extra apt sources: handle signing keys

currently Debci::ExtraAptSource has a signing_key attribute, but it's not used for anything.

This should be a full armored gpg public key (example at the end)
Before running autopkgtest, it should be written to a file, and copied inside the testbed using autopkgtest --copy option to /etc/apt/trusted.gpg.d/SOMENAME.asc inside the testbed.

example of extra_apt_sources_list.yaml with signing key:

some_external_repo:
  entry: https://somewhere.com/debian unstable main
  signing_key: |
    -----BEGIN PGP PUBLIC KEY BLOCK-----
    mQINBEo1mTQBEAD29YIKM0hM2IsB+TzBOpQja6h5hJ1gVeP7IWhC8E11jwaaoP1K
    SXESKFMVPt0es0aCSDftm5TVTvLl08MG9fZBFT8pERfkWTEWWhY1MJ28sV8PRBHf
    hN0mv5aduvgVx32+aCD0mWhI/3XHObf6c/X9WMwEaH+6A9UFiXRCyflra9YOfHU
    inXj5aYllc2UNiNxPhJ5sQTv97hdVbb/dFa+t9A2LFgPADbwUW+ShJN8zGR3XMne
    lXTcOgPhBadiNPPi8PztfOgcUk/NqZ5H4i0cXXbZB6leWcGMMMiWNexapgea/Hvp
    aXT2kSIug7OySFXM4nhM4xGo426+r9QHx1dzndHP5AW+WRuJmi3hMEdj22ifIFrV
    XtwovTb6/R2nG7WLVSHKg1AuFvIfG1RrTaVUVMcXVGX83CB2qKjfMHFRyMKUxoK7
    cZZkgD+sst47L+P3MlrRPfuB6selEySIrcwXTxFiuhLf74Zc8AZZeOi5ae2GObGr
    b40wIT4HpJZO9M2YfZkMcnFsAqB8D4tPz9OjXiZdqNrXBMKJo0nsOFsYqkOCpnXP
    ic4HQvmEaEWzNuPlWFH54AQf3zAWMoawLXOfgAOYAc8gf1dxYOTMJEBIplBBj8ch
    ...
    -----END PGP PUBLIC KEY BLOCK-----

Edited Sep 23, 2021 by Antonio Terceiro