[Feat]: support passing inputs and bundles to rego modules

[ChaosInTheCRD]

Describe the solution you'd like:

Currently witness policies support embedding base64 encoded rego packages to evaluate predicates found in a witness collection for a particular step:

         {
            "type": "https://witness.dev/attestations/command-run/v0.1",
            "regopolicies": [
              {
                "name": "expected command",
                "module": "cGFja2FnZSBjb21tY..."
              }
            ]
          },

What currently isn't possible though, is to provide extra inputs to configure parts of the rego policy to evaluate (or not):

          {
            "type": "https://witness.dev/attestations/command-run/v0.1",
            "regopolicies": [
              {
                "name": "expected command",
                 "inputs": {
                      "expect_sarif": true,
                      "deny_no_fail": true
                 },
                "module": "cGFja2FnZSBjb21tY..."
              }
            ]
          },

Also, rego bundles could be a way of supporting common logic to be written that can be shared across multiple rego packages.