Extend OCI layout image metadata with annotations

[jiparis]

In #2507 Chainloop got CONTAINER_IMAGE materials coming from local OCI layouts.
In some cases, depending on the tool used, there might be some metadata that suits into current CONTAINER_IMAGE Chainloop annotations. These are the ones generated from remote OCI registries:

      {
        "annotations": {
          "chainloop.material.image.is_latest_tag": true,
          "chainloop.material.image.tag": "latest",
          "chainloop.material.name": "my-image",
          "chainloop.material.signature": "...",
          "chainloop.material.signature.digest": "sha256:ebc5cd84e4895662e4b7a21b5f4d2e2656f1558e469a1ececea3804976b7b8d6",
          "chainloop.material.signature.provider": "cosign",
          "chainloop.material.type": "CONTAINER_IMAGE"
        },
        "digest": {
          "sha256": "fa6d9058c3d65a33ff565c0e35172f2d99e76fbf8358d91ffaa2208eff2be400"
        },
        "name": "ghcr.io/chainloop-dev/chainloop/control-plane"
      }

and these from local OCI layouts:

{
        "annotations": {
          "chainloop.material.image.is_latest_tag": false,
          "chainloop.material.name": "material-1762196633776738000",
          "chainloop.material.type": "CONTAINER_IMAGE"
        },
        "digest": {
          "sha256": "a5303ef28a4bd9b6e06aa92c07831dd151ac64172695971226bdba4a11fc1b88"
        },
        "name": "oci-layout:v1.51.0"
      },

At least chainloop.material.image.tag is a good candidate to store the value of org.opencontainers.image.ref.name if present in the OCI layout manifest. I'd also suggest store an additional chainloop.material.image.format denoting the source image format (OCI, OCI_LAYOUT).

[migmartri]

@JeffResc do you think you could take a look at this follow up?

Thanks!