projects / ostree.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e2956e2) | patch
Commit: Add composefs digest and sig to the commit metadata
authorAlexander Larsson <alexl@redhat.com>
Mon, 15 May 2023 13:18:16 +0000 (15:18 +0200)
committerAlexander Larsson <alexl@redhat.com>
Wed, 31 May 2023 08:55:14 +0000 (10:55 +0200)
commit0c3d9894be1f1fa0a825aa7b16c119b72c4edc7e
tree9a567d758243302367ce9be96c306989c4faf5cctree | snapshot
parente2956e2c08fb3e11e249b540db3a5b760dd04faccommit | diff
Commit: Add composefs digest and sig to the commit metadata

If `composefs-apply-sig` is enabled (default no) we add an
ostree.composefs digest to the commit metadata. This can be verified
on deploy.

This is a separate option from the generic `composefs` option which
controls whether composefs is used during deploy. It is separate
because we want to not have to force use of fs-verity, etc during the
build.

If the `composefs-certfile` and `composefs-keyfile` keys in the
ex-integrity group are set, then the commit metadata also gets a
ostree.composefs-sig containing the signature of the composefs file.
src/libostree/ostree-repo-commit.c diff | blob | history
src/libostree/ostree-repo-composefs.c diff | blob | history
src/libostree/ostree-repo-private.h diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.