in-toto: Add provenance extension to Jenkins plugin

In-toto is a framework designed to protect software supply chain integrity. It provides security against attackers who can get control of a step in the supply chain and alter the product for malicious intents like introducing backdoors in the source code and including vulnerable libraries in the final product. The goal of this project is to modify the Jenkins plugin to generate the in-toto attestations with the Provenance metadata as well as link metadata depending on what the user chooses.