💡sign container images/bin using sigstore or other signing solution

[nissessenap]

Describe the feature you'd like A clear and concise description of the feature. What problem does it solve for you? As part of our security work, we are validating all images that run in our kubernets clusters.

Right now, cloudflared is among the ones I sign using an internal script that I push to our internal regsitry. It would be much nicer if the container/binaries would get signed by you as part of a release processes.

Describe alternatives you've considered Are there any alternatives to solving this problem? If so, what was your experience with them? Doesn't have to be sigstore

Additional context My understanding is that you use GitLab to create the container image. https://docs.gitlab.com/ci/yaml/signing_examples/