remove federation, add contact, description

Signed-off-by: Javan lacerda <[email protected]>

config/identity/config.yaml

@@ -17,52 +17,76 @@ oidc-issuers:
     issuer-url: https://accounts.google.com
     client-id: sigstore
     type: email
+    contact: [email protected]
+    description: "Google OIDC auth"
   https://agent.buildkite.com:
     issuer-url: https://agent.buildkite.com
     client-id: sigstore
     type: buildkite-job
+    contact: [email protected]
+    description: "Buildkite Agent OIDC tokens for job identity"
   https://allow.pub:
     issuer-url: https://allow.pub
     client-id: sigstore
     type: spiffe
     spiffe-trust-domain: allow.pub
+    contact: [email protected]
+    description: "Server side signing support for the OCI registry vcr.pub"
   https://auth.eclipse.org/auth/realms/sigstore:
     issuer-url: https://auth.eclipse.org/auth/realms/sigstore
     client-id: sigstore
     type: email
+    contact: [email protected]
+    description: "Eclipse Foundation Production OIDC provider"
   https://dev.gitlab.org:
     issuer-url: https://dev.gitlab.org
     client-id: sigstore
     type: gitlab-pipeline
+    contact: [email protected]
+    description: "GitLab OIDC tokens for job identity"
   https://gitlab.archlinux.org:
     issuer-url: https://gitlab.archlinux.org
     client-id: sigstore
     type: gitlab-pipeline
+    contact: [email protected]
+    description: "GitLab OIDC tokens for job identity"
   https://gitlab.com:
     issuer-url: https://gitlab.com
     client-id: sigstore
     type: gitlab-pipeline
+    contact: [email protected]
+    description: "GitLab OIDC tokens for job identity"
   https://issuer.enforce.dev:
     issuer-url: https://issuer.enforce.dev
     client-id: sigstore
     type: chainguard-identity
+    contact: [email protected]
+    description: "Chainguard identity tokens"
   https://oauth2.sigstore.dev/auth:
     issuer-url: https://oauth2.sigstore.dev/auth
     client-id: sigstore
     type: email
     issuer-claim: $.federated_claims.connector_id
+    contact: [email protected]
+    description: "dex address for fulcio"
   https://oidc.codefresh.io:
     issuer-url: https://oidc.codefresh.io
     client-id: sigstore
     type: codefresh-workflow
+    contact: [email protected]
+    description: "Codefresh OIDC tokens for job identity"
   https://ops.gitlab.net:
     issuer-url: https://ops.gitlab.net
     client-id: sigstore
     type: gitlab-pipeline
+    contact: [email protected]
+    description: "GitLab OIDC tokens for job identity"
   https://token.actions.githubusercontent.com:
     issuer-url: https://token.actions.githubusercontent.com
     client-id: sigstore
     type: github-workflow
+    contact: [email protected]
+    description: "GitHub Actions OIDC auth"
 meta-issuers:
   https://*.oic.prod-aks.azure.com/*:
     client-id: sigstore
@@ -79,3 +103,4 @@ meta-issuers:
   https://token.actions.githubusercontent.com/*:
     client-id: sigstore
     type: github-workflow
+

pkg/config/config.go

@@ -111,6 +111,11 @@ type OIDCIssuer struct {
 	// Optional, the challenge claim expected for the issuer
 	// Set if using a custom issuer
 	ChallengeClaim string `json:"ChallengeClaim,omitempty" yaml:"challenge-claim,omitempty"`
+	// Optional, the description for the issuer
+	Description string `json:"Description,omitempty" yaml:"description,omitempty"`
+	// Optional, the contact for the issuer team
+	// Usually it is a email
+	Contact string `json:"Contact,omitempty" yaml:"contact,omitempty"`
 }
 
 func metaRegex(issuer string) (*regexp.Regexp, error) {