Add initial template windows signing flow (#2443)

Adds workflow signing Windows installers with
EV certificate from Azure Key Vault via
AzureSignTool

Adds CMake to sign Windows binaries as they're processed

Installs dotnet 8 as required by AST

Signed-off-by: John Parent <john.parent@kitware.com>

gpt4all-chat/cmake/Modules/SignMacOSBinaries.cmake

@@ -0,0 +1,3 @@
+function(install_sign_osx tgt)
+    install(CODE "execute_process(COMMAND codesign --options runtime --timestamp -s \"${MAC_SIGNING_IDENTITY}\" $<TARGET_FILE:${tgt}>)")
+endfunction()

gpt4all-chat/cmake/Modules/SignWindowsBinaries.cmake

@@ -0,0 +1,17 @@
+function(sign_target_windows tgt)
+    if(WIN32 AND GPT4ALL_SIGN_INSTALL)
+        add_custom_command(TARGET ${tgt}
+            POST_BUILD
+            COMMAND AzureSignTool.exe sign
+                -du "https://gpt4all.io/index.html"
+                -kvu https://gpt4all.vault.azure.net
+                -kvi "$Env{AZSignGUID}"
+                -kvs "$Env{AZSignPWD}"
+                -kvc "$Env{AZSignCertName}"
+                -kvt "$Env{AZSignTID}"
+                -tr http://timestamp.digicert.com
+                -v
+                $<TARGET_FILE:${tgt}>
+        )
+    endif()
+endfunction()