Question: Is there functionality in macOS Catalina's AppleScript Script Editor / Automator for notarizing apps built using these tools, similar to what's available in Xcode?
Answer: Command line tools need to be used for notarization.
Question: If not, is there documentation available for notarizing Automator and AppleScript apps as a post-build action?
Answer: Yes, use the documentation for command line notarization using altool.
Customizing the Notarization Workflow: https://developer.apple.com/documentation/security/notarizing_your_app_before_distribution/customizing_the_notarization_workflow
Question: Why do signed apps need to be zipped / disk imaged / packaged before notarization?
Answer: The notarization service can only accept single objects. If there's a situation where this isn't an option, contact ADC Support and they should be able to assist.
Developer Support: https://developer.apple.com/support/
Question: How can I store and access the notarization one-time password in a keychain?
Answer: Refer to the altool man page (only available once Xcode has been installed) for the various ways to pass the one-time password to altool. If using a keychain, reference keychain name, then the name of the password object inside the keychain.
Question: You can staple an installer package and disk image directly, but zip files can't be stapled directly. Why?
Answer: For disk images and packages, Apple can add metadata to a signed .dmg and .pkg to add the stapling. They can't do that for a zip file without injecting a file into the .zip archive, which would modify the contents of the .zip file. This is undesired behavior from Apple's point of view, so they're not doing it.