Signed-off-by: Bob Callaway <bob.callaway@gmail.com>

Signed-off-by: Bob Callaway <bob.callaway@gmail.com>

Bumps [github.com/go-openapi/runtime](https://github.com/go-openapi/runtime) from 0.21.0 to 0.21.1.
- [Release notes](https://github.com/go-openapi/runtime/releases)
- [Commits](https://github.com/go-openapi/runtime/compare/v0.21.0...v0.21.1

)

---
updated-dependencies:
- dependency-name: github.com/go-openapi/runtime
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [github.com/go-openapi/errors](https://github.com/go-openapi/errors) from 0.20.1 to 0.20.2.
- [Release notes](https://github.com/go-openapi/errors/releases)
- [Commits](https://github.com/go-openapi/errors/compare/v0.20.1...v0.20.2

)

---
updated-dependencies:
- dependency-name: github.com/go-openapi/errors
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [google-github-actions/auth](https://github.com/google-github-actions/auth) from 0.4.4 to 0.5.0.
- [Release notes](https://github.com/google-github-actions/auth/releases)
- [Changelog](https://github.com/google-github-actions/auth/blob/main/CHANGELOG.md)
- [Commits](https://github.com/google-github-actions/auth/compare/c6c22902f6af237edb96ede5f25a00e864589b2f...7a360a247cce1245c1d13bc63d8b2ac927d201c8

)

---
updated-dependencies:
- dependency-name: google-github-actions/auth
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1.0.28 to 1.0.29.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/8a4b243fbf9a03a93e93a71c1ec257347041f9c4...384cfc42b2131df01c009d3d2eed7b78d8e8556e

)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [gopkg.in/ini.v1](https://github.com/go-ini/ini) from 1.66.2 to 1.66.3.
- [Release notes](https://github.com/go-ini/ini/releases)
- [Commits](https://github.com/go-ini/ini/compare/v1.66.2...v1.66.3

)

---
updated-dependencies:
- dependency-name: gopkg.in/ini.v1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [github.com/google/go-cmp](https://github.com/google/go-cmp) from 0.5.6 to 0.5.7.
- [Release notes](https://github.com/google/go-cmp/releases)
- [Commits](https://github.com/google/go-cmp/compare/v0.5.6...v0.5.7

)

---
updated-dependencies:
- dependency-name: github.com/google/go-cmp
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Update github/codeql-action requirement to 8a4b243fbf9a03a93e93a71c1ec257347041f9c4

Updates the requirements on [github/codeql-action](https://github.com/github/codeql-action) to permit the latest version.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/commits/8a4b243fbf9a03a93e93a71c1ec257347041f9c4

)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* update version comments

Signed-off-by: Bob Callaway <bob.callaway@gmail.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Bob Callaway <bob.callaway@gmail.com>

Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.11.0 to 1.12.0.
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prometheus/client_golang/compare/v1.11.0...v1.12.0

)

---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* helpful error message for hashedrekord types

Signed-off-by: Bob Callaway <bob.callaway@gmail.com>

* Bump ossf/scorecard-action

Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 0fe1afdc40f536c78e3dc69147b91b3ecec2cc8a to 1.0.1. This release includes the previously tagged commit.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Commits](https://github.com/ossf/scorecard-action/compare/0fe1afdc40f536c78e3dc69147b91b3ecec2cc8a...e3e75cf2ffbf9364bbff86cdbdf52b23176fe492

)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* add version comment

Signed-off-by: Carlos Panato <ctadeu@gmail.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Carlos Panato <ctadeu@gmail.com>

* Bump goreleaser/goreleaser-action from 2.8.0 to 2.8.1

Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) from 2.8.0 to 2.8.1.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases)
- [Commits](https://github.com/goreleaser/goreleaser-action/compare/5df302e5e9e4c66310a6b6493a8865b12c555af2...79d4afbba1b4eff8b9a98e3d2e58c4dbaf094e2b

)

---
updated-dependencies:
- dependency-name: goreleaser/goreleaser-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* update version comment

Signed-off-by: Carlos Panato <ctadeu@gmail.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Carlos Tadeu Panato Junior <ctadeu@gmail.com>

* stop using github secret and use GCP workload identity pool

Signed-off-by: Bob Callaway <bob.callaway@gmail.com>

* move to rekor-specific provider

Signed-off-by: Bob Callaway <bob.callaway@gmail.com>

Signed-off-by: Bob Callaway <bob.callaway@gmail.com>

Bumps golang from `8c0269d` to `0fa6504`.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* pin all github actions by digest instead of tag

Signed-off-by: Bob Callaway <bob.callaway@gmail.com>

* pin items in Dockerfile

Signed-off-by: Bob Callaway <bob.callaway@gmail.com>

* fix GOVERSION logic

Signed-off-by: Bob Callaway <bob.callaway@gmail.com>

Signed-off-by: Jason Hall <jasonhall@redhat.com>

Signed-off-by: Bob Callaway <bob.callaway@gmail.com>

Signed-off-by: Carlos Panato <ctadeu@gmail.com>

Bumps golang from 1.17.5 to 1.17.6.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Signed-off-by: Carlos Panato <ctadeu@gmail.com>

* Add sharding package

Signed-off-by: Lily Sturmann <lsturman@redhat.com>

* Update validators to support future FullID

A FullID is a UUID prepended by a TreeID. This will be used for log sharding

Signed-off-by: Lily Sturmann <lsturman@redhat.com>

Bumps [go.uber.org/goleak](https://github.com/uber-go/goleak) from 1.1.11 to 1.1.12.
- [Release notes](https://github.com/uber-go/goleak/releases)
- [Changelog](https://github.com/uber-go/goleak/blob/master/CHANGELOG.md)
- [Commits](https://github.com/uber-go/goleak/compare/v1.1.11...v1.1.12

)

---
updated-dependencies:
- dependency-name: go.uber.org/goleak
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [go.uber.org/zap](https://github.com/uber-go/zap) from 1.19.1 to 1.20.0.
- [Release notes](https://github.com/uber-go/zap/releases)
- [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/uber-go/zap/compare/v1.19.1...v1.20.0

)

---
updated-dependencies:
- dependency-name: go.uber.org/zap
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Otherwise, the error:
`
error retrieving external entities: error received while fetching artifact: 404 Not Found
`
Which isn't great for debugging

Signed-off-by: Sylvestre Ledru <sylvestre@debian.org>

Bumps [github.com/go-playground/validator/v10](https://github.com/go-playground/validator) from 10.9.0 to 10.10.0.
- [Release notes](https://github.com/go-playground/validator/releases)
- [Commits](https://github.com/go-playground/validator/compare/v10.9.0...v10.10.0

)

---
updated-dependencies:
- dependency-name: github.com/go-playground/validator/v10
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

installation.md doesn't exist anymore

Signed-off-by: Sylvestre Ledru <sylvestre@debian.org>

This should be the actual last one :)

Signed-off-by: Dan Lorenc <lorenc.d@gmail.com>

Bumps [actions/github-script](https://github.com/actions/github-script) from 4 to 5.
- [Release notes](https://github.com/actions/github-script/releases)
- [Commits](https://github.com/actions/github-script/compare/v4...v5

)

---
updated-dependencies:
- dependency-name: actions/github-script
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Right now the type itself is defined in the cli package, which means we can't
use it without an import cycle.

Signed-off-by: Dan Lorenc <lorenc.d@gmail.com>

Signed-off-by: Carlos Panato <ctadeu@gmail.com>

We now pass enough LDFLAGs that this will help keep things consistent.

Signed-off-by: Dan Lorenc <lorenc.d@gmail.com>

This should be the last one!

Signed-off-by: Dan Lorenc <lorenc.d@gmail.com>

Without this we can't properly re-run IndexKeys() on the log data because old minisign
keys were stripped to no longer contain the KeyID or Algorithm field.

Signed-off-by: Dan Lorenc <lorenc.d@gmail.com>

Signed-off-by: Dan Lorenc <lorenc.d@gmail.com>

This is required to make IndexKeys() work on stored types.

Signed-off-by: Dan Lorenc <lorenc.d@gmail.com>

Also fix some possible missing index issues from the last round of refactors.

Signed-off-by: Dan Lorenc <lorenc.d@gmail.com>

Signed-off-by: Morten Linderud <morten@linderud.pw>

* rekor-server: Implement /api/v1/version

This implements a version endpoint for rekor. This helps figure out the
version the server is currently running. It could later be used to
implement version compatibility with CLI utilities.

Example:
   λ rekor main» curl -s localhost:3000/api/v1/version | jq
   {
     "builddate": "'2021-12-27T13:20:32Z'",
     "commit": "12d1a47c",
     "treestate": "dirty",
     "version": "v0.4.0-15-g12d1a47-dirty"
   }

This removes some duplication of the build flags and inserts them into
/pkg/api which is then reused across the utilities.

Signed-off-by: Morten Linderud <morten@linderud.pw>

Signed-off-by: Morten Linderud <morten@linderud.pw>

* Generated files

Signed-off-by: Morten Linderud <morten@linderud.pw>