v2.2.2 - Changelog

Summary: Add more tags to EC2 instances, and many fixes. Plus 2 new regions!

London (eu-west-2) and Tokyo (ap-northeast-1) are now supported regions!

Adds runs-on-repo-full-name tag to instances. Fixes #67.
No longer require public access on the S3 bucket agents/ subpath. Should help with compliance in certain settings.
Upgrade dependencies, fix potential XSS issue in setup page when entering malicious input as an organisation name in the CF template.
Switch to distroless container image for Server instead of debian.
Reduce scope for ec2:Describe* permission.
Fix handling of admins in configuration file, and DefaultAdmins parameters. Previously DefaultAdmins was not properly taken into account. And admins from the configuration file were added to the repo collaborators with admin access, while it should have override them (this was lost during the nodejs => go transition).

Added ssh cloud-init module back. Should help for users that extend the base AMIs with packer, since it needs to store an ephemeral ssh key in the instance.
Plan is to have the base AMIs released on a regular schedule, every 15 days (instead of whenever GitHub publishes a new release), to keep up with security patches.