Question: why single-mount is unimplementable?
If unimplementable, please add a comment to the source code?

I'll add a comment. This is due to the filesystem filter on Windows. When accessing a file in an underlying layer, there needs to be a target in the current layer, so a hardlink is created, pointing to the lower layer file (essentially). This means that without the lower layers, the current layer would be full of dead links. As a result, mounting a single layer would be all but useless, so the only API exposed to mount layers on Windows requires all layers.

Is this constant can be defined in hccshim package?

If not, can we have it exported to use outside of this package (I've left a comment a bit above asking to add a constant)

Yes, this will be a constant in hcsshim package and not hard coded.

you can just remove that function, it does nothing on other platforms either.

done

nit: merge in the var () block below

Done. FYI I plan to move some of the responsibility here to hcsshim, so the differ will still be undergoing some largeish changes

nit: s/NewWindowsDiff/It/

also, is that true even unix FS? (e.g. zfs)?

copy paste error. This is expected to only work on NTFS (and is not a generic implementation, but a Windows container specific one)

This part (all the way down to digester :=...) should probably be extracted into an utility function.

/cc @dmcgowan @stevvooe to see if it makes sense

Actually once the archiver can get access to the parent ctx in a generic way, I guess this would just be a copy of walkingDiff.Apply()

nit: just a preference, I think a switch construct here would make it easier to read (feel free to ignore if you like it that way 😇)

do we need to call t.Rollback() here? maybe put it in a defer.

I think a Rollback is needed. Other snapshotters have the same function without a rollback (I see a few missing Rollbacks in Naive and Overlay actually). I think we might need to do a pass on all snapshotters.

I'm not sure I like the defer, as some functions have a return t.Commit(), which looks fine, and could easily be introduced again if changed to err = t.Commit(); return err but would not trigger the defer on failure. I'm not sure what the pattern should be. Maybe a defer with an explicit variable such as doNotRollback which must be set on a Commit succeeding?

I think that if the function returned are named, you should be able to rely on this and only rollback if err != nil.

remove?

shouldn't this be done later? Otherwise we're not going to rollback the transaction here.

todo missing?

ID is only needed to get the disk usage. Removed.

return "", errors....

Why is there another fork of the tar package?

I'll get back to you on this. There was something that needed to be forked due to layer implementation on Windows IIRC, but this was done a long time ago

Could you leave the type definition near the New function?

will do

Do we want to upstream this to continuity?

That sounds good to me.

Afaics this function doesn't actually mount anything and the actual mount is in https://github.com/containerd/containerd/pull/1613/files#diff-c3cba80ac2b534161f3d1259da272c21R80 and doesn't have really much to do with snapshots as all the inputs come from a spec. This makes the API very inconsistent for anything that calls this function directly instead of just creating a container what internally calls here and atm there isn't a public method for mounting a snapshot.

This does do the mount to host (PrepareLayer mounts the layers), but on Windows, you cannot specify a target location. Instead, the layers are exposed as a VHD mounted on the host. The linked code just retrieves the already mounted path from HCS.

I agree that this function does not do what it says on the box here on Windows. We'll need to work out a way to expose what this really does via a different function, or otherwise make it do what it says. Having target as a parameter to the mount does not really make sense on Windows layer mounting.