Improving Claudie's supply chain security

[MarioUhrik]

A supply chain attack on Claudie is a very real possibility and it would lead to very nasty results. For example, an infected Claudie image could steal the input cloud credentials and send them back to the attacker. This needs to be prevented, which would also bring some value in the added trustworthiness.

The objective of this task is to take steps towards securing Claudie's supply chain. TODO:

• read up on supply chain security and find suitable ways to improve it for Claudie
• (most likely, this will involve:) using minimalistic base images, scanning of dependencies and the source images, producing a software bill of materials, signing our images, secure build environment
• generate sub-tasks for finer-grained tracking of subtasks that bring us closer to this goal