signingconfig to support named ambient credential providers?

Excluding the ambient credential providers creates a sort of gap between the signingconfig and what is actually used for signing.

I imagine we could just have an ENUM (or maybe string list of supported ambient credential providers to be more flexible) for stuff like "github", "gcp", "gitlab", whatever.

