Add SRP source provenance report

[beni0888]

Signed-off-by: Jesús Benito Calzada bjesus@vmware.com

Description of the change

This PR adds the required SRP source provenance report to the GHA pipeline. Currently, the report is being done in the CircleCI pipeline, but as part of the migration to GHA, we need to implement it there. For this report to work, we need to register a new SRP UID for GHA, which will be something like uid.mtd.provenance_2_5.fragment(obj_uid=uid.obj.build.github(instance='github.com',namespace='vmware-tanzu/kubeapps',...),version=''). An issue has been created in the Jira Service Desk for this task, and we will maintain this PR as a draft until that request is fulfilled.

Benefits

• Report SRP source provenance from GHA pipeline.
• GHA pipeline is complete and we can finally decommission the CircleCI pipeline

Possible drawbacks

None.

Applicable issues

• related to Migrate CI to Github actions #4436

Additional information

• https://servicedesk.eng.vmware.com/servicedesk/customer/portal/12/INTSVC-54793
• https://confluence.eng.vmware.com/display/SRPIPELINE/Onboarding+to+SRP+APIs

[netlify]

✅ Deploy Preview for kubeapps-dev canceled.

Built without sensitive environment variables

Name	Link
🔨 Latest commit	af5b4f7
🔍 Latest deploy log	https://app.netlify.com/sites/kubeapps-dev/deploys/637380b25ca9c3000870a33d

[absoludity]

LGTM, small question about srp client version but +1 either way. Thanks @beni0888

[absoludity]

Should we use a specific version rather than latest for the client here?

[beni0888]

Mmm TBH, I'm not sure about that, but taking into account that in the CircleCI version we're pointing to a specific version, I guess you're right. Changing it before merging. Thanks for the heads up!