run: add support for inline --network in RUN stmt

Buildah should allow clients to support inline --network in RUN stmts so users
can create isolate or expose a particular build containers.

```Dockerfile
FROM alpine
RUN --network=host wget google.com
RUN --network=none wget google.com
```

Closes: #4230

Signed-off-by: Aditya R <arajan@redhat.com>

imagebuildah/stage_executor.go

@@ -627,6 +627,23 @@ func (s *StageExecutor) Run(run imagebuilder.Run, config docker.Config) error {
 		WorkingDir:       config.WorkingDir,
 	}
 
+	// Honor `RUN --network=<>`.
+	switch run.Network {
+	case "host":
+		for _, namespace := range options.NamespaceOptions {
+			if namespace.Name == "network" {
+				namespace.Host = true
+			}
+		}
+		options.ConfigureNetwork = define.NetworkEnabled
+	case "none":
+		options.ConfigureNetwork = define.NetworkDisabled
+	case "":
+		// do nothing
+	default:
+		return fmt.Errorf(`unsupported value %q for "RUN --network", must be either "host" or "none"`, run.Network)
+	}
+
 	if config.NetworkDisabled {
 		options.ConfigureNetwork = buildah.NetworkDisabled
 	}

tests/bud.bats

@@ -25,6 +25,24 @@ load helpers
   expect_output --substring "options use-vc"
 }
 
+@test "build with inline RUN --network " {
+  local contextdir=${TEST_SCRATCH_DIR}/bud/platform
+  mkdir -p $contextdir
+
+  cat > $contextdir/Dockerfile << _EOF
+FROM alpine
+RUN --network=host wget google.com
+RUN --network=none wget google.com
+_EOF
+
+  # with --skip-unused-stages=false
+  run_buildah 1 build $WITH_POLICY_JSON -t source -f $contextdir/Dockerfile
+  expect_output --substring "Connecting to google.com"
+  expect_output --substring "index.html"
+  expect_output --substring "wget: bad address"
+}
+
+
 @test "bud with ignoresymlink on default file" {
 	  cat > /tmp/private_file << _EOF
 hello