Epic Goal

Why is this important?

apostille is a legacy, proprietary service based on Docker Content Trust and not used by many customers on quay.io
near zero experience with the service on current quay team- service is more of a liability than an asset at this point
apostille never onboarded to app interface and cost to do so is not worth the benefit the feature will provide
latest python3 code on quay.io has support for cosign media types which further reduces the need to support this as a signing solution for quay.io

notify quay.io customers that in 30 days the signing service will be shut down. this should have no impact on existing signed repositories but users will not be able to create signed repositories after this date.
disable the repository setting allowing users to specify a repository is signed.
shut down the apostille production VMs on EC2
decommission the 'quay' OSD v3 cluster

apostille as a service no longer runs on quay.io
apostille staging environment is decommissioned
The 'Signing' checkbox is disabled for all repositories on quay.io
A link is provided to quay documentation on how to use cosign- https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/use_red_hat_quay/oci-intro#cosign-oci-with-quay with some explanatory text that this is the preferred method of signing images now.

CI - CI is running, tests are automated and merged.
Release Enablement <link to Feature Enablement Presentation>
DEV - Upstream code and tests merged: <link to meaningful PR or GitHub Issue>
DEV - Upstream documentation merged: <link to meaningful PR or GitHub Issue>
DEV - Downstream build attached to advisory: <link to errata>
QE - Test plans in Polarion: <link or reference to Polarion>
QE - Automated tests merged: <link or reference to automated tests>
DOC - Downstream documentation merged: <link to meaningful PR>

relates to

PROJQUAY-507 Remove the dependency on SkyDNS + Lambda for indexing instances