SNOW-3202214: add custom image register command

[sfc-gh-ajiang]

Pre-review checklist

• I've confirmed that instructions included in README.md are still correct after my changes in the codebase.
• I've added or updated automated unit tests to verify correctness of my new code.
• I've added or updated integration tests to verify correctness of my new code.
• I've confirmed that my changes are working by executing CLI's commands manually on MacOS.
• I've confirmed that my changes are working by executing CLI's commands manually on Windows.
• I've confirmed that my changes are up-to-date with the target branch.
• I've described my changes in the release notes.
• I've described my changes in the section below.
• I've described my changes in the documentation.

Changes description

1. create a new command to register the custom runtime environment
   snow custom-image register [local docker image name/hash] [spcs image registry url] [--skip-validarion] [--base-image-type] [--name]

• --skip-validation: if users add this flag, we only push the local images to the spcs image repo; if not, after pushing the local images to the spcs image repo, we will have validation on that image
• --base-image-type: this is required if users do not have the flag --skip-validation

2. add metrics for the snow custom-images validate and require snowflake connection for snow custom-images validate

[sfc-gh-olorek]

Should this be requires_connection=True? When --skip-validation is not set, register() ends up calling self.execute_query() to create the CRE, which needs an active Snowflake connection. As-is I think users will hit a runtime error on that path.

[sfc-gh-ajiang]

Good catch. Thanks!

[sfc-gh-olorek]

Was this change intentional? validate used to be requires_connection=False. The validate() method itself doesn't call execute_query() — if this is needed so the CLI framework can flush the new metrics back to Snowflake on teardown, that makes sense, but it's a behavioral change for anyone currently running snow custom-image validate without connection params. Might be worth calling out in the PR description.

[sfc-gh-ajiang]

Yes, this change is intentional. I added it to ensure we can collect metrics. It looks like there haven’t been any recent releases, so snow custom-image validate has not been published yet.

[sfc-gh-olorek]

nit: cre_name comes straight from --name user input and gets interpolated directly into the SQL string. A name with spaces or special characters will produce malformed SQL. Might want to validate it against something like [a-zA-Z0-9_]+ or use identifier quoting.

[sfc-gh-olorek]

Does _run_docker_command actually accept a timeout kwarg? I don't see it forwarding to subprocess.run in the existing code — if it doesn't, this is either silently ignored or blows up with a TypeError.

[sfc-gh-ajiang]

I think we have forwarded it
https://github.com/snowflakedb/snowflake-cli/blob/main/src/snowflake/cli/_plugins/custom_images/manager.py#L143

[sfc-gh-olorek]

If the registry has no / (bare hostname or something malformed), this returns the whole string as the image path, which would produce bogus SQL downstream. Probably worth raising a ClickException here instead of silently returning garbage.