Create the official link of version of software bill of materials of Fluentd

[cosmo0920]

Describe the bug

For creating a document which is related to the security contexts, we have to present the software bill of materials.
Without this type of documents, the newbies, who wants to grasp security aspects, didn't get understand about it.

ref: https://edu.chainguard.dev/open-source/sbom/what-makes-a-good-sbom/

Link to the problematic documentation

None. There is no articles for it.

Expected explanation

This SBOM receipt can be generated by docker sbom easily for now.

ref: https://docs.docker.com/engine/sbom/

The description of software bill of material is:
https://www.ntia.gov/files/ntia/publications/howto_guide_for_sbom_generation_v1.pdf

Additional context

Currently, the SBOM files can be created by:

#!/bin/bash
set -eu

FLUENTD_IMAGE="fluent/fluentd:v1.16.3-debian-amd64-1.0"

docker sbom "$FLUENTD_IMAGE" --output /tmp/"$FLUENTD_IMAGE.spdx.json" --format spdx-json
docker sbom "$FLUENTD_IMAGE" --output /tmp/"$FLUENTD_IMAGE.cyclonedx.json" --format cyclonedx-json

[cosmo0920]

@Nihal-Rahman If you need to add more discussion and requirements, could you add your requirements here, please?

[Nihal-Rahman]

Hi Hiroshi besides the SBOM and any further feedback from other mainters, I don't believe we have any further documents required. The OpenSFF mentioned in our discussion on github is a security standard met by Fluentd correct?

[cosmo0920]

Yes. Fluentd fulfilled security standard which should be mentioned from OpenSSF.