same signing key for OTA update ZIP build of Privileged Extension

I'm just wrapping up support for building the "OTA" (Over-The-Air) update.zip build of F-Droid Privileged Extension which allows people to directly flash the Privileged Extension onto their device. This is the only way to install it on Android 5 and newer (the root method only works on older releases). Since this build is really just the same APK as the regular build of org.fdroid.fdroid.privileged, it should be signed by the same key. If it was easy to do on the keyserver side, @CiaranG, could you just import the same key for this job?

Or maybe a different approach makes more sense. F-Droid should be able to build generic OTA update.zip files, for example for microg.org or other free software things meant to be system apps. But for Privileged Extension at least, it would be possible to make the job just download the release APK from the org.fdroid.fdroid.privileged build, and include that. I've been thinking that for each thing f-droid.org distributes, it should be built entirely from source, hence the approach of building the APK as part of gradle updateZipRelease.