fix(follow): pass full repo+sha to the signature verification function

[LucaGuerra]

What type of PR is this?

Uncomment one (or more) /kind <> lines:

/kind bug

Any specific area of the project related to this PR?

Uncomment one (or more) /area <> lines:

/area library

What this PR does / why we need it:

When following a signed artifact the image ref for signing was incorrect and only contained the hash as in the following log

 INFO   (ghcr.io/falcosecurity/rules/falco-rules:1) fetching descriptor from remote repository...
 INFO   (ghcr.io/falcosecurity/rules/falco-rules:1) descriptor correctly fetched
 INFO   (ghcr.io/falcosecurity/rules/falco-rules:1) found new version under tag "1"
 INFO   (ghcr.io/falcosecurity/rules/falco-rules:1) pulling artifact from remote repository...
 INFO   (ghcr.io/falcosecurity/rules/falco-rules:1) check if pulling an allowed type of artifact
 INFO   (ghcr.io/falcosecurity/rules/falco-rules:1) pulling artifact "ghcr.io/falcosecurity/rules/falco-rules:1"
 INFO   (ghcr.io/falcosecurity/rules/falco-rules:1) verifying signature
 ERRO   (ghcr.io/falcosecurity/rules/falco-rules:1) an error occurred while pulling artifact from remote repository: could not verify signature for sha256:1b155a3d8df89493f38c7b13ef8d411c9b87b562ef99dd2731f45aa000e0f60d: GET https://index.docker.io/v2/library/sha256/manifests/1b155a3d8df89493f38c7b13ef8d411c9b87b562ef99dd2731f45aa000e0f60d: UNAUTHORIZED: authentication required; [map[Action:pull Class: Name:library/sha256 Type:repository]]

This PR fixes it so that it correctly shows as registry+repo@hash (e.g. ghcr.io/falcosecurity/rules/falco-rules@sha256:1b155a3d8df89493f38c7b13ef8d411c9b87b562ef99dd2731f45aa000e0f60d)

Which issue(s) this PR fixes:

Fixes #

Special notes for your reviewer:

[alacuku]

/LGTM

[poiana]

LGTM label has been added.

Git tree hash: 186bc7108fa518fef0e628155e5e476611202708

[FedeDP]

/approve

[poiana]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: alacuku, FedeDP, LucaGuerra

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [FedeDP]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[LucaGuerra]

Seems like there's a required test failing. I'll investigate.

[LucaGuerra]

P.S.: the failure was transient (does not even reproduce locally)