docker-archive: support scanning a single image inside the archive

[bcmedeiros]

With docker, we can save multiple images inside the same archive:

docker save img1:latest image2:latest > archive.tar

Currently, if an archive is generated like that, we get the following error:

unable to use DockerTarball source: cannot process multiple docker manifests

It would be awesome to be able to use those archives with a syntax like:

sync sbom -i docker-archive:archive.tar/img1:latest

[wagoodman]

Syft / stereoscope uses GGCR for this functionality, so we wouldn't be able to easily fix this behavior internally yet.

Code:

• https://github.com/google/go-containerregistry/blob/c90c44474acce673c0719a67e0f45a85f3dff157/pkg/v1/tarball/image.go#L137-L141
• https://github.com/anchore/stereoscope/blob/25ebd49a842b5ac0a20c2e2b4b81335b64ad248c/pkg/image/docker/tarball_provider.go#L36

Related issues:

• https://github.com/google/go-containerregistry/issues/1109
• https://github.com/google/go-containerregistry/issues/651