feat: add vulnerability report verifier to helm chart

[akashsinghal]

Description

What this PR does / why we need it:

• Adds vuln report verifier template to verifier.yaml
• Adds values associated to values.yaml
• Updates helm chart doc with new values

Which issue(s) this PR fixes (optional, using fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when the PR gets merged):

Fixes #

Type of change

Please delete options that are not relevant.

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Helm Chart Change (any edit/addition/update that is necessary for changes merged to the main branch)
• This change requires a documentation update

How Has This Been Tested?

Please describe the tests that you ran to verify your changes. Please also list any relevant details for your test configuration

• Test A
• Test B

Checklist:

• Does the affected code have corresponding tests?
• Are the changes documented, not just with inline documentation, but also with conceptual documentation such as an overview of a new feature, or task-based documentation like a tutorial? Consider if this change should be announced on your project blog.
• Does this introduce breaking changes that would require an announcement or bumping the major version?
• Do all new files have appropriate license header?

Post Merge Requirements

• MAINTAINERS: manually trigger the "Publish Package" workflow after merging any PR that indicates Helm Chart Change

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (bc61ec1) 54.46% compared to head (5ddaf00) 54.67%.
Report is 1 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #1196      +/-   ##
==========================================
+ Coverage   54.46%   54.67%   +0.21%     
==========================================
  Files         103       85      -18     
  Lines        6696     5657    -1039     
==========================================
- Hits         3647     3093     -554     
+ Misses       2722     2307     -415     
+ Partials      327      257      -70     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[binbin-li]

lgtm

[binbin-li]

wonder if we should add a sample CR under config directory? And what about the CLI case?

[akashsinghal]

wonder if we should add a sample CR under config directory? And what about the CLI case?

I added a couple CR samples under config directory here: https://github.com/deislabs/ratify/blob/main/config/samples/config_v1beta1_verifier_vulnerabilityreport.yaml. They are used by e2e tests. For CLI there's also one used by bats test like the other verifiers here: https://github.com/deislabs/ratify/blob/main/test/bats/tests/config/vulnerabilityreport_config.json.

I can update the config.json file to add the vulnerability report verifier though.

[binbin-li]

lgtm