Verifying images using a generated public key

[Anna-Katona]

Description

Hi!

We'd like to have an opportunity to pass our own Cosign public key generated with cosign generate-key-pair to the provider. To use it the same way as 'cosign verify --key ...’

Expectations:

1. Generate a key pair using cosign generate-key-pair
2. Sign an image
3. Create a k8s secret/configmap for cosign.pub
4. Pass the secret/configmap to cosign-gatekeeper-provider deployment
5. Verify the images using the public key

[rajatrj16]

Hi, I am also looking for something similar if there is a way or in the roadmap please add updates to this issue.
I was looking at this repo and it looks like more of a demo and deprecated with gatekeeper version.