Allow `buildkite-agent` to run a job when JWK is unavailable but failure behaviour is set to `warn`

[CheeseStick]

Context

Recently, while working on an agent migration plan, I noticed that the agent without JWK configuration is not compatible with an agent with JWK, even when the failure behaviour is set to warn.

Because the agent that started with the JWK configuration adds a job signature to the pipeline's job when it uploads, a requested job can fail if it lands on the agent that doesn't have a JWK key configuration.

Changes

This PR updates a job runner not to reject a signed job when JWK is not configured and verification-failure-behaviour is set to warn. It also adds a new error, SignalReasonUnableToVerifySignature, to the job runner so the misconfiguration can be monitored.

Testing

• [x] Tests have run locally (with go test ./...). Buildkite employees may check this if the pipeline has run automatically.
• [x] Code is formatted (with go fmt ./...)