test and possibly replace docker with podman in GitLab runners

GitLab finally managed to port the GitLab runner infrastructure to be useable with Podman:

• https://docs.gitlab.com/runner/executors/docker.html#use-podman-to-run-docker-commands
• https://about.gitlab.com/releases/2022/08/22/gitlab-15-3-released/#gitlab-runner-153
• https://gitlab.com/gitlab-org/gitlab-runner/-/issues/27119

this could be tremendously useful for us, in many ways:

1. podman makes it much easier to run "rootless" containers, which could significantly improve the security of our runners

2. that, in turn, could make it easier to build container images in runners (see gitlab#123 (closed), gitlab#90 (closed), gitlab#89 (closed) for background on that work, and https://docs.gitlab.com/runner/executors/docker.html#using-podman-to-build-container-images-from-a-dockerfile for the upstream docs)

3. podman doesn't require a daemon, so runner jobs would could directly under systemd which, in turn, might make gitlab-runner upgrades less disruptive

4. podman is simpler than docker and therefore easier to package in Debian, which means the package may be more up to date (for example, upstream docker is at 22.06-beta0, but unstable has 20.10.17, and stable 20.10.5, while podman is at 4.2.0, which is already packaged in experimental, unstable has 3.4.7 and stable 3.0.1)

Unfortunately, GitLab and Podman has fixed their things in version 15.3 (which we run) and 4.2.0 (which we don't), respectively. So we're not quite ready to run this from the Debian side of things. First the 4.2.0 podman release would need to get into unstable, and there testing. Then we could see if we can either get a backport running, or setup a bookworm runner, which therefore might make this part of the %Debian 12 bookworm upgrade milestone.

See this page for progress on the podman packaging: https://tracker.debian.org/pkg/libpod