Currently, a log witness countersigns the latest checkpoint Rekor
publishes. Rekor updates its checkpoint on every entry upload, which is
extremely frequent. This means that two witnesses are very unlikely to
countersign the same checkpoint. While gossiping, it will not be
possible to reach a consensus on the same checkpoint, and therefore we
can't mitigate split-view attacks.

This change publishes a checkpoint, a "stable checkpoint", every 5
minutes (configurable) to Redis. This runs as a goroutine, with a Redis
key derived from the current time rounded to the nearest 5 minutes.
We use set-if-not-exist for Redis, meaning you can run replicated instances of
Rekor, with all instances writing to the same Redis key.

For a client that wants to gossip, this means waiting 5 minutes before
a checkpoint is published that witnesses will countersign (Note that
this is an area of active development and research too).
The stable checkpoint can be accessed with a query parameter.

Fixes sigstore#1067. There is still
value in batching in terms of reliablity, but stable checkpoints
solve the gossiping issue without a breaking change.

Signed-off-by: Hayden Blauzvern <hblauzvern@google.com>

Signed-off-by: Hayden Blauzvern <hblauzvern@google.com>

Signed-off-by: Hayden Blauzvern <hblauzvern@google.com>

Signed-off-by: Hayden Blauzvern <hblauzvern@google.com>

Signed-off-by: Hayden Blauzvern <hblauzvern@google.com>

Co-authored-by: Bob Callaway <bobcallaway@users.noreply.github.com>
Signed-off-by: Hayden B <hblauzvern@google.com>

Signed-off-by: Hayden Blauzvern <hblauzvern@google.com>

Signed-off-by: Hayden Blauzvern <hblauzvern@google.com>