fix: Regression in signature verification for git tags

[jannfis]

Fixes #7377

There was a regression not covered by tests when we changed passing the resolved commit SHA (instead of the symbolic reference) to verification routines, which resulted in trying to run git verify-tag on a commit SHA a tag was pointing to, instead of running against the tag.

Note on DCO:

If the DCO action in the integration test fails, one or more of your commits are not signed off. Please click on the Details link next to the DCO action for instructions on how to resolve this.

Checklist:

• Either (a) I've created an enhancement proposal and discussed it with the community, (b) this is a bug fix, or (c) this does not need to be in the release notes.
• The title of the PR states what changed and the related issues number (used for the release note).
• I've included "Closes [ISSUE #]" or "Fixes [ISSUE #]" in the description to automatically close the associated issue.
• I've updated both the CLI and UI to expose my feature, or I plan to submit a second PR with them.
• Does this PR require documentation updates?
• I've updated documentation as required by this PR.
• Optional. My organization is added to USERS.md.
• I have signed off all my commits as required by DCO
• I have written unit and/or e2e tests for my change. PRs without these are unlikely to be merged.
• My build is green (troubleshooting builds).

[codecov]

Codecov Report

❗ No coverage uploaded for pull request base (master@558140f). Click here to learn what that means.
Patch coverage: 100.00% of modified lines in pull request are covered.

Additional details and impacted files

@@            Coverage Diff            @@
##             master   #12797   +/-   ##
=========================================
  Coverage          ?   47.77%           
=========================================
  Files             ?      246           
  Lines             ?    41986           
  Branches          ?        0           
=========================================
  Hits              ?    20058           
  Misses            ?    19929           
  Partials          ?     1999           

Impacted Files	Coverage Δ
reposerver/repository/repository.go	60.51% <100.00%> (ø)

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

☔ View full report in Codecov by Sentry.
📢 Do you have feedback about the report comment? Let us know in this issue.

[crenshaw-dev]

/cherry-pick release-2.4

[crenshaw-dev]

/cherry-pick release-2.5

[crenshaw-dev]

/cherry-pick release-2.6

[jannfis]

@crenshaw-dev bump :)

[crenshaw-dev]

/cherry-pick release-2.7