publish "image source" in the registry #140
Description
The current BuildKit provenance objects we include have the full Dockerfile in them, but it's buried and obscured -- it would be really interesting for us to include the full build context somewhere in the registry/image provenance, especially after we implement https://github.com/docker-library/bashbrew/blob/f71d6ef63e1f5abe6d5cb06a62a3e5e42d68566e/pkg/tarscrub/tarscrub.go#L10 (because it could then be the "filtered" version of the build context, so it's literally just the elements that went into the build).
IMO building off that same tarball would then be even more meaningful than the current build-from-Git-URL that we do, and would also have the benefit of being generally more performant (since we'd be able to more directly control the Git fetching bits).
We could also do crazy things like pre-publish those tarballs and build directly from the published tarballs instead of doing the Git fetching at image build time, but that might be a step too far.