feat: lazy Java/Maven installation to reduce Docker image size

[vpetersson]

Remove Maven and JDK from the base Docker image and install them
on-demand only when processing Java or Scala projects. This reduces
the image size by ~330MB (from 1.49GB to 1.16GB).

Changes:

• Add ensure_java_maven_installed() utility that checks for Maven
  and installs it via apt-get if not present
• Call the lazy installer from cdxgen generator for java/scala ecosystems
• Remove maven/default-jdk-headless from Dockerfile final stage
• Update tests to mock the new installation function

The installation is cached for the container lifetime, so subsequent
Java SBOM generations in the same run are instant. First Java project
adds ~20-30 seconds for the one-time installation.

[Copilot]

Pull request overview

This PR implements lazy installation of Java/Maven dependencies to optimize Docker image size. Instead of including these tools in the base image, they are installed on-demand when processing Java or Scala projects, reducing the image size by approximately 330MB.

Key changes:

• Added ensure_java_maven_installed() utility function with caching to handle on-demand installation
• Integrated lazy installation into the cdxgen generator for Java/Scala ecosystems
• Removed Maven and JDK from the Dockerfile base image

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 3 comments.

File	Description
sbomify_action/_generation/utils.py	Adds ensure_java_maven_installed() function with global state tracking and apt-get installation logic
sbomify_action/_generation/generators/cdxgen.py	Imports and calls the lazy installer before processing Java/Scala projects
tests/test_generation_plugin.py	Updates test mocks to include the new ensure_java_maven_installed function
Dockerfile	Removes Maven and JDK installation from base image with explanatory comment

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.