Add basic test coverage support to alma-sbom

[javihernandez]

As the SPDX format support is going to be merged any time soon, we think that we should add very basic testing support.
To me, the lowest hanging fruits could be:

• Testing that we can export both builds and packages SBOMs into any supported spec/format
• Check that the resulting SBOMs are the expected (we can provide a bunch of generated SBOMs documents that we can compare the results with)

And I'd say, we need to:

• Add pytest into alma-sbom
• Create the lowest hanging fruits tests as mentioned above
• Set up a Github action that runs the tests

[m10k]

To figure out if the generated spdx-xml and spdx-json files have the expected properties/annotations, we could also create XML Schema and JSON Schema files to validate SBOMs against.
Schema creation is a bit of work, but they could serve a dual purpose as documentation, since they tell the user/developer what kind of information is contained in the SBOMs.