Replace dpkg-sig with debsign

Currently we use dpkg-sig to sign Debian packages:

% git grep dpkg-sig
ci/package:        dpkg-sig \
dockerfiles/ci/Dockerfile:    dpkg-sig createrepo-c rpm \
docs/install/linux-repository.md:The GitLab Runner project uses `dpkg-sig` tool for signing and verifying signatures on packages. This
docs/install/linux-repository.md:1. Install `dpkg-sig`
docs/install/linux-repository.md:    apt-get update && apt-get install dpkg-sig
docs/install/linux-repository.md:1. Verify downloaded package with `dpkg-sig`
docs/install/linux-repository.md:    dpkg-sig --verify gitlab-runner_amd64.deb
docs/install/linux-repository.md:    dpkg-sig --verify gitlab-runner_amd64.deb
docs/install/linux-repository.md:    dpkg-sig --verify gitlab-runner_amd64.v13.1.0.deb

However, Debian has removed this package in Debian bookworm (12): https://tracker.debian.org/pkg/dpkg-sig, https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1049449

https://blog.packagecloud.io/how-to-gpg-sign-and-verify-deb-packages-and-apt-repositories/ mentions debsign is the way to do this, as fpm does not support signing of Debian packages yet: https://github.com/jordansissel/fpm/issues/809

debsign can be installed via apt install devscripts.

Edited Oct 19, 2023 by Stan Hu