Rego: add support for custom error/warning messages when evaluating rego rules

[hectorj2f]

Signed-off-by: Hector Fernandez [email protected]

Summary

This PR adds support for handling more complex evaluation rules in Rego. It enables to return custom warning or error messages following a new template:

package sigstore

isComplaint[response] {
   result := ( ... Rego logic evaluated here to a boolean ....) 
   
   errorMsg := "Your custom error message..."
   warnMsg := ""
   response :={
	"result" : result,
	"warnings" warnMsg,
	"errors" : errorMsg,
  }
}

closes: #2570

Release Note

Documentation

[codecov-commenter]

Codecov Report

Merging #2577 (b025afd) into main (7bbfea7) will increase coverage by 0.10%.
The diff coverage is 69.04%.

@@            Coverage Diff             @@
##             main    #2577      +/-   ##
==========================================
+ Coverage   30.05%   30.15%   +0.10%     
==========================================
  Files         141      141              
  Lines        8662     8688      +26     
==========================================
+ Hits         2603     2620      +17     
- Misses       5678     5684       +6     
- Partials      381      384       +3     

Impacted Files	Coverage Δ
pkg/cosign/rego/rego.go	68.96% <64.70%> (-2.01%)	⬇️
pkg/policy/eval.go	79.48% <87.50%> (+0.53%)	⬆️

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

[mattmoor]

Mostly nits, excited to play around this this!

Do we need to update any published docs to cover this?