Add support for validating detached artifact signatures when provisioning servers using channels.

Channel definitions need to support gpg-check and gpg-urls properties. The former requires all artifacts to be verified, the latter provides an optional list of gpg public keys that should be trusted to verify artifacts.

The plugin configuration should also support fields keyserver-urls and trusted-keyring. The former defines a list of public keyservers that can be queried for public keys, the latter a location of local GPG keyriing.