Adds a --private-key option to the build command, which specifies an ECDSA
private key. When this is provided along with a manifest, the manifest is
prepended to the .flx package and signed with the private key. The manifest
also includes a SHA-256 hash of the zipped content portion of the .flx package.
This is used by the Flutter updater package, to verify that updates are
from the right publisher.
This patch makes `flutter start` work without a clone of the engine git
repository. Making this work pulled a relatively large refactor of how the
commands interact with application packages and devices. Now commands that want
to interact with application packages or devices inherit from a common base
class that holds stores of those objects as members.
In production, the commands download and connect to devices based on the build
configuration stored on the FlutterCommandRunner. In testing, these fields are
used to mock out the real application package and devices.
