update cosign signing config to support cosign v3

[amirejaz]

This PR updates the GoReleaser signing configuration to be compatible with cosign v3.

Why

Cosign v3 requires the --bundle flag when using --output-signature or keyless signing. Without it, the release workflow fails with:

[Copilot]

Pull Request Overview

Updates GoReleaser configuration to ensure compatibility with cosign v3 by adding the required --bundle flag to the signing configuration. This prevents release workflow failures that occur when using cosign v3 without proper bundle configuration.

• Added --bundle=${signature} flag to cosign signing arguments for v3 compatibility

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 55.46%. Comparing base (dc11d30) to head (3bc9a8b).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #2246   +/-   ##
=======================================
  Coverage   55.45%   55.46%           
=======================================
  Files         285      285           
  Lines       26770    26770           
=======================================
+ Hits        14845    14847    +2     
+ Misses      10562    10560    -2     
  Partials     1363     1363           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.