Add local build API for direct filesystem builds on MacOS and Windows

Adds /libpod/local/build endpoint, client bindings, and path translation
utilities to enable container builds from mounted directories to podman machone without tar uploads.

Fixes: https://issues.redhat.com/browse/RUN-3249

Signed-off-by: Jan Rodák <[email protected]>

Author: Honny1

internal/localapi/types.go

@@ -5,3 +5,5 @@ type LocalAPIMap struct {
 	ClientPath string `json:"ClientPath,omitempty"`
 	RemotePath string `json:"RemotePath,omitempty"`
 }
+
+type TranslationLocalAPIMap map[string]string

internal/localapi/utils.go

@@ -154,3 +154,40 @@ func CheckPathOnRunningMachine(ctx context.Context, path string) (*LocalAPIMap,
 
 	return isPathAvailableOnMachine(mounts, vmType, path)
 }
+
+// CheckMultiplePathsOnRunningMachine checks if multiple paths are available on a running machine.
+// Returns a translation map of local-to-remote paths if all paths are accessible, false otherwise.
+func CheckMultiplePathsOnRunningMachine(ctx context.Context, paths []string) (TranslationLocalAPIMap, bool) {
+	result := TranslationLocalAPIMap{}
+
+	if machineMode := bindings.GetMachineMode(ctx); !machineMode {
+		logrus.Debug("Machine mode is not enabled, skipping machine check")
+		return nil, false
+	}
+
+	conn, err := bindings.GetClient(ctx)
+	if err != nil {
+		logrus.Debugf("Failed to get client connection: %v", err)
+		return nil, false
+	}
+
+	mounts, vmType, err := getMachineMountsAndVMType(conn.URI.String(), conn.URI)
+	if err != nil {
+		logrus.Debugf("Failed to get machine mounts: %v", err)
+		return nil, false
+	}
+
+	for _, path := range paths {
+		if err := fileutils.Exists(path); errors.Is(err, fs.ErrNotExist) {
+			logrus.Debugf("Path %s does not exist locally, skipping machine check", path)
+			return nil, false
+		}
+		mapping, found := isPathAvailableOnMachine(mounts, vmType, path)
+		if !found {
+			logrus.Debugf("Path %s is not available on the running machine", path)
+			return nil, false
+		}
+		result[path] = mapping.RemotePath
+	}
+	return result, true
+}

internal/localapi/utils_unsupported.go

@@ -12,3 +12,8 @@ func CheckPathOnRunningMachine(ctx context.Context, path string) (*LocalAPIMap,
 	logrus.Debug("CheckPathOnRunningMachine is not supported")
 	return nil, false
 }
+
+func CheckMultiplePathsOnRunningMachine(ctx context.Context, paths []string) (TranslationLocalAPIMap, bool) {
+	logrus.Debug("CheckMultiplePathsOnRunningMachine is not supported")
+	return nil, false
+}

pkg/api/handlers/compat/images_build.go

@@ -135,6 +135,40 @@ type BuildContext struct {
 	IgnoreFile              string
 }
 
+func (b *BuildContext) validatePaths() error {
+	if err := validateLocalPath(b.ContextDirectory); err != nil {
+		return err
+	}
+
+	for _, containerfile := range b.ContainerFiles {
+		if err := validateLocalPath(containerfile); err != nil {
+			return err
+		}
+	}
+
+	for _, ctx := range b.AdditionalBuildContexts {
+		if ctx.IsURL || ctx.IsImage {
+			continue
+		}
+		if err := validateLocalPath(ctx.Value); err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
+func validateLocalPath(path string) error {
+	if !filepath.IsAbs(path) {
+		return fmt.Errorf("path %q is not absolute", path)
+	}
+
+	if err := fileutils.Exists(path); err != nil {
+		return err
+	}
+	return nil
+}
+
 // genSpaceErr wraps filesystem errors to provide more context for disk space issues.
 func genSpaceErr(err error) error {
 	if errors.Is(err, syscall.ENOSPC) {
@@ -257,10 +291,17 @@ func processBuildContext(query url.Values, r *http.Request, buildContext *BuildC
 
 			for _, containerfile := range m {
 				// Add path to containerfile iff it is not URL
-				if !strings.HasPrefix(containerfile, "http://") && !strings.HasPrefix(containerfile, "https://") {
+				if strings.HasPrefix(containerfile, "http://") || strings.HasPrefix(containerfile, "https://") {
+					continue
+				}
+
+				if filepath.IsAbs(containerfile) {
+					containerfile = filepath.Clean(filepath.FromSlash(containerfile))
+				} else {
 					containerfile = filepath.Join(buildContext.ContextDirectory,
 						filepath.Clean(filepath.FromSlash(containerfile)))
 				}
+
 				buildContext.ContainerFiles = append(buildContext.ContainerFiles, containerfile)
 			}
 			dockerFileSet = true
@@ -819,7 +860,104 @@ func executeBuild(runtime *libpod.Runtime, w http.ResponseWriter, r *http.Reques
 	}
 }
 
+// handleLocalBuildContexts processes build contexts for local builds using filesystem paths.
+// It extracts the local context directory and processes additional build contexts.
+func handleLocalBuildContexts(query url.Values, anchorDir string) (*BuildContext, error) {
+	localContextDir := query.Get("localcontextdir")
+	if localContextDir == "" {
+		return nil, fmt.Errorf("localcontextdir cannot be empty")
+	}
+
+	out := &BuildContext{
+		ContextDirectory:        filepath.Clean(localContextDir),
+		AdditionalBuildContexts: make(map[string]*buildahDefine.AdditionalBuildContext),
+	}
+
+	for _, url := range query["additionalbuildcontexts"] {
+		name, value, found := strings.Cut(url, "=")
+		if !found {
+			return nil, fmt.Errorf("invalid additional build context format: %q", url)
+		}
+
+		logrus.Debugf("name: %q, context: %q", name, value)
+
+		switch {
+		case strings.HasPrefix(value, "url:"):
+			value = strings.TrimPrefix(value, "url:")
+			tempDir, subdir, err := buildahDefine.TempDirForURL(anchorDir, "buildah", value)
+			if err != nil {
+				return nil, fmt.Errorf("downloading URL %q: %w", name, err)
+			}
+
+			contextPath := filepath.Join(tempDir, subdir)
+			out.AdditionalBuildContexts[name] = &buildahDefine.AdditionalBuildContext{
+				IsURL:           true,
+				IsImage:         false,
+				Value:           contextPath,
+				DownloadedCache: contextPath,
+			}
+		case strings.HasPrefix(value, "image:"):
+			value = strings.TrimPrefix(value, "image:")
+			out.AdditionalBuildContexts[name] = &buildahDefine.AdditionalBuildContext{
+				IsURL:   false,
+				IsImage: true,
+				Value:   value,
+			}
+		case strings.HasPrefix(value, "localpath:"):
+			value = strings.TrimPrefix(value, "localpath:")
+			fmt.Printf("Using local path %q for additional build context %q\n", value, name)
+			out.AdditionalBuildContexts[name] = &buildahDefine.AdditionalBuildContext{
+				IsURL:   false,
+				IsImage: false,
+				Value:   filepath.Clean(value),
+			}
+		}
+	}
+	return out, nil
+}
+
+// getLocalBuildContext processes build contexts from HTTP request to a BuildContext struct.
+func getLocalBuildContext(r *http.Request, query url.Values, anchorDir string, multipart bool) (*BuildContext, error) {
+	// Handle build contexts (extract from tar/multipart)
+	buildContext, err := handleLocalBuildContexts(query, anchorDir)
+	if err != nil {
+		return nil, utils.GetInternalServerError(genSpaceErr(err))
+	}
+
+	// Process build context and container files
+	buildContext, err = processBuildContext(query, r, buildContext, anchorDir)
+	if err != nil {
+		return nil, err
+	}
+
+	if err := buildContext.validatePaths(); err != nil {
+		if errors.Is(err, os.ErrNotExist) {
+			return nil, utils.GetFileNotFoundError(err)
+		}
+		return nil, utils.GetGenericBadRequestError(err)
+	}
+
+	// Process dockerignore
+	_, ignoreFile, err := util.ParseDockerignore(buildContext.ContainerFiles, buildContext.ContextDirectory)
+	if err != nil {
+		return nil, utils.GetInternalServerError(fmt.Errorf("processing ignore file: %w", err))
+	}
+	buildContext.IgnoreFile = ignoreFile
+
+	return buildContext, nil
+}
+
+func LocalBuildImage(w http.ResponseWriter, r *http.Request) {
+	buildImage(w, r, getLocalBuildContext)
+}
+
 func BuildImage(w http.ResponseWriter, r *http.Request) {
+	buildImage(w, r, getBuildContext)
+}
+
+type getBuildContextFunc func(r *http.Request, query url.Values, anchorDir string, multipart bool) (*BuildContext, error)
+
+func buildImage(w http.ResponseWriter, r *http.Request, getBuildContextFunc getBuildContextFunc) {
 	// Create temporary directory for build context
 	anchorDir, err := os.MkdirTemp(parse.GetTempDir(), "libpod_builder")
 	if err != nil {
@@ -850,7 +988,7 @@ func BuildImage(w http.ResponseWriter, r *http.Request) {
 	}
 	queryValues := r.URL.Query()
 
-	buildContext, err := getBuildContext(r, queryValues, anchorDir, multipart)
+	buildContext, err := getBuildContextFunc(r, queryValues, anchorDir, multipart)
 	if err != nil {
 		utils.ProcessBuildError(w, err)
 		return

pkg/api/handlers/swagger/errors.go

@@ -16,6 +16,13 @@ type imageNotFound struct {
 	Body errorhandling.ErrorModel
 }
 
+// No such file
+// swagger:response
+type fileNotFound struct {
+	// in:body
+	Body errorhandling.ErrorModel
+}
+
 // No such container
 // swagger:response
 type containerNotFound struct {

pkg/api/handlers/utils/errors.go

@@ -118,6 +118,10 @@ func (e *BuildError) Error() string {
 	return e.err.Error()
 }
 
+func GetFileNotFoundError(err error) *BuildError {
+	return &BuildError{code: http.StatusNotFound, err: err}
+}
+
 func GetBadRequestError(key, value string, err error) *BuildError {
 	return &BuildError{code: http.StatusBadRequest, err: fmt.Errorf("failed to parse query parameter '%s': %q: %w", key, value, err)}
 }