/compare/v0.47.1...v0.50.0)

---
updated-dependencies:
- dependency-name: go.step.sm/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump actions/setup-go from 5.0.1 to 5.0.2 in the all group

Bumps the all group with 1 update: [actions/setup-go](https://github.com/actions/setup-go).


Updates `actions/setup-go` from 5.0.1 to 5.0.2
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/cdcb36043654635271a94b9a6d1392de5bb323a7...0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump github.com/coreos/go-oidc/v3 from 3.10.0 to 3.11.0

Bumps [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc) from 3.10.0 to 3.11.0.
- [Release notes](https://github.com/coreos/go-oidc/releases)
- [Commits](https://github.com/coreos/go-oidc/compare/v3.10.0...v3.11.0)

---
updated-dependencies:
- dependency-name: github.com/coreos/go-oidc/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Move configuration to yaml format (#1720)

Migrate the configuration file from json to yaml
Also removes the fulcio-config.yaml file that isn't used
Concentrate the issuers and meta-issuers in a single file that can be found at config/identity/config.yaml
Also removes the https://auth-staging.eclipse.org/realms/sigstore from the list of issuers, as it is unavailable.
Removes the federation script as it has not been used, and switches over to a test that's run to check validity of the configuration.

Ref #1111

Signed-off-by: Javan lacerda <javanlacerda@google.com>

* Removes identity providers federation (#1736)

Removes the identity providers federation, and update the documentation for adding new identity providers, including ci-providers.

Ref #1111

Signed-off-by: Javan Lacerda <javanlacerda@google.com>

* Bump the all group across 1 directory with 11 updates

Bumps the all group with 9 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [chainguard.dev/sdk](https://github.com/chainguard-dev/sdk) | `0.1.20` | `0.1.21` |
| [cloud.google.com/go/security](https://github.com/googleapis/google-cloud-go) | `1.17.2` | `1.17.3` |
| [github.com/go-jose/go-jose/v4](https://github.com/go-jose/go-jose) | `4.0.2` | `4.0.3` |
| [github.com/sigstore/sigstore](https://github.com/sigstore/sigstore) | `1.8.6` | `1.8.7` |
| [github.com/sigstore/sigstore/pkg/signature/kms/aws](https://github.com/sigstore/sigstore) | `1.8.6` | `1.8.7` |
| [github.com/sigstore/sigstore/pkg/signature/kms/azure](https://github.com/sigstore/sigstore) | `1.8.6` | `1.8.7` |
| [github.com/sigstore/sigstore/pkg/signature/kms/gcp](https://github.com/sigstore/sigstore) | `1.8.6` | `1.8.7` |
| [github.com/sigstore/sigstore/pkg/signature/kms/hashivault](https://github.com/sigstore/sigstore) | `1.8.6` | `1.8.7` |
| [sigs.k8s.io/release-utils](https://github.com/kubernetes-sigs/release-utils) | `0.8.2` | `0.8.3` |

Updates `chainguard.dev/sdk` from 0.1.20 to 0.1.21
- [Release notes](https://github.com/chainguard-dev/sdk/releases)
- [Commits](https://github.com/chainguard-dev/sdk/compare/v0.1.20...v0.1.21)

Updates `cloud.google.com/go/security` from 1.17.2 to 1.17.3
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/asset/v1.17.2...retail/v1.17.3)

Updates `github.com/go-jose/go-jose/v4` from 4.0.2 to 4.0.3
- [Release notes](https://github.com/go-jose/go-jose/releases)
- [Changelog](https://github.com/go-jose/go-jose/blob/main/CHANGELOG.md)
- [Commits](https://github.com/go-jose/go-jose/compare/v4.0.2...v4.0.3)

Updates `github.com/sigstore/sigstore` from 1.8.6 to 1.8.7
- [Release notes](https://github.com/sigstore/sigstore/releases)
- [Commits](https://github.com/sigstore/sigstore/compare/v1.8.6...v1.8.7)

Updates `github.com/sigstore/sigstore/pkg/signature/kms/aws` from 1.8.6 to 1.8.7
- [Release notes](https://github.com/sigstore/sigstore/releases)
- [Commits](https://github.com/sigstore/sigstore/compare/v1.8.6...v1.8.7)

Updates `github.com/sigstore/sigstore/pkg/signature/kms/azure` from 1.8.6 to 1.8.7
- [Release notes](https://github.com/sigstore/sigstore/releases)
- [Commits](https://github.com/sigstore/sigstore/compare/v1.8.6...v1.8.7)

Updates `github.com/sigstore/sigstore/pkg/signature/kms/gcp` from 1.8.6 to 1.8.7
- [Release notes](https://github.com/sigstore/sigstore/releases)
- [Commits](https://github.com/sigstore/sigstore/compare/v1.8.6...v1.8.7)

Updates `github.com/sigstore/sigstore/pkg/signature/kms/hashivault` from 1.8.6 to 1.8.7
- [Release notes](https://github.com/sigstore/sigstore/releases)
- [Commits](https://github.com/sigstore/sigstore/compare/v1.8.6...v1.8.7)

Updates `google.golang.org/api` from 0.187.0 to 0.188.0
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.187.0...v0.188.0)

Updates `google.golang.org/genproto/googleapis/api` from 0.0.0-20240617180043-68d350f18fd4 to 0.0.0-20240701130421-f6361c86f094
- [Commits](https://github.com/googleapis/go-genproto/commits)

Updates `sigs.k8s.io/release-utils` from 0.8.2 to 0.8.3
- [Release notes](https://github.com/kubernetes-sigs/release-utils/releases)
- [Commits](https://github.com/kubernetes-sigs/release-utils/compare/v0.8.2...v0.8.3)

---
updated-dependencies:
- dependency-name: chainguard.dev/sdk
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: cloud.google.com/go/security
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/go-jose/go-jose/v4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/sigstore/sigstore
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/aws
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/azure
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/gcp
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/hashivault
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: google.golang.org/genproto/googleapis/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: sigs.k8s.io/release-utils
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>

* update builder

Signed-off-by: cpanato <ctadeu@gmail.com>

* sync go mod

Signed-off-by: cpanato <ctadeu@gmail.com>

* add Hellō provider (#1739)

Signed-off-by: dickhardt <dick.hardt@hello.coop>

* Migrate github to ci provider flow (#1738)

Contribute towards #1111

Moves GitHub configuration to the new ci-provider configuration. No changes to issued certificates.

Signed-off-by: Javan Lacerda <javanlacerda@google.com>

* Move gitlab to ci-provider (#1740)

* move fulcio config from json to yaml

Signed-off-by: Javan lacerda <javanlacerda@google.com>

* move fulcio-config to a new file

Signed-off-by: Javan lacerda <javanlacerda@google.com>

* updating test for check-config workflow

Signed-off-by: Javan lacerda <javanlacerda@google.com>

* set verify k8s workflow for get configg directly

Signed-off-by: Javan lacerda <javanlacerda@google.com>

* migrate gitlab to ci provider

Signed-off-by: Javan lacerda <javanlacerda@google.com>

* set gitlab ref for using a conditional template

Signed-off-by: Javan lacerda <javanlacerda@google.com>

---------

Signed-off-by: Javan lacerda <javanlacerda@google.com>

* Update IDP requirements (#1742)

This adds policy documentation around requirements for new IDPs.

Signed-off-by: Hayden B <hblauzvern@google.com>

* Bump github.com/grpc-ecosystem/grpc-gateway/v2 from 2.20.0 to 2.21.0

Bumps [github.com/grpc-ecosystem/grpc-gateway/v2](https://github.com/grpc-ecosystem/grpc-gateway) from 2.20.0 to 2.21.0.
- [Release notes](https://github.com/grpc-ecosystem/grpc-gateway/releases)
- [Changelog](https://github.com/grpc-ecosystem/grpc-gateway/blob/main/.goreleaser.yml)
- [Commits](https://github.com/grpc-ecosystem/grpc-gateway/compare/v2.20.0...v2.21.0)

---
updated-dependencies:
- dependency-name: github.com/grpc-ecosystem/grpc-gateway/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump ossf/scorecard-action from 2.3.3 to 2.4.0 in the all group

Bumps the all group with 1 update: [ossf/scorecard-action](https://github.com/ossf/scorecard-action).


Updates `ossf/scorecard-action` from 2.3.3 to 2.4.0
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](https://github.com/ossf/scorecard-action/compare/dc50aa9510b46c811795eb24b2f1ba02a914e534...62b2cac7ed8198b15735ed49ab1e5cf35480ba46)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump the all group across 1 directory with 4 updates

Bumps the all group with 3 updates in the / directory: [cloud.google.com/go/security](https://github.com/googleapis/google-cloud-go), [github.com/go-jose/go-jose/v4](https://github.com/go-jose/go-jose) and [sigs.k8s.io/release-utils](https://github.com/kubernetes-sigs/release-utils).


Updates `cloud.google.com/go/security` from 1.17.3 to 1.17.4
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/retail/v1.17.3...retail/v1.17.4)

Updates `github.com/go-jose/go-jose/v4` from 4.0.3 to 4.0.4
- [Release notes](https://github.com/go-jose/go-jose/releases)
- [Changelog](https://github.com/go-jose/go-jose/blob/main/CHANGELOG.md)
- [Commits](https://github.com/go-jose/go-jose/compare/v4.0.3...v4.0.4)

Updates `google.golang.org/api` from 0.188.0 to 0.189.0
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.188.0...v0.189.0)

Updates `sigs.k8s.io/release-utils` from 0.8.3 to 0.8.4
- [Release notes](https://github.com/kubernetes-sigs/release-utils/releases)
- [Commits](https://github.com/kubernetes-sigs/release-utils/compare/v0.8.3...v0.8.4)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/security
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/go-jose/go-jose/v4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: sigs.k8s.io/release-utils
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>

* Added support for email_verified being a string or bool (#1744)

Signed-off-by: Andrew Block <andy.block@gmail.com>

* Bump chainguard.dev/sdk from 0.1.21 to 0.1.22 in the all group

Bumps the all group with 1 update: [chainguard.dev/sdk](https://github.com/chainguard-dev/sdk).


Updates `chainguard.dev/sdk` from 0.1.21 to 0.1.22
- [Release notes](https://github.com/chainguard-dev/sdk/releases)
- [Commits](https://github.com/chainguard-dev/sdk/compare/v0.1.21...0.1.22)

---
updated-dependencies:
- dependency-name: chainguard.dev/sdk
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump the all group with 3 updates

Bumps the all group with 3 updates: [protocolbuffers/protobuf](https://github.com/protocolbuffers/protobuf), [actions/upload-artifact](https://github.com/actions/upload-artifact) and [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action).


Updates `protocolbuffers/protobuf` from 27.2 to 27.3
- [Release notes](https://github.com/protocolbuffers/protobuf/releases)
- [Changelog](https://github.com/protocolbuffers/protobuf/blob/main/protobuf_release.bzl)
- [Commits](https://github.com/protocolbuffers/protobuf/compare/v27.2...v27.3)

Updates `actions/upload-artifact` from 4.3.4 to 4.3.5
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/0b2256b8c012f0828dc542b3febcab082c67f72b...89ef406dd8d7e03cfd12d9e0a4a378f454709029)

Updates `golangci/golangci-lint-action` from 6.0.1 to 6.1.0
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](https://github.com/golangci/golangci-lint-action/compare/a4f60bb28d35aeee14e6880718e0c85ff1882e64...aaa42aa0628b4ae2578232a66b541047968fac86)

---
updated-dependencies:
- dependency-name: protocolbuffers/protobuf
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: golangci/golangci-lint-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump go.step.sm/crypto from 0.50.0 to 0.51.1

Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto) from 0.50.0 to 0.51.1.
- [Release notes](https://github.com/smallstep/crypto/releases)
- [Commits](https://github.com/smallstep/crypto/compare/v0.50.0...v0.51.1)

---
updated-dependencies:
- dependency-name: go.step.sm/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Move codefresh and buildkite to ci-provider identity (#1743)

* migrating codefresh and buildkite to ci provider

Signed-off-by: Javan lacerda <javanlacerda@google.com>

* adding test case for comparing with empty key

Signed-off-by: Javan lacerda <javanlacerda@google.com>

* add comments for codefresh extensions

Signed-off-by: Javan lacerda <javanlacerda@google.com>

* set claimed data to have priority over defaults

Signed-off-by: Javan lacerda <javanlacerda@google.com>

* fix identation

Signed-off-by: Javan lacerda <javanlacerda@google.com>

* adding comments for github and gitlab in config file

Signed-off-by: Javan lacerda <javanlacerda@google.com>

* adding tests for check claims priority over defaults

Signed-off-by: Javan lacerda <javanlacerda@google.com>

---------

Signed-off-by: Javan lacerda <javanlacerda@google.com>

* Bump google.golang.org/api from 0.189.0 to 0.190.0 (#1753)

Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.189.0 to 0.190.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.189.0...v0.190.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump the all group across 1 directory with 4 updates (#1754)

* Bump the all group across 1 directory with 4 updates

Bumps the all group with 3 updates in the /hack/tools directory: [github.com/googleapis/api-linter](https://github.com/googleapis/api-linter), [github.com/grpc-ecosystem/grpc-gateway/v2](https://github.com/grpc-ecosystem/grpc-gateway) and [google.golang.org/grpc/cmd/protoc-gen-go-grpc](https://github.com/grpc/grpc-go).


Updates `github.com/googleapis/api-linter` from 1.65.0 to 1.67.1
- [Release notes](https://github.com/googleapis/api-linter/releases)
- [Changelog](https://github.com/googleapis/api-linter/blob/main/CHANGELOG.md)
- [Commits](https://github.com/googleapis/api-linter/compare/v1.65.0...v1.67.1)

Updates `github.com/grpc-ecosystem/grpc-gateway/v2` from 2.19.1 to 2.21.0
- [Release notes](https://github.com/grpc-ecosystem/grpc-gateway/releases)
- [Changelog](https://github.com/grpc-ecosystem/grpc-gateway/blob/main/.goreleaser.yml)
- [Commits](https://github.com/grpc-ecosystem/grpc-gateway/compare/v2.19.1...v2.21.0)

Updates `google.golang.org/grpc/cmd/protoc-gen-go-grpc` from 1.3.0 to 1.5.1
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.3.0...v1.5.1)

Updates `google.golang.org/protobuf` from 1.33.0 to 1.34.2

---
updated-dependencies:
- dependency-name: github.com/googleapis/api-linter
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: github.com/grpc-ecosystem/grpc-gateway/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: google.golang.org/grpc/cmd/protoc-gen-go-grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: google.golang.org/protobuf
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>

* update gen protos

Signed-off-by: Hayden Blauzvern <hblauzvern@google.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Hayden Blauzvern <hblauzvern@google.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Hayden Blauzvern <hblauzvern@google.com>

* Add changelog for v1.6.0 (#1756)

Signed-off-by: Hayden Blauzvern <hblauzvern@google.com>

* fixup

Signed-off-by: Lance Ball <lball@redhat.com>

* chore: remove hermetic builds

Signed-off-by: Lance Ball <lball@redhat.com>

* chore: downgrade golang dep

Signed-off-by: Lance Ball <lball@redhat.com>

* konflux: remove unit test pipeline

Unit tests do not seem to work with go 1.23. Removing for now.

Signed-off-by: Lance Ball <lball@redhat.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: cpanato <ctadeu@gmail.com>
Signed-off-by: Bob Callaway <bcallaway@google.com>
Signed-off-by: Facundo Tuesca <facundo.tuesca@trailofbits.com>
Signed-off-by: William Woodruff <william@trailofbits.com>
Signed-off-by: Carlos Tadeu Panato Junior <ctadeu@gmail.com>
Signed-off-by: Javan lacerda <javanlacerda@google.com>
Signed-off-by: Matt Moore <mattmoor@chainguard.dev>
Signed-off-by: Hayden Blauzvern <hblauzvern@google.com>
Signed-off-by: Javan lacerda javanlacerda@google.com
Signed-off-by: Javan Lacerda <javanlacerda@google.com>
Signed-off-by: dickhardt <dick.hardt@hello.coop>
Signed-off-by: Hayden B <hblauzvern@google.com>
Signed-off-by: Andrew Block <andy.block@gmail.com>
Signed-off-by: Lance Ball <lball@redhat.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Carlos Tadeu Panato Junior <ctadeu@gmail.com>
Co-authored-by: Bob Callaway <bobcallaway@users.noreply.github.com>
Co-authored-by: Facundo Tuesca <facu@tuesca.com>
Co-authored-by: William Woodruff <william@trailofbits.com>
Co-authored-by: Javan Lacerda <javanlacerda@google.com>
Co-authored-by: Matt Moore <mattmoor@chainguard.dev>
Co-authored-by: Hayden B <hblauzvern@google.com>
Co-authored-by: Dick Hardt <dick.hardt@hello.coop>
Co-authored-by: Andrew Block <andy.block@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants