feat(docker): Add SBOM and provenance attestations

[gustavovalverde]

This adds metadata about the contents of our image, what it contains, and how it was built.

Motivation

The purpose of attestations is to provide verifiable claims about the integrity, origin, and security status of our container images, by ensuring to our users that the images used in our containerized environments are trustworthy and have not been tampered with.

Specifications & References

• https://docs.docker.com/build/metadata/attestations/
• https://docs.docker.com/build/ci/github-actions/attestations/

Solution

• Enable provenance attestations in our build steps
• Enable the Software Bill of Material (SBOM)

Tests

• CI and CD tests should pass
• No considerable regressions in our build times

PR Author's Checklist

• [x] The PR name will make sense to users.
• [x] The PR provides a CHANGELOG summary.
• [x] The solution is tested.
• [x] The documentation is up to date.
• [x] The PR has a priority label.

PR Reviewer's Checklist

• [ ] The PR Author's checklist is complete.
• [ ] The PR resolves the issue.