Add extension for deployment environment

[Hayden-IO]

This defines a new OID for a "deployment environment". By itself, it's not very meaningful as it's a user-defined string, but this can be used by a monitor to validate artifact provenance, e.g. verifying that a deployment environment had certain protections enabled.

Fixes #1845

Summary

Release Note

Documentation

[Hayden-IO]

cc @di @woodruffw

[Hayden-IO]

also cc @kommendorkapten

[codecov]

Codecov Report

❌ Patch coverage is 63.63636% with 4 lines in your changes missing coverage. Please review.
✅ Project coverage is 44.62%. Comparing base (cf238ac) to head (d298de1).
⚠️ Report is 493 commits behind head on main.

Files with missing lines	Patch %	Lines
pkg/certificate/extensions.go	63.63%	2 Missing and 2 partials ⚠️

Additional details and impacted files

@@             Coverage Diff             @@
##             main    #2190       +/-   ##
===========================================
- Coverage   57.93%   44.62%   -13.32%     
===========================================
  Files          50       72       +22     
  Lines        3119     4668     +1549     
===========================================
+ Hits         1807     2083      +276     
- Misses       1154     2349     +1195     
- Partials      158      236       +78     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[kommendorkapten]

This is great, thanks @haydentherapper!

[di]

LGTM