[feature] Support for non-hermetic Bazel builds on SLSA3 Bazel Builder

[enteraga6]

Non hermetic Bazel builds that call installs before build process are not supported currently. A proposed fix to this, is to include an input for a path to a Github Action that contains pre-build steps to take, including installs. This action would run within in the internal side of the Bazel builder before the build script gets called. This would allow for the Github Runner that completes the build to have the appropriate effects from the pre-build action steps. This would also work for an image input, as the image gets mounted on the directory on the GH Runner for building.

A lot of the bigger repositories on Github which utilize GH workflows that use Bazel do so non-hermetically. Adding this feature would allow the Bazel Builder to get into more repos to have a greater supply chain security impact.