feat(volume mounts): add support for mounting volumes into the melang…

…e build context

This change allows the specification of volume mounts in the format src:dest,src2:dest2 into the context of the melange build container.

Signed-off-by: Samuel Dacanay <sam.dacanay@chainguard.dev>

pkg/build/build.go

@@ -135,6 +135,7 @@ type Build struct {
 	DefaultTimeout        time.Duration
 	Auth                  map[string]options.Auth
 	IgnoreSignatures      bool
+	VolumeMounts		  []container.BindMount
 
 	EnabledBuildOptions []string
 
@@ -1146,6 +1147,10 @@ func (b *Build) buildWorkspaceConfig(ctx context.Context) *container.Config {
 		}
 	}
 
+	for _, vm := range b.VolumeMounts {
+		mounts = append(mounts, container.BindMount{Source: vm.Source, Destination: vm.Destination})
+	}
+
 	// TODO(kaniini): Disable networking capability according to the pipeline requirements.
 	caps := container.Capabilities{
 		Networking: true,

pkg/build/options.go

@@ -412,3 +412,11 @@ func WithIgnoreSignatures(ignore bool) Option {
 		return nil
 	}
 }
+
+// WithVolumeMounts adds a volume mount to the build environment.
+func WithVolumeMounts(src, dest string) Option {
+	return func(b *Build) error {
+		b.VolumeMounts = append(b.VolumeMounts, container.BindMount{Source: src, Destination: dest})
+		return nil
+	}
+}

pkg/build/test.go

@@ -69,6 +69,7 @@ type Test struct {
 	Interactive       bool
 	Auth              map[string]options.Auth
 	IgnoreSignatures  bool
+	VolumeMounts	  []container.BindMount
 }
 
 func NewTest(ctx context.Context, opts ...TestOption) (*Test, error) {
@@ -561,6 +562,10 @@ func (t *Test) buildWorkspaceConfig(ctx context.Context, imgRef, pkgName string,
 		}
 	}
 
+	for _, vm := range t.VolumeMounts {
+		mounts = append(mounts, container.BindMount{Source: vm.Source, Destination: vm.Destination})
+	}
+
 	// TODO(kaniini): Disable networking capability according to the pipeline requirements.
 	caps := container.Capabilities{
 		Networking: true,

pkg/build/test_options.go

@@ -204,3 +204,10 @@ func WithTestRemove(c bool) TestOption {
 		return nil
 	}
 }
+
+func WithTestVolumeMount(src, dest string) TestOption {
+	return func(t *Test) error {
+		t.VolumeMounts = append(t.VolumeMounts, container.BindMount{Source: src, Destination: dest})
+		return nil
+	}
+}

pkg/cli/build.go

@@ -81,6 +81,7 @@ func buildCmd() *cobra.Command {
 	var configFileGitCommit string
 	var configFileGitRepoURL string
 	var configFileLicense string
+	var volumeMounts []string
 
 	var traceFile string
 
@@ -205,6 +206,14 @@ func buildCmd() *cobra.Command {
 				options = append(options, build.WithSourceDir(sourceDir))
 			}
 
+			for _, volume := range volumeMounts {
+				parts := strings.SplitN(volume, ":", 2)
+				if len(parts) != 2 {
+					return fmt.Errorf("volume mounts must be in the form 'src:dest' (got %q)", volume)
+				}
+				options = append(options, build.WithVolumeMounts(parts[0], parts[1]))
+			}
+
 			if auth, ok := os.LookupEnv("HTTP_AUTH"); !ok {
 				// Fine, no auth.
 			} else if parts := strings.SplitN(auth, ":", 4); len(parts) != 4 {
@@ -263,6 +272,7 @@ func buildCmd() *cobra.Command {
 	cmd.Flags().StringVar(&configFileGitCommit, "git-commit", "", "commit hash of the git repository containing the build config file (defaults to detecting HEAD)")
 	cmd.Flags().StringVar(&configFileGitRepoURL, "git-repo-url", "", "URL of the git repository containing the build config file (defaults to detecting from configured git remotes)")
 	cmd.Flags().StringVar(&configFileLicense, "license", "NOASSERTION", "license to use for the build config file itself")
+	cmd.Flags().StringSliceVar(&volumeMounts, "volumes", []string{}, "bind mount a volume(s) into the container (e.g., /host:/container)")
 
 	_ = cmd.Flags().Bool("fail-on-lint-warning", false, "DEPRECATED: DO NOT USE")
 	_ = cmd.Flags().MarkDeprecated("fail-on-lint-warning", "use --lint-require and --lint-warn instead")

pkg/cli/test.go

@@ -49,6 +49,7 @@ func test() *cobra.Command {
 	var runner string
 	var extraTestPackages []string
 	var remove bool
+	var volumes []string
 
 	cmd := &cobra.Command{
 		Use:     "test",
@@ -93,6 +94,14 @@ func test() *cobra.Command {
 				options = append(options, build.WithTestSourceDir(sourceDir))
 			}
 
+			for _, volume := range volumes {
+				parts := strings.SplitN(volume, ":", 2)
+				if len(parts) != 2 {
+					return fmt.Errorf("volume mounts must be in the form 'src:dest' (got %q)", volume)
+				}
+				options = append(options, build.WithTestVolumeMount(parts[0], parts[1]))
+			}
+
 			for i := range pipelineDirs {
 				options = append(options, build.WithTestPipelineDir(pipelineDirs[i]))
 			}
@@ -132,6 +141,7 @@ func test() *cobra.Command {
 	cmd.Flags().StringSliceVarP(&extraRepos, "repository-append", "r", []string{}, "path to extra repositories to include in the build environment")
 	cmd.Flags().StringSliceVar(&extraTestPackages, "test-package-append", []string{}, "extra packages to install for each of the test environments")
 	cmd.Flags().BoolVar(&remove, "rm", true, "clean up intermediate artifacts (e.g. container images, temp dirs)")
+	cmd.Flags().StringSliceVar(&volumes, "volumes", nil, "bind mount a volume(s) into the container (e.g., /host:/container)")
 
 	return cmd
 }

pkg/config/config.go

@@ -120,6 +120,11 @@ type Package struct {
 	Timeout time.Duration `json:"timeout,omitempty" yaml:"timeout,omitempty"`
 	// Optional: Resources to allocate to the build.
 	Resources *Resources `json:"resources,omitempty" yaml:"resources,omitempty"`
+
+	// Optional: The ecosystem this package is built with
+	Ecosystem string `json:"ecosystem,omitempty" yaml:"ecosystem,omitempty"`
+	// Optional: The group this package belongs to
+	Group string `json:"group,omitempty" yaml:"group,omitempty"`
 }
 
 type Resources struct {