Error verifying signatures for cloudtrail:latest, cloudtrail:0.11.0, github:latest, github:0.7.1

[LucaGuerra]

Describe the bug

A release job failed to publish signatures for recently released plugins, cloudtrail 0.11.0 and github 0.7.1 and their rules. This may result in issues such as:

2024-03-28 09:06:35 INFO  Resolving dependencies ...
2024-03-28 09:06:35 INFO  Installing artifacts refs: [ghcr.io/falcosecurity/plugins/plugin/cloudtrail:0.11.0]
2024-03-28 09:06:35 INFO  Preparing to pull artifact ref: ghcr.io/falcosecurity/plugins/plugin/cloudtrail:0.11.0
2024-03-28 09:06:36 INFO  Pulling layer 2b28b48c3f79
2024-03-28 09:06:36 INFO  Pulling layer 4af88f4f8d85
2024-03-28 09:06:36 INFO  Pulling layer 57f8a9ddcafb
2024-03-28 09:06:36 INFO  Verifying signature for artifact
                      └ digest: ghcr.io/falcosecurity/plugins/plugin/cloudtrail@sha256:8d0860cf302a632e3beab80925a1d82143f2b6485d655c33783b40dc1fbb62c9
2024-03-28 09:06:36 ERROR error while verifying signature for
                      │   ghcr.io/falcosecurity/plugins/plugin/cloudtrail@sha256:8d0860cf302a632e3beab80925a1d82143f2b6485d655c33783b40dc1fbb62c9: no
                      │   matching signatures

The tag :latest is also affected for those plugins and rules.

We are fixing the release jobs and bumping the versions to correctly publish signatures. We will revoke cloudtrail 0.11.0 and github 0.7.1 and replace them with new versions. This is not a supply chain attack.

[LucaGuerra]

The issue is resolved. Versions cloudtrail:0.12.0 and github:0.7.2 are published with their signatures. Old tags 0.11.0 and 0.7.1 are not signed.

If you are experiencing issues due to missing signature, please use cloudtrail:0.12.0 or github:0.7.2 instead. The :latest tags are also now updated.