diff --git a/key2rpmname b/key2rpmname
new file mode 100644
index 0000000..09bdf28
--- /dev/null
+++ b/key2rpmname
@@ -0,0 +1,13 @@
+#!/bin/bash
+function keyname() {
+	for key in "$@"; do
+		while read line; do
+			[ "${line:0:4}" = "pub:" ] || continue
+			IFS=: eval set -- "\$line"
+			keyid="${5:8}"
+			printf "gpg-pubkey-%s-%08x\n" "${keyid,,}" "$6"
+		done < <(gpg --with-colons --import-options show-only --import 2>/dev/null < "$key")
+	done
+}
+
+keyname "$@"
diff --git a/suse-build-key.changes b/suse-build-key.changes
index 79e0bd8..dc80c91 100644
--- a/suse-build-key.changes
+++ b/suse-build-key.changes
@@ -1,3 +1,13 @@
+-------------------------------------------------------------------
+Fri Jul 19 08:47:17 UTC 2024 - Marcus Meissner <meissner@suse.com>
+
+- make the per-project inclusion optional, default off.
+
+-------------------------------------------------------------------
+Thu Jul 18 12:13:36 UTC 2024 - Marcus Meissner <meissner@suse.com>
+
+- also include the GPG key from the current build project
+
 -------------------------------------------------------------------
 Thu Mar  7 10:19:49 UTC 2024 - Marcus Meissner <meissner@suse.com>
 
diff --git a/suse-build-key.spec b/suse-build-key.spec
index aa0fc0c..78f33ae 100644
--- a/suse-build-key.spec
+++ b/suse-build-key.spec
@@ -14,8 +14,11 @@
 
 # Please submit bugfixes or comments via https://bugs.opensuse.org/
 #
+# needspubkeyforbuild
 
 
+%bcond_with     build_key_include_prjkey
+
 Name:           suse-build-key
 BuildRequires:  gpg
 Provides:       build-key
@@ -25,6 +28,7 @@ Group:          System/Packages
 Version:        12.0
 Release:        0
 
+Source1000:     key2rpmname
 # pub  2048R/39DB7C82 2013-01-31 SuSE Package Signing Key <build@suse.de>
 # The main package signing key.
 Source0:        gpg-pubkey-39db7c82-5f68629b.asc
@@ -116,6 +120,16 @@ cp %SOURCE99 .
 %install
 rm -rf $RPM_BUILD_ROOT
 mkdir -p $RPM_BUILD_ROOT%{keydir}
+
+%if %{with build_key_include_prjkey}
+if [ -e "%_sourcedir/_pubkey" ]; then
+    name="$(sh %{SOURCE1000} %_sourcedir/_pubkey).asc"
+    if [ ! -e "%_sourcedir/$name" ]; then
+        install -D -m 644 %_sourcedir/_pubkey %{buildroot}%keydir/"$name"
+    fi
+fi
+%endif
+
 for i in %sources; do
     case "$i" in
         */gpg-pubkey-*.asc|*/*ptf*.asc)
@@ -123,6 +137,8 @@ for i in %sources; do
         ;;
     esac
 done
+
+
 %if 0%{?suse_version} &&  0%{?suse_version} < 1120
 install -m 755 %{SOURCE100} $RPM_BUILD_ROOT/usr/lib/rpm/gnupg
 %endif
@@ -144,14 +160,7 @@ install -c -m 644 %{SOURCE8} $RPM_BUILD_ROOT%{pemcontainerkeydir}/suse-container
 %if 0%{?suse_version} &&  0%{?suse_version} < 1120
 %attr(755,root,root) %{_prefix}/lib/rpm/gnupg/dumpsigs
 %endif
-%{keydir}/gpg-pubkey-50a3dd1c-50f35137.asc
-%{keydir}/gpg-pubkey-39db7c82-5f68629b.asc
-# SLES 11 key no longer added
-#{keydir}/gpg-pubkey-307e3d54-5aaa90a5.asc
-%{keydir}/gpg-pubkey-09d9ea69-645b99ce.asc
-%{keydir}/gpg-pubkey-3fa1d6ce-63c9481c.asc
-%{keydir}/gpg-pubkey-73f03759-626bd414.asc
-%{keydir}/gpg-pubkey-25db7ae0-645bae34.asc
+%{keydir}/gpg-pubkey-*.asc
 %{keydir}/suse_ptf_4096_key.asc
 %{keydir}/suse_ptf_key.asc
 %{containerkeydir}/suse-container-key.asc