InRelease file: support Signed-By field

https://wiki.debian.org/DebianRepository/Format#Signed-By says:
> **Signed-By**
> An optional field containing a comma separated list of
> OpenPGP key fingerprints to be used for validating
> the next Release file. The fingerprints must consist
> only of hex digits and may not contain spaces.
> The fingerprint specifies either the key the Release file
> must be signed with or the key the signature key must be
> a subkey of. The later match can be disabled by appending
> an exclamation mark to the fingerprint.
>
> If the field is present, a client should only accept future updates
> to the repository that are signed with keys listed in the field.
> The field should be ignored if the Valid-Until field is not present
> or if it is expired.

For both the CLI tools and JSON, the field is taken as a string verbatim.

When specified, we must also provide `Valid-Until` field,
and i'm not sure there is an 'infinity' value for it,
so 100 years will have to do?

Fixes https://github.com/aptly-dev/aptly/issues/1497

api/publish.go

@@ -168,6 +168,8 @@ type publishedRepoCreateParams struct {
 	SkipBz2 *bool `                               json:"SkipBz2"               example:"false"`
 	// Provide index files by hash
 	AcquireByHash *bool `                         json:"AcquireByHash"         example:"false"`
+	// An optional field containing a comma separated list of OpenPGP key fingerprints to be used for validating the next Release file.
+	SignedBy *string `                            json:"SignedBy"              example:""`
 	// Enable multiple packages with the same filename in different distributions
 	MultiDist *bool `                             json:"MultiDist"             example:"false"`
 }
@@ -341,6 +343,10 @@ func apiPublishRepoOrSnapshot(c *gin.Context) {
 			published.AcquireByHash = *b.AcquireByHash
 		}
 
+		if b.SignedBy != nil {
+			published.SignedBy = *b.SignedBy
+		}
+
 		duplicate := collection.CheckDuplicate(published)
 		if duplicate != nil {
 			_ = collectionFactory.PublishedRepoCollection().LoadComplete(duplicate, collectionFactory)
@@ -376,6 +382,8 @@ type publishedRepoUpdateSwitchParams struct {
 	Snapshots []sourceParams `                    json:"Snapshots"`
 	// Provide index files by hash
 	AcquireByHash *bool `                         json:"AcquireByHash"  example:"false"`
+	// An optional field containing a comma separated list of OpenPGP key fingerprints to be used for validating the next Release file
+	SignedBy *string `                            json:"SignedBy"  example:""`
 	// Enable multiple packages with the same filename in different distributions
 	MultiDist *bool `                             json:"MultiDist"      example:"false"`
 }
@@ -461,6 +469,10 @@ func apiPublishUpdateSwitch(c *gin.Context) {
 		published.AcquireByHash = *b.AcquireByHash
 	}
 
+	if b.SignedBy != nil {
+		published.SignedBy = *b.SignedBy
+	}
+
 	if b.MultiDist != nil {
 		published.MultiDist = *b.MultiDist
 	}
@@ -954,6 +966,8 @@ type publishedRepoUpdateParams struct {
 	SkipCleanup *bool `                           json:"SkipCleanup"     example:"false"`
 	// Provide index files by hash
 	AcquireByHash *bool `                         json:"AcquireByHash"   example:"false"`
+	// An optional field containing a comma separated list of OpenPGP key fingerprints to be used for validating the next Release file
+	SignedBy *string `                            json:"SignedBy"   example:""`
 	// Enable multiple packages with the same filename in different distributions
 	MultiDist *bool `                             json:"MultiDist"       example:"false"`
 }
@@ -1020,6 +1034,10 @@ func apiPublishUpdate(c *gin.Context) {
 		published.AcquireByHash = *b.AcquireByHash
 	}
 
+	if b.SignedBy != nil {
+		published.SignedBy = *b.SignedBy
+	}
+
 	if b.MultiDist != nil {
 		published.MultiDist = *b.MultiDist
 	}