pkg/cli/admin/release/info: support generating RPM diffs

It's often useful when looking up release images to know the list of RPM
packages that shipped in the node image. Add new switches for this:
- `oc adm release info --rpmdb $IMG` will list all the packages in the
  node image for the given release image payload
- `oc adm release info --rpmdb-diff $IMG1 $IMG2` will diff the set of
  packages in the node image for the given release image payloads

The code is generic over the actual target image. By default, the node
image is used, but `--rpmdb-image` can be used to select a different
one.

The primary motivation for this is
openshift/enhancements#1637, in which the
node image will no longer be built within the CoreOS pipeline as a
base image. Instead, it will be a layered image built in OpenShift
CI/Konflux. As a result, all layered packages will not show up in the
CoreOS release browser differ.

With this functionality, the release controller will be able to render
RPM diffs in the web UI, greatly de-emphasize the CoreOS differ and
effectively dropping the requirement for having VPN access.

Some notes on the implementation:
- The rpmdb for a given image is cached, keyed by the image digest.
- We don't try to be smart here and e.g. only download some layers.
  There are some issues with doing that. We literally do download the
  full image, _but_ we only cache the rpmdb content and throw away the
  rest. That said, the high cost isn't an issue in practice because the
  release controller can nicely represent operations which take time so
  it didn't feel worth the effort of trying to optimize this further.

Once we have SBOMs available for all our images, this should be a much
cheaper way to query its RPM contents. Additionally/alternatively, for
the node image specifically, if we ever end up with lockfiles in the git
repo, this would effectively mean that the git changelog _is_ the RPM
changelog also, meshing nicely with the existing infrastructure around
that.