Build, sign, and compute the SBOM of a container image

Description

A reusable Github Action workflow that: builds a container image, scans it with Trivy, pushes it to ECR, signs it with cosign, and computes its SBOM with Syft.