Fix critical CVEs in image-builder-bob: bump buildkit base to v0.20.1-gitpod.7 (#21414)

Upgrades the pinned buildkit base image to pull in:
- CVE-2026-31789 (Critical) — OpenSSL libssl3/libcrypto3 in Alpine
- CVE-2025-68121 (Critical) — Go crypto/tls session resumption

Both criticals were tripping the daily scheduled vulnerability gate in
`Build / Build Gitpod / Check for Critical Vulnerabilities` against
`components/image-builder-bob:docker`. The new tag rebases on Alpine
3.23 and Go 1.26.2 in upstream BuildKit.

Refs CLC-2245.

Co-authored-by: Ona <no-reply@ona.com>

Author: geropl

components/image-builder-bob/leeway.Dockerfile

@@ -2,7 +2,7 @@
 # Licensed under the GNU Affero General Public License (AGPL).
 # See License.AGPL.txt in the project root for license information.
 
-FROM ghcr.io/gitpod-io/buildkit:v0.20.1-gitpod.6
+FROM ghcr.io/gitpod-io/buildkit:v0.20.1-gitpod.7
 
 USER root
 RUN apk --no-cache add sudo bash \