Create SBOM file for each policy

[jvanz]

It would be great to have a SBOM file for each policy release.

Action items

• Figure out how to automate the SBOM creation -> a user cloning our template should get this action automatically configured and enabled
• Propagate this change to our existing policies

In a quick research I found out that the current tool used to generate the SBOM files for Rust and Go policies support Swift. But in my quick try, the tool failed. Thus, this issue also include a research if the tool in use really works and how to use it.

[flavio]

* Figure out how to automate the SBOM creation -> a user cloning our template should get this action automatically configured and enabled

This should be already done. Our templates inherit the release action that is under our github actions repository. You just updated that, hence they will gain the sbom creation ability too.

* Propagate this change to our existing policies

Nothing to be done there. We just have to tag new releases, the GH worker will download latest version of the action (the one with the SBOM stuff added) and everything will happen automatically.

In a quick research I found out that the current tool used to generate the SBOM files for Rust and Go policies support Swift. But in my quick try, the tool failed. Thus, this issue also include a research if the tool in use really works and how to use it.

Let's leave swift policies aside for now.