Open
Description
Is your feature request related to a problem? Please describe.
No
Describe the solution you'd like
As both, controller and injector potentially handle critical secrets, it would be great to validate the pulled images so one can be sure, there is no sideloaded image in use.
Could you therefore sign the container images?
A possible option would be to use cosign for that:
https://github.com/avisi-cloud/cosign-tutorial?tab=readme-ov-file#using-github-actions