baseosmgr: check rootfs size, not whole image

[eriknordmark]

Description

doBaseOsActivate rejected a base-OS update whenever the content tree's total
download size exceeded the rootfs partition. But that total is not what lands in
the partition — only the rootfs (the disk-root layer) is written there. An image
may carry additional disks beyond the rootfs (for example the split-rootfs
Extension, which is extracted to /persist), so a perfectly valid image was
wrongly rejected with doBaseOsActivate: Image size <N> bytes greater than partition size <M> bytes.

The whole-image pre-activation check is removed and replaced by a check against
what is actually written. Just before writing the partition, zboot looks up the
size of the image's disk-root layer from its manifest and fails fast if that
exceeds the partition capacity. Because the rootfs is a squashfs stored as a raw
(uncompressed) layer, the manifest descriptor size equals the bytes written, so
the bound is exact. The check is image-shape agnostic — monolithic, multi-disk
and split-rootfs images alike — because it only ever measures the rootfs. If the
image has no disk-root layer (an unexpected manifest shape) the check is skipped
rather than blocking the install.

Reading the disk-root layer size needs the image's manifest, so this also adds a
GetImageLayers accessor to the CAS interface — manifest parsing stays in the
CAS layer rather than leaking go-containerregistry into zboot.

Note: this check runs on the EVE instance performing the activation, so the fix
takes effect for devices already running an EVE that contains it.

How to test and validate this PR

• A normal upgrade between two regular EVE images still succeeds.
• Activating an image whose rootfs is larger than the IMGA/IMGB partition now
  fails fast, before the multi-gigabyte pull and write, with
  rootfs does not fit: rootfs <N> bytes exceeds partition <part> size <M> bytes.
• For a split-rootfs image (Core + Extension disk), activation no longer fails the
  size check even though the whole-image size exceeds the partition, because only
  the Core (disk-root) is measured.

Changelog notes

Fixes base-OS updates being wrongly rejected with an "image size greater than
partition size" error when the downloaded image is larger than the rootfs
partition but the root filesystem itself fits within it.

PR Backports

Draft — backporting to LTS branches at maintainer discretion.

🤖 Generated with Claude Code

[codecov]

Codecov Report

❌ Patch coverage is 19.04762% with 34 lines in your changes missing coverage. Please review.
✅ Project coverage is 21.13%. Comparing base (a68dfee) to head (4c38292).
⚠️ Report is 4 commits behind head on master.

Files with missing lines	Patch %	Lines
pkg/pillar/cas/containerd.go	0.00%	24 Missing ⚠️
pkg/pillar/zboot/zboot.go	44.44%	10 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #6044      +/-   ##
==========================================
+ Coverage   20.72%   21.13%   +0.40%     
==========================================
  Files         504      514      +10     
  Lines       92768    94492    +1724     
==========================================
+ Hits        19230    19970     +740     
- Misses      71916    72719     +803     
- Partials     1622     1803     +181     

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.