Story #9510

Updated by about 1 month ago

Signatures that were:
* mirrored from remote source
* produced by Pulp Container Registry
* pushed into Pulp Container Registry by clients
will be stored and hosted at ``

Add new Signature model which will have many to one relationship to the Manifest.
On manifest deletion, it's signatures will be also removed.

**Q:** store the signature in the DB ( it is a json file) or as an artifact?
**Q:** store the signature as manifests part of docker v2 api ( make it cosign like, but skopeo/podman do not support that yet)