Enable SBOM and vulnerability scan

Author: corneliusludmann

WORKSPACE.yaml

@@ -31,6 +31,9 @@ defaultArgs:
 provenance:
   enabled: true
   slsa: true
+sbom:
+  enabled: true
+  scanVulnerabilities: true
 environmentManifest:
   - name: "go"
     command: ["sh", "-c", "go version | sed s/arm/amd/"]