[enhancement]: Apt Keyring Location Should Be Configurable

[RiverHeart]

Enhancement

Cloud-init is very nice for bootstrapping a machine before running desired state utilities against it, in particular, repositories to ensure tooling is available before a script/program runs. For ongoing management of those repositories I'd like to standardize the location of the apt keys with ones I'll add outside of the purview of cloud-init. Right now, the apt module hard codes CLOUD_INIT_GPG_DIR to a special folder. For semi-trusted keyrings, there seems to be some consensus around placing them in /etc/apt/keyrings or /usr/share/keyrings.

cloud-init/cloudinit/config/cc_apt_configure.py

Line 34 in 9bac08a

CLOUD_INIT_GPG_DIR = "/etc/apt/cloud-init.gpg.d/"

I thought I might be able to specify the path to the key but looking at the source but it doesn't seem like it parses the source for signed-by. Just a binary choice between the special folder and trusted folder.

cloud-init/cloudinit/config/cc_apt_configure.py

Lines 1103 to 1105 in 9bac08a

	key_dir = (
	CLOUD_INIT_GPG_DIR if hardened else APT_TRUSTED_GPG_DIR
	)

Is there a technical reason for placing them in their own directory? It would be really nice if there were an apt::keyring_dir property to override the default value. :)