add job to build Lotus docker image and push it to AWS ECR private (or public) repo

[nonsense]

This PR is adding a CircleCI job for building a Lotus docker image to be used with the canary nodes deployments and other purposes.

TODO

• prior to merge, after PR approval: create lotus-dev AWS ECR private (or public) repo on AWS

---

AWS IAM permissions

• prior to merge, after PR approval: add AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_REGION, AWS_ECR_ACCOUNT_URL env vars to CircleCI project

Policy for AWS user should be something along the lines of: https://docs.aws.amazon.com/AmazonECR/latest/userguide/ecr_managed_policies.html (full access or power user)

If public registry is used, additional policy permissions necessary:

                "ecr-public:*",
                "sts:*"

---

Public vs private registry

At the moment the circleci/aws-ecr orb doesn't support public registries, maybe it is worth to not use it altogether so that we have full control over the docker commands and build and push as many images as we need. I have already added example steps for that.

For the time being I am building only a lotus-dev image to be used for canaries - specifically adding a -dev suffix to not confuse this image repository with production / stable / release images.

.circleci/config.yml - doesn't use circleci/aws-ecr orb and pushes to public ECR registry.

---

Open questions

1. Public vs private registry - There is nothing private about these images, so we might as well use the AWS public ECR registry. This means getting rid of the circleci/aws-ecr orb at the moment, but I think that's fine.
   Resolution: Use public registry

2. Build frequency - the idea behind this PR is to build an image for every commit in the Lotus repo, so that devs can quickly spin up canaries on-demand with the image.
   Resolution: for now start with build for every commit, if this gets too much, we can scale down.

3. Build artifacts - at the moment I am building only lotus-dev image. We might need more images (stats, chainwatch, opencl, etc.) for other projects.
   Resolution: for now we can bundle all binaries in the same image.

4. Consider adding Docker layer caching on CircleCI https://circleci.com/docs/2.0/docker-layer-caching/ in a future PR

Related

1. Official Docker Image #5311
2. Canary deployment infra for Lotus nodes #5078
3. Support for AWS ECR public registries CircleCI-Public/aws-ecr-orb#128

[travisperson]

1. I think public images are the right way to go
2. I'm okay building for every branch. I don't think it will be too crazy and we can monitor and adjust if we find things blowing up too much. Probably better to at least go with this for now and we can adjust if we think it becomes a problem and trigger buildings.
3. I don't think we need to different images for other binaries, we can just build them all into a single image. The images will get larger but I'm not sure if that will matter for dev images like this.

[nonsense]

Thanks to @travisperson we have the values setup on AWS and CircleCI side, and I think this is now ready for merge. First image has been pushed, you can try it out with: docker pull public.ecr.aws/p5f3y3g5/lotus-dev:790bcc78