[signer] Create initial sketch for signing container

Create and publish a container to perform image signing and other
post-processing tasks.

Signed-off-by: Michael Brown <mbrown@fensystems.co.uk>

Author: mcb30

.github/workflows/signer.yml

@@ -0,0 +1,42 @@
+name: Signer
+
+on:
+  push:
+    paths:
+      - '.github/workflows/signer.yml'
+      - 'signer/**'
+      - '!signer/*.md'
+  workflow_dispatch:
+
+jobs:
+
+  build:
+    name: Build
+    runs-on: ubuntu-latest
+    env:
+      pkgname: ipxe-signer
+      reponame: ghcr.io/${{ github.repository_owner }}
+      label: ${{ github.ref_name == 'master' && 'latest' || github.ref_name }}
+    steps:
+
+      - name: Check out code
+        uses: actions/checkout@v6
+
+      - name: Login
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Set up builder
+        uses: docker/setup-buildx-action@v3
+
+      - name: Build
+        uses: docker/build-push-action@v6
+        with:
+          context: signer
+          push: true
+          tags: |
+            ${{ env.reponame }}/${{ env.pkgname }}:draft-${{ github.sha }}
+            ${{ env.reponame }}/${{ env.pkgname }}:${{ env.label }}

signer/Dockerfile

@@ -0,0 +1,22 @@
+ARG FEDORA=latest
+
+#
+# Signing toolchain
+#
+
+FROM fedora:${FEDORA} AS signer
+
+RUN dnf update -y \
+    && dnf install -y \
+	genisoimage \
+	mtools \
+	opensc \
+	osslsigncode \
+	syslinux \
+    && dnf clean all -y
+
+#
+# Specify the default target
+#
+
+FROM signer AS default