feat(cosign): add variable for annotations

Presentation

Fixes #143 (closed)

Checklist

• Documented:
  • README.md reflects any job, variable or whichever visible change
  • kicker.json reflects any job, variable or whichever visible change
• Tested & examplified:
  • https://gitlab.com/to-be-contained/images/-/jobs/11249022632

$ cosign verify --key .env/cosign.dev.pub registry.gitlab.com/to-be-contained/images/snapshot/test-cosign-annotations-input:gitops-latest
setting TUF refresh period to 24h0m0s

Verification for registry.gitlab.com/to-be-contained/images/snapshot/test-cosign-annotations-input:gitops-latest --
The following checks were performed on each of these signatures:
  - The cosign claims were validated
  - Existence of the claims in the transparency log was verified offline
  - The signatures were verified against the specified public key

[{"critical":{"identity":{"docker-reference":"registry.gitlab.com/to-be-contained/images/snapshot/test-cosign-annotations-input"},"image":{"docker-manifest-digest":"sha256:781365b6c22f1264e542dce73b43762d29f2c016cebc159e4ef38d35d8fb1116"},"type":"cosign container image signature"},"optional":{"Bundle":{"SignedEntryTimestamp":"MEUCICTlh3ocrd+2fpj+pO1pe+tUNbt5v29jOfthmTllyp10AiEAjLt+RHGmJJ8w28cbiTl3OMGeVjMt9jNJFI0g8xdkIsg=","Payload":{"body":"eyJhcGlWZXJzaW9uIjoiMC4wLjEiLCJraW5kIjoiaGFzaGVkcmVrb3JkIiwic3BlYyI6eyJkYXRhIjp7Imhhc2giOnsiYWxnb3JpdGhtIjoic2hhMjU2IiwidmFsdWUiOiJkZmUwMzg5OWIwMzQ5NTk4ODZhNGNjODZlMjUyMjIxYWQ4ZWY2MWFhOTAxYzY5MjU2ZjEzOGI5N2NlZDc1ZTg4In19LCJzaWduYXR1cmUiOnsiY29udGVudCI6Ik1FUUNJRlNyTXdKTmFISHdmcTZtWDEvNXVlZjUyMFlWNFlQb1FDcmphY0JmcVJkYUFpQUxtazh6TUU1QjE0YnZ0RW01SW9IMkk2SE5mZXNkWWhucEw1Ry92eE4xb2c9PSIsInB1YmxpY0tleSI6eyJjb250ZW50IjoiTFMwdExTMUNSVWRKVGlCUVZVSk1TVU1nUzBWWkxTMHRMUzBLVFVacmQwVjNXVWhMYjFwSmVtb3dRMEZSV1VsTGIxcEplbW93UkVGUlkwUlJaMEZGZUdKYVJ6WnpTRzlRUmxkRlRIVTBjVTh6VEdWNFZtOWtkRlZNY3dwTlRXY3lWUzgyUm5RME1VOXVRM0phZVRoVVlsQlNhakZzY1VObmFtVkRSWFZaTkN0MWRXMDJORTgwTUM4NE5VVjVlRTFhUTJZMlQxRm5QVDBLTFMwdExTMUZUa1FnVUZWQ1RFbERJRXRGV1MwdExTMHRDZz09In19fX0=","integratedTime":1756999706,"logIndex":469722120,"logID":"c0d23d6ad406973f9559f3ba2d1ca01f84147d8ffc5b8445c224f98b9591801d"}},"gitlab.ci.commit.ref.name":"test/cosign-annotations-input","gitlab.ci.commit.sha":"a31ba094d1ebe8065d51a2c5ea872f0383c7efff","gitlab.ci.job.id":"11249022632","gitlab.ci.job.url":"https://gitlab.com/to-be-contained/images/-/jobs/11249022632","gitlab.ci.pipeline.id":"2022272944","gitlab.ci.pipeline.name":"","gitlab.ci.pipeline.url":"https://gitlab.com/to-be-contained/images/-/pipelines/2022272944","gitlab.ci.project.path":"https://gitlab.com/to-be-contained/images","gitlab.ci.registry.image":"","gitlab.ci.runner.id":"12270845","gitlab.ci.runner.version":"18.3.0~pre.23.gb8a899e1","gitlab.ci.time.startedOn":"2025-09-04T15:27:10Z","gitlab.ci.user.name":"Clement Bois","tag":""}}]