Provide gpg signature files with uploaded artifacts

Description

The current set of jar's uploaded to maven central doesn't have corresponding .asc signature files.

This makes it hard to automatically verify that noone managed to inject malicious code when we download the files.

Environment

None

Status

Assignee

Unassigned

Reporter

alexanderk

Labels

None

Worked in

None

Feedback Requested

None

Feedback Requested By

None

backPortable

None

Community Help Wanted

None

Suitable for new contributors

None

Requires Release Note

None

Pull Request

None

backportDecision

None

backportReEvaluate

None

Fix versions

Priority

Major