Follow up from #71. Signatures failed for a while and we didn't really have any insight into it because we swallow the exception on https://github.com/Kinto/kinto-signer/blob/master/kinto_signer/listeners.py#L180. We should make a lot of noise when this happens and probably abort the transaction (so that we don't leave to-resign statuses all over the place).

It's especially important to abort the transaction because otherwise the preview or destination collections will be polluted.

Edited to add: I think the mechanism of what happened this time is that the Normandy publisher made all the changes to the workspace and then hit to-sign, which calls sign_and_update_destination, which copies all the records to the destination before trying to sign them. The signature failed, the exception was squelched, and we ended up with bad data in the destination. Is it maybe possible to sign before copying? I think there's a reason we can't that has to do with timestamps, but otherwise maybe we should create another issue for that.