feat: support dotnet lambda container builds

[mrkdeng]

Which issue(s) does this change fix?

#4453

Why is this change necessary?

• This change adds support for .NET lambda container builds. It allows mounting source directory with write permissions when building in container because .NET builds write output to the source directory.
• In most cases on posix system, Docker Daemon is running as root. This change solves this problem by running docker as a non-root user.

How does it address the issue?

• Add a new sam build CLI argument --mount-with [READ|WRITE] that enables mounting source code directory with READ/WRITE permissions. Then run Docker as a non-root user (unless current user is root) if mount with write, which gives user the least privilege
• .NET lambda container builds always need --mount-with WRITE to be specified. If building without explicit --mount-with, a confirmation dialog pops up and asks write permissions to source code directory
• This change is backward compatible and not breaking since container builds for .NET was not supported. For other runtimes, they mount source code as READ only by default, unless with intently using --mount-with WRITE

What side effects does this change have?

There is permission issue when running .NET image as non-root user #7868. This change relies on docker images to set environment variables such as DOTNET_CLI_HOME, XDG_DATA_HOME

Mandatory Checklist

PRs will only be reviewed after checklist is complete

• Add input/output type hints to new functions/methods
• Write design document if needed (Do I need to write a design document?)
• Write/update unit tests
• Write/update integration tests
• Write/update functional tests if needed
• make pr passes
• make update-reproducible-reqs if dependencies were changed
• Write documentation

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

[jfuss]

Did a first pass with some feedback.

Thank you for adding integration tests but please make sure you are also adding unit tests to cover your changes.

[mrkdeng]

@Beau-Gosse-dev @jfuss @mndeveci thank you for reviewing this PR. Push two commits with one addressing comments, another one updating/adding unit tests. Will look into windows-integ failure

[mndeveci]

Suggested change

	mount_with=MountMode.READ.value,
	mount_with: MountMode = MountMode.READ

[mrkdeng]

Click.Choice takes [str] only. Workaround: Convert str to enum in BuildContext.init()

aws-sam-cli/samcli/commands/build/build_context.py

Line 178 in 280b160

self._mount_with = MountMode(mount_with)

[mndeveci]

Thanks for addressing all the comments, looking forward to ship this feature soon! 🥳

[jfuss]

LGTM.

Thanks @mrkdeng for handling all the feedback along the way. I know that can be a lot and time consuming but I think we ended up in a good state as a result.