Signed-off-by: Jason Hall <jasonhall@redhat.com>

Signed-off-by: Bob Callaway <bob.callaway@gmail.com>

Signed-off-by: Carlos Panato <ctadeu@gmail.com>

Bumps golang from 1.17.5 to 1.17.6.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Signed-off-by: Carlos Panato <ctadeu@gmail.com>

* Add sharding package

Signed-off-by: Lily Sturmann <lsturman@redhat.com>

* Update validators to support future FullID

A FullID is a UUID prepended by a TreeID. This will be used for log sharding

Signed-off-by: Lily Sturmann <lsturman@redhat.com>

Bumps [go.uber.org/goleak](https://github.com/uber-go/goleak) from 1.1.11 to 1.1.12.
- [Release notes](https://github.com/uber-go/goleak/releases)
- [Changelog](https://github.com/uber-go/goleak/blob/master/CHANGELOG.md)
- [Commits](https://github.com/uber-go/goleak/compare/v1.1.11...v1.1.12

)

---
updated-dependencies:
- dependency-name: go.uber.org/goleak
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [go.uber.org/zap](https://github.com/uber-go/zap) from 1.19.1 to 1.20.0.
- [Release notes](https://github.com/uber-go/zap/releases)
- [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/uber-go/zap/compare/v1.19.1...v1.20.0

)

---
updated-dependencies:
- dependency-name: go.uber.org/zap
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Otherwise, the error:
`
error retrieving external entities: error received while fetching artifact: 404 Not Found
`
Which isn't great for debugging

Signed-off-by: Sylvestre Ledru <sylvestre@debian.org>

Bumps [github.com/go-playground/validator/v10](https://github.com/go-playground/validator) from 10.9.0 to 10.10.0.
- [Release notes](https://github.com/go-playground/validator/releases)
- [Commits](https://github.com/go-playground/validator/compare/v10.9.0...v10.10.0

)

---
updated-dependencies:
- dependency-name: github.com/go-playground/validator/v10
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

installation.md doesn't exist anymore

Signed-off-by: Sylvestre Ledru <sylvestre@debian.org>

This should be the actual last one :)

Signed-off-by: Dan Lorenc <lorenc.d@gmail.com>

Bumps [actions/github-script](https://github.com/actions/github-script) from 4 to 5.
- [Release notes](https://github.com/actions/github-script/releases)
- [Commits](https://github.com/actions/github-script/compare/v4...v5

)

---
updated-dependencies:
- dependency-name: actions/github-script
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Right now the type itself is defined in the cli package, which means we can't
use it without an import cycle.

Signed-off-by: Dan Lorenc <lorenc.d@gmail.com>

Signed-off-by: Carlos Panato <ctadeu@gmail.com>

We now pass enough LDFLAGs that this will help keep things consistent.

Signed-off-by: Dan Lorenc <lorenc.d@gmail.com>

This should be the last one!

Signed-off-by: Dan Lorenc <lorenc.d@gmail.com>

Without this we can't properly re-run IndexKeys() on the log data because old minisign
keys were stripped to no longer contain the KeyID or Algorithm field.

Signed-off-by: Dan Lorenc <lorenc.d@gmail.com>

Signed-off-by: Dan Lorenc <lorenc.d@gmail.com>

This is required to make IndexKeys() work on stored types.

Signed-off-by: Dan Lorenc <lorenc.d@gmail.com>

Also fix some possible missing index issues from the last round of refactors.

Signed-off-by: Dan Lorenc <lorenc.d@gmail.com>

Signed-off-by: Morten Linderud <morten@linderud.pw>

* rekor-server: Implement /api/v1/version

This implements a version endpoint for rekor. This helps figure out the
version the server is currently running. It could later be used to
implement version compatibility with CLI utilities.

Example:
   λ rekor main» curl -s localhost:3000/api/v1/version | jq
   {
     "builddate": "'2021-12-27T13:20:32Z'",
     "commit": "12d1a47c",
     "treestate": "dirty",
     "version": "v0.4.0-15-g12d1a47-dirty"
   }

This removes some duplication of the build flags and inserts them into
/pkg/api which is then reused across the utilities.

Signed-off-by: Morten Linderud <morten@linderud.pw>

Signed-off-by: Morten Linderud <morten@linderud.pw>

* Generated files

Signed-off-by: Morten Linderud <morten@linderud.pw>

This was never actually correct - these are technically "payloadTypes", which are
not actually mediaTypes. Some implementations mistakenly sent incorrect media types, so
it appeared to work. The GCS storage layer rejected correct implementations that sent the
payloadType, because these are not valid mediaTypes.

We never used this field anyway, so let's drop it. I verified that the API correctly ignores
unknown fields, so removing this will not break clients that send it.

Signed-off-by: Dan Lorenc <lorenc.d@gmail.com>

We were previously stripping off the keyid/algorithm identifiers in minisign public keys.
These should be included in here to properly canonicalize/reconstruct the keys for verification.

Signed-off-by: Dan Lorenc <lorenc.d@gmail.com>

A lot of these only support one key type, so we don't need to go through
the map.

Signed-off-by: Dan Lorenc <lorenc.d@gmail.com>

Bumps [github.com/rs/cors](https://github.com/rs/cors) from 1.8.0 to 1.8.2.
- [Release notes](https://github.com/rs/cors/releases)
- [Commits](https://github.com/rs/cors/compare/v1.8.0...v1.8.2

)

---
updated-dependencies:
- dependency-name: github.com/rs/cors
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Signed-off-by: Dan Lorenc <lorenc.d@gmail.com>

Signed-off-by: Carlos Panato <ctadeu@gmail.com>

This should help out with #515.

Signed-off-by: Dan Lorenc <lorenc.d@gmail.com>

This is part of a larger series to reduce intermediate state on each rekord type.

Signed-off-by: Dan Lorenc <lorenc.d@gmail.com>

This was duplicated across the unit tests for all of our types, moved it
up to the top-level package.

Signed-off-by: Dan Lorenc <lorenc.d@gmail.com>

Signed-off-by: Dan Lorenc <lorenc.d@gmail.com>

This also adds the ko targets for building them, and entries
to tools.go so go.mod recognizes these dependencies so we can build
them with ko.

Signed-off-by: Dan Lorenc <lorenc.d@gmail.com>

We were catching these inside the IndexKeys function calls and logging, this
change moves that up to the caller. This is much more standard and simplifies the
implementations.

Signed-off-by: Dan Lorenc <lorenc.d@gmail.com>

This got copy-pasta-ed a bit as we added a lot of new types. I refactored
this out so we have the logic only once.

Signed-off-by: Dan Lorenc <lorenc.d@gmail.com>

This didn't appear to actually be useful on any of our types - we also
check the actual fields that need to be hydrated directly.

Signed-off-by: Dan Lorenc <lorenc.d@gmail.com>

This was set to fail on December 18th, which happens to be yesterday!

Signed-off-by: Dan Lorenc <lorenc.d@gmail.com>

Signed-off-by: Carlos Panato <ctadeu@gmail.com>

Signed-off-by: Carlos Panato <ctadeu@gmail.com>