I just wrote an article using Kyverno policies to ensure only trusted images are used to deploy applications.
https://gmontalvoy.com/2023/04/06/security-supply-chain-through-image-verification-and-signature-in-kubernetes/