Writing a signed image to docker:// makes it temporarily visible unsigned

[mtrmac]

The expected sequence of operations for an ImageDestination is PutManifest first, then PutSignatures{,WithFormat}, and docker:// has the straightforward implementation.

That means that when pushing to a tag, the tag points at the intended manifest while signatures are not yet available, potentially breaking signature-enforcing clients.

We should defer uploading of the tagged manifest (but not manifests with non-nil instanceDigest) to Commit time.

[mtrmac]

OTOH (the OpenShift implementation of) the simple signing API extension, reasonably, doesn’t allow reading signatures from non-existent images, i.e. we can’t fetch the list of signatures to update until we push the manifest.