Dockerfile: copy keys and verify-install.sh

These were missing from the constructed image, so a recommended
verification method in our docs didn't work. Now

  $ docker run --rm --entrypoint="" \
      "$IMAGE" /verify-install.sh "$TAG"

will run the verification script on the binaries in the image, as
expected.

Author: jtobin

Dockerfile

@@ -39,6 +39,14 @@ RUN apk --no-cache add \
 COPY --from=builder /go/bin/tapcli /bin/
 COPY --from=builder /go/bin/tapd /bin/
 
+# Copy the verification script and keys for signature verification.
+COPY --from=builder \
+  /go/src/github.com/lightninglabs/taproot-assets/scripts/verify-install.sh \
+  /verify-install.sh
+COPY --from=builder \
+  /go/src/github.com/lightninglabs/taproot-assets/scripts/keys \
+  /keys
+
 # Store the SHA256 hash of the binaries that were just produced for later
 # verification.
 RUN sha256sum /bin/tapd /bin/tapcli > /shasums.txt \