refactor to use private ecr repository (#4153)

## Description
Refactor to use private ECR repository. The primary motivation for this
is to optimize our internal release process to use the same build image.
Ideally we'd use a public ECR repository still but they don't support
lifecycle rules for cleaning up old/unused build images (of which we
create a lot of).

- **ECR Repository Migration**: Switched from
public.ecr.aws/w0m4q9l7/github-awslabs-smithy-rs-ci to a private ECR
repository
- **IAM Role Update**: Updated from `SMITHY_RS_PUBLIC_ECR_PUSH_ROLE_ARN`
to `SMITHY_RS_ECR_PUSH_ROLE_ARN` secret
- **Image Tagging**: Changed image tag prefix from just `<tools-hash>`
hash to `ci-<tools-hash>` (prefix is used for ECR image lifecycle rules
and cleanup of old images)
- **New Upload Script**: Added `upload-build-image.sh` for uploading to
ECR repo
- **Enhanced acquire-build-image**: Improved the build image acquisition
script with better error handling and fallback mechanisms when not
authenticated
- **Documentation**: Added comprehensive README for GitHub Actions
scripts explaining usage, environment variables, and behavior

## Testing
* Tested from [fork](https://github.com/smithy-lang/smithy-rs/pull/4157)
* Tested [dry run
release](https://github.com/smithy-lang/smithy-rs/actions/runs/15586780061)


## Checklist
<!--- If a checkbox below is not applicable, then please DELETE it
rather than leaving it unchecked -->
- [ ] For changes to the smithy-rs codegen or runtime crates, I have
created a changelog entry Markdown file in the `.changelog` directory,
specifying "client," "server," or both in the `applies_to` key.
- [ ] For changes to the AWS SDK, generated SDK code, or SDK runtime
crates, I have created a changelog entry Markdown file in the
`.changelog` directory, specifying "aws-sdk-rust" in the `applies_to`
key.

----

_By submitting this pull request, I confirm that you can use, modify,
copy, and redistribute this contribution, under the terms of your
choice._