fix: add U flag to sqlite volume mount for podman 5.x compatibility (PROJQUAY-9329)

[harishsurf]

Summary

• Adds the :U volume mount flag to the sqlite volume in quay.service.j2, which tells podman to recursively chown the volume to match the container's runtime user
• Fixes upgrade failures (1.3.x → 2.x) on podman 5.x where the sqlite-storage volume ownership resets to root:root after the quay-copy container is removed, causing
  peewee.OperationalError: attempt to write a readonly database
• Complements the existing fix in PR fix: set sqlite storage ownership for Quay user after pg-to-sqlite migration (PROJQUAY-9799) #243 (which addressed the migration path only via hardcoded podman unshare chown to UID 1001) by handling the upgrade path and supporting containers
  running as any UID

Notes

• The :U flag is only applied to the sqlite volume, not quay-storage, as recursive chown on a volume with many blobs could delay startup or hit the 3-minute health check timeout
• Issue does not reproduce on podman 4.9.x, only on podman 5.x

[harishsurf]

/cherry-pick main

[openshift-cherrypick-robot]

@harishsurf: once the present PR merges, I will cherry-pick it on top of main in a new PR and assign it to you.

Details

In response to this:

/cherry-pick main

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[openshift-cherrypick-robot]

@harishsurf: new pull request created: #261

Details

In response to this:

/cherry-pick main

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.