Add Anchore SBOM to S3 pipeline artifacts

Background

The SBOM being created by Syft needs to be added to the S3 artifacts the pipeline uploads for the Iron Bank Front End. As a part of this, we should also adjust the formatting of this artifact, to make it valid XML. At the moment the report is being output as a quoted string

AC

Fix file (bad XML formatting, weird quotes)
- !813 (merged) may be a fix
- Or update syft and use https://github.com/anchore/syft/pull/732
ensure SBOM can be downloaded from IBFE, include it in the downloadable tarball

Edited Jan 14, 2022 by David Freeman