docs/tutorials/04: add defaults for Run()

In the tutorial, switch to calling `DefaultStoreOptionsAutoDetectUID()`
instead of `DefaultStoreOptions()`, which should figure things out
better.

In the tutorial, add an example of using Run(), where for API backward
compatibility reasons, we can't tell the difference between "grant no
capabilties by default" and "grant the default set of capabilities by
default".

The default isolation can be set automatically, so start doing that at
run-time, but have the tutorial look it up anyway because the tutorial
on the web will be newer than our current release for at least a while.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>

docs/tutorials/04-include-in-your-build-tool.md

@@ -53,7 +53,7 @@ Now you can develop your application. To access to the build features of Buildah
 To instantiate a `Builder`, you need a `storage.Store` (the Store interface found in [store.go](https://github.com/containers/storage/blob/main/store.go)) from [`github.com/containers/storage`](https://github.com/containers/storage), where the intermediate and result images will be stored:
 
 ```go
-buildStoreOptions, err := storage.DefaultStoreOptions(unshare.IsRootless(), unshare.GetRootlessUID())
+buildStoreOptions, err := storage.DefaultStoreOptionsAutoDetectUID()
 buildStore, err := storage.GetStore(buildStoreOptions)
 ```
 
@@ -95,6 +95,15 @@ Now you can run commit the build:
 imageId, _, _, err := builder.Commit(context.TODO(), imageRef, buildah.CommitOptions{})
 ```
 
+## Supplying defaults for Run()
+
+If you need to run a command as part of the build, you'll have to dig up a couple of defaults that aren't picked up automatically:
+```go
+conf, err := config.Default()
+capabilitiesForRoot, err := conf.Capabilities("root", nil, nil)
+isolation, err := parse.IsolationOption("")
+```
+
 ## Rootless mode
 
 To enable rootless mode, import `github.com/containers/storage/pkg/unshare` and add this code at the beginning of your main method:
@@ -118,6 +127,8 @@ import (
   "fmt"
 
   "github.com/containers/buildah"
+  "github.com/containers/buildah/pkg/parse"
+  "github.com/containers/common/pkg/config"
   is "github.com/containers/image/v5/storage"
   "github.com/containers/storage"
   "github.com/containers/storage/pkg/unshare"
@@ -129,7 +140,16 @@ func main() {
   }
   unshare.MaybeReexecUsingUserNamespace(false)
 
-  buildStoreOptions, err := storage.DefaultStoreOptions(unshare.IsRootless(), unshare.GetRootlessUID())
+  buildStoreOptions, err := storage.DefaultStoreOptionsAutoDetectUID()
+  if err != nil {
+    panic(err)
+  }
+
+  conf, err := config.Default()
+  if err != nil {
+    panic(err)
+  }
+  capabilitiesForRoot, err := conf.Capabilities("root", nil, nil)
   if err != nil {
     panic(err)
   }
@@ -142,6 +162,7 @@ func main() {
 
   builderOpts := buildah.BuilderOptions{
     FromImage:        "node:12-alpine",
+    Capabilities:     capabilitiesForRoot,
   }
 
   builder, err := buildah.NewBuilder(context.TODO(), buildStore, builderOpts)
@@ -155,6 +176,16 @@ func main() {
     panic(err)
   }
 
+  isolation, err := parse.IsolationOption("")
+  if err != nil {
+    panic(err)
+  }
+
+  err = builder.Run([]string{"sh", "-c", "date > /home/node/build-date.txt"}, buildah.RunOptions{Isolation: isolation, Terminal: buildah.WithoutTerminal})
+  if err != nil {
+    panic(err)
+  }
+
   builder.SetCmd([]string{"node", "/home/node/script.js"})
 
   imageRef, err := is.Transport.ParseStoreReference(buildStore, "docker.io/myusername/my-image")

run_freebsd.go

@@ -19,6 +19,7 @@ import (
 	"github.com/containers/buildah/define"
 	"github.com/containers/buildah/internal"
 	"github.com/containers/buildah/pkg/jail"
+	"github.com/containers/buildah/pkg/parse"
 	"github.com/containers/buildah/util"
 	"github.com/containers/common/libnetwork/resolvconf"
 	nettypes "github.com/containers/common/libnetwork/types"
@@ -98,7 +99,13 @@ func (b *Builder) Run(command []string, options RunOptions) error {
 	if isolation == IsolationDefault {
 		isolation = b.Isolation
 		if isolation == IsolationDefault {
-			isolation = IsolationOCI
+			isolation, err = parse.IsolationOption("")
+			if err != nil {
+				logrus.Debugf("got %v while trying to determine default isolation, guessing OCI", err)
+				isolation = IsolationOCI
+			} else if isolation == IsolationDefault {
+				isolation = IsolationOCI
+			}
 		}
 	}
 	if err := checkAndOverrideIsolationOptions(isolation, &options); err != nil {

run_linux.go

@@ -96,7 +96,13 @@ func (b *Builder) Run(command []string, options RunOptions) error {
 	if isolation == define.IsolationDefault {
 		isolation = b.Isolation
 		if isolation == define.IsolationDefault {
-			isolation = define.IsolationOCI
+			isolation, err = parse.IsolationOption("")
+			if err != nil {
+				logrus.Debugf("got %v while trying to determine default isolation, guessing OCI", err)
+				isolation = IsolationOCI
+			} else if isolation == IsolationDefault {
+				isolation = IsolationOCI
+			}
 		}
 	}
 	if err := checkAndOverrideIsolationOptions(isolation, &options); err != nil {

tests/bud.bats

@@ -5524,8 +5524,7 @@ _EOF
 @test "bud-with-mount-like-buildkit" {
   skip_if_no_runtime
   skip_if_in_container
-  local contextdir=${TEST_SCRATCH_DIR}/buildkit-mount
-  cp -R $BUDFILES/buildkit-mount $contextdir
+  local contextdir=$BUDFILES/buildkit-mount
   run_buildah build -t testbud $WITH_POLICY_JSON -f $contextdir/Dockerfile $contextdir/
   expect_output --substring "hello"
   run_buildah rmi -f testbud