factor out keyless verification certificate loading function

[dmitris]

Summary

Factor out the code loading certificates for keyless verification (from a certificate chain, provided roots / intermediate or from Fulcio) into a helper function loadCertsKeylessVerification. This reduces the size of the long method VerifyCommand.Exec (from the current 252 to 206 lines), helps with unit testing, and will later allow the same logic and helper function to be shared and called from verify_attestation.go, verify_blob.go etc. (related to #3759).

The helper function has a corresponding unit test, the est coverage in the cmd/cosign/cli/verify is increased from 38.2% of statements in the trunk version to 42.6%.

Release Note

NONE

Documentation

n/a - no updates needed

[codecov]

Codecov Report

Attention: Patch coverage is 89.79592% with 5 lines in your changes missing coverage. Please review.

Project coverage is 37.08%. Comparing base (2ef6022) to head (a8a7341).
Report is 151 commits behind head on main.

Files	Patch %	Lines
cmd/cosign/cli/verify/verify.go	89.79%	4 Missing and 1 partial ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #3762      +/-   ##
==========================================
- Coverage   40.10%   37.08%   -3.03%     
==========================================
  Files         155      200      +45     
  Lines       10044    12289    +2245     
==========================================
+ Hits         4028     4557     +529     
- Misses       5530     7182    +1652     
- Partials      486      550      +64     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[haydentherapper]

Thanks! Can you rebase, that'll fix the failing CI

[dmitris]

Thanks! Can you rebase, that'll fix the failing CI

done, CI 🟢

[cpanato]

thanks