Uploader service to store SLSA provenance statements as artifacts

Why are we doing this work

As a part of Phase 2: Generate provenance statement in control plane , we need to implement an uploader service to store the generated provenance on object storage.

After some discussion, the provenance statement does not need to be persisted as a file. We will instead create a hollowed-out class as discussed below.

Suggested name for service class: Slsa::AttestProvenanceService.

Generating the provenance statement is covered by #546150 (closed).

Relevant links

See #546153 (comment 2561143562) on dev docs that might be relevant to this.

Non-functional requirements

• Documentation: N/A
• Feature flag: No need to put this service class behind a feature feature. It's called by a publish worker and service that are behind a flag.
• Performance: N/A
• Testing: Rspec specs

Implementation plan

• Define attributes of SLSA statements uploaded as job artifacts: file type, file name, etc.
• Write Ci::Slsa::ProvenanceStatement.from_build(build).to_json JSON output to a temporary file.
• Use the mechanisms provided by Ci::JobArtifacts::CreateService (specifically execute and likely authorize) to create a new job artifact. An example of how to achieve this is documented below.
• Implement Slsa::UploadStatementService uploader service.