Auto-install Ansible Galaxy collections before deployment (trailofbits#14924)

After PR trailofbits#14908 migrated cloud providers to Ansible collections,
users deploying to Linode (and other providers using collections)
get errors because the collections aren't automatically installed.

This adds automatic collection installation to:
- The `algo` script (runs before playbook execution)
- The Dockerfile (baked into the image at build time)

Fixes trailofbits#14923

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>

Author: dguido

Dockerfile

@@ -30,6 +30,9 @@ RUN uv sync --locked --no-dev
 # Copy application code
 COPY . .
 
+# Install Ansible Galaxy collections for cloud provider modules
+RUN uv run ansible-galaxy collection install -r requirements.yml
+
 # Set executable permissions and prepare runtime
 # Note: /algo must remain root-owned for --cap-drop=all compatibility
 # (root without CAP_DAC_OVERRIDE cannot write to files owned by others)

algo

@@ -152,6 +152,12 @@ if ! command -v uv &> /dev/null; then
     echo "✓ uv installed successfully via ${UV_INSTALL_METHOD}!"
 fi
 
+# Install Ansible Galaxy collections if requirements.yml exists
+# This is needed for cloud providers that use collection modules (Linode, DigitalOcean, Azure, etc.)
+if [ -f "requirements.yml" ]; then
+    uv run ansible-galaxy collection install -r requirements.yml > /dev/null 2>&1 || true
+fi
+
 # Run the appropriate playbook
 case "$1" in
   update-users)