Bumps sigstore to 1.8.15 and fixes unit tests (tektoncd#1312)

Signed-off-by: PuneetPunamiya <[email protected]>

Author: PuneetPunamiya

go.mod

@@ -23,7 +23,7 @@ require (
 	github.com/secure-systems-lab/go-securesystemslib v0.9.0
 	github.com/sigstore/cosign/v2 v2.4.2
 	github.com/sigstore/rekor v1.3.9
-	github.com/sigstore/sigstore v1.8.12
+	github.com/sigstore/sigstore v1.8.15
 	github.com/sigstore/sigstore/pkg/signature/kms/aws v1.8.12
 	github.com/sigstore/sigstore/pkg/signature/kms/azure v1.8.12
 	github.com/sigstore/sigstore/pkg/signature/kms/gcp v1.8.12
@@ -440,7 +440,7 @@ require (
 	golang.org/x/exp/typeparams v0.0.0-20241108190413-2d47ceb2692f // indirect
 	golang.org/x/mod v0.22.0 // indirect
 	golang.org/x/net v0.34.0 // indirect
-	golang.org/x/oauth2 v0.25.0 // indirect
+	golang.org/x/oauth2 v0.26.0 // indirect
 	golang.org/x/sync v0.11.0 // indirect
 	golang.org/x/sys v0.30.0 // indirect
 	golang.org/x/term v0.29.0 // indirect

go.sum

@@ -1225,8 +1225,8 @@ github.com/sigstore/protobuf-specs v0.4.0 h1:yoZbdh0kZYKOSiVbYyA8J3f2wLh5aUk2SQB
 github.com/sigstore/protobuf-specs v0.4.0/go.mod h1:FKW5NYhnnFQ/Vb9RKtQk91iYd0MKJ9AxyqInEwU6+OI=
 github.com/sigstore/rekor v1.3.9 h1:sUjRpKVh/hhgqGMs0t+TubgYsksArZ6poLEC3MsGAzU=
 github.com/sigstore/rekor v1.3.9/go.mod h1:xThNUhm6eNEmkJ/SiU/FVU7pLY2f380fSDZFsdDWlcM=
-github.com/sigstore/sigstore v1.8.12 h1:S8xMVZbE2z9ZBuQUEG737pxdLjnbOIcFi5v9UFfkJFc=
-github.com/sigstore/sigstore v1.8.12/go.mod h1:+PYQAa8rfw0QdPpBcT+Gl3egKD9c+TUgAlF12H3Nmjo=
+github.com/sigstore/sigstore v1.8.15 h1:9HHnZmxjPQSTPXTCZc25HDxxSTWwsGMh/ZhWZZ39maU=
+github.com/sigstore/sigstore v1.8.15/go.mod h1:+Wa5mrG6A+Gss516YC9owy10q3IazqIRe0y1EoQRHHM=
 github.com/sigstore/sigstore-go v0.7.0 h1:bIGPc2IbnbxnzlqQcKlh1o96bxVJ4yRElpP1gHrOH48=
 github.com/sigstore/sigstore-go v0.7.0/go.mod h1:4RrCK+i+jhx7lyOG2Vgef0/kFLbKlDI1hrioUYvkxxA=
 github.com/sigstore/sigstore/pkg/signature/kms/aws v1.8.12 h1:EC3UmIaa7nV9sCgSpVevmvgvTYTkMqyrRbj5ojPp7tE=
@@ -1648,8 +1648,8 @@ golang.org/x/oauth2 v0.0.0-20220309155454-6242fa91716a/go.mod h1:DAh4E804XQdzx2j
 golang.org/x/oauth2 v0.0.0-20220411215720-9780585627b5/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc=
 golang.org/x/oauth2 v0.0.0-20220608161450-d0670ef3b1eb/go.mod h1:jaDAt6Dkxork7LmZnYtzbRWj0W47D86a3TGe0YHBvmE=
 golang.org/x/oauth2 v0.0.0-20220622183110-fd043fe589d2/go.mod h1:jaDAt6Dkxork7LmZnYtzbRWj0W47D86a3TGe0YHBvmE=
-golang.org/x/oauth2 v0.25.0 h1:CY4y7XT9v0cRI9oupztF8AgiIu99L/ksR/Xp/6jrZ70=
-golang.org/x/oauth2 v0.25.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=
+golang.org/x/oauth2 v0.26.0 h1:afQXWNNaeC4nvZ0Ed9XvCCzXM6UHJG7iCg0W4fPqSBE=
+golang.org/x/oauth2 v0.26.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=

pkg/chains/signing/kms/kms_test.go

@@ -49,12 +49,13 @@ func TestInValidVaultAddressConnectionRefused(t *testing.T) {
 	}
 }
 
+var expectedErrorMessage = "no kms provider found for key reference: : parsing input key resource id: expected format: [plugin name]://[key ref], got: "
+
 func TestValidVaultAddressConnectionWithoutPortAndScheme(t *testing.T) {
 	cfg := config.KMSSigner{}
 	cfg.Auth.Address = "abc.com"
 
 	_, err := NewSigner(context.Background(), cfg)
-	expectedErrorMessage := "no kms provider found for key reference: "
 	if err.Error() != expectedErrorMessage {
 		t.Errorf("Expected error message '%s', but got '%s'", expectedErrorMessage, err.Error())
 	}
@@ -65,7 +66,6 @@ func TestValidVaultAddressConnectionWithoutScheme(t *testing.T) {
 	cfg.Auth.Address = "abc.com:80"
 
 	_, err := NewSigner(context.Background(), cfg)
-	expectedErrorMessage := "no kms provider found for key reference: "
 	if err.Error() != expectedErrorMessage {
 		t.Errorf("Expected error message '%s', but got '%s'", expectedErrorMessage, err.Error())
 	}
@@ -82,7 +82,6 @@ func TestValidVaultAddressConnection(t *testing.T) {
 		cfg.Auth.Address = server.URL
 
 		_, err := NewSigner(context.Background(), cfg)
-		expectedErrorMessage := "no kms provider found for key reference: "
 		if err.Error() != expectedErrorMessage {
 			t.Errorf("Expected error message '%s', but got '%s'", expectedErrorMessage, err.Error())
 		}
@@ -98,7 +97,6 @@ func TestValidVaultAddressConnection(t *testing.T) {
 		cfg.Auth.Address = server.URL
 
 		_, err := NewSigner(context.Background(), cfg)
-		expectedErrorMessage := "no kms provider found for key reference: "
 		if err.Error() != expectedErrorMessage {
 			t.Errorf("Expected error message '%s', but got '%s'", expectedErrorMessage, err.Error())
 		}
@@ -122,7 +120,6 @@ func TestValidVaultAddressConnection(t *testing.T) {
 		cfg.Auth.Address = "http://127.0.0.1:41227"
 
 		_, err = NewSigner(context.Background(), cfg)
-		expectedErrorMessage := "no kms provider found for key reference: "
 		if err.Error() != expectedErrorMessage {
 			t.Errorf("Expected error message '%s', but got '%s'", expectedErrorMessage, err.Error())
 		}