Update Bottlerocket Dependencies

[cbgbt]

Description of changes:

bb00a4a1 - docker-proxy: update to 20.10.12
28f867c0 - docker-engine: update to 20.10.12
6c49ba33 - docker-cli: update to 20.10.12
623c3cf7 - libzstd: update to 1.5.2
e7d03e93 - libxcrypt: update to 4.4.27
8ed4befd - libnftnl: update to 1.2.1
9ba1ce4e - libglib: update to 2.71.1
aaec3de7 - libexpat: update to 2.4.4
2eb57d21 - libelf: update to 0.186
e1e1cdf9 - libaudit: update to 3.0.7
b8bc1c9d - libacl: update to 2.3.1
217fa6fb - iputils: update to 20211215
bbc46549 - wicked: update to 0.6.68
89aa57cb - e2fsprogs: update to 1.46.5
e525e4af - libcap: update to 2.63
bcfa7f3c - strace: update to 5.16
4454e7d6 - runc: update to 1.1
c943f5b4 - kubernetes-1.21: update to 1.21.9
68ec8686 - kubernetes-1.20: update to 1.20.15
6fcc430b - chrony: update to 4.2
b2dd61d1 - containerd: update to 1.5.9
071659df - aws-iam-authenticator: update to 0.5.3
2cf35a09 - ecs-agent: update to 1.58.0

There are still a few dependencies referenced in open issues that I want to update before submitting this:

• docker-* packages
• grub Can't complete this in time for the upcoming release.
• CNI Can't complete this in time for the upcoming release.

Reviewer Notes:

• Rebased patches in ecs-init
• Added a patch to aws-iam-authenticator to refresh vendored go modules
• Removed redundant patches from containerd
• Removed redundant patches from chrony
• Rebased patches for wicked

Testing done:
Launched variants and ensured that clusters were joined and tasks could be successfully executed. Confirmed systemctl status running, dmesg and journal OK. Ran a pod/task OK. Made API changes OK.

• aws-k8s-1.21 aarch64
• aws-k8s-1.20 aarch64
• aws-k8s-1.19 aarch64
• aws-k8s-1.18 x86_64
• aws-ecs-1 x86_64
• Comparison of console logs pre- and post-changes.

Terms of contribution:

By submitting this pull request, I agree that this contribution is dual-licensed under the terms of both the Apache License, version 2.0, and the MIT license.

[cbgbt]

Sorry, I mistakenly marked this as ready for review while attempting to re-run the checks. This isn't ready just yet.

[cbgbt]

^ Force pushed to fix the k8s 1.20 sha512sum, which was incorrect.

[cbgbt]

I'm noticing these messages in the journal on the k8s-1.18 variant (so far):

Feb 03 01:07:55 localhost kernel: *** VALIDATE SELinux ***
Feb 03 01:07:55 localhost kernel: *** VALIDATE tmpfs ***
Feb 03 01:07:55 localhost kernel: *** VALIDATE proc ***
Feb 03 01:07:55 localhost kernel: *** VALIDATE cgroup1 ***
Feb 03 01:07:55 localhost kernel: *** VALIDATE cgroup2 ***

These are "notice" level, and they first start occurring after SELinux begins initailization. Not sure yet where they are coming from, and they don't seem problematic, but I'll try and work out what's happening exactly.

[cbgbt]

^ Force pushed to modify the aws-iam-authenticator update to use a patch pushed to the lookaside cache.

[cbgbt]

Force pushed to swap the lookaside cache domain.

[etungsten]

LGTM aside from existing comments.

Github actions build are failing due to not being able to fetch the aws-iam-authenticator vendor patch.

[cbgbt]

^ The above force push just reworks how the go vendor patch is applied to aws-iam-authenticator. I misunderstood how buildsys handles the path attribute for external files.