feat(boil): Support Containerfiles per version (#1302)

* feat(boil): Support Containerfiles per version

* feat(boil): Add image directory to error message

* chore: Use 'dockerfile' as config option by default

Author: Techassi

Cargo.lock

@@ -8,6 +8,7 @@ authors = ["Stackable <info@stackable.tech>"]
 license = "Apache-2.0"
 
 [workspace.dependencies]
+cap-std = "3.4.4"
 clap = { version = "4.5.41", features = ["derive"] }
 clap_complete = "4.5.55"
 clap_complete_nushell = "4.5.8"

Cargo.toml

@@ -8,6 +8,7 @@ repository.workspace = true
 publish = false
 
 [dependencies]
+cap-std.workspace = true
 clap.workspace = true
 clap_complete.workspace = true
 clap_complete_nushell.workspace = true

rust/boil/Cargo.toml

@@ -5,14 +5,15 @@ use std::{
     path::PathBuf,
 };
 
+use cap_std::{ambient_authority, fs::Dir};
 use glob::glob;
 use oci_spec::image::{
     ANNOTATION_AUTHORS, ANNOTATION_CREATED, ANNOTATION_DOCUMENTATION, ANNOTATION_LICENSES,
     ANNOTATION_REVISION, ANNOTATION_SOURCE, ANNOTATION_VENDOR, ANNOTATION_VERSION,
 };
 use semver::Version;
 use serde::Serialize;
-use snafu::{OptionExt, ResultExt, Snafu};
+use snafu::{OptionExt, ResultExt, Snafu, ensure};
 use time::format_description::well_known::Rfc3339;
 
 use crate::{
@@ -55,6 +56,9 @@ pub enum Error {
 
     #[snafu(display("failed to parse build arguments"))]
     ParseBuildArguments { source: ParseBuildArgumentsError },
+
+    #[snafu(display("failed to locate containerfile relative to the {path:?} directory"))]
+    NoSuchContainerfileExists { path: String },
 }
 
 #[derive(Debug, Snafu)]
@@ -329,9 +333,28 @@ impl Bakefile {
                     args.strip_architecture,
                 );
 
-                let dockerfile = PathBuf::new()
-                    .join(&image_name)
-                    .join(&args.target_containerfile);
+                // By using a cap-std Dir, we can ensure that the paths provided must be relative to
+                // the appropriate image folder and wont escape it by providing absolute or relative
+                // paths with traversals (..).
+                let image_dir = Dir::open_ambient_dir(&image_name, ambient_authority()).unwrap();
+
+                let dockerfile_path = if let Some(custom_path) = &image_options.dockerfile {
+                    ensure!(
+                        image_dir.exists(custom_path),
+                        NoSuchContainerfileExistsSnafu { path: image_name }
+                    );
+
+                    PathBuf::new().join(&image_name).join(custom_path)
+                } else {
+                    ensure!(
+                        image_dir.exists(&args.target_containerfile),
+                        NoSuchContainerfileExistsSnafu { path: image_name }
+                    );
+
+                    PathBuf::new()
+                        .join(&image_name)
+                        .join(&args.target_containerfile)
+                };
 
                 let target_name = if is_entry {
                     Self::format_entry_target_name(&image_name, &image_version)
@@ -359,7 +382,7 @@ impl Bakefile {
                     platforms: vec![args.target_platform.clone()],
                     // NOTE (@Techassi): Should this instead be scoped to the folder of the image we build
                     context: Some(PathBuf::from(".")),
-                    dockerfile: Some(dockerfile),
+                    dockerfile: Some(dockerfile_path),
                     inherits: vec![COMMON_TARGET_NAME.to_owned()],
                     annotations,
                     contexts,

rust/boil/src/build/bakefile.rs

@@ -182,6 +182,13 @@ pub struct ImageOptions {
     // suffixed with _VERSION.
     #[serde(default)]
     pub build_arguments: BuildArguments,
+
+    /// A custom path to a Dockerfile/Containerfile for a particular version of an image.
+    ///
+    /// This is usefull for cases where the same image is being built differently depending on it's
+    /// version and it is too difficult/messy to do it the same Dockerfile/Containerfile.
+    #[serde(alias = "containerfile")]
+    pub dockerfile: Option<PathBuf>,
 }
 
 #[derive(Debug)]