Pass --frozen-lockfile to yarn in CI environments

[joshlory]

From https://yarnpkg.com/lang/en/docs/cli/install/:

If you need reproducible dependencies, which is usually the case with the continuous integration systems, you should pass --frozen-lockfile flag.

Sample failure:

yarn install v0.23.2
[1/4] 🔍  Resolving packages...
error Your lockfile needs to be updated, but yarn was run with `--frozen-lockfile`.

[islemaster]

Adding this check LGTM.

Should we also remove our manual check for yarn.lock changes here?

code-dot-org/lib/rake/circle.rake

Lines 127 to 134 in 890b60e

	# Changes to yarn.lock is a particularly common case; catch it early and
	# provide a helpful error message.
	if RakeUtils.git_staged_changes? apps_dir 'yarn.lock'
	Dir.chdir(apps_dir) do
	RakeUtils.system_stream_output('git diff yarn.lock | cat')
	end
	raise 'Unexpected change to apps/yarn.lock; if you changed package.json you should also have committed an updated yarn.lock file.'
	end

[joshlory]

I'm not confident enough yet to remove this secondary safeguard 😄.