Consider more verbose error messages by default

[jeremyrickard]

What is the areas you would like to add the new feature to?

Notation CLI

Is your feature request related to a problem?

When verifying an image that doesn't match a trust policy, the default error message is not helpful or actionable:

$ notation verify upstream.azurecr.io/oss/fluxcd/flux@sha256:535bff4439d9fe727e72911e6a929548d9d256ac5f8f1c4c9f7cf5b6a82e3c18
Error: signature verification failed for all the signatures associated with upstream.azurecr.io/oss/fluxcd/flux@sha256:535bff4439d9fe727e72911e6a929548d9d256ac5f8f1c4c9f7cf5b6a82e3c18

Instead, the user needs to run with --debug or --verbose in order to determine how to resolve the issue:

notation verify upstream.azurecr.io/oss/fluxcd/flux@sha256:535bff4439d9fe727e72911e6a929548d9d256ac5f8f1c4c9f7cf5b6a82e3c18 --verbos
e
INFO Checking whether signature verification should be skipped or not
ERRO artifact "upstream.azurecr.io/oss/fluxcd/flux@sha256:535bff4439d9fe727e72911e6a929548d9d256ac5f8f1c4c9f7cf5b6a82e3c18" has no applicable trust policy
Error: signature verification failed for all the signatures associated with upstream.azurecr.io/oss/fluxcd/flux@sha256:535bff4439d9fe727e72911e6a929548d9d256ac5f8f1c4c9f7cf5b6a82e3c18

The ERRO message contains the informative error message and should be surfaced more readily to the user so they can fix their mistake with the trust policy.

What solution do you propose?

Make the default error messages more verbose without requiring the --verbose flag.

What alternatives have you considered?

None

Any additional context?

No response

[yizha1]

@patrickzheng200 could you take a look. /cc: @shizhMSFT

[patrickzheng200]

I'm working on this one, and it will be fixed in the upcoming release.