install cosign archive while booting the vm

[developer-guy]

We (w/@Dentrax) have added signing and verifying containers images by using cosign under the hood to nerdctl, please see. We call the cosign binary to sign and verify container images which means that we need to ensure that cosign binary is available in our environment. So, let's add cosign archive to the default configuration YAML file of the lima.

cc: @AkihiroSuda

[developer-guy]

I did some research about the issue. IMHO, we should add cosign binary to the nerdctl-full release¹. Because the code within the lima is using nerdctl-full release to extract binaries.².

As an alternative, we can make that code is more generic to install whatever we defined in []File slice.

Footnotes

1. https://github.com/containerd/nerdctl/blob/e7858835cb43a54aae10500e99a120db11180701/Dockerfile#L98 ↩

2. https://github.com/lima-vm/lima/blob/master/pkg/limayaml/defaults.go#L25 ↩