[Enhancement]: Publish the gpg coding signing keys used for maven central

[yogurtearl]

Module

All

Proposal

For security purposes, it would be great if you were able to publish the gpg keys that are "valid" for use when signing artifacts uploaded to maven central.

Ideally, this would be published to https://www.testcontainers.org/

recent versions of testcontainers jvm artifacts are signed with this key:
https://keyserver.ubuntu.com/pks/lookup?search=2655176f748fd83725b4805ff2a01147d830c125&fingerprint=on&op=index

Some examples of publishing keys:

https://square.github.io/okhttp/security/security/#verifying-artifacts

https://github.com/eclipse/jetty.project/blob/jetty-10.0.x/KEYS.txt
https://downloads.apache.org/commons/KEYS
https://downloads.apache.org/logging/KEYS

[Saimurugeshwari]

can i contribute this enhancement

[yogurtearl]

Looks like version 2.0.1 is signed with this key:

https://keyserver.ubuntu.com/pks/lookup?search=6E7F910017655622A899639EE7D88DB8427DE651&fingerprint=on&op=index

@eddumelendez was this change intentional? I didn't see anything listed in the release notes.

Would be helpful if the expected signing keys were listed somewhere in the git repo or in the docs.