Add linking service and Vault JWT issuer framework components

[prashantkumar1982]

Summary

• Add a generic framework/components/linkingservice component with a Docker image, gRPC server, and runtime helpers so tests can use a first-class, reusable linking service managed by the framework instead of repo-local ad hoc mocks.
• Add a framework/components/vaultjwtissuer component with a Docker image, JWKS/OpenID HTTP server, and JWT helper APIs so Vault-style JWT flows can run against a Dockerized support service that is owned by the framework lifecycle.
• Add the module and dependency updates required by those new components, including the linking-service proto/gRPC/protobuf wiring and newer security-patched dependencies. These changes were needed both to compile the new components and to satisfy dependency-review on the new dependency graph.
• Fix component image build contexts so the new service images build correctly from CI and downstream repos. This was needed because the initial component packaging did not match the build context layout expected by the framework.
• Update CI and dev tooling to handle the newer module graph, including letting the framework lint job use a golangci-lint binary built with a Go version compatible with the framework module. This was needed because the framework module now resolves to go 1.25.0, which the old lint binary could not target.
• Harden existing CI jobs that became flaky while validating this PR by switching JD and chip-ingress Postgres images away from Docker Hub rate-limit/auth sensitivity, extending chip-ingress startup deadlines, adding a short Seth Geth startup retry, and making the scalability example fail fast on generator errors instead of hanging until the outer test timeout. These changes were needed to keep unrelated framework checks reliable while the new components were being introduced.

[github-actions]

👋 prashantkumar1982, thanks for creating this pull request!

To help reviewers, please consider creating future PRs as drafts first. This allows you to self-review and make any final changes before notifying the team.

Once you're ready, you can mark it as "Ready for review" to request feedback. Thanks!

[Tofel]

why do we need such long startup timeout?

[Tofel]

let's avoid using mutable tags as that has bitten us more than once, which in this case means we can't have a default image or that we pin it to an immutable tag

[Tofel]

we already have a function for that in framework/docker.go called DefaultTCLabels()

[Tofel]

we have a constant for that in framework/config.go, unless you want to avoid depending on framework?

[Tofel]

same, let's not use mutable tags

[Tofel]

would be great to have a single smoke test for each component here on the CTF side similar to framework/examples/chip_ingress/smoke_chip_ingress_test.go