feat: Add support for Notation signature media type

Relates to issue #2114 (closed)

Changes

This MR adds support for the Notation signature media type application/vnd.cncf.notary.signature to the GitLab Container Registry, enabling users to sign container images using AWS Signer via the CNCF Notary Project.

Database Migration

File: registry/datastore/migrations/premigrations/20260211000000_add_notation_signature_media_type.go

• Created a new database migration following the established pattern
• Used the idempotent INSERT ... EXCEPT SELECT pattern from the WASM media types migration
• Followed the package/imports structure from the Cosign v3 migration
• Includes both Up and Down migration paths for safe rollback capability

Documentation Update

File: docs/supported-media-types.md

• Added application/vnd.cncf.notary.signature to the supported media types list
• Inserted at line 82, between application/vnd.cncf.openpolicyagent.config.v1+json and application/vnd.cncf.helm.config.v1+json
• Maintained alphabetical descending order as required

Expected Outcome

After deploying these changes:

1. ✅ The registry will accept manifests with the application/vnd.cncf.notary.signature media type
2. ✅ Users can successfully sign container images using AWS Signer via Notation
3. ✅ The media type is properly documented and discoverable
4. ✅ The database migration is idempotent and safe for production deployment

This eliminates the "manifest invalid: unknown media type: application/vnd.cncf.notary.signature" error and enables AWS Signer integration via the CNCF Notary Project.