Add libkrb5-dev to the build image for gitlab-shell

What does this MR do?

This adds libkrb5-dev to the build image for gitlab-shell in order to build gitlab-sshd with gssapi support.

This isn't required for the ubi8 variant due the inclusion of openssl-devel in the gitlab-ubi-builder image - which has krb5-devel as a dependency - so it's already present in the image:

$ docker run -it registry.gitlab.com/gitlab-org/build/cng/gitlab-ubi-builder:69e836a1e03e91e99c387ea3e6e1d8eb108e1588-ubi8 bash
Unable to find image 'registry.gitlab.com/gitlab-org/build/cng/gitlab-ubi-builder:69e836a1e03e91e99c387ea3e6e1d8eb108e1588-ubi8' locally
69e836a1e03e91e99c387ea3e6e1d8eb108e1588-ubi8: Pulling from gitlab-org/build/cng/gitlab-ubi-builder
e3163b760b82: Pull complete
f1715152d2f5: Pull complete
1690c27f05d7: Pull complete
Digest: sha256:d2555d6f908064f25f7370aaac702b2097a5f04584bf8887320bc8924e619f09
Status: Downloaded newer image for registry.gitlab.com/gitlab-org/build/cng/gitlab-ubi-builder:69e836a1e03e91e99c387ea3e6e1d8eb108e1588-ubi8
[root@d6b063744203 build]# rpm -qa --qf '(%{INSTALLTIME:date}): %{NAME}-%{VERSION}\n' | grep krb
(Thu Jan 12 18:20:40 2023): krb5-devel-1.18.2
(Fri Jan  6 04:05:38 2023): krb5-libs-1.18.2
[root@d6b063744203 include]# dnf repoquery --whatdepends krb5-devel
Updating Subscription Management repositories.
Unable to read consumer identity
Subscription Manager is operating in container mode.

This system is not registered with an entitlement server. You can use subscription-manager to register.

Last metadata expiration check: 1:14:10 ago on Thu Jan 12 18:20:17 2023.
openssl-devel-1:1.1.1k-7.el8_6.i686
openssl-devel-1:1.1.1k-7.el8_6.x86_64

Important Notes

The openshift/gssapi go wrapper that we are using will attempt dynamically load libgssapi_krb5.so - which is not symlinked to the shared library installed (libgssapi_krb5.so.2 => libgssapi_krb5.so.2.2) with the krb5 libraries in either debian or ubi - the only package that installs that symlink is libkrb5-dev (debian) / krb5-devel (ubi). A libpath: libgssapi_krb5.so.2 has to be explicitly configured in the config.yml for gitlab-shell in order to load the installed library.

See additional information in this comment below

Related issues

• gitlab-org/charts/gitlab!2870 (merged)
• gitlab-org/gitlab-shell!682 (merged)

Checklist

See Definition of done.

For anything in this list which will not be completed, please provide a reason in the MR discussion

Required

• Merge Request Title, and Description are up to date, accurate, and descriptive
• MR targeting the appropriate branch
• MR has a green pipeline on GitLab.com

Expected (please provide an explanation if not completing)

• Test plan indicating conditions for success has been posted and passes
• Documentation created/updated
• Integration tests added to GitLab QA
• The impact any change in container size has should be evaluated

Test Notes

I've successfully tested both the ubi and regular images here pointing at GITLAB_SHELL_VERSION: 5829f940816ff61f10936c76b59d450e104ee546 in combination with the settings in gitlab-org/charts/gitlab!2870 (merged) - adding a sshd.gssapi.libpath into the config.yml.tpl data for gitlab-shell's configmap.