Implement containerized native image building for native image bundles

[dominikmascherbauer]

This PR contains two features: containerized native image builds for native image bundles and executable native image bundles

Containerized native image building for native image building:

Native images can be built inside a container when creating or applying native image bundles. Mounts graalvm, classpath and module path into a container, injects environment variable from the native image bundle and initiates the native image build inside a container.
Only works on Linux and supports just docker and podman as container tool as they share a common command line interface.
Uses a default Dockerfile for creating the container which is the same as the base for creating graalvm container https://github.com/graalvm/container. For muslib builds, the default Dockerfile is extended similar to muslib Dockerfiles for graalvm container.
On bundle creation any information related to container builds that is not default variables is stored in a bundle (in input/stage/container.json for tool and version information and input/stage/Dockerfile for the Dockerfile). If bundle is applied with the option "container" the stored information is used except the user specifies something else.

Also specifies a bundle build option for building a bundle without creating a native image. This should then be used instead of the --dry-run for native image bundle builds

Additional options for --bundle-create or --bundle-apply separated with a comma ",".

• container[=containerTool]: this option needs to be specified for containerized native image builds, optionally allows to specify the use of a containerization tool (if nothing is selected searches for podman and docker on the PATH)
• dockerfile=fileName: to specify a Dockerfile that is different from the default
• dry-run: specify bundle creation without building a native image
• some examples:
  • --bundle-create,dry-run -> creates a bundle without building a native-image
  • --bundle-apply,container -> uses the bundle to build a native image within a container
  • --bundle-create,container=podman,dockerfile=MyDockerfile -> creates a bundle and additionally builds a podman container based on MyDockerfile and creates a native image inside this container

Executable Bundles

On bundle creation a bundle launcher is injected into the bundle which can then be used to run the bundle as if it was a jar file.
The bundle launcher is set as Main-Class in the bundles Manifest file and loads the classpath and module path from inside the bundle and then executes the bundled application with any jdk.
Environment variables stored in the bundle are injected into the application execution.
All further command line arguments needed for executing the application are stored in the bundle (in input/stage/run.json).
If the bundle is not executable it does not contain the run.json file and the bundle launcher throws an error (e.g. shared library bundles)
The bundle launcher allows two options for launching bundles:

• --with-native-image-agent[,update-bundle[=<new-bundle-name>]] -> runs the launcher with the native image agent attached, the agent output is saved to <bundle-name>.output/launcher/META-INF/native-image/<bundle-name>-agent, if update-bundle is specified the created agent output is added to the bundles classpath (by applying and creating a new bundle with the old name or the new bundle name specified in update-bundle)
• --container[=(podman | docker)][,dockerfile=<Dockerfile-filename>] -> launches the application inside a container, supports also podman and docker (same as in the first feature), it uses the Dockerfile that got packaged into bundle except if another dockerfile is explicitly specified

[oracle-contributor-agreement]

Thank you for your pull request and welcome to our community! To contribute, please sign the Oracle Contributor Agreement (OCA).
The following contributors of this PR have not signed the OCA:

• PR author: @dominikmascherbauer
• dominik.mascherbauer@jku.at (@dominikmascherbauer)

To sign the OCA, please create an Oracle account and sign the OCA in Oracle's Contributor Agreement Application.

When signing the OCA, please provide your GitHub username. After signing the OCA and getting an OCA approval from Oracle, this PR will be automatically updated.

If you are an Oracle employee, please make sure that you are a member of the main Oracle GitHub organization, and your membership in this organization is public.

[olpaw]

This is an initial review without looking into details.

Please make all commit messages start with an upper-case letter.

[olpaw]

@dominikmascherbauer the commit history of your PR seems broken.
git log --pretty=short shows:

commit b4ea9fe675940b082450a7c47595e151e868a8f7 (HEAD -> doma/GR-43920, origin/doma/GR-43920)
Author: dominikmascherbauer <dominik.mascherbauer@jku.at>

    Quote mount calls and environment variables for containers to escape spaces

commit b1b5af42e6ae214ca12b325cf94ce87e2894aa01
Author: dominikmascherbauer <dominik.mascherbauer@jku.at>

    Add support for static builds in containers

commit 22b8cb7741efc2957135a81d50e8ac657ed985ae
Author: dominikmascherbauer <dominik.mascherbauer@jku.at>

    Pass environment variables to container

commit c8734fcff74398ab4cadf6ea72037af595ce8f39
Author: dominikmascherbauer <dominik.mascherbauer@jku.at>

    Fix missing bundlePath error on bundle-create

commit 4e701dc0c5ab78d07834b9fb5bf9320128d54098
Author: dominikmascherbauer <dominik.mascherbauer@jku.at>

    Update default dockerfile to ol8 based dockerfile

commit de7e32adf9544908eb208bca903f87f5900c538d
Author: dominikmascherbauer <dominik.mascherbauer@jku.at>

    Adjust warning and info messages for container tools

commit 28751b52591c9885f749145fc85701aeb64f03ae
Author: dominikmascherbauer <dominik.mascherbauer@jku.at>

    Extract common functionality for processes

commit 4b3d0c2c71cd45fd3dac28d7edf9b0c459d833a1
Author: dominikmascherbauer <dominik.mascherbauer@jku.at>

    Rework option parsing for extended bundle options

commit edf90c4a33dd55d96363db9ff9f3f454f5ef4e89
Author: dominikmascherbauer <dominik.mascherbauer@jku.at>

    Improve tool availability check

commit 7a768b92bdb52e27bbddad382b1c5065dfaef589
Author: dominikmascherbauer <dominik.mascherbauer@jku.at>

    Use SubstrateUtil.digest for generating Dockerfile hash

commit 5c3609ea365aa283d48bb623932accd35200f776 (origin/master, origin/HEAD, master)
Author: dominikmascherbauer <dominik.mascherbauer@jku.at>

    remove image option for bundles and compute image name from hash

commit 41fd5b5b538227ae7932aa390ef2786737d89e55
Author: dominikmascherbauer <dominik.mascherbauer@jku.at>

    improve containerized bundle creation and writing, combine replacing bundle paths for containers in one place

commit 1a9226fafac0263fd931f28aeabf6073eeb5786c
Author: dominikmascherbauer <dominik.mascherbauer@jku.at>

    add and change bundle options

commit 54e4e757da39eb2f9ef9d0682f0f3f406b0281db
Author: dominikmascherbauer <dominik.mascherbauer@jku.at>

    no output if container exists already, refactoring, check tool version

commit e0d682e2480c3dc3b9106b0c23da4896be8dac3f
Author: dominikmascherbauer <dominik.mascherbauer@jku.at>

    implement containerization support for native image bundles

commit f8c61fdce6d69aaf20e886d584e8644d2166ddbb
Merge: a1f8dd290f3 3693ae86ab6
Author: Strahinja Stanojevic <strahinja.stanojevic@oracle.com>

    [GR-45702] Enable profile replay on JIT

commit a1f8dd290f34db0cf4417c9041e2de55841808cf

It seems that you did your first commits on master instead of your doma/GR-43920 branch.

To fix this I suggest you

• Restore the commit history of master in your repo clone: git switch master && git reset --hard f8c61fdce6d69aaf20e886d584e8644d2166ddbb && git push --force
• Create a new branch and switch to it with git switch -C doma/GR-43920-fixed
• Cherry-pick all the commits that you want to have on this branch.
• Remove your old doma/GR-43920 branch and rename doma/GR-43920-fixed to doma/GR-43920
• Force push again to sync your cleanup to your repo clone

rebase all the commits that you want to have on your PR

[olpaw]

@dominikmascherbauer please fill in the description of this PR #6496 (comment)

[oracle-contributor-agreement]

Thank you for your pull request and welcome to our community! To contribute, please sign the Oracle Contributor Agreement (OCA).
The following contributors of this PR have not signed the OCA:

• dominik@pop-os.localdomain

To sign the OCA, please create an Oracle account and sign the OCA in Oracle's Contributor Agreement Application.

When signing the OCA, please provide your GitHub username. After signing the OCA and getting an OCA approval from Oracle, this PR will be automatically updated.

If you are an Oracle employee, please make sure that you are a member of the main Oracle GitHub organization, and your membership in this organization is public.

[olpaw]

Running internal CI gates again

[fniephaus]

LGTM, thanks for your contribution!

[fniephaus]

This was merged via 525acb0.