In the Notation Verify action, users have to manually configure the trust policy and trust store in the workflow file and store the trustpolicy.json and public certificate in the GitHub repository or other shared place.

This is cumbersome for CI/CD users. I think we should be able to simplify the trust policy and trust store setup for notation verify action if these three enhancements are supported by Notation:

• notaryproject/notation#631
• notaryproject/notation#653

The ultimate experience would be execute notation verify actions only without additional trust policy and trust store configuration in separate steps.