Also disable secureboot signing by default, and explicitly enable it in the CI. This makes local builds easier, where you dont have the secureboot CA available. Signed-off-by: Dorian Stoll <dorian.stoll@tmsp.io>
Signed-off-by: Dorian Stoll <dorian.stoll@tmsp.io>