feat: add docker publish method

[jwillker]

Reopening after closing by accident this PR

As I mentioned in this issue: https://github.com/google/osv-scanner/issues/55, the project could have an official docker image.

This implementation will generate a docker image on the Github container registry for amd64 and arm64 architecture for each git tag and the latest version, using Goreleaser. https://goreleaser.com/customization/docker/, https://goreleaser.com/customization/docker_manifest/

The image labels follow the annotation recommendations of https://github.com/opencontainers/image-spec/blob/main/annotations.md.

The action.yaml was changed to work with the image instead of building from Dockerfile.

[jwillker]

@another-rex The other PR changes suggested were solved here. Can you review this PR?

[JonZeolla]

@jwillker what about using https://github.com/ko-build/ko for this?

[jwillker]

@jwillker what about using https://github.com/ko-build/ko for this?

The osv-scanner already has a build process using goreleaser. The feature here is to extend the usage to release docker images. I don't know how the ko works in depth, and I don't know if it makes sense to add another tool to the project and change the build process.

What are the advantages of ko over Goreleaser?

[inferno-chromium]

Rex is OOO next week, we will get to this early next year. I agree with @jwillker that we should just use existing tools.

[oliverchang]

Thanks a ton for the contribution, and sorry for the delay on reviewing this! We haven't forgotten about this :)

@another-rex is still out until next week -- once he's back I'll let him review this.

[another-rex]

/gcbrun