api: rename /api/versions to versionsapi and /api/attestationcfig to attestationconfigapi (#1876)

* rename to attestationconfigapi + put client and fetcher inside pkg

* rename api/version to versionsapi and put fetcher + client inside pkg

* rename AttestationConfigAPIFetcher to Fetcher

cli/internal/cmd/BUILD.bazel

@@ -48,10 +48,9 @@ go_library(
         "//cli/internal/terraform",
         "//cli/internal/upgrade",
         "//disk-mapper/recoverproto",
-        "//internal/api/attestationconfig/fetcher",
+        "//internal/api/attestationconfigapi",
         "//internal/api/fetcher",
-        "//internal/api/versions",
+        "//internal/api/versionsapi",
-        "//internal/api/versions/fetcher",
         "//internal/atls",
         "//internal/attestation/measurements",
         "//internal/cloud/azureshared",
@@ -137,8 +136,8 @@ go_test(
         "//cli/internal/terraform",
         "//cli/internal/upgrade",
         "//disk-mapper/recoverproto",
-        "//internal/api/attestationconfig",
+        "//internal/api/attestationconfigapi",
-        "//internal/api/versions",
+        "//internal/api/versionsapi",
         "//internal/atls",
         "//internal/attestation/measurements",
         "//internal/cloud/cloudprovider",

cli/internal/cmd/configfetchmeasurements.go

@@ -15,8 +15,8 @@ import (
 	"time"
 
 	"github.com/edgelesssys/constellation/v2/cli/internal/featureset"
-	attestationconfigfetcher "github.com/edgelesssys/constellation/v2/internal/api/attestationconfig/fetcher"
+	"github.com/edgelesssys/constellation/v2/internal/api/attestationconfigapi"
-	versionsapi "github.com/edgelesssys/constellation/v2/internal/api/versions"
+	"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
 	"github.com/edgelesssys/constellation/v2/internal/attestation/measurements"
 	"github.com/edgelesssys/constellation/v2/internal/config"
 	"github.com/edgelesssys/constellation/v2/internal/file"
@@ -67,13 +67,13 @@ func runConfigFetchMeasurements(cmd *cobra.Command, _ []string) error {
 	}
 	cfm := &configFetchMeasurementsCmd{log: log, canFetchMeasurements: featureset.CanFetchMeasurements}
 
-	fetcher := attestationconfigfetcher.NewWithClient(http.DefaultClient)
+	fetcher := attestationconfigapi.NewFetcherWithClient(http.DefaultClient)
 	return cfm.configFetchMeasurements(cmd, sigstore.CosignVerifier{}, rekor, fileHandler, fetcher, http.DefaultClient)
 }
 
 func (cfm *configFetchMeasurementsCmd) configFetchMeasurements(
 	cmd *cobra.Command, cosign cosignVerifier, rekor rekorVerifier,
-	fileHandler file.Handler, fetcher attestationconfigfetcher.AttestationConfigAPIFetcher, client *http.Client,
+	fileHandler file.Handler, fetcher attestationconfigapi.Fetcher, client *http.Client,
 ) error {
 	flags, err := cfm.parseFetchMeasurementsFlags(cmd)
 	if err != nil {

cli/internal/cmd/configfetchmeasurements_test.go

@@ -16,8 +16,8 @@ import (
 	"strconv"
 	"testing"
 
-	"github.com/edgelesssys/constellation/v2/internal/api/attestationconfig"
+	"github.com/edgelesssys/constellation/v2/internal/api/attestationconfigapi"
-	versionsapi "github.com/edgelesssys/constellation/v2/internal/api/versions"
+	"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
 	"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
 	"github.com/edgelesssys/constellation/v2/internal/config"
 	"github.com/edgelesssys/constellation/v2/internal/constants"
@@ -302,25 +302,25 @@ func TestConfigFetchMeasurements(t *testing.T) {
 
 type stubAttestationFetcher struct{}
 
-func (f stubAttestationFetcher) FetchAzureSEVSNPVersionList(_ context.Context, _ attestationconfig.AzureSEVSNPVersionList) (attestationconfig.AzureSEVSNPVersionList, error) {
+func (f stubAttestationFetcher) FetchAzureSEVSNPVersionList(_ context.Context, _ attestationconfigapi.AzureSEVSNPVersionList) (attestationconfigapi.AzureSEVSNPVersionList, error) {
-	return attestationconfig.AzureSEVSNPVersionList(
+	return attestationconfigapi.AzureSEVSNPVersionList(
 		[]string{},
 	), nil
 }
 
-func (f stubAttestationFetcher) FetchAzureSEVSNPVersion(_ context.Context, _ attestationconfig.AzureSEVSNPVersionAPI) (attestationconfig.AzureSEVSNPVersionAPI, error) {
+func (f stubAttestationFetcher) FetchAzureSEVSNPVersion(_ context.Context, _ attestationconfigapi.AzureSEVSNPVersionAPI) (attestationconfigapi.AzureSEVSNPVersionAPI, error) {
-	return attestationconfig.AzureSEVSNPVersionAPI{
+	return attestationconfigapi.AzureSEVSNPVersionAPI{
 		AzureSEVSNPVersion: testCfg,
 	}, nil
 }
 
-func (f stubAttestationFetcher) FetchAzureSEVSNPVersionLatest(_ context.Context) (attestationconfig.AzureSEVSNPVersionAPI, error) {
+func (f stubAttestationFetcher) FetchAzureSEVSNPVersionLatest(_ context.Context) (attestationconfigapi.AzureSEVSNPVersionAPI, error) {
-	return attestationconfig.AzureSEVSNPVersionAPI{
+	return attestationconfigapi.AzureSEVSNPVersionAPI{
 		AzureSEVSNPVersion: testCfg,
 	}, nil
 }
 
-var testCfg = attestationconfig.AzureSEVSNPVersion{
+var testCfg = attestationconfigapi.AzureSEVSNPVersion{
 	Microcode:  93,
 	TEE:        0,
 	SNP:        6,

cli/internal/cmd/create.go

@@ -13,7 +13,7 @@ import (
 
 	"github.com/edgelesssys/constellation/v2/cli/internal/cloudcmd"
 	"github.com/edgelesssys/constellation/v2/cli/internal/terraform"
-	attestationconfigfetcher "github.com/edgelesssys/constellation/v2/internal/api/attestationconfig/fetcher"
+	"github.com/edgelesssys/constellation/v2/internal/api/attestationconfigapi"
 	"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
 	"github.com/edgelesssys/constellation/v2/internal/config"
 	"github.com/edgelesssys/constellation/v2/internal/constants"
@@ -59,11 +59,11 @@ func runCreate(cmd *cobra.Command, _ []string) error {
 	fileHandler := file.NewHandler(afero.NewOsFs())
 	creator := cloudcmd.NewCreator(spinner)
 	c := &createCmd{log: log}
-	fetcher := attestationconfigfetcher.New()
+	fetcher := attestationconfigapi.NewFetcher()
 	return c.create(cmd, creator, fileHandler, spinner, fetcher)
 }
 
-func (c *createCmd) create(cmd *cobra.Command, creator cloudCreator, fileHandler file.Handler, spinner spinnerInterf, fetcher attestationconfigfetcher.AttestationConfigAPIFetcher) (retErr error) {
+func (c *createCmd) create(cmd *cobra.Command, creator cloudCreator, fileHandler file.Handler, spinner spinnerInterf, fetcher attestationconfigapi.Fetcher) (retErr error) {
 	flags, err := c.parseCreateFlags(cmd)
 	if err != nil {
 		return err

cli/internal/cmd/init.go

@@ -19,7 +19,7 @@ import (
 	"text/tabwriter"
 	"time"
 
-	attestationconfigfetcher "github.com/edgelesssys/constellation/v2/internal/api/attestationconfig/fetcher"
+	"github.com/edgelesssys/constellation/v2/internal/api/attestationconfigapi"
 	"github.com/edgelesssys/constellation/v2/internal/atls"
 	"github.com/edgelesssys/constellation/v2/internal/compatibility"
 
@@ -98,13 +98,13 @@ func runInitialize(cmd *cobra.Command, _ []string) error {
 	defer cancel()
 	cmd.SetContext(ctx)
 	i := &initCmd{log: log, spinner: spinner, merger: &kubeconfigMerger{log: log}, fh: &fileHandler}
-	fetcher := attestationconfigfetcher.New()
+	fetcher := attestationconfigapi.NewFetcher()
 	return i.initialize(cmd, newDialer, fileHandler, license.NewClient(), fetcher)
 }
 
 // initialize initializes a Constellation.
 func (i *initCmd) initialize(cmd *cobra.Command, newDialer func(validator atls.Validator) *dialer.Dialer,
-	fileHandler file.Handler, quotaChecker license.QuotaChecker, configFetcher attestationconfigfetcher.AttestationConfigAPIFetcher,
+	fileHandler file.Handler, quotaChecker license.QuotaChecker, configFetcher attestationconfigapi.Fetcher,
 ) error {
 	flags, err := i.evalFlagArgs(cmd)
 	if err != nil {

cli/internal/cmd/miniup.go

@@ -15,7 +15,7 @@ import (
 	"github.com/edgelesssys/constellation/v2/cli/internal/cloudcmd"
 	"github.com/edgelesssys/constellation/v2/cli/internal/libvirt"
 	"github.com/edgelesssys/constellation/v2/cli/internal/terraform"
-	attestationconfigfetcher "github.com/edgelesssys/constellation/v2/internal/api/attestationconfig/fetcher"
+	"github.com/edgelesssys/constellation/v2/internal/api/attestationconfigapi"
 	"github.com/edgelesssys/constellation/v2/internal/atls"
 	"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
 	"github.com/edgelesssys/constellation/v2/internal/config"
@@ -46,7 +46,7 @@ func newMiniUpCmd() *cobra.Command {
 
 type miniUpCmd struct {
 	log           debugLog
-	configFetcher attestationconfigfetcher.AttestationConfigAPIFetcher
+	configFetcher attestationconfigapi.Fetcher
 }
 
 func runUp(cmd *cobra.Command, _ []string) error {
@@ -62,7 +62,7 @@ func runUp(cmd *cobra.Command, _ []string) error {
 	defer spinner.Stop()
 	creator := cloudcmd.NewCreator(spinner)
 
-	m := &miniUpCmd{log: log, configFetcher: attestationconfigfetcher.New()}
+	m := &miniUpCmd{log: log, configFetcher: attestationconfigapi.NewFetcher()}
 	return m.up(cmd, creator, spinner)
 }
 

cli/internal/cmd/recover.go

@@ -18,7 +18,7 @@ import (
 	"github.com/edgelesssys/constellation/v2/cli/internal/cloudcmd"
 	"github.com/edgelesssys/constellation/v2/cli/internal/clusterid"
 	"github.com/edgelesssys/constellation/v2/disk-mapper/recoverproto"
-	attestationconfigfetcher "github.com/edgelesssys/constellation/v2/internal/api/attestationconfig/fetcher"
+	"github.com/edgelesssys/constellation/v2/internal/api/attestationconfigapi"
 	"github.com/edgelesssys/constellation/v2/internal/atls"
 	"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
 	"github.com/edgelesssys/constellation/v2/internal/config"
@@ -50,7 +50,7 @@ func NewRecoverCmd() *cobra.Command {
 
 type recoverCmd struct {
 	log           debugLog
-	configFetcher attestationconfigfetcher.AttestationConfigAPIFetcher
+	configFetcher attestationconfigapi.Fetcher
 }
 
 func runRecover(cmd *cobra.Command, _ []string) error {
@@ -63,7 +63,7 @@ func runRecover(cmd *cobra.Command, _ []string) error {
 	newDialer := func(validator atls.Validator) *dialer.Dialer {
 		return dialer.New(nil, validator, &net.Dialer{})
 	}
-	r := &recoverCmd{log: log, configFetcher: attestationconfigfetcher.New()}
+	r := &recoverCmd{log: log, configFetcher: attestationconfigapi.NewFetcher()}
 	return r.recover(cmd, fileHandler, 5*time.Second, &recoverDoer{log: r.log}, newDialer)
 }
 

cli/internal/cmd/upgradeapply.go

@@ -19,7 +19,7 @@ import (
 	"github.com/edgelesssys/constellation/v2/cli/internal/kubernetes"
 	"github.com/edgelesssys/constellation/v2/cli/internal/terraform"
 	"github.com/edgelesssys/constellation/v2/cli/internal/upgrade"
-	attestationconfigfetcher "github.com/edgelesssys/constellation/v2/internal/api/attestationconfig/fetcher"
+	"github.com/edgelesssys/constellation/v2/internal/api/attestationconfigapi"
 	"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
 	"github.com/edgelesssys/constellation/v2/internal/compatibility"
 	"github.com/edgelesssys/constellation/v2/internal/config"
@@ -68,7 +68,7 @@ func runUpgradeApply(cmd *cobra.Command, _ []string) error {
 	}
 
 	imagefetcher := imagefetcher.New()
-	configFetcher := attestationconfigfetcher.New()
+	configFetcher := attestationconfigapi.NewFetcher()
 
 	applyCmd := upgradeApplyCmd{upgrader: upgrader, log: log, imageFetcher: imagefetcher, configFetcher: configFetcher}
 	return applyCmd.upgradeApply(cmd, fileHandler)
@@ -77,7 +77,7 @@ func runUpgradeApply(cmd *cobra.Command, _ []string) error {
 type upgradeApplyCmd struct {
 	upgrader      cloudUpgrader
 	imageFetcher  imageFetcher
-	configFetcher attestationconfigfetcher.AttestationConfigAPIFetcher
+	configFetcher attestationconfigapi.Fetcher
 	log           debugLog
 }
 

cli/internal/cmd/upgradecheck.go

@@ -18,10 +18,9 @@ import (
 	"github.com/edgelesssys/constellation/v2/cli/internal/featureset"
 	"github.com/edgelesssys/constellation/v2/cli/internal/helm"
 	"github.com/edgelesssys/constellation/v2/cli/internal/kubernetes"
-	attestationconfigfetcher "github.com/edgelesssys/constellation/v2/internal/api/attestationconfig/fetcher"
+	"github.com/edgelesssys/constellation/v2/internal/api/attestationconfigapi"
 	"github.com/edgelesssys/constellation/v2/internal/api/fetcher"
-	versionsapi "github.com/edgelesssys/constellation/v2/internal/api/versions"
+	"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
-	versionfetcher "github.com/edgelesssys/constellation/v2/internal/api/versions/fetcher"
 	"github.com/edgelesssys/constellation/v2/internal/attestation/measurements"
 	"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
 	"github.com/edgelesssys/constellation/v2/internal/compatibility"
@@ -70,7 +69,7 @@ func runUpgradeCheck(cmd *cobra.Command, _ []string) error {
 	if err != nil {
 		return err
 	}
-	versionListFetcher := versionfetcher.New()
+	versionfetcher := versionsapi.NewFetcher()
 	rekor, err := sigstore.NewRekor()
 	if err != nil {
 		return fmt.Errorf("constructing Rekor client: %w", err)
@@ -80,7 +79,7 @@ func runUpgradeCheck(cmd *cobra.Command, _ []string) error {
 		collect: &versionCollector{
 			writer:         cmd.OutOrStderr(),
 			checker:        checker,
-			verListFetcher: versionListFetcher,
+			verListFetcher: versionfetcher,
 			fileHandler:    fileHandler,
 			client:         http.DefaultClient,
 			cosign:         sigstore.CosignVerifier{},
@@ -88,12 +87,12 @@ func runUpgradeCheck(cmd *cobra.Command, _ []string) error {
 			flags:          flags,
 			cliVersion:     compatibility.EnsurePrefixV(constants.VersionInfo()),
 			log:            log,
-			versionsapi:    versionfetcher.New(),
+			versionsapi:    versionfetcher,
 		},
 		log: log,
 	}
 
-	return up.upgradeCheck(cmd, fileHandler, attestationconfigfetcher.New(), flags)
+	return up.upgradeCheck(cmd, fileHandler, attestationconfigapi.NewFetcher(), flags)
 }
 
 func parseUpgradeCheckFlags(cmd *cobra.Command) (upgradeCheckFlags, error) {
@@ -133,7 +132,7 @@ type upgradeCheckCmd struct {
 }
 
 // upgradePlan plans an upgrade of a Constellation cluster.
-func (u *upgradeCheckCmd) upgradeCheck(cmd *cobra.Command, fileHandler file.Handler, fetcher attestationconfigfetcher.AttestationConfigAPIFetcher, flags upgradeCheckFlags) error {
+func (u *upgradeCheckCmd) upgradeCheck(cmd *cobra.Command, fileHandler file.Handler, fetcher attestationconfigapi.Fetcher, flags upgradeCheckFlags) error {
 	conf, err := config.New(fileHandler, flags.configPath, fetcher, flags.force)
 	var configValidationErr *config.ValidationError
 	if errors.As(err, &configValidationErr) {

cli/internal/cmd/upgradecheck_test.go

@@ -15,7 +15,7 @@ import (
 	"strings"
 	"testing"
 
-	versionsapi "github.com/edgelesssys/constellation/v2/internal/api/versions"
+	"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
 	"github.com/edgelesssys/constellation/v2/internal/attestation/measurements"
 	"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
 	"github.com/edgelesssys/constellation/v2/internal/config"

cli/internal/cmd/verify.go

@@ -21,7 +21,7 @@ import (
 
 	"github.com/edgelesssys/constellation/v2/cli/internal/cloudcmd"
 	"github.com/edgelesssys/constellation/v2/cli/internal/clusterid"
-	attestationconfigfetcher "github.com/edgelesssys/constellation/v2/internal/api/attestationconfig/fetcher"
+	"github.com/edgelesssys/constellation/v2/internal/api/attestationconfigapi"
 	"github.com/edgelesssys/constellation/v2/internal/atls"
 	"github.com/edgelesssys/constellation/v2/internal/attestation/measurements"
 	"github.com/edgelesssys/constellation/v2/internal/config"
@@ -72,11 +72,11 @@ func runVerify(cmd *cobra.Command, _ []string) error {
 	}
 
 	v := &verifyCmd{log: log}
-	fetcher := attestationconfigfetcher.New()
+	fetcher := attestationconfigapi.NewFetcher()
 	return v.verify(cmd, fileHandler, verifyClient, formatter, fetcher)
 }
 
-func (c *verifyCmd) verify(cmd *cobra.Command, fileHandler file.Handler, verifyClient verifyClient, formatter attestationDocFormatter, configFetcher attestationconfigfetcher.AttestationConfigAPIFetcher) error {
+func (c *verifyCmd) verify(cmd *cobra.Command, fileHandler file.Handler, verifyClient verifyClient, formatter attestationDocFormatter, configFetcher attestationconfigapi.Fetcher) error {
 	flags, err := c.parseVerifyFlags(cmd, fileHandler)
 	if err != nil {
 		return fmt.Errorf("parsing flags: %w", err)

cli/internal/kubernetes/BUILD.bazel

@@ -14,7 +14,7 @@ go_library(
         "//cli/internal/helm",
         "//cli/internal/terraform",
         "//cli/internal/upgrade",
-        "//internal/api/versions",
+        "//internal/api/versionsapi",
         "//internal/attestation/measurements",
         "//internal/cloud/cloudprovider",
         "//internal/compatibility",

cli/internal/kubernetes/upgrade.go

@@ -19,7 +19,7 @@ import (
 	"github.com/edgelesssys/constellation/v2/cli/internal/helm"
 	"github.com/edgelesssys/constellation/v2/cli/internal/terraform"
 	"github.com/edgelesssys/constellation/v2/cli/internal/upgrade"
-	versionsapi "github.com/edgelesssys/constellation/v2/internal/api/versions"
+	"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
 	"github.com/edgelesssys/constellation/v2/internal/attestation/measurements"
 	"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
 	"github.com/edgelesssys/constellation/v2/internal/compatibility"

debugd/internal/cdbg/cmd/BUILD.bazel

@@ -14,7 +14,7 @@ go_library(
         "//debugd/internal/filetransfer",
         "//debugd/internal/filetransfer/streamer",
         "//debugd/service",
-        "//internal/api/attestationconfig/fetcher",
+        "//internal/api/attestationconfigapi",
         "//internal/config",
         "//internal/constants",
         "//internal/file",

debugd/internal/cdbg/cmd/deploy.go

@@ -20,7 +20,7 @@ import (
 	"github.com/edgelesssys/constellation/v2/debugd/internal/filetransfer"
 	"github.com/edgelesssys/constellation/v2/debugd/internal/filetransfer/streamer"
 	pb "github.com/edgelesssys/constellation/v2/debugd/service"
-	attestationconfigfetcher "github.com/edgelesssys/constellation/v2/internal/api/attestationconfig/fetcher"
+	"github.com/edgelesssys/constellation/v2/internal/api/attestationconfigapi"
 	"github.com/edgelesssys/constellation/v2/internal/config"
 	"github.com/edgelesssys/constellation/v2/internal/constants"
 	"github.com/edgelesssys/constellation/v2/internal/file"
@@ -69,7 +69,7 @@ func runDeploy(cmd *cobra.Command, _ []string) error {
 	fileHandler := file.NewHandler(fs)
 	streamer := streamer.New(fs)
 	transfer := filetransfer.New(log, streamer, filetransfer.ShowProgress)
-	constellationConfig, err := config.New(fileHandler, configName, attestationconfigfetcher.New(), force)
+	constellationConfig, err := config.New(fileHandler, configName, attestationconfigapi.NewFetcher(), force)
 	var configValidationErr *config.ValidationError
 	if errors.As(err, &configValidationErr) {
 		cmd.PrintErrln(configValidationErr.LongMessage())

e2e/internal/upgrade/BUILD.bazel

@@ -11,7 +11,7 @@ go_library(
     importpath = "github.com/edgelesssys/constellation/v2/e2e/internal/upgrade",
     visibility = ["//e2e:__subpackages__"],
     deps = [
-        "//internal/api/versions",
+        "//internal/api/versionsapi",
         "//internal/attestation/measurements",
         "//internal/cloud/cloudprovider",
         "//internal/constants",
@@ -40,7 +40,7 @@ go_test(
     tags = ["manual"],
     deps = [
         "//e2e/internal/kubectl",
-        "//internal/api/attestationconfig/fetcher",
+        "//internal/api/attestationconfigapi",
         "//internal/config",
         "//internal/constants",
         "//internal/file",

e2e/internal/upgrade/image.go

@@ -12,7 +12,7 @@ import (
 	"context"
 	"net/http"
 
-	versionsapi "github.com/edgelesssys/constellation/v2/internal/api/versions"
+	"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
 	"github.com/edgelesssys/constellation/v2/internal/attestation/measurements"
 	"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
 	"github.com/edgelesssys/constellation/v2/internal/imagefetcher"

e2e/internal/upgrade/upgrade_test.go

@@ -25,7 +25,7 @@ import (
 
 	"github.com/bazelbuild/rules_go/go/runfiles"
 	"github.com/edgelesssys/constellation/v2/e2e/internal/kubectl"
-	attestationconfigfetcher "github.com/edgelesssys/constellation/v2/internal/api/attestationconfig/fetcher"
+	"github.com/edgelesssys/constellation/v2/internal/api/attestationconfigapi"
 	"github.com/edgelesssys/constellation/v2/internal/config"
 	"github.com/edgelesssys/constellation/v2/internal/constants"
 	"github.com/edgelesssys/constellation/v2/internal/file"
@@ -254,7 +254,7 @@ func testNodesEventuallyAvailable(t *testing.T, k *kubernetes.Clientset, wantCon
 
 func writeUpgradeConfig(require *require.Assertions, image string, kubernetes string, microservices string) versionContainer {
 	fileHandler := file.NewHandler(afero.NewOsFs())
-	fetcher := attestationconfigfetcher.New()
+	fetcher := attestationconfigapi.NewFetcher()
 	cfg, err := config.New(fileHandler, constants.ConfigFilename, fetcher, true)
 	var cfgErr *config.ValidationError
 	var longMsg string

hack/azure-snp-report-verify/BUILD.bazel

@@ -6,7 +6,7 @@ go_library(
     importpath = "github.com/edgelesssys/constellation/v2/hack/azure-snp-report-verify",
     visibility = ["//visibility:private"],
     deps = [
-        "//internal/api/attestationconfig",
+        "//internal/api/attestationconfigapi",
         "@in_gopkg_square_go_jose_v2//:go-jose_v2",
         "@in_gopkg_square_go_jose_v2//jwt",
     ],

hack/azure-snp-report-verify/verify.go

@@ -20,7 +20,7 @@ import (
 	"os"
 	"time"
 
-	configapi "github.com/edgelesssys/constellation/v2/internal/api/attestationconfig"
+	configapi "github.com/edgelesssys/constellation/v2/internal/api/attestationconfigapi"
 	"gopkg.in/square/go-jose.v2"
 	"gopkg.in/square/go-jose.v2/jwt"
 )

hack/cli-k8s-compatibility/BUILD.bazel

@@ -6,8 +6,7 @@ go_library(
     importpath = "github.com/edgelesssys/constellation/v2/hack/cli-k8s-compatibility",
     visibility = ["//visibility:private"],
     deps = [
-        "//internal/api/versions",
+        "//internal/api/versionsapi",
-        "//internal/api/versions/client",
         "//internal/logger",
         "//internal/versions",
         "@org_uber_go_zap//zapcore",

hack/cli-k8s-compatibility/main.go

@@ -11,8 +11,7 @@ import (
 	"context"
 	"flag"
 
-	versionsapi "github.com/edgelesssys/constellation/v2/internal/api/versions"
+	"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
-	"github.com/edgelesssys/constellation/v2/internal/api/versions/client"
 	"github.com/edgelesssys/constellation/v2/internal/logger"
 	"github.com/edgelesssys/constellation/v2/internal/versions"
 	"go.uber.org/zap/zapcore"
@@ -50,7 +49,7 @@ func main() {
 		cliInfo.Kubernetes = append(cliInfo.Kubernetes, v.ClusterVersion)
 	}
 
-	c, cclose, err := client.NewClient(ctx, "eu-central-1", "cdn-constellation-backend", "E1H77EZTHC3NE4", false, log)
+	c, cclose, err := versionsapi.NewClient(ctx, "eu-central-1", "cdn-constellation-backend", "E1H77EZTHC3NE4", false, log)
 	if err != nil {
 		log.Fatalf("creating s3 client: %w", err)
 	}

hack/configapi/cmd/BUILD.bazel

@@ -10,9 +10,7 @@ go_library(
     importpath = "github.com/edgelesssys/constellation/v2/hack/configapi/cmd",
     visibility = ["//visibility:public"],
     deps = [
-        "//internal/api/attestationconfig",
+        "//internal/api/attestationconfigapi",
-        "//internal/api/attestationconfig/client",
-        "//internal/api/attestationconfig/fetcher",
         "//internal/logger",
         "//internal/staticupload",
         "@com_github_spf13_cobra//:cobra",
@@ -28,7 +26,7 @@ go_test(
     ],
     embed = [":cmd"],
     deps = [
-        "//internal/api/attestationconfig",
+        "//internal/api/attestationconfigapi",
         "@com_github_stretchr_testify//assert",
         "@com_github_stretchr_testify//require",
     ],

hack/configapi/cmd/delete.go

@@ -9,7 +9,7 @@ import (
 	"context"
 	"fmt"
 
-	"github.com/edgelesssys/constellation/v2/internal/api/attestationconfig/client"
+	"github.com/edgelesssys/constellation/v2/internal/api/attestationconfigapi"
 	"github.com/edgelesssys/constellation/v2/internal/staticupload"
 	"github.com/spf13/cobra"
 )
@@ -47,7 +47,7 @@ func runDelete(cmd *cobra.Command, _ []string) error {
 		Bucket: awsBucket,
 		Region: awsRegion,
 	}
-	repo, closefn, err := client.New(cmd.Context(), cfg, []byte(cosignPwd), []byte(privateKey), false, log())
+	repo, closefn, err := attestationconfigapi.NewClient(cmd.Context(), cfg, []byte(cosignPwd), []byte(privateKey), false, log())
 	if err != nil {
 		return fmt.Errorf("create attestation client: %w", err)
 	}

hack/configapi/cmd/root.go

@@ -13,9 +13,7 @@ import (
 	"reflect"
 	"time"
 
-	"github.com/edgelesssys/constellation/v2/internal/api/attestationconfig"
+	"github.com/edgelesssys/constellation/v2/internal/api/attestationconfigapi"
-	attestationconfigapiclient "github.com/edgelesssys/constellation/v2/internal/api/attestationconfig/client"
-	attestationconfigapifetcher "github.com/edgelesssys/constellation/v2/internal/api/attestationconfig/fetcher"
 	"github.com/edgelesssys/constellation/v2/internal/logger"
 	"go.uber.org/zap"
 
@@ -82,12 +80,12 @@ func runCmd(cmd *cobra.Command, _ []string) error {
 	if err != nil {
 		return fmt.Errorf("reading version file: %w", err)
 	}
-	var inputVersion attestationconfig.AzureSEVSNPVersion
+	var inputVersion attestationconfigapi.AzureSEVSNPVersion
 	if err = json.Unmarshal(versionBytes, &inputVersion); err != nil {
 		return fmt.Errorf("unmarshalling version file: %w", err)
 	}
 
-	latestAPIVersion, err := attestationconfigapifetcher.New().FetchAzureSEVSNPVersionLatest(ctx)
+	latestAPIVersion, err := attestationconfigapi.NewFetcher().FetchAzureSEVSNPVersionLatest(ctx)
 	if err != nil {
 		return fmt.Errorf("fetching latest version: %w", err)
 	}
@@ -102,7 +100,7 @@ func runCmd(cmd *cobra.Command, _ []string) error {
 		} else {
 			cmd.Printf("Input version: %+v is newer than latest API version: %+v\n", inputVersion, latestAPIVersion)
 		}
-		sut, sutClose, err := attestationconfigapiclient.New(ctx, cfg, []byte(cosignPwd), []byte(privateKey), false, log())
+		sut, sutClose, err := attestationconfigapi.NewClient(ctx, cfg, []byte(cosignPwd), []byte(privateKey), false, log())
 		defer func() {
 			if err := sutClose(ctx); err != nil {
 				cmd.Printf("closing repo: %v\n", err)
@@ -123,7 +121,7 @@ func runCmd(cmd *cobra.Command, _ []string) error {
 }
 
 // isInputNewerThanLatestAPI compares all version fields with the latest API version and returns true if any input field is newer.
-func isInputNewerThanLatestAPI(input, latest attestationconfig.AzureSEVSNPVersion) (bool, error) {
+func isInputNewerThanLatestAPI(input, latest attestationconfigapi.AzureSEVSNPVersion) (bool, error) {
 	inputValues := reflect.ValueOf(input)
 	latestValues := reflect.ValueOf(latest)
 	fields := reflect.TypeOf(input)
@@ -166,5 +164,5 @@ func must(err error) {
 }
 
 func log() *logger.Logger {
-	return logger.New(logger.PlainLog, zap.DebugLevel).Named("attestationconfig")
+	return logger.New(logger.PlainLog, zap.DebugLevel).Named("attestationconfigapi")
 }

hack/configapi/cmd/root_test.go

@@ -9,11 +9,11 @@ package cmd
 import (
 	"testing"
 
-	"github.com/edgelesssys/constellation/v2/internal/api/attestationconfig"
+	"github.com/edgelesssys/constellation/v2/internal/api/attestationconfigapi"
 	"github.com/stretchr/testify/assert"
 )
 
-var testCfg = attestationconfig.AzureSEVSNPVersion{
+var testCfg = attestationconfigapi.AzureSEVSNPVersion{
 	Microcode:  93,
 	TEE:        0,
 	SNP:        6,
@@ -22,13 +22,13 @@ var testCfg = attestationconfig.AzureSEVSNPVersion{
 
 func TestIsInputNewerThanLatestAPI(t *testing.T) {
 	testCases := map[string]struct {
-		latest attestationconfig.AzureSEVSNPVersion
+		latest attestationconfigapi.AzureSEVSNPVersion
-		input  attestationconfig.AzureSEVSNPVersion
+		input  attestationconfigapi.AzureSEVSNPVersion
 		expect bool
 		errMsg string
 	}{
 		"input is older than latest": {
-			input: func(c attestationconfig.AzureSEVSNPVersion) attestationconfig.AzureSEVSNPVersion {
+			input: func(c attestationconfigapi.AzureSEVSNPVersion) attestationconfigapi.AzureSEVSNPVersion {
 				c.Microcode--
 				return c
 			}(testCfg),
@@ -37,7 +37,7 @@ func TestIsInputNewerThanLatestAPI(t *testing.T) {
 			errMsg: "input Microcode version: 92 is older than latest API version: 93",
 		},
 		"input has greater and smaller version field than latest": {
-			input: func(c attestationconfig.AzureSEVSNPVersion) attestationconfig.AzureSEVSNPVersion {
+			input: func(c attestationconfigapi.AzureSEVSNPVersion) attestationconfigapi.AzureSEVSNPVersion {
 				c.Microcode++
 				c.Bootloader--
 				return c
@@ -47,7 +47,7 @@ func TestIsInputNewerThanLatestAPI(t *testing.T) {
 			errMsg: "input Bootloader version: 1 is older than latest API version: 2",
 		},
 		"input is newer than latest": {
-			input: func(c attestationconfig.AzureSEVSNPVersion) attestationconfig.AzureSEVSNPVersion {
+			input: func(c attestationconfigapi.AzureSEVSNPVersion) attestationconfigapi.AzureSEVSNPVersion {
 				c.TEE++
 				return c
 			}(testCfg),

image/upload/internal/cmd/BUILD.bazel

@@ -24,7 +24,7 @@ go_library(
     importpath = "github.com/edgelesssys/constellation/v2/image/upload/internal/cmd",
     visibility = ["//image/upload:__subpackages__"],
     deps = [
-        "//internal/api/versions",
+        "//internal/api/versionsapi",
         "//internal/attestation/measurements",
         "//internal/cloud/cloudprovider",
         "//internal/logger",

image/upload/internal/cmd/api.go

@@ -10,7 +10,7 @@ import (
 	"context"
 	"io"
 
-	versionsapi "github.com/edgelesssys/constellation/v2/internal/api/versions"
+	"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
 	"github.com/edgelesssys/constellation/v2/internal/osimage"
 )
 

image/upload/internal/cmd/flags.go

@@ -12,7 +12,7 @@ import (
 	"path/filepath"
 	"time"
 
-	versionsapi "github.com/edgelesssys/constellation/v2/internal/api/versions"
+	"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
 	"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
 	"github.com/spf13/cobra"
 	"go.uber.org/zap/zapcore"

image/upload/internal/cmd/info.go

@@ -11,7 +11,7 @@ import (
 	"fmt"
 	"os"
 
-	versionsapi "github.com/edgelesssys/constellation/v2/internal/api/versions"
+	"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
 	"github.com/edgelesssys/constellation/v2/internal/logger"
 	infoupload "github.com/edgelesssys/constellation/v2/internal/osimage/imageinfo"
 	"github.com/spf13/cobra"

image/upload/internal/cmd/upload.go

@@ -13,7 +13,7 @@ import (
 	"io"
 	"strings"
 
-	versionsapi "github.com/edgelesssys/constellation/v2/internal/api/versions"
+	"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
 	"github.com/edgelesssys/constellation/v2/internal/osimage"
 )
 

internal/api/attestationconfig/BUILD.bazel

@@ -1,15 +0,0 @@
-load("@io_bazel_rules_go//go:def.bzl", "go_library")
-
-go_library(
-    name = "attestationconfig",
-    srcs = [
-        "azure.go",
-        "configapi.go",
-    ],
-    importpath = "github.com/edgelesssys/constellation/v2/internal/api/attestationconfig",
-    visibility = ["//:__subpackages__"],
-    deps = [
-        "//internal/constants",
-        "//internal/variant",
-    ],
-)

internal/api/attestationconfig/client/BUILD.bazel

@@ -1,34 +0,0 @@
-load("@io_bazel_rules_go//go:def.bzl", "go_library")
-load("//bazel/go:go_test.bzl", "go_test")
-
-go_library(
-    name = "client",
-    srcs = ["client.go"],
-    importpath = "github.com/edgelesssys/constellation/v2/internal/api/attestationconfig/client",
-    visibility = ["//:__subpackages__"],
-    deps = [
-        "//internal/api/attestationconfig",
-        "//internal/api/attestationconfig/fetcher",
-        "//internal/api/client",
-        "//internal/logger",
-        "//internal/sigstore",
-        "//internal/staticupload",
-        "//internal/variant",
-    ],
-)
-
-go_test(
-    name = "client_test",
-    srcs = ["client_test.go"],
-    # keep
-    count = 1,
-    embed = [":client"],
-    # keep
-    gotags = ["e2e"],
-    # keep
-    tags = ["manual"],
-    deps = [
-        "//internal/api/attestationconfig",
-        "@com_github_stretchr_testify//assert",
-    ],
-)

internal/api/attestationconfig/fetcher/BUILD.bazel

@@ -1,25 +0,0 @@
-load("@io_bazel_rules_go//go:def.bzl", "go_library")
-load("//bazel/go:go_test.bzl", "go_test")
-
-go_library(
-    name = "fetcher",
-    srcs = ["fetcher.go"],
-    importpath = "github.com/edgelesssys/constellation/v2/internal/api/attestationconfig/fetcher",
-    visibility = ["//:__subpackages__"],
-    deps = [
-        "//internal/api/attestationconfig",
-        "//internal/api/fetcher",
-        "//internal/constants",
-        "//internal/sigstore",
-    ],
-)
-
-go_test(
-    name = "fetcher_test",
-    srcs = ["fetcher_test.go"],
-    embed = [":fetcher"],
-    deps = [
-        "//internal/api/attestationconfig",
-        "@com_github_stretchr_testify//assert",
-    ],
-)

internal/api/attestationconfig/fetcher/fetcher.go

@@ -1,87 +0,0 @@
-/*
-Copyright (c) Edgeless Systems GmbH
-
-SPDX-License-Identifier: AGPL-3.0-only
-*/
-
-package fetcher
-
-import (
-	"context"
-	"encoding/json"
-	"fmt"
-
-	"github.com/edgelesssys/constellation/v2/internal/api/attestationconfig"
-	"github.com/edgelesssys/constellation/v2/internal/api/fetcher"
-	"github.com/edgelesssys/constellation/v2/internal/constants"
-	"github.com/edgelesssys/constellation/v2/internal/sigstore"
-)
-
-const cosignPublicKey = constants.CosignPublicKeyReleases
-
-// AttestationConfigAPIFetcher fetches config API resources without authentication.
-type AttestationConfigAPIFetcher interface {
-	FetchAzureSEVSNPVersion(ctx context.Context, azureVersion attestationconfig.AzureSEVSNPVersionAPI) (attestationconfig.AzureSEVSNPVersionAPI, error)
-	FetchAzureSEVSNPVersionList(ctx context.Context, attestation attestationconfig.AzureSEVSNPVersionList) (attestationconfig.AzureSEVSNPVersionList, error)
-	FetchAzureSEVSNPVersionLatest(ctx context.Context) (attestationconfig.AzureSEVSNPVersionAPI, error)
-}
-
-// Fetcher fetches AttestationCfg API resources without authentication.
-type Fetcher struct {
-	fetcher.HTTPClient
-}
-
-// New returns a new Fetcher.
-func New() *Fetcher {
-	return NewWithClient(fetcher.NewHTTPClient())
-}
-
-// NewWithClient returns a new Fetcher with custom http client.
-func NewWithClient(client fetcher.HTTPClient) *Fetcher {
-	return &Fetcher{client}
-}
-
-// FetchAzureSEVSNPVersionList fetches the version list information from the config API.
-func (f *Fetcher) FetchAzureSEVSNPVersionList(ctx context.Context, attestation attestationconfig.AzureSEVSNPVersionList) (attestationconfig.AzureSEVSNPVersionList, error) {
-	return fetcher.Fetch(ctx, f.HTTPClient, attestation)
-}
-
-// FetchAzureSEVSNPVersion fetches the version information from the config API.
-func (f *Fetcher) FetchAzureSEVSNPVersion(ctx context.Context, azureVersion attestationconfig.AzureSEVSNPVersionAPI) (attestationconfig.AzureSEVSNPVersionAPI, error) {
-	fetchedVersion, err := fetcher.Fetch(ctx, f.HTTPClient, azureVersion)
-	if err != nil {
-		return fetchedVersion, fmt.Errorf("fetch version %s: %w", fetchedVersion.Version, err)
-	}
-	versionBytes, err := json.Marshal(fetchedVersion)
-	if err != nil {
-		return fetchedVersion, fmt.Errorf("marshal version for verify %s: %w", azureVersion.Version, err)
-	}
-
-	signature, err := fetcher.Fetch(ctx, f.HTTPClient, attestationconfig.AzureSEVSNPVersionSignature{
-		Version: azureVersion.Version,
-	})
-	if err != nil {
-		return fetchedVersion, fmt.Errorf("fetch version %s signature: %w", azureVersion.Version, err)
-	}
-
-	err = sigstore.CosignVerifier{}.VerifySignature(versionBytes, signature.Signature, []byte(cosignPublicKey))
-	if err != nil {
-		return fetchedVersion, fmt.Errorf("verify version %s signature: %w", azureVersion.Version, err)
-	}
-	return fetchedVersion, nil
-}
-
-// FetchAzureSEVSNPVersionLatest returns the latest versions of the given type.
-func (f *Fetcher) FetchAzureSEVSNPVersionLatest(ctx context.Context) (res attestationconfig.AzureSEVSNPVersionAPI, err error) {
-	var list attestationconfig.AzureSEVSNPVersionList
-	list, err = f.FetchAzureSEVSNPVersionList(ctx, list)
-	if err != nil {
-		return res, fmt.Errorf("fetching versions list: %w", err)
-	}
-	get := attestationconfig.AzureSEVSNPVersionAPI{Version: list[0]} // get latest version (as sorted reversely alphanumerically)
-	get, err = f.FetchAzureSEVSNPVersion(ctx, get)
-	if err != nil {
-		return res, fmt.Errorf("fetching version: %w", err)
-	}
-	return get, nil
-}

internal/api/attestationconfigapi/BUILD.bazel

@@ -0,0 +1,33 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library")
+load("//bazel/go:go_test.bzl", "go_test")
+
+go_library(
+    name = "attestationconfigapi",
+    srcs = [
+        "attestationconfigapi.go",
+        "azure.go",
+        "client.go",
+        "fetcher.go",
+    ],
+    importpath = "github.com/edgelesssys/constellation/v2/internal/api/attestationconfigapi",
+    visibility = ["//:__subpackages__"],
+    deps = [
+        "//internal/api/client",
+        "//internal/api/fetcher",
+        "//internal/constants",
+        "//internal/logger",
+        "//internal/sigstore",
+        "//internal/staticupload",
+        "//internal/variant",
+    ],
+)
+
+go_test(
+    name = "attestationconfigapi_test",
+    srcs = [
+        "client_test.go",
+        "fetcher_test.go",
+    ],
+    embed = [":attestationconfigapi"],
+    deps = ["@com_github_stretchr_testify//assert"],
+)

internal/api/attestationconfigapi/attestationconfigapi.go

@@ -20,4 +20,4 @@ Thus, existing config types (AWSNitroTPM, AzureSEVSNP, ...) can not be extended
 Instead, we need a separate type that wraps _all_ attestation types. In the codebase this is done using the AttestationCfg interface.
 The new type AttestationCfgGet needs to be located inside internal/config in order to implement UnmarshalJSON.
 */
-package attestationconfig
+package attestationconfigapi

internal/api/attestationconfigapi/azure.go

@@ -4,7 +4,7 @@ Copyright (c) Edgeless Systems GmbH
 SPDX-License-Identifier: AGPL-3.0-only
 */
 
-package attestationconfig
+package attestationconfigapi
 
 import (
 	"fmt"

internal/api/attestationconfigapi/client.go

@@ -3,7 +3,7 @@ Copyright (c) Edgeless Systems GmbH
 
 SPDX-License-Identifier: AGPL-3.0-only
 */
-package client
+package attestationconfigapi
 
 import (
 	"context"
@@ -12,8 +12,6 @@ import (
 	"sort"
 	"time"
 
-	"github.com/edgelesssys/constellation/v2/internal/api/attestationconfig"
-	"github.com/edgelesssys/constellation/v2/internal/api/attestationconfig/fetcher"
 	apiclient "github.com/edgelesssys/constellation/v2/internal/api/client"
 	"github.com/edgelesssys/constellation/v2/internal/logger"
 	"github.com/edgelesssys/constellation/v2/internal/sigstore"
@@ -27,11 +25,10 @@ type Client struct {
 	s3ClientClose func(ctx context.Context) error
 	bucketID      string
 	signer        sigstore.Signer
-	fetcher       fetcher.AttestationConfigAPIFetcher
 }
 
-// New returns a new Client.
+// NewClient returns a new Client.
-func New(ctx context.Context, cfg staticupload.Config, cosignPwd, privateKey []byte, dryRun bool, log *logger.Logger) (*Client, apiclient.CloseFunc, error) {
+func NewClient(ctx context.Context, cfg staticupload.Config, cosignPwd, privateKey []byte, dryRun bool, log *logger.Logger) (*Client, apiclient.CloseFunc, error) {
 	s3Client, clientClose, err := apiclient.NewClient(ctx, cfg.Region, cfg.Bucket, cfg.DistributionID, dryRun, log)
 	if err != nil {
 		return nil, nil, fmt.Errorf("failed to create s3 storage: %w", err)
@@ -42,13 +39,12 @@ func New(ctx context.Context, cfg staticupload.Config, cosignPwd, privateKey []b
 		s3ClientClose: clientClose,
 		signer:        sigstore.NewSigner(cosignPwd, privateKey),
 		bucketID:      cfg.Bucket,
-		fetcher:       fetcher.New(),
 	}
 	return repo, clientClose, nil
 }
 
 // UploadAzureSEVSNP uploads the latest version numbers of the Azure SEVSNP.
-func (a Client) UploadAzureSEVSNP(ctx context.Context, version attestationconfig.AzureSEVSNPVersion, date time.Time) error {
+func (a Client) UploadAzureSEVSNP(ctx context.Context, version AzureSEVSNPVersion, date time.Time) error {
 	versions, err := a.List(ctx, variant.AzureSEVSNP{})
 	if err != nil {
 		return fmt.Errorf("fetch version list: %w", err)
@@ -76,7 +72,7 @@ func (a Client) DeleteAzureSEVSNPVersion(ctx context.Context, versionStr string)
 // List returns the list of versions for the given attestation type.
 func (a Client) List(ctx context.Context, attestation variant.Variant) ([]string, error) {
 	if attestation.Equal(variant.AzureSEVSNP{}) {
-		versions, err := apiclient.Fetch(ctx, a.s3Client, attestationconfig.AzureSEVSNPVersionList{})
+		versions, err := apiclient.Fetch(ctx, a.s3Client, AzureSEVSNPVersionList{})
 		if err != nil {
 			return nil, err
 		}
@@ -85,16 +81,16 @@ func (a Client) List(ctx context.Context, attestation variant.Variant) ([]string
 	return nil, fmt.Errorf("unsupported attestation type: %s", attestation)
 }
 
-func (a Client) deleteAzureSEVSNPVersion(versions attestationconfig.AzureSEVSNPVersionList, versionStr string) (ops []crudCmd, err error) {
+func (a Client) deleteAzureSEVSNPVersion(versions AzureSEVSNPVersionList, versionStr string) (ops []crudCmd, err error) {
 	versionStr = versionStr + ".json"
 	ops = append(ops, deleteCmd{
-		apiObject: attestationconfig.AzureSEVSNPVersionAPI{
+		apiObject: AzureSEVSNPVersionAPI{
 			Version: versionStr,
 		},
 	})
 
 	ops = append(ops, deleteCmd{
-		apiObject: attestationconfig.AzureSEVSNPVersionSignature{
+		apiObject: AzureSEVSNPVersionSignature{
 			Version: versionStr,
 		},
 	})
@@ -109,10 +105,10 @@ func (a Client) deleteAzureSEVSNPVersion(versions attestationconfig.AzureSEVSNPV
 	return ops, nil
 }
 
-func (a Client) uploadAzureSEVSNP(versions attestationconfig.AzureSEVSNPVersion, versionNames []string, date time.Time) (res []crudCmd, err error) {
+func (a Client) uploadAzureSEVSNP(versions AzureSEVSNPVersion, versionNames []string, date time.Time) (res []crudCmd, err error) {
 	dateStr := date.Format("2006-01-02-15-04") + ".json"
 
-	res = append(res, putCmd{attestationconfig.AzureSEVSNPVersionAPI{Version: dateStr, AzureSEVSNPVersion: versions}})
+	res = append(res, putCmd{AzureSEVSNPVersionAPI{Version: dateStr, AzureSEVSNPVersion: versions}})
 
 	versionBytes, err := json.Marshal(versions)
 	if err != nil {
@@ -124,22 +120,22 @@ func (a Client) uploadAzureSEVSNP(versions attestationconfig.AzureSEVSNPVersion,
 	}
 	res = append(res, putCmd{signature})
 	newVersions := addVersion(versionNames, dateStr)
-	res = append(res, putCmd{attestationconfig.AzureSEVSNPVersionList(newVersions)})
+	res = append(res, putCmd{AzureSEVSNPVersionList(newVersions)})
 	return
 }
 
-func (a Client) createSignature(content []byte, dateStr string) (res attestationconfig.AzureSEVSNPVersionSignature, err error) {
+func (a Client) createSignature(content []byte, dateStr string) (res AzureSEVSNPVersionSignature, err error) {
 	signature, err := a.signer.Sign(content)
 	if err != nil {
 		return res, fmt.Errorf("sign version file: %w", err)
 	}
-	return attestationconfig.AzureSEVSNPVersionSignature{
+	return AzureSEVSNPVersionSignature{
 		Signature: signature,
 		Version:   dateStr,
 	}, nil
 }
 
-func removeVersion(versions attestationconfig.AzureSEVSNPVersionList, versionStr string) (removedVersions attestationconfig.AzureSEVSNPVersionList, err error) {
+func removeVersion(versions AzureSEVSNPVersionList, versionStr string) (removedVersions AzureSEVSNPVersionList, err error) {
 	for i, v := range versions {
 		if v == versionStr {
 			if i == len(versions)-1 {

internal/api/attestationconfigapi/client_test.go

@@ -3,13 +3,12 @@ Copyright (c) Edgeless Systems GmbH
 
 SPDX-License-Identifier: AGPL-3.0-only
 */
-package client
+package attestationconfigapi
 
 import (
 	"testing"
 	"time"
 
-	"github.com/edgelesssys/constellation/v2/internal/api/attestationconfig"
 	"github.com/stretchr/testify/assert"
 )
 
@@ -18,26 +17,26 @@ func TestUploadAzureSEVSNP(t *testing.T) {
 		bucketID: "bucket",
 		signer:   fakeSigner{},
 	}
-	version := attestationconfig.AzureSEVSNPVersion{}
+	version := AzureSEVSNPVersion{}
 	date := time.Date(2023, 1, 1, 1, 1, 1, 1, time.UTC)
 	ops, err := sut.uploadAzureSEVSNP(version, []string{"2021-01-01-01-01.json", "2019-01-01-01-01.json"}, date)
 	assert := assert.New(t)
 	assert.NoError(err)
 	dateStr := "2023-01-01-01-01.json"
 	assert.Contains(ops, putCmd{
-		apiObject: attestationconfig.AzureSEVSNPVersionAPI{
+		apiObject: AzureSEVSNPVersionAPI{
 			Version:            dateStr,
 			AzureSEVSNPVersion: version,
 		},
 	})
 	assert.Contains(ops, putCmd{
-		apiObject: attestationconfig.AzureSEVSNPVersionSignature{
+		apiObject: AzureSEVSNPVersionSignature{
 			Version:   dateStr,
 			Signature: []byte("signature"),
 		},
 	})
 	assert.Contains(ops, putCmd{
-		apiObject: attestationconfig.AzureSEVSNPVersionList([]string{"2023-01-01-01-01.json", "2021-01-01-01-01.json", "2019-01-01-01-01.json"}),
+		apiObject: AzureSEVSNPVersionList([]string{"2023-01-01-01-01.json", "2021-01-01-01-01.json", "2019-01-01-01-01.json"}),
 	})
 }
 
@@ -45,25 +44,25 @@ func TestDeleteAzureSEVSNPVersions(t *testing.T) {
 	sut := Client{
 		bucketID: "bucket",
 	}
-	versions := attestationconfig.AzureSEVSNPVersionList([]string{"2023-01-01.json", "2021-01-01.json", "2019-01-01.json"})
+	versions := AzureSEVSNPVersionList([]string{"2023-01-01.json", "2021-01-01.json", "2019-01-01.json"})
 
 	ops, err := sut.deleteAzureSEVSNPVersion(versions, "2021-01-01")
 
 	assert := assert.New(t)
 	assert.NoError(err)
 	assert.Contains(ops, deleteCmd{
-		apiObject: attestationconfig.AzureSEVSNPVersionAPI{
+		apiObject: AzureSEVSNPVersionAPI{
 			Version: "2021-01-01.json",
 		},
 	})
 	assert.Contains(ops, deleteCmd{
-		apiObject: attestationconfig.AzureSEVSNPVersionSignature{
+		apiObject: AzureSEVSNPVersionSignature{
 			Version: "2021-01-01.json",
 		},
 	})
 
 	assert.Contains(ops, putCmd{
-		apiObject: attestationconfig.AzureSEVSNPVersionList([]string{"2023-01-01.json", "2019-01-01.json"}),
+		apiObject: AzureSEVSNPVersionList([]string{"2023-01-01.json", "2019-01-01.json"}),
 	})
 }
 

internal/api/attestationconfigapi/fetcher.go

@@ -0,0 +1,86 @@
+/*
+Copyright (c) Edgeless Systems GmbH
+
+SPDX-License-Identifier: AGPL-3.0-only
+*/
+
+package attestationconfigapi
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+
+	apifetcher "github.com/edgelesssys/constellation/v2/internal/api/fetcher"
+	"github.com/edgelesssys/constellation/v2/internal/constants"
+	"github.com/edgelesssys/constellation/v2/internal/sigstore"
+)
+
+const cosignPublicKey = constants.CosignPublicKeyReleases
+
+// Fetcher fetches config API resources without authentication.
+type Fetcher interface {
+	FetchAzureSEVSNPVersion(ctx context.Context, azureVersion AzureSEVSNPVersionAPI) (AzureSEVSNPVersionAPI, error)
+	FetchAzureSEVSNPVersionList(ctx context.Context, attestation AzureSEVSNPVersionList) (AzureSEVSNPVersionList, error)
+	FetchAzureSEVSNPVersionLatest(ctx context.Context) (AzureSEVSNPVersionAPI, error)
+}
+
+// fetcher fetches AttestationCfg API resources without authentication.
+type fetcher struct {
+	apifetcher.HTTPClient
+}
+
+// NewFetcher returns a new apifetcher.
+func NewFetcher() Fetcher {
+	return NewFetcherWithClient(apifetcher.NewHTTPClient())
+}
+
+// NewFetcherWithClient returns a new fetcher with custom http client.
+func NewFetcherWithClient(client apifetcher.HTTPClient) Fetcher {
+	return &fetcher{client}
+}
+
+// FetchAzureSEVSNPVersionList fetches the version list information from the config API.
+func (f *fetcher) FetchAzureSEVSNPVersionList(ctx context.Context, attestation AzureSEVSNPVersionList) (AzureSEVSNPVersionList, error) {
+	return apifetcher.Fetch(ctx, f.HTTPClient, attestation)
+}
+
+// FetchAzureSEVSNPVersion fetches the version information from the config API.
+func (f *fetcher) FetchAzureSEVSNPVersion(ctx context.Context, azureVersion AzureSEVSNPVersionAPI) (AzureSEVSNPVersionAPI, error) {
+	fetchedVersion, err := apifetcher.Fetch(ctx, f.HTTPClient, azureVersion)
+	if err != nil {
+		return fetchedVersion, fmt.Errorf("fetch version %s: %w", fetchedVersion.Version, err)
+	}
+	versionBytes, err := json.Marshal(fetchedVersion)
+	if err != nil {
+		return fetchedVersion, fmt.Errorf("marshal version for verify %s: %w", azureVersion.Version, err)
+	}
+
+	signature, err := apifetcher.Fetch(ctx, f.HTTPClient, AzureSEVSNPVersionSignature{
+		Version: azureVersion.Version,
+	})
+	if err != nil {
+		return fetchedVersion, fmt.Errorf("fetch version %s signature: %w", azureVersion.Version, err)
+	}
+
+	err = sigstore.CosignVerifier{}.VerifySignature(versionBytes, signature.Signature, []byte(cosignPublicKey))
+	if err != nil {
+		return fetchedVersion, fmt.Errorf("verify version %s signature: %w", azureVersion.Version, err)
+	}
+	return fetchedVersion, nil
+}
+
+// FetchAzureSEVSNPVersionLatest returns the latest versions of the given type.
+func (f *fetcher) FetchAzureSEVSNPVersionLatest(ctx context.Context) (res AzureSEVSNPVersionAPI, err error) {
+	var list AzureSEVSNPVersionList
+	list, err = f.FetchAzureSEVSNPVersionList(ctx, list)
+	if err != nil {
+		return res, fmt.Errorf("fetching versions list: %w", err)
+	}
+	get := AzureSEVSNPVersionAPI{Version: list[0]} // get latest version (as sorted reversely alphanumerically)
+	get, err = f.FetchAzureSEVSNPVersion(ctx, get)
+	if err != nil {
+		return res, fmt.Errorf("fetching version: %w", err)
+	}
+	return get, nil
+}

internal/api/attestationconfigapi/fetcher_test.go

@@ -3,7 +3,7 @@ Copyright (c) Edgeless Systems GmbH
 
 SPDX-License-Identifier: AGPL-3.0-only
 */
-package fetcher
+package attestationconfigapi
 
 import (
 	"bytes"
@@ -14,12 +14,11 @@ import (
 	"net/http"
 	"testing"
 
-	configapi "github.com/edgelesssys/constellation/v2/internal/api/attestationconfig"
 	"github.com/stretchr/testify/assert"
 )
 
-var testCfg = configapi.AzureSEVSNPVersionAPI{
+var testCfg = AzureSEVSNPVersionAPI{
-	AzureSEVSNPVersion: configapi.AzureSEVSNPVersion{
+	AzureSEVSNPVersion: AzureSEVSNPVersion{
 		Microcode:  93,
 		TEE:        0,
 		SNP:        6,
@@ -31,7 +30,7 @@ func TestFetchLatestAzureSEVSNPVersion(t *testing.T) {
 	testcases := map[string]struct {
 		signature []byte
 		wantErr   bool
-		want      configapi.AzureSEVSNPVersionAPI
+		want      AzureSEVSNPVersionAPI
 	}{
 		"get version with valid signature": {
 			signature: []byte("MEQCIBPEbYg89MIQuaGStLhKGLGMKvKFoYCaAniDLwoIwulqAiB+rj7KMaMOMGxmUsjI7KheCXSNM8NzN+tuDw6AywI75A=="), // signed with release key
@@ -49,7 +48,7 @@ func TestFetchLatestAzureSEVSNPVersion(t *testing.T) {
 					signature: tc.signature,
 				},
 			}
-			fetcher := NewWithClient(client)
+			fetcher := NewFetcherWithClient(client)
 			res, err := fetcher.FetchAzureSEVSNPVersionLatest(context.Background())
 
 			assert := assert.New(t)
@@ -93,7 +92,7 @@ func (f *fakeConfigAPIHandler) RoundTrip(req *http.Request) (*http.Response, err
 
 	} else if req.URL.Path == "/constellation/v1/attestation/azure-sev-snp/2021-01-01-01-01.json.sig" {
 		res := &http.Response{}
-		obj := configapi.AzureSEVSNPVersionSignature{
+		obj := AzureSEVSNPVersionSignature{
 			Signature: f.signature,
 		}
 		bt, err := json.Marshal(obj)

internal/api/attestationconfigapi/test/integration_test.go

@@ -16,8 +16,7 @@ import (
 	"testing"
 	"time"
 
-	"github.com/edgelesssys/constellation/v2/internal/api/attestationconfig"
+	attestationconfig "github.com/edgelesssys/constellation/v2/internal/api/attestationconfigapi"
-	"github.com/edgelesssys/constellation/v2/internal/api/attestationconfig/client"
 	"github.com/edgelesssys/constellation/v2/internal/logger"
 	"github.com/edgelesssys/constellation/v2/internal/staticupload"
 	"github.com/stretchr/testify/require"
@@ -76,7 +75,7 @@ var versionValues = attestationconfig.AzureSEVSNPVersion{
 
 func TestUploadAzureSEVSNPVersions(t *testing.T) {
 	ctx := context.Background()
-	client, clientClose, err := client.New(ctx, cfg, []byte(*cosignPwd), privateKey, false, logger.New(logger.PlainLog, zap.DebugLevel).Named("attestationconfig"))
+	client, clientClose, err := attestationconfig.NewClient(ctx, cfg, []byte(*cosignPwd), privateKey, false, logger.New(logger.PlainLog, zap.DebugLevel).Named("attestationconfig"))
 	require.NoError(t, err)
 	defer func() { _ = clientClose(ctx) }()
 	d := time.Date(2021, 1, 1, 1, 1, 1, 1, time.UTC)

internal/api/versions/client/BUILD.bazel

@@ -1,15 +0,0 @@
-load("@io_bazel_rules_go//go:def.bzl", "go_library")
-
-go_library(
-    name = "client",
-    srcs = ["client.go"],
-    importpath = "github.com/edgelesssys/constellation/v2/internal/api/versions/client",
-    visibility = ["//:__subpackages__"],
-    deps = [
-        "//internal/api/client",
-        "//internal/api/versions",
-        "//internal/constants",
-        "//internal/logger",
-        "@org_golang_x_mod//semver",
-    ],
-)

internal/api/versions/fetcher/BUILD.bazel

@@ -1,25 +0,0 @@
-load("@io_bazel_rules_go//go:def.bzl", "go_library")
-load("//bazel/go:go_test.bzl", "go_test")
-
-go_library(
-    name = "fetcher",
-    srcs = ["fetcher.go"],
-    importpath = "github.com/edgelesssys/constellation/v2/internal/api/versions/fetcher",
-    visibility = ["//:__subpackages__"],
-    deps = [
-        "//internal/api/fetcher",
-        "//internal/api/versions",
-    ],
-)
-
-go_test(
-    name = "fetcher_test",
-    srcs = ["fetcher_test.go"],
-    embed = [":fetcher"],
-    deps = [
-        "//internal/api/versions",
-        "@com_github_stretchr_testify//assert",
-        "@com_github_stretchr_testify//require",
-        "@org_uber_go_goleak//:goleak",
-    ],
-)

internal/api/versionsapi/BUILD.bazel

@@ -2,38 +2,45 @@ load("@io_bazel_rules_go//go:def.bzl", "go_library")
 load("//bazel/go:go_test.bzl", "go_test")
 
 go_library(
-    name = "versions",
+    name = "versionsapi",
     srcs = [
         "apiconstants.go",
+        "client.go",
         "cliinfo.go",
+        "fetcher.go",
         "imageinfo.go",
         "latest.go",
         "list.go",
         "version.go",
         "versionsapi.go",
     ],
-    importpath = "github.com/edgelesssys/constellation/v2/internal/api/versions",
+    importpath = "github.com/edgelesssys/constellation/v2/internal/api/versionsapi",
     visibility = ["//:__subpackages__"],
     deps = [
+        "//internal/api/client",
+        "//internal/api/fetcher",
         "//internal/constants",
+        "//internal/logger",
         "@org_golang_x_mod//semver",
     ],
 )
 
 go_test(
-    name = "versions_test",
+    name = "versionsapi_test",
     srcs = [
         "cliinfo_test.go",
+        "fetcher_test.go",
         "imageinfo_test.go",
         "latest_test.go",
         "list_test.go",
         "version_test.go",
     ],
-    embed = [":versions"],
+    embed = [":versionsapi"],
     deps = [
         "//internal/cloud/cloudprovider",
         "//internal/constants",
         "@com_github_stretchr_testify//assert",
         "@com_github_stretchr_testify//require",
+        "@org_uber_go_goleak//:goleak",
     ],
 )

internal/api/versionsapi/apiconstants.go

@@ -4,7 +4,7 @@ Copyright (c) Edgeless Systems GmbH
 SPDX-License-Identifier: AGPL-3.0-only
 */
 
-package versions
+package versionsapi
 
 var (
 	// APIV1 is the v1 API version.

internal/api/versionsapi/cli/BUILD.bazel

@@ -9,12 +9,11 @@ go_library(
         "main.go",
         "rm.go",
     ],
-    importpath = "github.com/edgelesssys/constellation/v2/internal/api/versions/cli",
+    importpath = "github.com/edgelesssys/constellation/v2/internal/api/versionsapi/cli",
     visibility = ["//visibility:private"],
     deps = [
         "//internal/api/client",
-        "//internal/api/versions",
+        "//internal/api/versionsapi",
-        "//internal/api/versions/client",
         "//internal/constants",
         "//internal/logger",
         "@com_github_aws_aws_sdk_go_v2_config//:config",

internal/api/versionsapi/cli/add.go

@@ -12,8 +12,7 @@ import (
 	"fmt"
 
 	apiclient "github.com/edgelesssys/constellation/v2/internal/api/client"
-	versionsapi "github.com/edgelesssys/constellation/v2/internal/api/versions"
+	"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
-	verclient "github.com/edgelesssys/constellation/v2/internal/api/versions/client"
 	"github.com/edgelesssys/constellation/v2/internal/logger"
 	"github.com/spf13/cobra"
 	"go.uber.org/zap/zapcore"
@@ -73,7 +72,7 @@ func runAdd(cmd *cobra.Command, _ []string) (retErr error) {
 	}
 
 	log.Debugf("Creating versions API client")
-	client, clientClose, err := verclient.NewClient(cmd.Context(), flags.region, flags.bucket, flags.distributionID, flags.dryRun, log)
+	client, clientClose, err := versionsapi.NewClient(cmd.Context(), flags.region, flags.bucket, flags.distributionID, flags.dryRun, log)
 	if err != nil {
 		return fmt.Errorf("creating client: %w", err)
 	}
@@ -105,7 +104,7 @@ func runAdd(cmd *cobra.Command, _ []string) (retErr error) {
 	return nil
 }
 
-func ensureVersion(ctx context.Context, client *verclient.VersionsClient, kind versionsapi.VersionKind, ver versionsapi.Version, gran versionsapi.Granularity,
+func ensureVersion(ctx context.Context, client *versionsapi.Client, kind versionsapi.VersionKind, ver versionsapi.Version, gran versionsapi.Granularity,
 	log *logger.Logger,
 ) error {
 	verListReq := versionsapi.List{
@@ -145,7 +144,7 @@ func ensureVersion(ctx context.Context, client *verclient.VersionsClient, kind v
 	return nil
 }
 
-func updateLatest(ctx context.Context, client *verclient.VersionsClient, kind versionsapi.VersionKind, ver versionsapi.Version, log *logger.Logger) error {
+func updateLatest(ctx context.Context, client *versionsapi.Client, kind versionsapi.VersionKind, ver versionsapi.Version, log *logger.Logger) error {
 	latest := versionsapi.Latest{
 		Ref:    ver.Ref,
 		Stream: ver.Stream,

internal/api/versionsapi/cli/latest.go

@@ -10,8 +10,7 @@ import (
 	"encoding/json"
 	"fmt"
 
-	versionsapi "github.com/edgelesssys/constellation/v2/internal/api/versions"
+	"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
-	verclient "github.com/edgelesssys/constellation/v2/internal/api/versions/client"
 	"github.com/edgelesssys/constellation/v2/internal/logger"
 	"github.com/spf13/cobra"
 	"go.uber.org/zap/zapcore"
@@ -47,7 +46,7 @@ func runLatest(cmd *cobra.Command, _ []string) error {
 	}
 
 	log.Debugf("Creating versions API client")
-	client, clientClose, err := verclient.NewReadOnlyClient(cmd.Context(), flags.region, flags.bucket, flags.distributionID, log)
+	client, clientClose, err := versionsapi.NewReadOnlyClient(cmd.Context(), flags.region, flags.bucket, flags.distributionID, log)
 	if err != nil {
 		return fmt.Errorf("creating client: %w", err)
 	}

internal/api/versionsapi/cli/list.go

@@ -17,8 +17,7 @@ import (
 	"golang.org/x/mod/semver"
 
 	apiclient "github.com/edgelesssys/constellation/v2/internal/api/client"
-	versionsapi "github.com/edgelesssys/constellation/v2/internal/api/versions"
+	"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
-	verclient "github.com/edgelesssys/constellation/v2/internal/api/versions/client"
 	"github.com/edgelesssys/constellation/v2/internal/logger"
 )
 
@@ -53,7 +52,7 @@ func runList(cmd *cobra.Command, _ []string) error {
 	}
 
 	log.Debugf("Creating versions API client")
-	client, clientClose, err := verclient.NewReadOnlyClient(cmd.Context(), flags.region, flags.bucket, flags.distributionID, log)
+	client, clientClose, err := versionsapi.NewReadOnlyClient(cmd.Context(), flags.region, flags.bucket, flags.distributionID, log)
 	if err != nil {
 		return fmt.Errorf("creating client: %w", err)
 	}
@@ -110,7 +109,7 @@ func runList(cmd *cobra.Command, _ []string) error {
 	return nil
 }
 
-func listMinorVersions(ctx context.Context, client *verclient.VersionsClient, ref string, stream string) ([]string, error) {
+func listMinorVersions(ctx context.Context, client *versionsapi.Client, ref string, stream string) ([]string, error) {
 	list := versionsapi.List{
 		Ref:         ref,
 		Stream:      stream,
@@ -126,7 +125,7 @@ func listMinorVersions(ctx context.Context, client *verclient.VersionsClient, re
 	return list.Versions, nil
 }
 
-func listPatchVersions(ctx context.Context, client *verclient.VersionsClient, ref string, stream string, minorVer []string,
+func listPatchVersions(ctx context.Context, client *versionsapi.Client, ref string, stream string, minorVer []string,
 ) ([]versionsapi.Version, error) {
 	var patchVers []versionsapi.Version
 

internal/api/versionsapi/cli/rm.go

@@ -25,8 +25,7 @@ import (
 	"github.com/aws/aws-sdk-go-v2/service/ec2"
 	"github.com/aws/smithy-go"
 	apiclient "github.com/edgelesssys/constellation/v2/internal/api/client"
-	versionsapi "github.com/edgelesssys/constellation/v2/internal/api/versions"
+	"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
-	verclient "github.com/edgelesssys/constellation/v2/internal/api/versions/client"
 	"github.com/edgelesssys/constellation/v2/internal/logger"
 	gaxv2 "github.com/googleapis/gax-go/v2"
 	"github.com/spf13/cobra"
@@ -102,7 +101,7 @@ func runRemove(cmd *cobra.Command, _ []string) (retErr error) {
 	}
 
 	log.Debugf("Creating versions API client")
-	verclient, verclientClose, err := verclient.NewClient(cmd.Context(), flags.region, flags.bucket, flags.distributionID, flags.dryrun, log)
+	verclient, verclientClose, err := versionsapi.NewClient(cmd.Context(), flags.region, flags.bucket, flags.distributionID, flags.dryrun, log)
 	if err != nil {
 		return fmt.Errorf("creating client: %w", err)
 	}
@@ -240,7 +239,7 @@ func deleteImage(ctx context.Context, clients rmImageClients, ver versionsapi.Ve
 }
 
 type rmImageClients struct {
-	version *verclient.VersionsClient
+	version *versionsapi.Client
 	gcp     *gcpClient
 	aws     *awsClient
 	az      *azureClient

internal/api/versionsapi/client.go

@@ -4,10 +4,7 @@ Copyright (c) Edgeless Systems GmbH
 SPDX-License-Identifier: AGPL-3.0-only
 */
 
-/*
+package versionsapi
-Package client provides a versions API specific implementation of the general API client.
-*/
-package client
 
 import (
 	"context"
@@ -18,13 +15,12 @@ import (
 	"golang.org/x/mod/semver"
 
 	apiclient "github.com/edgelesssys/constellation/v2/internal/api/client"
-	versionsapi "github.com/edgelesssys/constellation/v2/internal/api/versions"
 	"github.com/edgelesssys/constellation/v2/internal/constants"
 	"github.com/edgelesssys/constellation/v2/internal/logger"
 )
 
-// VersionsClient is a client for the versions API.
+// Client is a client for the versions API.
-type VersionsClient struct {
+type Client struct {
 	*apiclient.Client
 	clientClose func(ctx context.Context) error
 }
@@ -32,9 +28,9 @@ type VersionsClient struct {
 // NewClient creates a new client for the versions API.
 func NewClient(ctx context.Context, region, bucket, distributionID string, dryRun bool,
 	log *logger.Logger,
-) (*VersionsClient, CloseFunc, error) {
+) (*Client, CloseFunc, error) {
 	genericClient, genericClientClose, err := apiclient.NewClient(ctx, region, bucket, distributionID, dryRun, log)
-	versionsClient := &VersionsClient{
+	versionsClient := &Client{
 		genericClient,
 		genericClientClose,
 	}
@@ -48,12 +44,12 @@ func NewClient(ctx context.Context, region, bucket, distributionID string, dryRu
 // This client can be used to fetch objects but cannot write updates.
 func NewReadOnlyClient(ctx context.Context, region, bucket, distributionID string,
 	log *logger.Logger,
-) (*VersionsClient, CloseFunc, error) {
+) (*Client, CloseFunc, error) {
 	genericClient, genericClientClose, err := apiclient.NewReadOnlyClient(ctx, region, bucket, distributionID, log)
 	if err != nil {
 		return nil, nil, err
 	}
-	versionsClient := &VersionsClient{
+	versionsClient := &Client{
 		genericClient,
 		genericClientClose,
 	}
@@ -64,7 +60,7 @@ func NewReadOnlyClient(ctx context.Context, region, bucket, distributionID strin
 }
 
 // Close closes the client.
-func (c *VersionsClient) Close(ctx context.Context) error {
+func (c *Client) Close(ctx context.Context) error {
 	if c.clientClose == nil {
 		return nil
 	}
@@ -72,49 +68,49 @@ func (c *VersionsClient) Close(ctx context.Context) error {
 }
 
 // FetchVersionList fetches the given version list from the versions API.
-func (c *VersionsClient) FetchVersionList(ctx context.Context, list versionsapi.List) (versionsapi.List, error) {
+func (c *Client) FetchVersionList(ctx context.Context, list List) (List, error) {
 	return apiclient.Fetch(ctx, c.Client, list)
 }
 
 // UpdateVersionList updates the given version list in the versions API.
-func (c *VersionsClient) UpdateVersionList(ctx context.Context, list versionsapi.List) error {
+func (c *Client) UpdateVersionList(ctx context.Context, list List) error {
 	semver.Sort(list.Versions)
 	return apiclient.Update(ctx, c.Client, list)
 }
 
 // FetchVersionLatest fetches the latest version from the versions API.
-func (c *VersionsClient) FetchVersionLatest(ctx context.Context, latest versionsapi.Latest) (versionsapi.Latest, error) {
+func (c *Client) FetchVersionLatest(ctx context.Context, latest Latest) (Latest, error) {
 	return apiclient.Fetch(ctx, c.Client, latest)
 }
 
 // UpdateVersionLatest updates the latest version in the versions API.
-func (c *VersionsClient) UpdateVersionLatest(ctx context.Context, latest versionsapi.Latest) error {
+func (c *Client) UpdateVersionLatest(ctx context.Context, latest Latest) error {
 	return apiclient.Update(ctx, c.Client, latest)
 }
 
 // FetchImageInfo fetches the given image info from the versions API.
-func (c *VersionsClient) FetchImageInfo(ctx context.Context, imageInfo versionsapi.ImageInfo) (versionsapi.ImageInfo, error) {
+func (c *Client) FetchImageInfo(ctx context.Context, imageInfo ImageInfo) (ImageInfo, error) {
 	return apiclient.Fetch(ctx, c.Client, imageInfo)
 }
 
 // UpdateImageInfo updates the given image info in the versions API.
-func (c *VersionsClient) UpdateImageInfo(ctx context.Context, imageInfo versionsapi.ImageInfo) error {
+func (c *Client) UpdateImageInfo(ctx context.Context, imageInfo ImageInfo) error {
 	return apiclient.Update(ctx, c.Client, imageInfo)
 }
 
 // FetchCLIInfo fetches the given CLI info from the versions API.
-func (c *VersionsClient) FetchCLIInfo(ctx context.Context, cliInfo versionsapi.CLIInfo) (versionsapi.CLIInfo, error) {
+func (c *Client) FetchCLIInfo(ctx context.Context, cliInfo CLIInfo) (CLIInfo, error) {
 	return apiclient.Fetch(ctx, c.Client, cliInfo)
 }
 
 // UpdateCLIInfo updates the given CLI info in the versions API.
-func (c *VersionsClient) UpdateCLIInfo(ctx context.Context, cliInfo versionsapi.CLIInfo) error {
+func (c *Client) UpdateCLIInfo(ctx context.Context, cliInfo CLIInfo) error {
 	return apiclient.Update(ctx, c.Client, cliInfo)
 }
 
 // DeleteRef deletes the given ref from the versions API.
-func (c *VersionsClient) DeleteRef(ctx context.Context, ref string) error {
+func (c *Client) DeleteRef(ctx context.Context, ref string) error {
-	if err := versionsapi.ValidateRef(ref); err != nil {
+	if err := ValidateRef(ref); err != nil {
 		return fmt.Errorf("validating ref: %w", err)
 	}
 
@@ -132,7 +128,7 @@ func (c *VersionsClient) DeleteRef(ctx context.Context, ref string) error {
 // Notice that the versions API can get into an inconsistent state if the version is the latest
 // version but there is no older version of the same minor version available.
 // Manual update of latest versions is required in this case.
-func (c *VersionsClient) DeleteVersion(ctx context.Context, ver versionsapi.Version) error {
+func (c *Client) DeleteVersion(ctx context.Context, ver Version) error {
 	var retErr error
 
 	c.Client.Log.Debugf("Deleting version %s from minor version list", ver.Version)
@@ -146,22 +142,22 @@ func (c *VersionsClient) DeleteVersion(ctx context.Context, ver versionsapi.Vers
 		retErr = errors.Join(retErr, fmt.Errorf("updating latest version: %w", err))
 	}
 
-	c.Client.Log.Debugf("Deleting artifact path %s for %s", ver.ArtifactPath(versionsapi.APIV1), ver.Version)
+	c.Client.Log.Debugf("Deleting artifact path %s for %s", ver.ArtifactPath(APIV1), ver.Version)
-	if err := c.Client.DeletePath(ctx, ver.ArtifactPath(versionsapi.APIV1)); err != nil {
+	if err := c.Client.DeletePath(ctx, ver.ArtifactPath(APIV1)); err != nil {
 		retErr = errors.Join(retErr, fmt.Errorf("deleting artifact path: %w", err))
 	}
 
 	return retErr
 }
 
-func (c *VersionsClient) deleteVersionFromMinorVersionList(ctx context.Context, ver versionsapi.Version,
+func (c *Client) deleteVersionFromMinorVersionList(ctx context.Context, ver Version,
-) (*versionsapi.Latest, error) {
+) (*Latest, error) {
-	minorList := versionsapi.List{
+	minorList := List{
 		Ref:         ver.Ref,
 		Stream:      ver.Stream,
-		Granularity: versionsapi.GranularityMinor,
+		Granularity: GranularityMinor,
-		Base:        ver.WithGranularity(versionsapi.GranularityMinor),
+		Base:        ver.WithGranularity(GranularityMinor),
-		Kind:        versionsapi.VersionKindImage,
+		Kind:        VersionKindImage,
 	}
 	c.Client.Log.Debugf("Fetching minor version list for version %s", ver.Version)
 	minorList, err := c.FetchVersionList(ctx, minorList)
@@ -188,12 +184,12 @@ func (c *VersionsClient) deleteVersionFromMinorVersionList(ctx context.Context,
 		}
 	}
 
-	var latest *versionsapi.Latest
+	var latest *Latest
 	if len(minorList.Versions) != 0 {
-		latest = &versionsapi.Latest{
+		latest = &Latest{
 			Ref:     ver.Ref,
 			Stream:  ver.Stream,
-			Kind:    versionsapi.VersionKindImage,
+			Kind:    VersionKindImage,
 			Version: minorList.Versions[len(minorList.Versions)-1],
 		}
 		c.Client.Log.Debugf("Possible latest version replacement %q", latest.Version)
@@ -213,12 +209,12 @@ func (c *VersionsClient) deleteVersionFromMinorVersionList(ctx context.Context,
 	return latest, nil
 }
 
-func (c *VersionsClient) deleteVersionFromLatest(ctx context.Context, ver versionsapi.Version, possibleNewLatest *versionsapi.Latest,
+func (c *Client) deleteVersionFromLatest(ctx context.Context, ver Version, possibleNewLatest *Latest,
 ) error {
-	latest := versionsapi.Latest{
+	latest := Latest{
 		Ref:    ver.Ref,
 		Stream: ver.Stream,
-		Kind:   versionsapi.VersionKindImage,
+		Kind:   VersionKindImage,
 	}
 	c.Client.Log.Debugf("Fetching latest version from %s", latest.JSONPath())
 	latest, err := c.FetchVersionLatest(ctx, latest)

internal/api/versionsapi/cliinfo.go

@@ -4,7 +4,7 @@ Copyright (c) Edgeless Systems GmbH
 SPDX-License-Identifier: AGPL-3.0-only
 */
 
-package versions
+package versionsapi
 
 import (
 	"errors"

internal/api/versionsapi/cliinfo_test.go

@@ -4,7 +4,7 @@ Copyright (c) Edgeless Systems GmbH
 SPDX-License-Identifier: AGPL-3.0-only
 */
 
-package versions
+package versionsapi
 
 import (
 	"testing"

internal/api/versionsapi/fetcher.go

@@ -4,13 +4,12 @@ Copyright (c) Edgeless Systems GmbH
 SPDX-License-Identifier: AGPL-3.0-only
 */
 
-package fetcher
+package versionsapi
 
 import (
 	"context"
 
 	"github.com/edgelesssys/constellation/v2/internal/api/fetcher"
-	"github.com/edgelesssys/constellation/v2/internal/api/versions"
 )
 
 // Fetcher fetches version API resources without authentication.
@@ -18,27 +17,27 @@ type Fetcher struct {
 	fetcher.HTTPClient
 }
 
-// New returns a new Fetcher.
+// NewFetcher returns a new Fetcher.
-func New() *Fetcher {
+func NewFetcher() *Fetcher {
 	return &Fetcher{fetcher.NewHTTPClient()}
 }
 
 // FetchVersionList fetches the given version list from the versions API.
-func (f *Fetcher) FetchVersionList(ctx context.Context, list versions.List) (versions.List, error) {
+func (f *Fetcher) FetchVersionList(ctx context.Context, list List) (List, error) {
 	return fetcher.Fetch(ctx, f.HTTPClient, list)
 }
 
 // FetchVersionLatest fetches the latest version from the versions API.
-func (f *Fetcher) FetchVersionLatest(ctx context.Context, latest versions.Latest) (versions.Latest, error) {
+func (f *Fetcher) FetchVersionLatest(ctx context.Context, latest Latest) (Latest, error) {
 	return fetcher.Fetch(ctx, f.HTTPClient, latest)
 }
 
 // FetchImageInfo fetches the given image info from the versions API.
-func (f *Fetcher) FetchImageInfo(ctx context.Context, imageInfo versions.ImageInfo) (versions.ImageInfo, error) {
+func (f *Fetcher) FetchImageInfo(ctx context.Context, imageInfo ImageInfo) (ImageInfo, error) {
 	return fetcher.Fetch(ctx, f.HTTPClient, imageInfo)
 }
 
 // FetchCLIInfo fetches the given cli info from the versions API.
-func (f *Fetcher) FetchCLIInfo(ctx context.Context, cliInfo versions.CLIInfo) (versions.CLIInfo, error) {
+func (f *Fetcher) FetchCLIInfo(ctx context.Context, cliInfo CLIInfo) (CLIInfo, error) {
 	return fetcher.Fetch(ctx, f.HTTPClient, cliInfo)
 }

internal/api/versionsapi/fetcher_test.go

@@ -4,7 +4,7 @@ Copyright (c) Edgeless Systems GmbH
 SPDX-License-Identifier: AGPL-3.0-only
 */
 
-package fetcher
+package versionsapi
 
 import (
 	"bytes"
@@ -14,7 +14,6 @@ import (
 	"net/http"
 	"testing"
 
-	versionsapi "github.com/edgelesssys/constellation/v2/internal/api/versions"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 	"go.uber.org/goleak"
@@ -27,23 +26,23 @@ func TestMain(m *testing.M) {
 func TestFetchVersionList(t *testing.T) {
 	require := require.New(t)
 
-	majorList := func() *versionsapi.List {
+	majorList := func() *List {
-		return &versionsapi.List{
+		return &List{
 			Ref:         "test-ref",
 			Stream:      "nightly",
-			Granularity: versionsapi.GranularityMajor,
+			Granularity: GranularityMajor,
 			Base:        "v1",
-			Kind:        versionsapi.VersionKindImage,
+			Kind:        VersionKindImage,
 			Versions:    []string{"v1.0", "v1.1", "v1.2"},
 		}
 	}
-	minorList := func() *versionsapi.List {
+	minorList := func() *List {
-		return &versionsapi.List{
+		return &List{
 			Ref:         "test-ref",
 			Stream:      "nightly",
-			Granularity: versionsapi.GranularityMinor,
+			Granularity: GranularityMinor,
 			Base:        "v1.1",
-			Kind:        versionsapi.VersionKindImage,
+			Kind:        VersionKindImage,
 			Versions:    []string{"v1.1.0", "v1.1.1", "v1.1.2"},
 		}
 	}
@@ -57,19 +56,19 @@ func TestFetchVersionList(t *testing.T) {
 	require.NoError(err)
 
 	testCases := map[string]struct {
-		list       versionsapi.List
+		list       List
 		serverPath string
 		serverResp *http.Response
-		wantList   versionsapi.List
+		wantList   List
 		wantErr    bool
 	}{
 		"major list fetched": {
-			list: versionsapi.List{
+			list: List{
 				Ref:         "test-ref",
 				Stream:      "nightly",
-				Granularity: versionsapi.GranularityMajor,
+				Granularity: GranularityMajor,
 				Base:        "v1",
-				Kind:        versionsapi.VersionKindImage,
+				Kind:        VersionKindImage,
 			},
 			serverPath: "/constellation/v1/ref/test-ref/stream/nightly/versions/major/v1/image.json",
 			serverResp: &http.Response{
@@ -79,12 +78,12 @@ func TestFetchVersionList(t *testing.T) {
 			wantList: *majorList(),
 		},
 		"minor list fetched": {
-			list: versionsapi.List{
+			list: List{
 				Ref:         "test-ref",
 				Stream:      "nightly",
-				Granularity: versionsapi.GranularityMinor,
+				Granularity: GranularityMinor,
 				Base:        "v1.1",
-				Kind:        versionsapi.VersionKindImage,
+				Kind:        VersionKindImage,
 			},
 			serverPath: "/constellation/v1/ref/test-ref/stream/nightly/versions/minor/v1.1/image.json",
 			serverResp: &http.Response{
@@ -94,32 +93,32 @@ func TestFetchVersionList(t *testing.T) {
 			wantList: *minorList(),
 		},
 		"list does not exist": {
-			list: versionsapi.List{
+			list: List{
 				Ref:         "another-ref",
 				Stream:      "nightly",
-				Granularity: versionsapi.GranularityMajor,
+				Granularity: GranularityMajor,
 				Base:        "v1",
-				Kind:        versionsapi.VersionKindImage,
+				Kind:        VersionKindImage,
 			},
 			wantErr: true,
 		},
 		"invalid list requested": {
-			list: versionsapi.List{
+			list: List{
 				Ref:         "",
 				Stream:      "unknown",
-				Granularity: versionsapi.GranularityMajor,
+				Granularity: GranularityMajor,
 				Base:        "v1",
-				Kind:        versionsapi.VersionKindImage,
+				Kind:        VersionKindImage,
 			},
 			wantErr: true,
 		},
 		"unexpected error code": {
-			list: versionsapi.List{
+			list: List{
 				Ref:         "test-ref",
 				Stream:      "nightly",
-				Granularity: versionsapi.GranularityMajor,
+				Granularity: GranularityMajor,
 				Base:        "v1",
-				Kind:        versionsapi.VersionKindImage,
+				Kind:        VersionKindImage,
 			},
 			serverPath: "/constellation/v1/ref/test-ref/stream/nightly/versions/major/v1/image.json",
 			serverResp: &http.Response{
@@ -129,12 +128,12 @@ func TestFetchVersionList(t *testing.T) {
 			wantErr: true,
 		},
 		"invalid json returned": {
-			list: versionsapi.List{
+			list: List{
 				Ref:         "test-ref",
 				Stream:      "nightly",
-				Granularity: versionsapi.GranularityMajor,
+				Granularity: GranularityMajor,
 				Base:        "v1",
-				Kind:        versionsapi.VersionKindImage,
+				Kind:        VersionKindImage,
 			},
 			serverPath: "/constellation/v1/ref/test-ref/stream/nightly/versions/major/v1/image.json",
 			serverResp: &http.Response{
@@ -144,12 +143,12 @@ func TestFetchVersionList(t *testing.T) {
 			wantErr: true,
 		},
 		"invalid list returned": {
-			list: versionsapi.List{
+			list: List{
 				Ref:         "test-ref",
 				Stream:      "nightly",
-				Granularity: versionsapi.GranularityMajor,
+				Granularity: GranularityMajor,
 				Base:        "v2",
-				Kind:        versionsapi.VersionKindImage,
+				Kind:        VersionKindImage,
 			},
 			serverPath: "/constellation/v1/ref/test-ref/stream/nightly/versions/major/v2/image.json",
 			serverResp: &http.Response{
@@ -160,12 +159,12 @@ func TestFetchVersionList(t *testing.T) {
 		},
 		// TODO(katexochen): Remove or find strategy to implement this check in a generic way
 		// "response does not match request": {
-		// 	list: versionsapi.List{
+		// 	list: List{
 		// 		Ref:         "test-ref",
 		// 		Stream:      "nightly",
-		// 		Granularity: versionsapi.GranularityMajor,
+		// 		Granularity: GranularityMajor,
 		// 		Base:        "v3",
-		// 		Kind:        versionsapi.VersionKindImage,
+		// 		Kind:        VersionKindImage,
 		// 	},
 		// 	serverPath: "/constellation/v1/ref/test-ref/stream/nightly/versions/major/v3/image.json",
 		// 	serverResp: &http.Response{

internal/api/versionsapi/imageinfo.go

@@ -4,7 +4,7 @@ Copyright (c) Edgeless Systems GmbH
 SPDX-License-Identifier: AGPL-3.0-only
 */
 
-package versions
+package versionsapi
 
 import (
 	"errors"

internal/api/versionsapi/imageinfo_test.go

@@ -4,7 +4,7 @@ Copyright (c) Edgeless Systems GmbH
 SPDX-License-Identifier: AGPL-3.0-only
 */
 
-package versions
+package versionsapi
 
 import (
 	"testing"

internal/api/versionsapi/latest.go

@@ -4,7 +4,7 @@ Copyright (c) Edgeless Systems GmbH
 SPDX-License-Identifier: AGPL-3.0-only
 */
 
-package versions
+package versionsapi
 
 import (
 	"errors"

internal/api/versionsapi/latest_test.go

@@ -4,7 +4,7 @@ Copyright (c) Edgeless Systems GmbH
 SPDX-License-Identifier: AGPL-3.0-only
 */
 
-package versions
+package versionsapi
 
 import (
 	"testing"

internal/api/versionsapi/list.go

@@ -4,7 +4,7 @@ Copyright (c) Edgeless Systems GmbH
 SPDX-License-Identifier: AGPL-3.0-only
 */
 
-package versions
+package versionsapi
 
 import (
 	"errors"

internal/api/versionsapi/list_test.go

@@ -4,7 +4,7 @@ Copyright (c) Edgeless Systems GmbH
 SPDX-License-Identifier: AGPL-3.0-only
 */
 
-package versions
+package versionsapi
 
 import (
 	"testing"

internal/api/versionsapi/version.go

@@ -4,7 +4,7 @@ Copyright (c) Edgeless Systems GmbH
 SPDX-License-Identifier: AGPL-3.0-only
 */
 
-package versions
+package versionsapi
 
 import (
 	"encoding/json"

internal/api/versionsapi/version_test.go

@@ -4,7 +4,7 @@ Copyright (c) Edgeless Systems GmbH
 SPDX-License-Identifier: AGPL-3.0-only
 */
 
-package versions
+package versionsapi
 
 import (
 	"fmt"

internal/api/versionsapi/versionsapi.go

@@ -17,4 +17,4 @@ in these helper methods.
 The package also provides helper functions that can be used in context of the versions API,
 e.g. to validate versions.
 */
-package versions
+package versionsapi

internal/attestation/measurements/BUILD.bazel

@@ -13,7 +13,7 @@ go_library(
     importpath = "github.com/edgelesssys/constellation/v2/internal/attestation/measurements",
     visibility = ["//:__subpackages__"],
     deps = [
-        "//internal/api/versions",
+        "//internal/api/versionsapi",
         "//internal/cloud/cloudprovider",
         "//internal/sigstore",
         "//internal/variant",
@@ -28,7 +28,7 @@ go_test(
     srcs = ["measurements_test.go"],
     embed = [":measurements"],
     deps = [
-        "//internal/api/versions",
+        "//internal/api/versionsapi",
         "//internal/cloud/cloudprovider",
         "//internal/sigstore",
         "//internal/variant",

internal/attestation/measurements/measurement-generator/BUILD.bazel

@@ -7,7 +7,7 @@ go_library(
     importpath = "github.com/edgelesssys/constellation/v2/internal/attestation/measurements/measurement-generator",
     visibility = ["//visibility:private"],
     deps = [
-        "//internal/api/versions",
+        "//internal/api/versionsapi",
         "//internal/attestation/measurements",
         "//internal/cloud/cloudprovider",
         "//internal/sigstore",

internal/attestation/measurements/measurement-generator/generate.go

@@ -23,7 +23,7 @@ import (
 	"strconv"
 	"strings"
 
-	versionsapi "github.com/edgelesssys/constellation/v2/internal/api/versions"
+	"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
 	"github.com/edgelesssys/constellation/v2/internal/attestation/measurements"
 	"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
 	"github.com/edgelesssys/constellation/v2/internal/sigstore"

internal/attestation/measurements/measurements.go

@@ -31,7 +31,7 @@ import (
 	"github.com/siderolabs/talos/pkg/machinery/config/encoder"
 	"gopkg.in/yaml.v3"
 
-	versionsapi "github.com/edgelesssys/constellation/v2/internal/api/versions"
+	"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
 	"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
 	"github.com/edgelesssys/constellation/v2/internal/sigstore"
 	"github.com/edgelesssys/constellation/v2/internal/variant"

internal/attestation/measurements/measurements_test.go

@@ -20,7 +20,7 @@ import (
 	"github.com/stretchr/testify/require"
 	"gopkg.in/yaml.v3"
 
-	versionsapi "github.com/edgelesssys/constellation/v2/internal/api/versions"
+	"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
 	"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
 	"github.com/edgelesssys/constellation/v2/internal/sigstore"
 	"github.com/edgelesssys/constellation/v2/internal/variant"

internal/config/BUILD.bazel

@@ -17,9 +17,8 @@ go_library(
     importpath = "github.com/edgelesssys/constellation/v2/internal/config",
     visibility = ["//:__subpackages__"],
     deps = [
-        "//internal/api/attestationconfig",
+        "//internal/api/attestationconfigapi",
-        "//internal/api/attestationconfig/fetcher",
+        "//internal/api/versionsapi",
-        "//internal/api/versions",
         "//internal/attestation/idkeydigest",
         "//internal/attestation/measurements",
         "//internal/cloud/cloudprovider",
@@ -50,7 +49,7 @@ go_test(
     data = glob(["testdata/**"]),
     embed = [":config"],
     deps = [
-        "//internal/api/attestationconfig",
+        "//internal/api/attestationconfigapi",
         "//internal/attestation/measurements",
         "//internal/cloud/cloudprovider",
         "//internal/config/instancetypes",

internal/config/config.go

@@ -33,8 +33,7 @@ import (
 	"github.com/go-playground/validator/v10"
 	en_translations "github.com/go-playground/validator/v10/translations/en"
 
-	configapi "github.com/edgelesssys/constellation/v2/internal/api/attestationconfig"
+	"github.com/edgelesssys/constellation/v2/internal/api/attestationconfigapi"
-	attestationconfigfetcher "github.com/edgelesssys/constellation/v2/internal/api/attestationconfig/fetcher"
 	"github.com/edgelesssys/constellation/v2/internal/attestation/idkeydigest"
 	"github.com/edgelesssys/constellation/v2/internal/attestation/measurements"
 	"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
@@ -387,7 +386,7 @@ func fromFile(fileHandler file.Handler, name string) (*Config, error) {
 // 2. For "latest" version values of the attestation variants fetch the version numbers.
 // 3. Read secrets from environment variables.
 // 4. Validate config. If `--force` is set the version validation will be disabled and any version combination is allowed.
-func New(fileHandler file.Handler, name string, _ attestationconfigfetcher.AttestationConfigAPIFetcher, force bool) (*Config, error) {
+func New(fileHandler file.Handler, name string, _ attestationconfigapi.Fetcher, force bool) (*Config, error) {
 	// Read config file
 	c, err := fromFile(fileHandler, name)
 	if err != nil {
@@ -927,7 +926,7 @@ type AzureSEVSNP struct {
 // Version numbers have placeholder values and the latest available values can be fetched using [AzureSEVSNP.FetchAndSetLatestVersionNumbers].
 func DefaultForAzureSEVSNP() *AzureSEVSNP {
 	// TODO(elchead): activate latest logic for next release AB#3036
-	azureSNPCfg := configapi.AzureSEVSNPVersion{
+	azureSNPCfg := attestationconfigapi.AzureSEVSNPVersion{
 		Bootloader: 3,
 		TEE:        0,
 		SNP:        8,
@@ -982,7 +981,7 @@ func (c AzureSEVSNP) EqualTo(old AttestationCfg) (bool, error) {
 }
 
 // FetchAndSetLatestVersionNumbers fetches the latest version numbers from the configapi and sets them.
-func (c *AzureSEVSNP) FetchAndSetLatestVersionNumbers(fetcher attestationconfigfetcher.AttestationConfigAPIFetcher) error {
+func (c *AzureSEVSNP) FetchAndSetLatestVersionNumbers(fetcher attestationconfigapi.Fetcher) error {
 	versions, err := fetcher.FetchAzureSEVSNPVersionLatest(context.Background())
 	if err != nil {
 		return err
@@ -992,7 +991,7 @@ func (c *AzureSEVSNP) FetchAndSetLatestVersionNumbers(fetcher attestationconfigf
 	return nil
 }
 
-func (c *AzureSEVSNP) mergeVersionNumbers(versions configapi.AzureSEVSNPVersion) {
+func (c *AzureSEVSNP) mergeVersionNumbers(versions attestationconfigapi.AzureSEVSNPVersion) {
 	c.BootloaderVersion.Value = versions.Bootloader
 	c.TEEVersion.Value = versions.TEE
 	c.SNPVersion.Value = versions.SNP

internal/config/config_test.go

@@ -21,7 +21,7 @@ import (
 	"go.uber.org/goleak"
 	"gopkg.in/yaml.v3"
 
-	configapi "github.com/edgelesssys/constellation/v2/internal/api/attestationconfig"
+	configapi "github.com/edgelesssys/constellation/v2/internal/api/attestationconfigapi"
 	"github.com/edgelesssys/constellation/v2/internal/attestation/measurements"
 	"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
 	"github.com/edgelesssys/constellation/v2/internal/config/instancetypes"

internal/config/validation.go

@@ -19,7 +19,7 @@ import (
 	"github.com/go-playground/validator/v10"
 	"golang.org/x/mod/semver"
 
-	versionsapi "github.com/edgelesssys/constellation/v2/internal/api/versions"
+	"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
 	"github.com/edgelesssys/constellation/v2/internal/attestation/measurements"
 	"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
 	"github.com/edgelesssys/constellation/v2/internal/compatibility"

internal/imagefetcher/BUILD.bazel

@@ -11,8 +11,7 @@ go_library(
     visibility = ["//:__subpackages__"],
     deps = [
         "//internal/api/fetcher",
-        "//internal/api/versions",
+        "//internal/api/versionsapi",
-        "//internal/api/versions/fetcher",
         "//internal/cloud/cloudprovider",
         "//internal/variant",
         "@com_github_schollz_progressbar_v3//:progressbar",
@@ -28,7 +27,7 @@ go_test(
     ],
     embed = [":imagefetcher"],
     deps = [
-        "//internal/api/versions",
+        "//internal/api/versionsapi",
         "//internal/cloud/cloudprovider",
         "//internal/file",
         "//internal/variant",

internal/imagefetcher/imagefetcher.go

@@ -20,8 +20,7 @@ import (
 	"regexp"
 
 	"github.com/edgelesssys/constellation/v2/internal/api/fetcher"
-	versionsapi "github.com/edgelesssys/constellation/v2/internal/api/versions"
+	"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
-	versionsfetcher "github.com/edgelesssys/constellation/v2/internal/api/versions/fetcher"
 	"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
 	"github.com/edgelesssys/constellation/v2/internal/variant"
 	"github.com/spf13/afero"
@@ -36,7 +35,7 @@ type Fetcher struct {
 // New returns a new image fetcher.
 func New() *Fetcher {
 	return &Fetcher{
-		fetcher: versionsfetcher.New(),
+		fetcher: versionsapi.NewFetcher(),
 		fs:      &afero.Afero{Fs: afero.NewOsFs()},
 	}
 }

internal/imagefetcher/imagefetcher_test.go

@@ -13,7 +13,7 @@ import (
 	"net/http"
 	"testing"
 
-	versionsapi "github.com/edgelesssys/constellation/v2/internal/api/versions"
+	"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
 	"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
 	"github.com/edgelesssys/constellation/v2/internal/file"
 	"github.com/edgelesssys/constellation/v2/internal/variant"

internal/osimage/BUILD.bazel

@@ -6,7 +6,7 @@ go_library(
     importpath = "github.com/edgelesssys/constellation/v2/internal/osimage",
     visibility = ["//:__subpackages__"],
     deps = [
-        "//internal/api/versions",
+        "//internal/api/versionsapi",
         "//internal/cloud/cloudprovider",
         "//internal/osimage/secureboot",
     ],

internal/osimage/archive/BUILD.bazel

@@ -6,7 +6,7 @@ go_library(
     importpath = "github.com/edgelesssys/constellation/v2/internal/osimage/archive",
     visibility = ["//:__subpackages__"],
     deps = [
-        "//internal/api/versions",
+        "//internal/api/versionsapi",
         "//internal/constants",
         "//internal/logger",
         "//internal/staticupload",

internal/osimage/archive/archive.go

@@ -15,7 +15,7 @@ import (
 	s3manager "github.com/aws/aws-sdk-go-v2/feature/s3/manager"
 	"github.com/aws/aws-sdk-go-v2/service/s3"
 	s3types "github.com/aws/aws-sdk-go-v2/service/s3/types"
-	versionsapi "github.com/edgelesssys/constellation/v2/internal/api/versions"
+	"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
 	"github.com/edgelesssys/constellation/v2/internal/constants"
 	"github.com/edgelesssys/constellation/v2/internal/logger"
 	"github.com/edgelesssys/constellation/v2/internal/staticupload"

internal/osimage/aws/BUILD.bazel

@@ -6,7 +6,7 @@ go_library(
     importpath = "github.com/edgelesssys/constellation/v2/internal/osimage/aws",
     visibility = ["//:__subpackages__"],
     deps = [
-        "//internal/api/versions",
+        "//internal/api/versionsapi",
         "//internal/logger",
         "//internal/osimage",
         "//internal/osimage/secureboot",

internal/osimage/aws/awsupload.go

@@ -23,7 +23,7 @@ import (
 	s3types "github.com/aws/aws-sdk-go-v2/service/s3/types"
 	"github.com/aws/smithy-go"
 
-	versionsapi "github.com/edgelesssys/constellation/v2/internal/api/versions"
+	"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
 	"github.com/edgelesssys/constellation/v2/internal/logger"
 	"github.com/edgelesssys/constellation/v2/internal/osimage"
 	"github.com/edgelesssys/constellation/v2/internal/osimage/secureboot"

internal/osimage/azure/BUILD.bazel

@@ -9,7 +9,7 @@ go_library(
     importpath = "github.com/edgelesssys/constellation/v2/internal/osimage/azure",
     visibility = ["//:__subpackages__"],
     deps = [
-        "//internal/api/versions",
+        "//internal/api/versionsapi",
         "//internal/logger",
         "//internal/osimage",
         "@com_github_azure_azure_sdk_for_go_sdk_azcore//runtime",

internal/osimage/azure/azureupload.go

@@ -21,7 +21,7 @@ import (
 	armcomputev4 "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v4"
 	"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/blob"
 	"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/pageblob"
-	versionsapi "github.com/edgelesssys/constellation/v2/internal/api/versions"
+	"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
 	"github.com/edgelesssys/constellation/v2/internal/logger"
 	"github.com/edgelesssys/constellation/v2/internal/osimage"
 )

internal/osimage/gcp/BUILD.bazel

@@ -6,7 +6,7 @@ go_library(
     importpath = "github.com/edgelesssys/constellation/v2/internal/osimage/gcp",
     visibility = ["//:__subpackages__"],
     deps = [
-        "//internal/api/versions",
+        "//internal/api/versionsapi",
         "//internal/logger",
         "//internal/osimage",
         "//internal/osimage/secureboot",

internal/osimage/gcp/gcpupload.go

@@ -19,7 +19,7 @@ import (
 	compute "cloud.google.com/go/compute/apiv1"
 	"cloud.google.com/go/compute/apiv1/computepb"
 	"cloud.google.com/go/storage"
-	versionsapi "github.com/edgelesssys/constellation/v2/internal/api/versions"
+	"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
 	"github.com/edgelesssys/constellation/v2/internal/logger"
 	"github.com/edgelesssys/constellation/v2/internal/osimage"
 	"github.com/edgelesssys/constellation/v2/internal/osimage/secureboot"

internal/osimage/imageinfo/BUILD.bazel

@@ -6,7 +6,7 @@ go_library(
     importpath = "github.com/edgelesssys/constellation/v2/internal/osimage/imageinfo",
     visibility = ["//:__subpackages__"],
     deps = [
-        "//internal/api/versions",
+        "//internal/api/versionsapi",
         "//internal/constants",
         "//internal/logger",
         "//internal/staticupload",

internal/osimage/imageinfo/imageinfo.go

@@ -16,7 +16,7 @@ import (
 	s3manager "github.com/aws/aws-sdk-go-v2/feature/s3/manager"
 	"github.com/aws/aws-sdk-go-v2/service/s3"
 	s3types "github.com/aws/aws-sdk-go-v2/service/s3/types"
-	versionsapi "github.com/edgelesssys/constellation/v2/internal/api/versions"
+	"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
 	"github.com/edgelesssys/constellation/v2/internal/constants"
 	"github.com/edgelesssys/constellation/v2/internal/logger"
 	"github.com/edgelesssys/constellation/v2/internal/staticupload"

internal/osimage/measurementsuploader/BUILD.bazel

@@ -6,7 +6,7 @@ go_library(
     importpath = "github.com/edgelesssys/constellation/v2/internal/osimage/measurementsuploader",
     visibility = ["//:__subpackages__"],
     deps = [
-        "//internal/api/versions",
+        "//internal/api/versionsapi",
         "//internal/attestation/measurements",
         "//internal/constants",
         "//internal/logger",

internal/osimage/measurementsuploader/measurementsuploader.go

@@ -17,7 +17,7 @@ import (
 	s3manager "github.com/aws/aws-sdk-go-v2/feature/s3/manager"
 	"github.com/aws/aws-sdk-go-v2/service/s3"
 	s3types "github.com/aws/aws-sdk-go-v2/service/s3/types"
-	versionsapi "github.com/edgelesssys/constellation/v2/internal/api/versions"
+	"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
 	"github.com/edgelesssys/constellation/v2/internal/attestation/measurements"
 	"github.com/edgelesssys/constellation/v2/internal/constants"
 	"github.com/edgelesssys/constellation/v2/internal/logger"

internal/osimage/nop/BUILD.bazel

@@ -6,7 +6,7 @@ go_library(
     importpath = "github.com/edgelesssys/constellation/v2/internal/osimage/nop",
     visibility = ["//:__subpackages__"],
     deps = [
-        "//internal/api/versions",
+        "//internal/api/versionsapi",
         "//internal/logger",
         "//internal/osimage",
     ],

internal/osimage/nop/nop.go

@@ -10,7 +10,7 @@ package nop
 import (
 	"context"
 
-	versionsapi "github.com/edgelesssys/constellation/v2/internal/api/versions"
+	"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
 	"github.com/edgelesssys/constellation/v2/internal/logger"
 	"github.com/edgelesssys/constellation/v2/internal/osimage"
 )

internal/osimage/osimage.go

@@ -11,7 +11,7 @@ import (
 	"io"
 	"time"
 
-	versionsapi "github.com/edgelesssys/constellation/v2/internal/api/versions"
+	"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
 	"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
 	"github.com/edgelesssys/constellation/v2/internal/osimage/secureboot"
 )

internal/sigstore/BUILD.bazel

@@ -12,7 +12,7 @@ go_library(
     importpath = "github.com/edgelesssys/constellation/v2/internal/sigstore",
     visibility = ["//:__subpackages__"],
     deps = [
-        "//internal/api/versions",
+        "//internal/api/versionsapi",
         "//internal/constants",
         "@com_github_sigstore_rekor//pkg/client",
         "@com_github_sigstore_rekor//pkg/generated/client",

internal/sigstore/rekor.go

@@ -17,7 +17,7 @@ import (
 	"errors"
 	"fmt"
 
-	versionsapi "github.com/edgelesssys/constellation/v2/internal/api/versions"
+	"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
 	"github.com/sigstore/rekor/pkg/client"
 	genclient "github.com/sigstore/rekor/pkg/generated/client"
 	"github.com/sigstore/rekor/pkg/generated/client/entries"

internal/sigstore/verify.go

@@ -12,7 +12,7 @@ import (
 	"encoding/base64"
 	"fmt"
 
-	versionsapi "github.com/edgelesssys/constellation/v2/internal/api/versions"
+	"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
 	"github.com/edgelesssys/constellation/v2/internal/constants"
 	"github.com/sigstore/sigstore/pkg/cryptoutils"
 	sigsig "github.com/sigstore/sigstore/pkg/signature"