Release engineering is migrating scap deployment from a Debian package to scap T303559
On the Beta-Cluster-Infrastructure we would need a keyholder entry in order to deploy scap with scap. Production has:
ssh::userkey { 'scap': content => secret('keyholder/scap.pub'), }