Add notes about container signing now it's enabled again

[SgtCoDFish]

Also remove "skip-signing" from release process because, y'know, we don't want to skip signing any more 😁

[SgtCoDFish]

note: obviously this tag will fail right now because v1.8.0 hasn't been released, but I didn't want to put an alpha version here and it is clear from the text above that it's supported from v1.8.0 onwards

[netlify]

✅ Deploy Preview for cert-manager-website ready!

Name	Link
🔨 Latest commit	e5d0055
🔍 Latest deploy log	https://app.netlify.com/sites/cert-manager-website/deploys/623db1fa0e71dd0008eb117b
😎 Deploy Preview	https://deploy-preview-882--cert-manager-website.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site settings.

[irbekrm]

Thanks for documenting how to verify the signatures!

I ran the instructions against v1.8.0-alpha.0 images and all worked as expected:

irbe@workspace$ cosign verify --signature-digest-algorithm sha512 --key cert-manager-pubkey-2021-09-20.pem quay.io/jetstack/cert-manager-webhook:$IMAGE_TAG

Verification for quay.io/jetstack/cert-manager-webhook:v1.8.0-alpha.0 --
The following checks were performed on each of these signatures:
  - The cosign claims were validated
  - The signatures were verified against the specified public key

/lgtm

[jetstack-bot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: irbekrm, SgtCoDFish

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [SgtCoDFish,irbekrm]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[maelvls]

I haven't tested the commands. That sounds like a good improvement. Thanks!

/lgtm

[SgtCoDFish]

/retest