2.4 KiB
2.4 KiB
Container Layout Discovery Contract
Module
Scanner
Status
IMPLEMENTED
Description
Standardized contract for discovering and mapping container filesystem layouts, enabling analyzers to locate language-specific artifacts across different container image structures.
Implementation Details
- Root File System Abstraction:
src/Scanner/__Libraries/StellaOps.Scanner.EntryTrace/FileSystem/IRootFileSystem.cs- Interface for abstract root filesystem accesssrc/Scanner/__Libraries/StellaOps.Scanner.EntryTrace/FileSystem/DirectoryRootFileSystem.cs- Directory-backed root filesystem implementationsrc/Scanner/__Libraries/StellaOps.Scanner.EntryTrace/FileSystem/LayeredRootFileSystem.cs- Layered (OCI) root filesystem implementation
- OCI Image Context:
src/Scanner/__Libraries/StellaOps.Scanner.EntryTrace/Oci/OciImageConfig.cs- OCI image config model for container layout discoverysrc/Scanner/__Libraries/StellaOps.Scanner.EntryTrace/EntryTraceImageContextFactory.cs- Creates image context for entrypoint analysis
- Entry Trace Analyzer:
src/Scanner/__Libraries/StellaOps.Scanner.EntryTrace/IEntryTraceAnalyzer.cs- Interface for entry trace analysissrc/Scanner/__Libraries/StellaOps.Scanner.EntryTrace/EntryTraceAnalyzer.cs- Main analyzer discovering container layout and locating language-specific artifactssrc/Scanner/__Libraries/StellaOps.Scanner.EntryTrace/EntryTraceContext.cs- Context model with discovered layout infosrc/Scanner/__Libraries/StellaOps.Scanner.EntryTrace/EntryTraceTypes.cs- Type definitions for discovered artifacts
- Entrypoint Specification:
src/Scanner/__Libraries/StellaOps.Scanner.EntryTrace/EntrypointSpecification.cs- Specifies expected entrypoints per container layout
- DI:
src/Scanner/__Libraries/StellaOps.Scanner.EntryTrace/ServiceCollectionExtensions.cs
E2E Test Plan
- Scan a container image and verify the
EntryTraceAnalyzerdiscovers the filesystem layout (root paths, language directories) - Verify
LayeredRootFileSystemcorrectly merges multiple OCI layers into a unified filesystem view - Verify language-specific artifacts are located across different base images (Alpine, Debian, Ubuntu, distroless)
- Verify the OCI image config is parsed to determine CMD/ENTRYPOINT for entrypoint analysis
- Verify the layout discovery works for multi-stage build images with non-standard directory structures