Add pipeline tooling for signing tool

[zmrow]

Issue #, if available:
Related to #592 and #608

Description of changes:

• Add the buildspec for the "signing" stage in the pipeline
• Update the Dockerfile for the "builder" container to include the signing tool
• Include a wrapper script for the signing tool
• Update the Makefile to build with the root of the Thar repo as its base context.

Testing done:
Once the container finishes building I can test the tooling.

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

[zmrow]

Renamed the wrapper script with skewers to be more uniform with the rest of the tooling.

[jahkeup]

Couple of things that'll keep the wrapper from running, let's get that fixed and get rolling

[zmrow]

Address @etungsten and @jahkeup 's comments

[jahkeup]

I'd prefer that we didn't bundle the builder environment work in the base stage, can we move that to a different stage? I left an example of what I mean and one way that this could be done in the review comments.

[zmrow]

Updated the Dockerfile per @jahkeup and fix the type in sign-tuf-repo

[jahkeup]

I'd like to expand the indirection handling in the wrapper to make it clearer at higher level "call sites" that we're passing a variable name down into the build. This also gives us a chance to add some quick checks too that can be caught before entering the signing code.

[zmrow]

Address @jahkeup 's comments!

[jahkeup]

LGTM! Let's get this built into the container and tested in the pipeline!

[jahkeup]

@zmrow Github thinks you need to rebase/merge Dockerfile.builder, can you take a look and see what's going on there?