feat: migrate default docker image to ubi-micro

[kruskall]

Motivation/summary

In line with other products and with the direction in #13872 we want to drop ubuntu and use ubi base images for the default image.

Similar to what we did with the chainguard image, the image is pinned to a digest for security/reproducibility and tini is dropped since it's not needed in modern docker versions.

Checklist

• Update CHANGELOG.asciidoc
• Documentation has been updated

For functional changes, consider:

• Is it observable through the addition of either logging or metrics?
• Is its use being published in telemetry to enable product improvement?
• Have system tests been added to avoid regression?

How to test these changes

docker build . -f packaging/docker/Dockerfile -t ubi-micro-apm-server --build-arg GOLANG_VERSION=1.23
docker run ubi-micro-apm-server (note if you don't pass an elasticsearch url it will use elasticsearch by default).

Related issues

[axw]

Can we remove the tini & docker-entrypoint files?

[kruskall]

Done! 😄

[v1v]

Out of curiosity, I've seen tini is not needed when using ub9, if that's correct, does it mean we can remove

apm-server/packaging/ironbank/hardening_manifest.yaml

Lines 42 to 46 in 767abab

	- filename: tinit
	url: https://github.com/krallin/tini/releases/download/v0.19.0/tini-amd64
	validation:
	type: sha256
	value: 93dcc18adc78c65a028a84799ecf8ad40c936fdfc5f2a57b1acda5a8117fa82c

in a follow-up?

[kruskall]

Out of curiosity, I've seen tini is not needed when using ub9, if that's correct, does it mean we can remove

tini is not needed in recent docker versions because it's included in docker (kubernetes is in a similar position) so we just need to ensure we're running the binary directly without wrapping it in a shell script.
ironbank images are another issue but yes, it should probably be removed along with switching the ironbank image to chainguard static.

[axw]

LGTM! Thanks @kruskall!