Goal:

Expose path to, and allow unauthenticated downloading of gpg key.  This allows clients to fetch the key easily.  

Acceptance Criteria:

• Support some path:  /api/content-sources/v1.0/repositories/$UUID/gpg_key  to return the contents of the gpg key as a file (not json)
• This api shouldn't require authenciation, something like this may work in deployment.yaml:
            webServices:
              public:
                enabled: true
                apiPath: content-sources
                whitelistPaths: /api/content-sources/v*/repositories/*/gpg_key
• This api should still be documented via our openapi schema, you can use @produce plain  to dictate the type of content being returned: https://github.com/swaggo/swag#general-api-info  https://github.com/swaggo/swag#mime-types
• The repo_config api should be updated to include this (and set repo_gpgcheck appropriately):

[$LABEL]
name=$REPO_NAME
baseurl=$SNAPSHOT_URL
gpgcheck=1
repo_gpgcheck=1
enabled=1
gpgkey=https://$CONSOLE_URL//api/content-sources/v1.0/repositories/$UUID/gpg_key 

Uncertainty:  How do we get $CONSOLE_URL from our backend.  You can probably examine the incoming request to see what host it was requested with.