Fix CI issues of policies

[flavio]

Fix these broken PRs:

• chore(deps): update all non-major dependencies safe-labels-policy#59

• chore(deps): update all non-major dependencies safe-annotations-policy#60

• chore(deps): update all non-major dependencies ingress-policy#59

• chore(deps): update all non-major dependencies volumes-psp-policy#43

• chore(deps): update all non-major dependencies cel-policy#65

• chore(deps): update kubewarden/github-actions action to v3.3.2 go-wasi-policy-template#56

• fix(tests): Don't expect a json to stdout from kwctl anymore psa-label-enforcer-policy#45

• fix(tests): Don't expect a json in stdout from kwctl anymore persistentvolumeclaim-storageclass-policy#28

[viccuad]

There's several issues:

1. Policies being updated to go 1.23 toolchain, which must be built with tinygo >= 0.33.0.

2. From kwctl 1.13 to 1.14, we changed behaviour, and now kwctl doesn't print a json by default:

   $ kwctl-1.14 run annotated-policy.wasm -r test_data/ingress.json --settings-json '{"denied_labels": ["foo", "cc-center"], "constrained_labels": {"cc-center": "^cc-\\d+$"}}'
   libunwind: __unw_add_dynamic_fde: bad fde: FDE is really a CIE
   Error: Error running policy file:///home/vic/suse/kw/policies/safe-labels-policy/annotated-policy.wasm: Provided settings are not valid: "Provided settings are not valid: These labels cannot be constrained and denied at the same time: cc-center"
   $ kwctl-1.13 run annotated-policy.wasm -r test_data/ingress.json --settings-json '{"denied_labels": ["foo", "cc-center"], "constrained_labels": {"cc-center": "^cc-\\d+$"}}'
   libunwind: __unw_add_dynamic_fde: bad fde: FDE is really a CIE
   {"valid":false,"message":"Provided settings are not valid: These labels cannot be constrained and denied at the same time: cc-center"}
   Error: Provided settings are not valid: Some("Provided settings are not valid: These labels cannot be constrained and denied at the same time: cc-center")

   List: https://github.com/search?q=org%3Akubewarden%20.*valid.*false&type=code

3. Possible Sigstore change and/or error (at least on my machine)

   Error: Failed to fetch https://tuf-repo-cdn.sigstore.dev/6.root.json: Transport 'other' error fetching 'https://tuf-repo-cdn.sigstore.dev/6.root.json': The HTTP client could not be built: builder error
   
     Caused by:
         0: Transport 'other' error fetching 'https://tuf-repo-cdn.sigstore.dev/6.root.json': The HTTP client could not be built: builder error
         1: The HTTP client could not be built: builder error
         2: builder error
         3: Permission denied (os error 13)

[viccuad]

Number 2 is caused by a correct removal of a printf that was priting to stdout a json with the result of the settings validation. The correct solution is to amend the tests on the policies.

I haven't found the culprit for number 3.

[viccuad]

I have opened #853 for number 1, number 2 is done and with this the listed repos have green CI, and I will have an eye on number 3.

Closing as completed.