Create detached signature for tarball

Create a new detached signature of the entire tarball. This file will be uploaded to S3 beside the tarball.

PGP signature of reports archive (Maybe an x509 signature if we get an appropriate key to use instead)