Workload attestation currently occurs when a workload first connects to the workload api. This is fine for most use cases, but causes a problem for selectors that may describe runtime state that can change over the lifetime of a workload.

Workload attestation is relatively expensive, and we must block on it when the workload first calls us, but it is not necessary to block on further re-attestations which can be done in the background.