measurements: refactor validation option (#1462)

Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>

cli/internal/cmd/init_test.go

@@ -438,13 +438,13 @@ func TestAttestation(t *testing.T) {
 	cfg.Image = "image"
 	cfg.AttestationVariant = oid.QEMUVTPM{}.String()
 	cfg.RemoveProviderExcept(cloudprovider.QEMU)
-	cfg.Provider.QEMU.Measurements[0] = measurements.WithAllBytes(0x00, false)
-	cfg.Provider.QEMU.Measurements[1] = measurements.WithAllBytes(0x11, false)
-	cfg.Provider.QEMU.Measurements[2] = measurements.WithAllBytes(0x22, false)
-	cfg.Provider.QEMU.Measurements[3] = measurements.WithAllBytes(0x33, false)
-	cfg.Provider.QEMU.Measurements[4] = measurements.WithAllBytes(0x44, false)
-	cfg.Provider.QEMU.Measurements[9] = measurements.WithAllBytes(0x99, false)
-	cfg.Provider.QEMU.Measurements[12] = measurements.WithAllBytes(0xcc, false)
+	cfg.Provider.QEMU.Measurements[0] = measurements.WithAllBytes(0x00, measurements.Enforce)
+	cfg.Provider.QEMU.Measurements[1] = measurements.WithAllBytes(0x11, measurements.Enforce)
+	cfg.Provider.QEMU.Measurements[2] = measurements.WithAllBytes(0x22, measurements.Enforce)
+	cfg.Provider.QEMU.Measurements[3] = measurements.WithAllBytes(0x33, measurements.Enforce)
+	cfg.Provider.QEMU.Measurements[4] = measurements.WithAllBytes(0x44, measurements.Enforce)
+	cfg.Provider.QEMU.Measurements[9] = measurements.WithAllBytes(0x99, measurements.Enforce)
+	cfg.Provider.QEMU.Measurements[12] = measurements.WithAllBytes(0xcc, measurements.Enforce)
 	require.NoError(fileHandler.WriteYAML(constants.ConfigFilename, cfg, file.OptNone))
 
 	ctx := context.Background()
@@ -538,23 +538,23 @@ func defaultConfigWithExpectedMeasurements(t *testing.T, conf *config.Config, cs
 		conf.Provider.Azure.ResourceGroup = "test-resource-group"
 		conf.Provider.Azure.AppClientID = "01234567-0123-0123-0123-0123456789ab"
 		conf.Provider.Azure.ClientSecretValue = "test-client-secret"
-		conf.Provider.Azure.Measurements[4] = measurements.WithAllBytes(0x44, false)
-		conf.Provider.Azure.Measurements[9] = measurements.WithAllBytes(0x11, false)
-		conf.Provider.Azure.Measurements[12] = measurements.WithAllBytes(0xcc, false)
+		conf.Provider.Azure.Measurements[4] = measurements.WithAllBytes(0x44, measurements.Enforce)
+		conf.Provider.Azure.Measurements[9] = measurements.WithAllBytes(0x11, measurements.Enforce)
+		conf.Provider.Azure.Measurements[12] = measurements.WithAllBytes(0xcc, measurements.Enforce)
 	case cloudprovider.GCP:
 		conf.AttestationVariant = oid.GCPSEVES{}.String()
 		conf.Provider.GCP.Region = "test-region"
 		conf.Provider.GCP.Project = "test-project"
 		conf.Provider.GCP.Zone = "test-zone"
 		conf.Provider.GCP.ServiceAccountKeyPath = "test-key-path"
-		conf.Provider.GCP.Measurements[4] = measurements.WithAllBytes(0x44, false)
-		conf.Provider.GCP.Measurements[9] = measurements.WithAllBytes(0x11, false)
-		conf.Provider.GCP.Measurements[12] = measurements.WithAllBytes(0xcc, false)
+		conf.Provider.GCP.Measurements[4] = measurements.WithAllBytes(0x44, measurements.Enforce)
+		conf.Provider.GCP.Measurements[9] = measurements.WithAllBytes(0x11, measurements.Enforce)
+		conf.Provider.GCP.Measurements[12] = measurements.WithAllBytes(0xcc, measurements.Enforce)
 	case cloudprovider.QEMU:
 		conf.AttestationVariant = oid.QEMUVTPM{}.String()
-		conf.Provider.QEMU.Measurements[4] = measurements.WithAllBytes(0x44, false)
-		conf.Provider.QEMU.Measurements[9] = measurements.WithAllBytes(0x11, false)
-		conf.Provider.QEMU.Measurements[12] = measurements.WithAllBytes(0xcc, false)
+		conf.Provider.QEMU.Measurements[4] = measurements.WithAllBytes(0x44, measurements.Enforce)
+		conf.Provider.QEMU.Measurements[9] = measurements.WithAllBytes(0x11, measurements.Enforce)
+		conf.Provider.QEMU.Measurements[12] = measurements.WithAllBytes(0xcc, measurements.Enforce)
 	}
 
 	conf.RemoveProviderExcept(csp)