Gather Docker image information

[nightlark]

Since as part of #111 the ability to recognize Docker images saved as tar files is being added to gather Docker Scout information, we could gather other interesting information about a Docker image (even without Docker being installed).

There are multiple JSON files that should be relatively easy to parse, that contain things like the runtime configuration including environment variables and command to start, as well as (often) a history of commands from the Dockerfile that were run to create the image. What this would probably involve is using the Python tarfile library to read the manifest.json file (in-memory), which then gives the name of a "config" json file to read that contains all of the additional information.

The spec for Docker images is available at https://github.com/moby/docker-image-spec/tree/main (and there are links to multiple versions + the OCI container spec which is similar)... for this I think supporting the latest version of the (Docker) spec is a good starting point.

A potential extension (since the "FROM"/parent container is only recorded as a hash) would be to make a database mapping hash IDs to well-known tag names from Docker Hub -- this could be done by iterating through https://hub.docker.com/v2/repositories/library/<reponame>/tags for each library returned by the https://hub.docker.com/v2/repositories/library/ API endpoint.