feat: add container image source detection for docker and tar inputs

[PrasanthYT]

Overview

This change introduces container image acquisition support for the container scanning engine.

The engine can now retrieve container images either from the local Docker daemon or from a local tar archive, preparing them for further analysis.

Supported Image Sources

Docker Images

Images can be exported using the Docker runtime:

docker save <image>

Behavior:

• Export image to temporary tar file
• Validate execution result
• Extract contents for scanning.

Local Tar Archives

Users may provide a tar archive directly.

Example:

scanr image ./image.tar

Behavior:

• Validate tar format
• Extract archive
• Prepare image layers for analysis.

Image Acquisition Flow

CLI
  → ContainerEngine
      → Detect source type
      → Acquire image
      → Extract tar
      → Prepare layer filesystem

Failure Handling

The acquisition pipeline safely handles common failures:

• Docker not installed
• Docker image not found
• Invalid tar archive
• Extraction failures

All failures return clear error messages without panics.

Temporary Workspace

Image extraction occurs in a temporary workspace.

Temporary files are cleaned up automatically after processing.

Impact

• Enables container image input support
• Prepares foundation for container package detection
• No impact on existing SCA scanning
• Maintains deterministic behavior