[Ubuntu] Add PGP validation for swift (#8652)

images/linux/scripts/installers/swift.sh

@@ -15,6 +15,19 @@ swift_tar_name="swift-$swift_version-RELEASE-ubuntu$image_label.tar.gz"
 swift_tar_url="https://swift.org/builds/swift-$swift_version-release/ubuntu${image_label//./}/swift-$swift_version-RELEASE/$swift_tar_name"
 download_with_retries $swift_tar_url "/tmp" "$swift_tar_name"
 
+# Verifing pgp signature using official swift pgp key. Referring to https://www.swift.org/install/linux/#Installation-via-Tarball
+# Download swift pgp key
+download_with_retries "https://swift.org/keys/all-keys.asc" "/tmp" "all-keys.asc"
+# Import swift pgp key
+gpg --no-default-keyring --keyring swift --import /tmp/all-keys.asc
+# Download signature file
+download_with_retries "$swift_tar_url.sig" "/tmp" "$swift_tar_name.sig"
+# Verify signature
+gpg --no-default-keyring --keyring swift --verify "/tmp/$swift_tar_name.sig" "/tmp/$swift_tar_name"
+# Remove swift pgp public key with temporary keyring
+rm ~/.gnupg/swift
+
+
 tar xzf /tmp/$swift_tar_name
 
 SWIFT_INSTALL_ROOT="/usr/share/swift"