Install sbt-bom plugin in docker images

What does this MR do?

The goal is to use sbt makeSbom instead of sbt dependencyDot for sbt projects with versions >= 1.1. In this MR we add the sbt-bom plugin by providing the jar file and installing in the debian and fips image. More precisely:

• We add the sbt-bom jar under build/gemnasium-maven/utils/sbt-bom-plugin
• For both debian and fips docker files we add an env var SBT_BOM_PLUGIN which contains a command to enable the SBT plugin.
• We append the contents of SBT_BOM_PLUGIN in the .sbt/1.0/plugins/plugins.sbt both for root and normal user. This is the way to enable SBT global plugins according to the documentation.

No changelog is added since we need follow up MRs to build achieve our goal.

MR Stack

• Move SBT parser into dot directory (!555 - merged)
• Install sbt-bom plugin in docker images (!554 - closed) 👈
• Introduce the sbt bom parser (!556 - merged)
• Call sbt makeBom in case the plugin is compatible (!557 - closed)

What are the relevant issue numbers?

gitlab-org/gitlab#390287 (closed)

Does this MR meet the acceptance criteria?

• Changelog entry added
• Documentation created/updated for GitLab EE, if necessary
• Documentation created/updated for this project, if necessary
• Documentation reviewed by technical writer or follow-up review issue created
• Tests added for this feature/bug
• Job definition updated, if necessary
  • Auto-DevOps template
  • Job definition example
  • CI Templates
• Conforms to the code review guidelines
• Conforms to the Go guidelines
• Security reports checked/validated by reviewer