deploy: Write a .ostree.cfs composefs image in the deploy dir
This can be used as a composefs source for the root fs instead of
the checkout by pointing the basedir to /ostree/repo/objects.
We only write the file is `composefs` is enabled.
We enable ensure_rootfs_dirs when building the image which adds the
required root dirs to the image. In particular, this includes /etc
which often isn't in ostree commits in use.
We also create an (empty) .ostree.mnt directory, where composefs
will mount the erofs image that will be used as overlayfs lowerdir
for the root overlayfs mount. This way we can find the deploy
dir from the root overlayfs mount options.
If the commit has composefs digests recorded we verify those with the
created file. It also applies the fs-verity signature if it is
recorded, unless this is disabled with the
ex-integrity.composefs-apply-sign=false option.
projects / ostree.git / commit