composefs: Handle backwads compatibility with older versions

While finishing up GC, we had come up with the idea of prepending our
boot binaries (UKI PEs, BLS directories) with a certain prefix and we
ended up hard requiring these prefixes.

If someone has an older version of bootc which they used to install
their system with, then upgrade to a new version, many if not all of the
important operations would cease to work.

This basically handles the backwards compatibility of new binaries on
older systems by prepending our custom prefix to all existing boot binaries

Signed-off-by: Pragyan Poudyal <pragyanpoudyal41999@gmail.com>
Signed-off-by: Colin Walters <walters@verbum.org>

Author: Johan-Liebert1

crates/initramfs/src/lib.rs

@@ -299,7 +299,20 @@ pub fn mount_composefs_image(
     name: &str,
     allow_missing_fsverity: bool,
 ) -> Result<OwnedFd> {
-    let mut repo = Repository::<Sha512HashValue>::open_path(sysroot, "composefs")?;
+    // TODO: Once we're confident no deployments lack meta.json (i.e. all
+    // users have gone through at least one upgrade cycle), switch back to
+    // open_path which is a stricter check.
+    //
+    // Use init_path instead of open_path to handle upgrades from older
+    // composefs-rs versions that didn't create meta.json.  init_path is
+    // idempotent: it creates meta.json if missing, and succeeds if it
+    // already exists with the same algorithm.
+    let (mut repo, _created) = Repository::<Sha512HashValue>::init_path(
+        sysroot,
+        "composefs",
+        composefs::fsverity::Algorithm::SHA512,
+        !allow_missing_fsverity,
+    )?;
     if allow_missing_fsverity {
         repo.set_insecure();
     }