Chore: Add attestation endpoints to allow-list

[ModeSevenIndustrialSolutions]

What

• Adds two egress endpoints to the lfreleng-actions harden-runner
  allow-list, sorts the file alphabetically, and
• Adds a README.md alongside allow_list.txt documenting why
  non-obvious endpoints are present.

+ tmaproduction.blob.core.windows.net:443
+ tuf-repo.github.com:443

Why (endpoints)

Switching the 🌈 Zizmor Scan workflow (and any other action that calls
gh attestation verify) to harden-runner block mode currently
fails. lfreleng-actions/zizmor-scan-action downloads an attested
zizmor binary and verifies its Sigstore provenance; under block mode the
verification step is denied:

domain not allowed: tuf-repo.github.com.
Error: failed to fetch bundle ... Get
"https://tmaproduction.blob.core.windows.net/attestations/...":
dial tcp ...: connect: connection refused

The binary download itself already works (github.com →
release-assets.githubusercontent.com, both already allow-listed). The
two missing endpoints are:

• tuf-repo.github.com:443 — GitHub's TUF trust root, used by
  gh attestation verify to establish the Sigstore trust material.
• tmaproduction.blob.core.windows.net:443 — the Azure blob storage
  that serves GitHub's attestation bundles.

I've added the specific blob host rather than a
*.blob.core.windows.net wildcard to keep the egress surface as narrow
as possible. The trade-off: if GitHub later rotates the storage-account
name, this entry will need updating (it would resurface as the same
gh attestation verify failure).

README

The new .github/harden-runner/lfreleng-actions/README.md carries a
table recording the source/reason for non-obvious entries — starting
with the two added here (both attributed to the GitHub attestation
check during the zizmor binary download). It's intentionally partial:
the bulk-generated entries can be backfilled over time, potentially from
the tooling that produced the initial list.

Sorting

The list is sorted alphabetically (LC_ALL=C, deterministic) so future
additions have an obvious, reviewable position. No entries were removed.

Verification

Reproduced the failure and confirmed the fix empirically: a block-mode
zizmor run failed on exactly these two endpoints before the change. Once
this merges and a new release/tag is cut, the consuming workflows can
pin their harden-runner-block-action config to the new tag.

[Copilot]

Pull request overview

Adds the required egress destinations for gh attestation verify to succeed under harden-runner block mode, and reorders the existing allow-list entries deterministically (alphabetical, LC_ALL=C) to keep future diffs reviewable.

Changes:

• Allow outbound access to tuf-repo.github.com:443 (Sigstore/TUF trust material used during verification).
• Allow outbound access to tmaproduction.blob.core.windows.net:443 (GitHub attestation bundle hosting).
• Alphabetically sort the allow-list entries without removing any existing endpoints.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.