Sign releases with sigstore

Since users need to run parca agent as root or with `CAP_SYS_ADMIN`, we want to do our utmost best to secure the supply chain of parca agent. An additional thing to the things that we are already doing today, would be to sign our artifacts. A popular and well maintained solution is https://www.sigstore.dev/