fix(cdk): Remove fallback mechanism and properly configure user namespaces

[devin-ai-integration]

This PR targets the following PR:

• fix(cdk): Move gVisor OCI bundle creation to build time #400

---

Remove fallback mechanism and properly configure user namespaces

This PR addresses the error "running container: creating container: cannot create gofer process: unable to run a rootless container without userns" in the gVisor sandboxing implementation by removing the fallback mechanism and properly configuring user namespaces.

Changes

• Removed fallback mechanism from gVisor wrapper script
• Updated OCI configuration with proper user namespace settings
• Modified Dockerfile to configure kernel parameters for unprivileged user namespace cloning
• Updated devlog entry documenting the changes and requirements for production use

Testing

The implementation was tested with various configurations:

• Basic run: docker run --rm airbyte/source-declarative-manifest-gvisor spec
• Privileged mode: docker run --rm --privileged airbyte/source-declarative-manifest-gvisor spec
• User namespace support: docker run --rm --userns=host airbyte/source-declarative-manifest-gvisor spec

Link to Devin run: https://app.devin.ai/sessions/b83c0c0d80bc471fa2f67ae714022968

[devin-ai-integration]

🤖 Devin AI Engineer

Original prompt from Aaron:

@Devin - Please create a PR against the PR here: <https://github.com/airbytehq/airbyte-python-cdk/pull/400>

With the goal of resolving this error `running container: creating container: cannot create gofer process: unable to run a rootless container without userns`

Maintain a devlog according to the instructions in the repo.

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

• Address comments on this PR. Add "(aside)" to your comment to have me ignore it.
• Look at CI failures and help fix them

Note: I can only respond to comments from users who have write access to this repository.

⚙️ Control Options:

• Disable automatic comment and CI monitoring