chore: merge SBOM packages and remove old SBOM's

[cezar-r]

Issue number: #584

Closes #584

Description of changes:
Use sbomtool to merge SBOM packages into a single file, for each spdx and cyclonedx formats. Remove all of the prior SBOM packages.

Testing done:

• Built + published custom AMI and connected to it via Sessions Manager in EC2 console. Verified the host did not have a /usr/share/sboms directory but had a usr/share/bottlerocket/sbom/ directory with image-spdx.json and image-cyclonedx.json files.

bash-5.1# ls /usr/share/
audit/        brush/        eks/          i18n/         iproute2/     licenses/     logdog.d/     pci.ids       templates/    updog/        zoneinfo/
bottlerocket/ dbus-1/       factory/      info/         keyutils/     locale/       man/          storewolf/    terminfo/     xfsprogs/

bash-5.1# ls /usr/share/bottlerocket/sbom/
image-cyclonedx.json  image-spdx.json

Terms of contribution:

By submitting this pull request, I agree that this contribution is dual-licensed under the terms of both the Apache License, version 2.0, and the MIT license.