Perform the same Software Bill of Material  generation that upstream's
dockerfile frontend performs, producing an additional attestation
manifest using the results of the client provided (or default) SBOM
scanner.

Provide `build.Target.Scan` and `build.Scanner` to allow functions to
access/process the internal core and dependent states of a given
`build.Target`. The interface was left general to allow for other types
of attestation producing scanners in the future.

Change-Id: I78d662ac19435e370f50a20f1f2ddffb7a1d2ab4