Add ensure_fedora_gpgkey_installed to Fedora CIS

Author: jan-cerny

controls/cis_fedora.yml

@@ -369,9 +369,14 @@ controls:
       levels:
           - l1_server
           - l1_workstation
-      status: manual
-      related_rules:
+      status: partial
+      rules:
           - ensure_fedora_gpgkey_installed
+      notes: >
+        In CIS Benchmark, the requirement is manual, because of GPG keys for 3rd party repositories.
+        But, add the rule ensure_fedora_gpgkey_installed to the profile because the requirement 1.2.1.2
+        adds ensure_gpgcheck_globally_activated which requires GPG key checking. If the Fedora
+        GPG key wouldn't be installed, people won't be able to install any RPM package using dnf.
 
     - id: 1.2.1.2
       title: Ensure gpgcheck is configured (Automated)