Use Keyless Signing for All Artifacts Produced by common-ci-tasks

Keyless signing allows for software artefacts to be signed through an OIDC-like process, without the need for Public/Private keys.

Some examples of how this works are available in GitLab docs: https://docs.gitlab.com/ee/ci/yaml/signing_examples.html

This greatly reduces the overhead of maintaining software signatures.

We should ensure that all artifacts produced by common-ci-tasks are automatically signed with Sigstore.

This should not be configurable, rather always on.

Artifacts signed include:

1. Docker images: https://gitlab.com/gitlab-com/gl-infra/common-ci-tasks/-/blob/main/docker.md / !671 (merged)
2. Goreleaser docker images: !682 (merged)
3. Goreleaser binary artifacts: !682 (merged)

cc @plafoucriere