Add support for APK feeds

[aparcar]

This pull request introduces significant improvements to how external repositories are handled in build requests, including support for both opkg and apk repository formats, a new option to control repository merging behavior, and enhanced validation and testing. The changes refactor repository logic into a dedicated module, improve security through stricter validation, and add comprehensive tests for new functionality.

Repository handling improvements:

• Refactored repository logic out of asu/build.py into a new asu/repositories.py module, including is_repo_allowed, merge_repositories, and validate_repos functions for better modularity and maintainability. [1] [2] [3]
• Added support for both opkg (repositories.conf) and apk (repositories) repository formats, with automatic detection and correct merging/appending of repositories in the build container. [1] [2]
• Introduced the repositories_mode option in BuildRequest (replace or append), allowing users to control whether to merge with or replace the default repositories. [1] [2]

Validation and security enhancements:

• Strengthened repository validation by enforcing allow-list checks both at the API level and within the build worker for defense-in-depth. [1] [2] [3]
• Updated the build process to use a configurable container network mode via settings.container_network_mode. [1] [2]

Testing improvements:

• Added comprehensive unit tests for repository merging logic in tests/test_build.py and for repository injection in the renamed tests/test_build_inject.py. [1] [2] [3] [4] [5]
• Introduced new integration tests to verify external repository support for both apk and opkg, including signature key handling and manifest validation.

Other changes:

• Updated test cases and request hash calculation to account for the new repositories_mode field. [1] [2] [3]

These changes collectively make repository management more flexible, secure, and testable in the build system.

[codecov]

Codecov Report

❌ Patch coverage is 99.42857% with 1 line in your changes missing coverage. Please review.
✅ Project coverage is 91.50%. Comparing base (5e65dec) to head (452c705).
⚠️ Report is 363 commits behind head on main.

Files with missing lines	Patch %	Lines
asu/build.py	95.65%	1 Missing ⚠️

Additional details and impacted files

@@             Coverage Diff             @@
##             main    #1602       +/-   ##
===========================================
+ Coverage   80.75%   91.50%   +10.75%     
===========================================
  Files          15       20        +5     
  Lines         977     2120     +1143     
===========================================
+ Hits          789     1940     +1151     
+ Misses        188      180        -8     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.