Update debug build base images to remove openssl

[charlieegan3]

This completes the work started in #5540

Fixes #5544

We can't use distroless since they don't have a nossl cc image: GoogleContainerTools/distroless#1210

Chainguard have added this (-dev rather than :debug) to their image collection: chainguard-images/images#187

Following advice here, using their busybox is the best replacement for gcr.io/distroless/static:debug chainguard-images/images#368 (comment)

[netlify]

✅ Deploy Preview for openpolicyagent ready!

Name	Link
🔨 Latest commit	69ec5dd
🔍 Latest deploy log	https://app.netlify.com/sites/openpolicyagent/deploys/641ad7f453653800087fb107
😎 Deploy Preview	https://deploy-preview-5787--openpolicyagent.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site settings.

[netlify]

✅ Deploy Preview for openpolicyagent ready!

Name	Link
🔨 Latest commit	107cace
🔍 Latest deploy log	https://app.netlify.com/sites/openpolicyagent/deploys/641ad83da735e60008fe7851
😎 Deploy Preview	https://deploy-preview-5787--openpolicyagent.netlify.app/docs/edge
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site settings.

[ashutosh-narkar]

@charlieegan3 have you tested if the new images with your changes work similar to the existing ones?

[charlieegan3]

Hey, I have done the following, let me know if you think we need to do more.

1. Build the images:

make ci-build-linux
make ci-build-linux-static
make image-quick

2. Check the images worked as expected:

# check shell is present
$ docker run -it --entrypoint /bin/sh openpolicyagent/opa:0.51.0-dev-static-debug
~ $ exit
$ docker run -it --entrypoint /bin/sh openpolicyagent/opa:0.51.0-dev-debug
~ $ exit

# check opa is present
$ docker run -it openpolicyagent/opa:0.51.0-dev-static-debug eval 'true'
{
  "result": [
...
  ]
}
$ docker run -it openpolicyagent/opa:0.51.0-dev-debug eval 'true'
{
  "result": [
...
  ]
}

# tested that openssl is gone
# first show it's present in latest released image:
charlie@cloudshell:~/opa$ docker run -it --entrypoint=sh openpolicyagent/opa:0.50.2-debug
/ $ openssl
OpenSSL> exit
/ $ exit
# missing in this branch image:
charlie@cloudshell:~/opa$ docker run -it --entrypoint sh openpolicyagent/opa:0.51.0-dev-debug
~ $ openssl
sh: openssl: not found
~ $ exit

[ashutosh-narkar]

Thanks @charlieegan3 ! lgtm.

[charlieegan3]

Thanks! 😊