run: add support for inline --network in RUN stmt

Buildah should allow clients to support inline --network in RUN stmts so users
can create isolate or expose a particular build containers.

```Dockerfile
FROM alpine
RUN --network=host wget google.com
RUN --network=none wget google.com
```

Closes: #4230

Signed-off-by: Aditya R <arajan@redhat.com>

imagebuildah/stage_executor.go

@@ -602,6 +602,7 @@ func (s *StageExecutor) Run(run imagebuilder.Run, config docker.Config) error {
 	options := buildah.RunOptions{
 		Args:             s.executor.runtimeArgs,
 		Cmd:              config.Cmd,
+		RunNetwork:       run.Network,
 		ContextDir:       s.executor.contextDir,
 		ConfigureNetwork: s.executor.configureNetwork,
 		Entrypoint:       config.Entrypoint,

run.go

@@ -109,6 +109,8 @@ type RunOptions struct {
 	Entrypoint []string
 	// NamespaceOptions controls how we set up the namespaces for the process.
 	NamespaceOptions define.NamespaceOptions
+        // Network directive from RUN `--network` instruction
+        RunNetwork string
 	// ConfigureNetwork controls whether or not network interfaces and
 	// routing are configured for a new network namespace (i.e., when not
 	// joining another's namespace and not just using the host's

run_linux.go

@@ -69,6 +69,23 @@ func setChildProcess() error {
 
 // Run runs the specified command in the container's root filesystem.
 func (b *Builder) Run(command []string, options RunOptions) error {
+	// Honor `RUN --network=<>`.
+	if options.RunNetwork == "none" || options.RunNetwork == "host" {
+		for _, namespace := range options.NamespaceOptions {
+			if namespace.Name == "network" {
+				if options.RunNetwork == "host" {
+					namespace.Host = true
+				} else {
+					namespace.Host = false
+				}
+			}
+		}
+		if options.RunNetwork == "none" {
+			options.ConfigureNetwork = define.NetworkDisabled
+		} else {
+			options.ConfigureNetwork = define.NetworkEnabled
+		}
+	}
 	p, err := os.MkdirTemp("", define.Package)
 	if err != nil {
 		return err

tests/bud.bats

@@ -25,6 +25,24 @@ load helpers
   expect_output --substring "options use-vc"
 }
 
+@test "build with inline RUN --network " {
+  local contextdir=${TEST_SCRATCH_DIR}/bud/platform
+  mkdir -p $contextdir
+
+  cat > $contextdir/Dockerfile << _EOF
+FROM alpine
+RUN --network=host wget google.com
+RUN --network=none wget google.com
+_EOF
+
+  # with --skip-unused-stages=false
+  run_buildah 1 build $WITH_POLICY_JSON -t source -f $contextdir/Dockerfile
+  expect_output --substring "Connecting to google.com"
+  expect_output --substring "index.html"
+  expect_output --substring "wget: bad address"
+}
+
+
 @test "bud with ignoresymlink on default file" {
 	  cat > /tmp/private_file << _EOF
 hello