support sshkey of type `cert-authority`

[bwitt]

Use Case

I'd like to have this module add a cert-authority to the global known hosts file.

Describe the Solution You Would Like

This module could allow a sshkey of type cert-authority to populate a known_hosts entry like this:

sshkey { '*.example.com':
  ensure => present,
   type => '@cert-authority ssh-rsa',
   key => '<key>',

that would add an entry to the known hosts file

@cert-authority *.example.com ssh-rsa <key>

Describe Alternatives You've Considered

I cannot workaround this; if I add a cert-authority line manually, it leads to an error

Error: /Stage[main]/Ssh/Resources[sshkey]: Failed to generate additional resources using 'generate': Parameter type failed on Sshkey[@]: Invalid value "cert-authority@*". Valid values are ssh-dss, ssh-ed25519, ssh-rsa, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521, sk-ecdsa-sha2-nistp256@openssh.com, sk-ssh-ed25519@openssh.com.

Additional Context

[github-actions]

Migrated issue to PA-7903