Add securedrop-workstation-dom0-config-0.7.1

[gonzalo-bulnes]

Description

Name of package: securedrop-workstation-dom0-config-0.7.1

Test plan

• Confirm that not verifying the tag signature is OK. Tag in securedrop-workstation repository is correct: https://github.com/freedomofpress/securedrop-workstation/releases/tag/x.y.z
• Build logs are included: Add build logs for securedrop-workstation-dom0-config 0.7.1 build-logs#10
• CI is passing, the rpm is properly signed with the test key
• Unsigned RPM after running rpm --delsign on the signed RPM results in the checksum found in the build logs

[eaon]

After a bit of a longer journey into signing and verifying the dev-env only release for the workstation, @gonzalo-bulnes and I stumbled over something unfortunate but glad we stumbled now:

It looks as if our whole add signature/delete signature to reverify the RPM sha256sum does not work on bullseye anymore. It works on buster tho 😭 However, we consistently get the same hash for the package where the signature was removed once on Debian 11 and Fedora 36/37 - if we resign it and remove it again the sum changes once more but consistently (again … how weird is that). @gonzalo-bulnes and I think there's probably a deeper conversation about reproducible builds embedded in this, but we're OK with having it work in buster for this dev-env only type situation for now.

PS: the gpg argument order in the docs are wrong, --output … can't be the last argument. PR incoming for that one.