UDS Operator Pepr policy to validate image signatures

[Racer159]

Is your feature request related to a problem? Please describe.

As Ezra I want a configurable way to enforce verification of image signatures on Pod admission to the cluster so that I can have more assurance that images come from where they say.

Describe the solution you'd like

• Given I have a UDS Package including cosign signatures
• And those signatures are configured to be trusted by the UDS Operator
• When I deploy the package and a Pod is created
• Then the UDS Operator will validate that Pod's images
• And because they are trusted will admit them into the cluster

---

• Given I have a UDS Package including cosign signatures (or not including signatures)
• And any signatures are not configured to be trusted by the UDS Operator
• When I deploy the package and a Pod is created
• Then the UDS Operator will validate that Pod's images
• And because they are not trusted will deny their admittance

Describe alternatives you've considered

We could implement checks in uds-cli and that likely makes sense to do as well long term but UDS Operator would catch it more directly where the resource is being created even if the resource did not come from UDS.

Additional context

Initially this should probably only be done for resources that we know should be controlled by UDS (i.e. have a Package CR in their namespace)

[mjnagel]

This is a duplicate/very similar to https://github.com/defenseunicorns/uds-core/issues/371 - maybe could consolidate any additional info into comments on that one?