Make all Docker Images fully reproducible.

[FSG-Cat]

To help improve our security posture and to act as an improvement to attestation is the goal of moving to a fully reproducible image. With a fully reproducible image we can help inspire further confidence in our attested build artefacts as you dont have to trust github anymore.

If you can reproduce the same artefact as github attested you can trust that github did not manipulate the build for a specific artefact.

Not saying github is likely to be malicious but still its not going to hurt.

The current aim for this project is to be done as mostly a consequence of adopting something like a Nix type of Container Build process where reprod comes for free essentially.