buildkit: Support SBOM scanners

Perform the same Software Bill of Material generation that upstream's
dockerfile frontend performs, producing an additional attestation
manifest using the results of the client provided (or default) SBOM
scanner.

Provide build.Target.Scan and build.Scanner to allow functions to
access/process the internal core and dependent states of a given
build.Target. The interface was left general to allow for other types
of attestation producing scanners in the future.