fix: allow bom build and verification for build_only layers

[rchincha]

fix: allow bom build and verification for build_only layers

stacker builds allow chaining of layer builds.  SBOM chaining should
follow that model, so bom generation directives are concerned with only
that layer.

What type of PR is this?

Which issue does this PR fix:

What does this PR do / Why do we need it:

If an issue # is not available please add repro steps and logs showing the issue:

Testing done on this change:

Automation added to e2e:

Will this break upgrades or downgrades?

Does this PR introduce any user-facing change?:

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

[codecov[bot]]

Codecov Report

Attention: Patch coverage is 50.00000% with 6 lines in your changes are missing coverage. Please review.

Project coverage is 57.35%. Comparing base (25b859b) to head (b78861e). Report is 1 commits behind head on main.

:exclamation: Current head b78861e differs from pull request most recent head 9cc8326. Consider uploading reports for the commit 9cc8326 to get more accurate results

Files	Patch %	Lines
pkg/overlay/pack.go	45.45%	5 Missing and 1 partial :warning:

Additional details and impacted files

```diff @@ Coverage Diff @@ ## main #610 +/- ## ========================================== + Coverage 55.12% 57.35% +2.23% ========================================== Files 65 65 Lines 7715 7718 +3 ========================================== + Hits 4253 4427 +174 + Misses 2701 2534 -167 + Partials 761 757 -4 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.