Inject signing-key as String

[TimKnight-DWP]

We are trying to use melange build within Gitlab-CI, currently we will be pulling a secure key from a secret manager and storing it in a .rsa file during the job run, but are having to put a lot of steps in to ensure a user could not cat out the contents of the rsa file into the logs and see the key.

If we could pass the signing-key as a string, we could use something like a Masked value within Gitlab which would prevent the value being printed out in the logs.

For example that would look like

melange build --signing-key ${PRIVATE_KEY_STRING} melange.yaml