From b8933560be8186fe450f60de50d5eef9da5962ea Mon Sep 17 00:00:00 2001
From: Malte Poll <1780588+malt3@users.noreply.github.com>
Date: Wed, 17 Jan 2024 17:09:07 +0100
Subject: [PATCH] image upload: use unique blob name for AWS images uploaded to
 S3 (#2830)

When uploading images to AWS, they need to be uploaded to S3 first.
Since blob names are not unique between attestation variants, there
was a possibility for one S3 upload to be used for the wrong AMI.
---
 internal/osimage/uplosi/uplosiupload.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/internal/osimage/uplosi/uplosiupload.go b/internal/osimage/uplosi/uplosiupload.go
index 31bc67ade..9ef43d7b1 100644
--- a/internal/osimage/uplosi/uplosiupload.go
+++ b/internal/osimage/uplosi/uplosiupload.go
@@ -173,7 +173,7 @@ func imageVersion(csp cloudprovider.Provider, version versionsapi.Version, times
 func extendAWSConfig(awsConfig map[string]any, version versionsapi.Version, attestationVariant string, timestamp time.Time) {
 	awsConfig["amiName"] = awsAMIName(version, attestationVariant, timestamp)
 	awsConfig["snapshotName"] = awsAMIName(version, attestationVariant, timestamp)
-	awsConfig["blobName"] = fmt.Sprintf("image-%s-%s-%d.raw", version.Stream(), version.Version(), timestamp.Unix())
+	awsConfig["blobName"] = fmt.Sprintf("image-%s-%s-%s-%d.raw", version.Stream(), version.Version(), attestationVariant, timestamp.Unix())
 }
 
 func awsAMIName(version versionsapi.Version, attestationVariant string, timestamp time.Time) string {