Description of problem:

Submariner addon is failing EC.

✕ [Violation] tasks.required_untrusted_task_found
  ImageRef: quay.io/redhat-user-workloads/crt-redhat-acm-tenant/submariner-addon-acm-212@sha256:d4cd9290ac18126fade8ae08053da2b86c7609cc8bce6ee3dd419df3bf8fe73c
  Reason: Required task "rpms-signature-scan" is required and present but not from a trusted task
  Term: rpms-signature-scan
  Title: All required tasks are from trusted tasks
  Description: Ensure that the all required tasks are resolved from trusted tasks. To exclude this rule add
  "tasks.required_untrusted_task_found:rpms-signature-scan" to the `exclude` section of the policy configuration.
  Solution: Make sure all required tasks in the build pipeline are resolved from trusted tasks.

Failures also exist in:

• submariner-addon-acm-213
• submariner-addon-acm-215
• submariner-addon-acm-211

Adopt the common pipeline to help reduce the risk of these issues:

https://issues.redhat.com/browse/ACM-25779

Plus, see the PRs Dale proposed in slack.

ACM 2.12 needs to be fixed because release prep is underway. 

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:

1.  
2.  
3. ...

Actual results:

Expected results:

Additional info: