Signingscript

Added
- `README.md` is now checked in. Generate `README.rst` via pandoc.

Changed
- update the READMEs to describe how the new `validate_artifact_url` calls change testing.
- `scriptworker.client.validate_task_schema` -> `scriptworker.client.validate_json_schema`

Fixed
- `valid_artifact_regexes` should be spelled `valid_artifact_path_regexes`. fixed.

Changed
- `unsignedArtifacts` URLs will now be verified as valid TaskCluster artifact URLs for dependent tasks by default.
- tests no longer use nosetest syntax; they've been all ported to pytest syntax.

Fixed
- multiple `unsignedArtifacts` with different paths but the same filenames will no longer clobber each other.

Changed
- moved signingscript.worker functions into signingscript.task

Fixed
- `download_files` now uses the standard SSL trusted CAs.

Fixed
- bustage fix - import error, list.keys() error. someday we'll have 100% coverage

Added

- documented how to test signingscript in `README.rst`.

Changed

- switched from `task.payload.signingManifest` to `task.payload.unsignedArtifacts`.

Removed

- cleaned up the old CONTRIBUTING.rst and nix files.

Changed

- moved repo to github.com/mozilla-releng/signingscript

Fixed

- fixed non-gpg signing - don't always expect an .asc file