Add optional commit signing and post-processor max_idle

[BowTiedRadone]

Summary

This PR adds support for optional SSH commit signing via git_user.signing_key and post-processor-specific max_idle, inheriting top-level by default. These are features that help end-to-end automation needs encountered in our personal real world setup at Stacks.

Changes

• launch.sh: Parse signing_key with $VAR/~ expansion, mount into container. Parse post_process.max_idle with fallback to top-level max_idle.
• lib/harness.sh: Enable gpg.format ssh and commit.gpgsign true when /etc/swarm/signing_key exists; disable signing otherwise.
• Dockerfile: Add openssh-client for SSH signing support.
• README.md, USAGE.md: Document both features.
• tests/test_config.sh: Signing key parsing, pp max_idle default/explicit/inheritance, kitchen-sink coverage.
• tests/test_harness.sh: Rewrite signing test to exercise actual file-existence check.
• tests/test_launch.sh: pp max_idle parsing, fix bare-repo test commits to disable signing via repo config.

Test plan

• ./tests/test.sh --unit (932 tests pass)

[BowTiedRadone]

Due to very limited bandwidth lately, I have included both features in a single PR. Can happily separate, but it will take some more time.

[moodmosaic]

Thank you! 🚀 I'll look into it once I get #61 merged. 🙏

---

Due to very limited bandwidth lately, I have included both features in a single PR. Can happily separate, but it will take some more time.

That's OK(-ish) since the commits are well-crafted and autonomous.