v0.3.1

Upgrade notice

GitHub Actions OIDC tokens are still under active development and subject to change.

In this release, the aud parameter defaults to the Google Cloud Workload Identity Provider ID. This is the default value that Google Cloud expects, so you no longer need to customize the --allowed-audiences field. The README instructions have been updated to reflect this.

If you were using v0.3.0 or earlier, you had to configure the "allowed audiences" on the Google Cloud Workload Identity Provider to be the static value of "sigstore". Setting that value to "sigstore" was a temporary workaround until GitHub rolled out configurable audiences. Now that GitHub has rolled out customizable audiences, v0.3.1+ changed the defaults. If you have an existing installation, you must revert the allowed audiences back to the default value on the Google Cloud Workload Identity Provider:

gcloud iam workload-identity-pools providers update-oidc "my-provider" \
  --location="global" \
  --workload-identity-pool="my-pool" \
  --allowed-audiences=""

What's Changed

• Update references to google now by @sethvargo in #8
• Create CODEOWNERS by @sethvargo in #11
• Update README.md by @sethvargo in #14
• Fix typo by @yfuruyama in #13
• Add read permission to examples in the Readme by @hazcod in #18
• docs: remove unnecessary steps and update examples by @bgdanix in #15
• Add issue/pr templates, note test failures likely by @sethvargo in #19
• Upgrade actions/core to release version by @sethvargo in #21
• Clean up a few typescript warnings by @sethvargo in #25
• Default audience to the WIF provider ID by @sethvargo in #23

New Contributors

• @hazcod made their first contribution in #18
• @bgdanix made their first contribution in #15

Full Changelog: v0.3.0...v0.3.1

v0.3.0

What's Changed

• Add the ability to generate and export a credentials file by @sethvargo in #7

Full Changelog: v0.2.0...v0.3.0

v0.2.0

What's Changed

• Support ID Token generation by @yfuruyama in #1
• feat: use actions/core for generating GH OIDC token by @bharathkkb in #2
• Refactor to support access and id tokens by @sethvargo in #3

New Contributors

• @yfuruyama made their first contribution in #1
• @bharathkkb made their first contribution in #2
• @sethvargo made their first contribution in #3

Full Changelog: v0.1.0...v0.2.0

v0.1.0

Initial release