Different images will require different verification options. This
commit adds configuration that allows you to define different
'verifiers' for specific image references, or image reference patterns.

At the moment it supports verification by public key, or the existing
options, but should be expanded to include all supported options.

Also modifies the response from the provider to include an error
per-image checked, rather than returning any error as a 'system' error.

I've also removed the _invalid suffix from the key returned in the
response when there's an error. The presence of the 'error' field
indicates this better, I think.

Signed-off-by: Rob Best <[email protected]>

Signed-off-by: Tom Meadows <[email protected]>

An image can have multiple signatures and therefore in some cases you'll
want multiple verifiers for the same images.

Signed-off-by: Rob Best <[email protected]>

Signed-off-by: Tom Meadows <[email protected]>

Signed-off-by: Tom Meadows <[email protected]>

Modify the configuration so that multiple verifiers can be associated
directly with an image reference/pattern. Images will only be verified
for the first pattern they match.

This makes it possible to provide multiple verification options for a
specific image pattern/reference but also fall through to a less-specific
pattern (with different verification options) for images that don't
match a more specific pattern.

Signed-off-by: Rob Best <[email protected]>

Checking the count of errors is enough.

Signed-off-by: Rob Best <[email protected]>

Signed-off-by: Tom Meadows <[email protected]>

Signed-off-by: Rob Best <[email protected]>

Signed-off-by: Rob Best <[email protected]>

Signed-off-by: Tom Meadows <[email protected]>