ci: harden elements GPG key import in install_noded.sh

[al-munazzim]

Summary

This PR fixes a deterministic CI bootstrap failure in the shared Install elementsd step (tests/install_noded.sh --elements binary).

In failing runs, GPG verification of elements/SHA256SUMS.asc failed with NO_PUBKEY 2F2A88D7F8D68E87, which caused all three test jobs (test, extension-smoketest, cypress) to fail before executing project tests.

Root cause

gpg_verify_sums() imported from keys.openpgp.org first and continued on success, skipping ubuntu keyserver fallback. In some runs this led to incomplete key material for older signatures/subkeys, so no trusted VALIDSIG was found.

Change

• Import release keys from both sources (keys.openpgp.org and keyserver.ubuntu.com) instead of short-circuiting after the first import.
• Count a key as imported only if the key exists in the local keyring after attempts.

Security posture is unchanged: verification still requires VALIDSIG for the pinned trusted primary fingerprint and still enforces committed SHA256 trust anchors.

Validation

• bash -n tests/install_noded.sh
• Local run: ./tests/install_noded.sh --debug --elements binary
  • confirms GOODSIG 2F2A88... + VALIDSIG ... 8CC974...
  • completes elementsd install successfully

Expected impact

Once merged, rerunning PR #2620 should no longer fail in Install elementsd due to this key-import path.

[netlify]

✅ Deploy Preview for specter-desktop-docs canceled.

Name	Link
🔨 Latest commit	6c46ad5
🔍 Latest deploy log	https://app.netlify.com/projects/specter-desktop-docs/deploys/6a01a17eba840800084ca3cc

[Copilot]

Copilot encountered an error and was unable to review this pull request. You can try again by re-requesting a review.

[Copilot]

Pull request overview

Copilot reviewed 1 out of 1 changed files in this pull request and generated no new comments.