feat: update docker machine and pass encryption settings for EBS

[jonmcewen]

Description

The latest version of docker-machine allows setting a new option amazonec2-volume-encrypted=true.

This MR could go further and set this option by default, or just be left as a version update to allow users to set this option if required.

Migrations required

No

Verification

Setting the option with the current version causes the runner not to start. With the latest docker-machine version it works.

[github-actions[bot]]

Hey @jonmcewen! 👋

Thank you for your contribution to the project. Please refer to the contribution rules for a quick overview of the process.

Make sure that this PR clearly explains:

• the problem being solved
• the best way a reviewer and you can test your changes

With submitting this PR you confirm that you hold the rights of the code added and agree that it will published under this LICENSE.

The following ChatOps commands are supported:

• /help: notifies a maintainer to help you out

Simply add a comment with the command in the first line. If you need to pass more information, separate it with a blank line from the command.

This message was generated automatically. You are welcome to improve it.

[kayman-mk]

https://gitlab.com/cki-project/mirror/docker-machine/-/commit/27ff34dcf7a67101c98fa978f63899aca36dc8aa

--amazonec2-volume-encrypted`: Encrypt Amazon EBS volume attached to the instance.
--amazonec2-volume-kms-key`: The KMS Key ID/ARN/Alias to be used to encrypt the volume.

[kayman-mk]

Great! I was already looking for that option but didn't find it.

As we have the KMS keys, ... available in the module, we should go a little further and pass them to the docker machine. Could you add this please to the PR, @jonmcewen?

[kayman-mk]

I guess we have to fix the key policy to allow spot instances.