examples/verify.yaml has incorrect certificateIdentity

[infernus01]

Description

The examples/verify.yaml specifies a certificateIdentity that doesn't match the actual signer of the demo model referenced in examples/prepare.yaml. This causes model verification to fail out of the box when following the examples.

Current Behavior

examples/verify.yaml contains:

sigstoreConfig:
     certificateIdentity: "https://github.com/sigstore/model-validation-operator/.github/workflows/sign-model.yaml@refs/tags/v0.0.2"

But as per the error message, the model downloaded via examples/prepare.yaml (from the OSS NA24 SLSA Workshop) was actually signed by:
https://github.com/miyunari/model-validation-controller/.github/workflows/sign-model.yaml@refs/tags/v0.0.2

Error Message

When running the verification, the init container fails with:

Verification failed with error: Certificate's SANs do not match https://github.com/sigstore/model-validation-operator/.github/workflows/sign-model.yaml@refs/tags/v0.0.2; actual SANs: {'https://github.com/miyunari/model-validation-controller/.github/workflows/sign-model.yaml@refs/tags/v0.0.2'}

Version

-> kubectl get -n model-validation-operator-test deploy/model-validation-controller-manager -o jsonpath='{.spec.template.spec.containers[0].env[?(@.name=="MODEL_TRANSPARENCY_CLI_IMAGE")].value}' 

ghcr.io/sigstore/model-transparency-cli:latest%    

-> cosign version                                                 

GitVersion:    v3.0.3
GitCommit:     3f32cea203c59a93323a6bebfebff03417520143
GitTreeState:  "clean"
BuildDate:     2025-12-10T00:02:23Z
GoVersion:     go1.25.5
Compiler:      gc
Platform:      darwin/arm64

[knrc]

@infernus01 thanks very much for reporting this, I think we will need to update the examples to use a new version and do another release of the signed model so we use the workflow from the sigstore repo. I've asked the others about planning for this.

[miyunari]

Thats correct. We maybe can just do a minior version bump. Let me look into this.