Linting, security scanning, and SBOM additions to the pipeline

[cprivitere]

User Story

Consider Updating our pipeline to be more in line with modern expectations for scanning, linting, and sbom attestation.

Detailed Description

• Add superlinter or megalinter to the pipeline and properly configure.
• Add trivy and/or snyk image scanning to the pipeline.
• Add docker provenance, attests, and sbom to our docker build and push action's flags as appropriate.

Anything else you would like to add:

[Miscellaneous information that will assist in solving the issue.]

/kind feature

[k8s-triage-robot]

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

• After 90d of inactivity, lifecycle/stale is applied
• After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
• After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

• Mark this issue as fresh with /remove-lifecycle stale
• Close this issue with /close
• Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

[cprivitere]

/remove-lifecycle stale

[cprivitere]

/lifecycle frozen