set cosign-installer to use default (latest) cosign version

[aobort]

I'd proceed with using cosign in "keyless" mode, otherwise we'll also need to deal with key management. The root cause of cosign step failures was in rotated TUF root certs:

• Error: getting ctlog public keys: updating local metadata and targets: error updating to TUF remote mirror: invalid key sigstore/cosign#3614 (comment)
• https://blog.sigstore.dev/tuf-root-update/

What about adding verification how-to to README.md: I'd suggest to postpone it until next release, otherwise users might try to verify existing images which will lead to an error:

IMG=ghcr.io/aenix-io/etcd-operator:v0.2.0
cosign verify ${IMG} --certificate-identity-regexp '.*' --certificate-oidc-issuer=https://token.actions.githubusercontent.com
Error: no signatures found
main.go:69: error during command execution: no signatures found

Fixes: #60