Refactor the FindImages function to avoid changing the process's working directory

[andrewg-xyz]

I suggest refactoring the FindImages function to avoid changing the process's working directory. By constructing and using absolute paths directly, we can enhance the robustness and predictability of our file operations. This approach also helps avoid unintended side effects on the application's global state, which is particularly beneficial in a multi-threaded environment. Here's a proposed change:

// FindImages iterates over a Zarf.yaml and attempts to parse any images.
func (p *Packager) FindImages() (imgMap map[string][]string, err error) {
    // Validate BaseDir before proceeding
    if err := validateBaseDir(p.cfg.CreateOpts.BaseDir); err != nil {
        return nil, err
    }

    // Construct the absolute path to the Zarf.yaml file
    zarfYAMLPath := filepath.Join(p.cfg.CreateOpts.BaseDir, layout.ZarfYAML)

    // Use the absolute path to read the Zarf.yaml file
    if err = p.readZarfYAML(zarfYAMLPath); err != nil {
        return nil, fmt.Errorf("unable to read the zarf.yaml file at '%s': %w", zarfYAMLPath, err)
    }

    // Ensure that p.findImages() and any functions it calls are modified to work with absolute paths
    return p.findImages()
}

// validateBaseDir validates the BaseDir path for security and correctness.
func validateBaseDir(baseDir string) error {
    // Ensure the path is absolute
    if !filepath.IsAbs(baseDir) {
        return fmt.Errorf("BaseDir must be an absolute path")
    }

    // Canonicalize the path
    cleanPath := filepath.Clean(baseDir)

    // Check for existence and directory type
    info, err := os.Stat(cleanPath)
    if err != nil {
        return fmt.Errorf("BaseDir does not exist: %w", err)
    }
    if !info.IsDir() {
        return fmt.Errorf("BaseDir is not a directory")
    }

    // Optionally, check for read/write permissions as needed

    return nil
}

On the flip side, if all those security checks aren't required, here is a simple one.

// FindImages iterates over a Zarf.yaml and attempts to parse any images.
func (p *Packager) FindImages() (imgMap map[string][]string, err error) {
    // Construct the absolute path to the Zarf.yaml file
    zarfYAMLPath := filepath.Join(p.cfg.CreateOpts.BaseDir, layout.ZarfYAML)

    // Use the absolute path to read the Zarf.yaml file
    if err = p.readZarfYAML(zarfYAMLPath); err != nil {
        return nil, fmt.Errorf("unable to read the zarf.yaml file at '%s': %w", zarfYAMLPath, err)
    }

    // Ensure that p.findImages() and any functions it calls are modified to work with absolute paths
    return p.findImages()
}

not compiled or tested

Originally posted by @naveensrinivasan in #2269 (comment)

[schristoff-du]

Hey @andrewg-xyz - thank you for bringing this up. At this time this isn't a priority for the Zarf team so we will be closing this out. If you start to experience problems with this area of Zarf, please let us know. :)