content trust: key-sign published docker images

[ES-Alexander]

We should look into keysigning our published Docker images using Docker's built in content trust tools.

Vehicles are valuable assets, and it's likely important for some of our users to be able to verify that the images they're installing are indeed unmodified from what we've published.

[ES-Alexander]

• Unsure of the relation to #2660