Add TopFS method to get the top-level filesystem of a scalibr Image.

PiperOrigin-RevId: 751481441

Author: Mario Leyva

artifact/image/layerscanning/image/image.go

@@ -36,6 +36,7 @@ import (
 	"github.com/google/osv-scalibr/artifact/image/require"
 	"github.com/google/osv-scalibr/artifact/image/symlink"
 	"github.com/google/osv-scalibr/artifact/image/whiteout"
+	scalibrfs "github.com/google/osv-scalibr/fs"
 	"github.com/google/osv-scalibr/log"
 )
 
@@ -57,6 +58,8 @@ var (
 	ErrSymlinkPointsOutsideRoot = errors.New("symlink points outside the root")
 	// ErrInvalidConfig is returned when the image config is invalid.
 	ErrInvalidConfig = errors.New("invalid image config")
+	// ErrNoLayersFound is returned when no layers are found in the image.
+	ErrNoLayersFound = errors.New("no layers found in image")
 )
 
 // ========================================================
@@ -110,8 +113,20 @@ type Image struct {
 	BaseImageIndex int
 }
 
+// TopFS returns the filesystem of the top-most chainlayer of the image. All available files should
+// be present in the filesystem returned.
+func (img *Image) TopFS() (scalibrfs.FS, error) {
+	if len(img.chainLayers) == 0 {
+		return nil, ErrNoLayersFound
+	}
+	return img.chainLayers[len(img.chainLayers)-1].FS(), nil
+}
+
 // ChainLayers returns the chain layers of the image.
 func (img *Image) ChainLayers() ([]scalibrImage.ChainLayer, error) {
+	if len(img.chainLayers) == 0 {
+		return nil, ErrNoLayersFound
+	}
 	scalibrChainLayers := make([]scalibrImage.ChainLayer, 0, len(img.chainLayers))
 	for _, chainLayer := range img.chainLayers {
 		scalibrChainLayers = append(scalibrChainLayers, chainLayer)
@@ -282,7 +297,7 @@ func layerDirectory(layerIndex int) string {
 	return fmt.Sprintf("layer-%d", layerIndex)
 }
 
-// addRootDirectoryToChainLayers adds the root ("\"") directory to each chain layer.
+// addRootDirectoryToChainLayers adds the root ("/") directory to each chain layer.
 func addRootDirectoryToChainLayers(chainLayers []*chainLayer, extractDir string) error {
 	for i, chainLayer := range chainLayers {
 		err := chainLayer.fileNodeTree.Insert("/", &fileNode{

artifact/image/layerscanning/image/image_test.go

@@ -1175,6 +1175,138 @@ func TestInitializeChainLayers(t *testing.T) {
 	}
 }
 
+func TestTopFS(t *testing.T) {
+	tests := []struct {
+		name            string
+		image           *Image
+		wantFilesFromFS []string
+		wantErr         bool
+	}{
+		{
+			name: "no chain layers",
+			image: &Image{
+				chainLayers: []*chainLayer{},
+			},
+			wantErr: true,
+		},
+		{
+			name: "single chain layer",
+			image: &Image{
+				chainLayers: []*chainLayer{
+					{
+						fileNodeTree: func() *pathtree.Node[fileNode] {
+							root := pathtree.NewNode[fileNode]()
+							_ = root.Insert("/", &fileNode{
+								virtualPath: "/",
+								isWhiteout:  false,
+								mode:        fs.ModeDir | dirPermission,
+							})
+							_ = root.Insert("/foo.txt", &fileNode{
+								virtualPath: "/foo.txt",
+								mode:        filePermission,
+							})
+							return root
+						}(),
+						index: 0,
+						latestLayer: &Layer{
+							buildCommand: "",
+							diffID:       "sha256:123",
+							isEmpty:      false,
+						},
+					},
+				},
+			},
+			wantFilesFromFS: []string{"/foo.txt"},
+		},
+		{
+			name: "multiple chain layers",
+			image: &Image{
+				chainLayers: []*chainLayer{
+					{
+						fileNodeTree: func() *pathtree.Node[fileNode] {
+							root := pathtree.NewNode[fileNode]()
+							_ = root.Insert("/", &fileNode{
+								virtualPath: "/",
+								isWhiteout:  false,
+								mode:        fs.ModeDir | dirPermission,
+							})
+							_ = root.Insert("/foo.txt", &fileNode{
+								virtualPath: "/foo.txt",
+								mode:        filePermission,
+							})
+							return root
+						}(),
+						index: 0,
+						latestLayer: &Layer{
+							buildCommand: "",
+							diffID:       "sha256:123",
+							isEmpty:      false,
+						},
+					},
+					{
+						fileNodeTree: func() *pathtree.Node[fileNode] {
+							root := pathtree.NewNode[fileNode]()
+							_ = root.Insert("/", &fileNode{
+								extractDir:  "",
+								layerDir:    "",
+								virtualPath: "/",
+								isWhiteout:  false,
+								mode:        fs.ModeDir | dirPermission,
+							})
+							_ = root.Insert("/foo.txt", &fileNode{
+								virtualPath: "/foo.txt",
+								mode:        filePermission,
+							})
+							_ = root.Insert("/bar.txt", &fileNode{
+								virtualPath: "/bar.txt",
+								mode:        filePermission,
+							})
+							return root
+						}(),
+						index: 0,
+						latestLayer: &Layer{
+							buildCommand: "",
+							diffID:       "sha256:123",
+							isEmpty:      false,
+						},
+					},
+				},
+			},
+			wantFilesFromFS: []string{"/foo.txt", "/bar.txt"},
+		},
+	}
+
+	for _, tc := range tests {
+		t.Run(tc.name, func(t *testing.T) {
+			gotFS, err := tc.image.TopFS()
+			if tc.wantErr {
+				if err == nil {
+					t.Fatalf("TopFS() returned nil error, but want non-nil error")
+				}
+				return
+			}
+
+			var gotPaths []string
+			err = fs.WalkDir(gotFS, "/", func(path string, d fs.DirEntry, err error) error {
+				if err != nil || d.IsDir() {
+					return err
+				}
+
+				gotPaths = append(gotPaths, path)
+				return nil
+			})
+
+			if err != nil {
+				t.Fatalf("WalkDir() returned error: %v", err)
+			}
+
+			if diff := cmp.Diff(tc.wantFilesFromFS, gotPaths, cmpopts.SortSlices(func(a, b string) bool { return a < b })); diff != "" {
+				t.Errorf("TopFS() returned incorrect files: got %v, want %v", gotPaths, tc.wantFilesFromFS)
+			}
+		})
+	}
+}
+
 // tarEntry represents a single entry in a tarball. It contains the header and data for the entry.
 // If the data is nil, the entry will be written without any content.
 type tarEntry struct {