Conductr-cli

**OCI feature improvements**

459 - OCI-in-Docker feature is now a default feature on Linux
456 - Move OCI image tag to an annotation to free up start-command
460 - Ensure docker `Labels` and `User` keys are forwarded to the appropriate OCI image key
466 - Ensure that `--env` arguments are processed for all bundle formats, not just ConductR
467 - Update `mvn-install` to use `--path-beg` for ACL match

**`bndl` command improvements**

462 - Adjust bndl `--acl` parameter to allow specification of `--path`, `--path-regex`, `--path-beg`, `--rewrite`

**CD feature improvements**

385 - `conduct deploy`: support tagged deployments

**Licensing updates**
468 - Update the verbiage and URL for access-tokens

**Bug fixes**
463 - Conduct stop also require similar fail-fast argparse option as Conduct run

This is to fix issue 457 encountered on Ubuntu Xenial - 458

Also displays `conduct events` and `conduct logs` command to inspect bundle events and logs, and if consolidated logging is enabled, displays the actual bundle events and logs 455

447 packages cacert file into OSX native executable to ensure SSL cert validation works in the OSX (look for the PR description for further details as to why this is required).

Also improve the error reporting during sandbox image download. Only HTTP 404 will be reported as artefact not found. If `HTTPError` and `URLError` occur, these will be reported as error message.

This is done by upgrade to dcos modules `0.4.16` 438

Download sandbox image from Lightbend generic repo if Bintray credential is not supplied for ConductR `2.1` onwards 404