test: run tests with selinux enforcing

With container-selinux policy updated to 2.145+ (the default for Fedora 32+) we
can enable SELinux=Enforcing mode in the CI workflow and pass all integration
and CRI tests except one, see https://github.com/containerd/containerd/issues/4460,
which has been marked as skipped.

Tested locally with:
- SELINUX=Enforcing vagrant up --provision-with=shell,selinux,test-integration
- SELINUX=Enforcing vagrant up --provision-with=shell,selinux,test-cri

Signed-off-by: Jacob Blain Christen <jacob@rancher.com>

.github/workflows/ci.yml

@@ -347,15 +347,11 @@ jobs:
       - name: Integration
         env:
           RUNC_FLAVOR: ${{ matrix.runc }}
-          # SELinux: replace Permissive with Enforcing after https://github.com/containers/container-selinux/pull/98
-          # is merged and the package becomes generally available.
-          SELINUX: Permissive
+          SELINUX: Enforcing
         run: vagrant up --provision-with=selinux,install-runc,test-integration
 
       - name: CRI test
         env:
           RUNC_FLAVOR: ${{ matrix.runc }}
-          # SELinux: replace Permissive with Enforcing after https://github.com/containers/container-selinux/pull/98
-          # is merged and the package becomes generally available.
-          SELINUX: Permissive
+          SELINUX: Enforcing
         run: vagrant up --provision-with=selinux,install-runc,test-cri