Lock all images we depend on for Auto DevOps and K8s integration

Since we've recently ran into issues with docker images we don't control breaking our application:

https://gitlab.com/gitlab-org/gitlab-ce/issues/48978
gitlab-qa#289 (closed)

We should find some way to lock the versions of images we refer to in the Auto DevOps CI template as well as images we use as parts of the Kubernetes integration for running install pods etc.

Some possible options:

Always lock to a particular SHA of an external docker image so it should never change
Build our own docker images

We should also audit all the code we own to see if there is anything else we need to lock. We also know that we need to lock helm chart versions: https://gitlab.com/gitlab-org/gitlab-ce/issues/48834

We can start with https://gitlab.com/gitlab-org/gitlab-ce/issues/50286 and see how that goes before doing any more images.

Edited Aug 14, 2018 by Dylan Griffith