fix(ci): Disable provenance/sbom for individual Docker builds

Provenance and SBOM attestations create manifest lists even for single-platform
builds, which breaks `docker manifest create` when combining architectures.
Attestation is already done at the manifest level in the docker-manifest job.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

Author: enko

.github/workflows/release.yml

@@ -160,8 +160,10 @@ jobs:
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
           platforms: ${{ matrix.platform }}
-          provenance: mode=max
-          sbom: true
+          # Disable provenance/sbom for individual builds - they create manifest lists
+          # which break docker manifest create. Attestation is done at manifest level.
+          provenance: false
+          sbom: false
           build-args: ${{ matrix.image == 'nginx' && format('VITE_SENTRY_DSN={0}', secrets.VITE_SENTRY_DSN) || '' }}
           # Multi-layer caching strategy for maximum cache hits
           cache-from: |