require environment variables for cosign object

Description

cosign objects will require the following CI variables to be present which will allow us to move away from the hard-coded paths in GitLab:

KMS_KEY_SHORT_ARN
COSIGN_CERT
COSIGN_PUBLIC_CERT
COSIGN_PUBLIC_KEY
COSIGN_CERTIFICATE_CHAIN

Risk

If the variables aren't added to GitLab CI vars then there can be resultant failures in image verification and signing.

Rollback Plan

Roll forward with the fix identified, or roll back to prior commit

Testing

Tested in IL5 production: ubi9-il5-test, downstream-test projects additionally tested in IL2 prod w/cds edge-case: https://repo1.dso.mil/dsop/ironbank-pipelines/pipelines-runner-dev/-/pipelines/2988421