Add sysext command

[Itxaka]

It will turn the last layer of a given container into a signed sysext ready to use

The idea is, to have a dockerfile and in the last step add the files you want to turn into a sysext, and then call this command to transform them into one

Fixes: https://github.com/kairos-io/kairos/issues/2631 Requires https://github.com/kairos-io/kairos-sdk/pull/362 to be merged before

[Itxaka]

bootable test is failing here but passing locally for some reason ....

[jimmykarily]

I created an image with this dockerfile:

FROM busybox

RUN mkdir -p /usr/lib/extension-release.d/ /usr/local/bin && \
  echo "id=_ANY" > /usr/lib/extension-release.d/extension-release.myfile && \
  echo "myfile content" > /usr/local/bin/myfile

docker build -t sysext-image .`

./build/enki sysext myfile sysext-image --certificate /home/dimitris/workspace/kairos/enki/keys/db.crt --private-key /home/dimitris/workspace/kairos/enki/keys/db.key

and copied that to /efi/EFI/kairos/active.efi.extra.d/ in a running system (after first doing mount -o remount,rw /efi)

I then rebooted and the /usr/local/bin/myfile was there.

So it works! Let me have a quick look at the code too.