Use file-based locking to prevent concurrent DEL calls

[dcbw]

For example, podman does not use a long-running process for handling container sandbox operations. This means that two 'podman stop' calls for the same container can run concurrently and call a CNI DEL concurrently, which is a violation of the CNI specification.

To handle this, ocicni should implement file-based locking with github.com/alexflint/go-filemutex (see CNI plugins' plugins/ipam/host-local/backend/disk/ for an examle) to ensure that multiple processes cannot call DEL on the same containerID concurrently.

[vrothberg]

The issue just popped up in my mailbox. containers/storage exposed a filelock API which would prevent many users of ocicni from adding another dependency.