v0.4.3

What's Changed

• Emit a better error when OIDC information is missing by @sethvargo in #81
• Add workflow to update tag pointer by @sethvargo in #82

Full Changelog: v0.4.2...v0.4.3

v0.4.2

Upgrade notes from v0.4.1

• Ensure you use actions/checkout@v2 before using google-github-actions/auth!

What's Changed

• Replace backticks with single quotes in README by @ohkinozomu in #65
• Note that Domain-Wide Delegation is not supported by @sethvargo in #64
• Use strict everywhere by @sethvargo in #68
• Clean up exported credentials when the workflow finishes by @sethvargo in #67
• Add util function for parsing durations and many more tests by @sethvargo in #69
• Add support for Domain-Wide Delegation by @sethvargo in #70
• Remove bug and pr templates to inherit from organization by @sethvargo in #71
• Upgrade deps by @sethvargo in #72
• Allow manually invoking tests too by @sethvargo in #74
• Add another test for fromBase64 by @sethvargo in #76

New Contributors

• @ohkinozomu made their first contribution in #65

Full Changelog: v0.4.1...v0.4.2

v0.4.1

What's Changed

• Pull user-agent version from module by @sethvargo in #45
• Add log output to bug template by @sethvargo in #53
• Output more information in error about missing secrets by @sethvargo in #55
• Switch to using test-infra resources by @bharathkkb in #44
• Use YAML templates for issues by @sethvargo in #47
• Fix token format example in readme by @pokutuna in #59
• Export Google GHA creds env var by @bharathkkb in #57

New Contributors

• @pokutuna made their first contribution in #59

Full Changelog: v0.4.0...v0.4.1

v0.4.0

What's Changed

• Update to new STS URL by @sethvargo in #30
• Expand error message when GitHub envvars are not present by @sethvargo in #31
• Add support for specifying authentication via JSON service account keys by @sethvargo in #37 and @bharathkkb in #33
• Ensure files are compiled as part of CI by @sethvargo in #41
• chore: Handle non-pull request runs by @sethvargo in #42 and @sethvargo in #43

Full Changelog: v0.3.1...v0.4.0

v0.3.1

Upgrade notice

GitHub Actions OIDC tokens are still under active development and subject to change.

In this release, the aud parameter defaults to the Google Cloud Workload Identity Provider ID. This is the default value that Google Cloud expects, so you no longer need to customize the --allowed-audiences field. The README instructions have been updated to reflect this.

If you were using v0.3.0 or earlier, you had to configure the "allowed audiences" on the Google Cloud Workload Identity Provider to be the static value of "sigstore". Setting that value to "sigstore" was a temporary workaround until GitHub rolled out configurable audiences. Now that GitHub has rolled out customizable audiences, v0.3.1+ changed the defaults. If you have an existing installation, you must revert the allowed audiences back to the default value on the Google Cloud Workload Identity Provider:

gcloud iam workload-identity-pools providers update-oidc "my-provider" \
  --location="global" \
  --workload-identity-pool="my-pool" \
  --allowed-audiences=""

What's Changed

• Update references to google now by @sethvargo in #8
• Create CODEOWNERS by @sethvargo in #11
• Update README.md by @sethvargo in #14
• Fix typo by @yfuruyama in #13
• Add read permission to examples in the Readme by @hazcod in #18
• docs: remove unnecessary steps and update examples by @bgdanix in #15
• Add issue/pr templates, note test failures likely by @sethvargo in #19
• Upgrade actions/core to release version by @sethvargo in #21
• Clean up a few typescript warnings by @sethvargo in #25
• Default audience to the WIF provider ID by @sethvargo in #23

New Contributors

• @hazcod made their first contribution in #18
• @bgdanix made their first contribution in #15

Full Changelog: v0.3.0...v0.3.1

v0.3.0

What's Changed

• Add the ability to generate and export a credentials file by @sethvargo in #7

Full Changelog: v0.2.0...v0.3.0

v0.2.0

What's Changed

• Support ID Token generation by @yfuruyama in #1
• feat: use actions/core for generating GH OIDC token by @bharathkkb in #2
• Refactor to support access and id tokens by @sethvargo in #3

New Contributors

• @yfuruyama made their first contribution in #1
• @bharathkkb made their first contribution in #2
• @sethvargo made their first contribution in #3

Full Changelog: v0.1.0...v0.2.0

v0.1.0

Initial release