cli: image measurements (v2)

cli/internal/cmd/configfetchmeasurements_test.go

@@ -119,8 +119,8 @@ func TestUpdateURLs(t *testing.T) {
 				},
 			},
 			flags:                  &fetchMeasurementsFlags{},
-			wantMeasurementsURL:    ver.ArtifactsURL("v2") + "/image/measurements.json",
-			wantMeasurementsSigURL: ver.ArtifactsURL("v2") + "/image/measurements.json.sig",
+			wantMeasurementsURL:    ver.ArtifactsURL(versionsapi.APIV2) + "/image/measurements.json",
+			wantMeasurementsSigURL: ver.ArtifactsURL(versionsapi.APIV2) + "/image/measurements.json.sig",
 		},
 		"both set by user": {
 			conf: &config.Config{

internal/attestation/measurements/measurement-generator/generate.go

@@ -150,7 +150,7 @@ func measurementURL(image, file string) (*url.URL, error) {
 	}
 
 	return url.Parse(
-		version.ArtifactsURL("v2") + path.Join("/image", file),
+		version.ArtifactsURL(versionsapi.APIV2) + path.Join("/image", file),
 	)
 }
 

internal/attestation/measurements/measurements.go

@@ -62,13 +62,6 @@ const (
 // M are Platform Configuration Register (PCR) values that make up the Measurements.
 type M map[uint32]Measurement
 
-// WithMetadata is a struct supposed to provide CSP & image metadata next to measurements.
-type WithMetadata struct {
-	CSP          cloudprovider.Provider `json:"csp" yaml:"csp"`
-	Image        string                 `json:"image" yaml:"image"`
-	Measurements M                      `json:"measurements" yaml:"measurements"`
-}
-
 // ImageMeasurementsV2 is a struct to hold measurements for a specific image.
 // .List contains measurements for all variants of the image.
 type ImageMeasurementsV2 struct {

internal/osimage/archive/archive.go

@@ -46,8 +46,8 @@ func New(ctx context.Context, region, bucket string, log *logger.Logger) (*Archi
 }
 
 // Archive reads the OS image in img and uploads it as key.
-func (a *Archivist) Archive(ctx context.Context, version versionsapi.Version, csp, variant string, img io.Reader) (string, error) {
-	key, err := url.JoinPath(version.ArtifactPath("v1"), version.Kind.String(), "csp", csp, variant, "image.raw")
+func (a *Archivist) Archive(ctx context.Context, version versionsapi.Version, csp, attestationVariant string, img io.Reader) (string, error) {
+	key, err := url.JoinPath(version.ArtifactPath(versionsapi.APIV1), version.Kind.String(), "csp", csp, attestationVariant, "image.raw")
 	if err != nil {
 		return "", err
 	}

internal/versionsapi/BUILD.bazel

@@ -4,6 +4,7 @@ load("//bazel/go:go_test.bzl", "go_test")
 go_library(
     name = "versionsapi",
     srcs = [
+        "apiconstants.go",
         "cliinfo.go",
         "imageinfo.go",
         "latest.go",

internal/versionsapi/apiconstants.go

@@ -0,0 +1,22 @@
+/*
+Copyright (c) Edgeless Systems GmbH
+
+SPDX-License-Identifier: AGPL-3.0-only
+*/
+
+package versionsapi
+
+var (
+	// APIV1 is the v1 API version.
+	APIV1 = apiVersion{slug: "v1"}
+	// APIV2 is the v2 API version.
+	APIV2 = apiVersion{slug: "v2"}
+)
+
+type apiVersion struct {
+	slug string
+}
+
+func (v apiVersion) String() string {
+	return v.slug
+}

internal/versionsapi/client/client.go

@@ -185,8 +185,8 @@ func (c *Client) DeleteVersion(ctx context.Context, ver versionsapi.Version) err
 		retErr = errors.Join(retErr, fmt.Errorf("updating latest version: %w", err))
 	}
 
-	c.log.Debugf("Deleting artifact path %s for %s", ver.ArtifactPath("v1"), ver.Version)
-	if err := c.deletePath(ctx, ver.ArtifactPath("v1")); err != nil {
+	c.log.Debugf("Deleting artifact path %s for %s", ver.ArtifactPath(versionsapi.APIV1), ver.Version)
+	if err := c.deletePath(ctx, ver.ArtifactPath(versionsapi.APIV1)); err != nil {
 		retErr = errors.Join(retErr, fmt.Errorf("deleting artifact path: %w", err))
 	}
 

internal/versionsapi/version.go

@@ -154,16 +154,16 @@ func (v Version) ListPath(gran Granularity) string {
 
 // ArtifactsURL returns the URL to the artifacts stored for this version.
 // The URL points to a directory.
-func (v Version) ArtifactsURL(apiVersion string) string {
-	return constants.CDNRepositoryURL + "/" + v.ArtifactPath(apiVersion)
+func (v Version) ArtifactsURL(apiVer apiVersion) string {
+	return constants.CDNRepositoryURL + "/" + v.ArtifactPath(apiVer)
 }
 
 // ArtifactPath returns the path to the artifacts stored for this version.
 // The path points to a directory.
-func (v Version) ArtifactPath(apiVersion string) string {
+func (v Version) ArtifactPath(apiVer apiVersion) string {
 	return path.Join(
 		constants.CDNAPIBase,
-		apiVersion,
+		apiVer.String(),
 		"ref", v.Ref,
 		"stream", v.Stream,
 		v.Version,
@@ -336,16 +336,15 @@ func ValidateStream(ref, stream string) error {
 
 // MeasurementURL builds the measurement and signature URLs for the given version.
 func MeasurementURL(version Version) (measurementURL, signatureURL *url.URL, err error) {
-	const apiVersion = "v2"
 	if version.Kind != VersionKindImage {
 		return &url.URL{}, &url.URL{}, fmt.Errorf("kind %q is not supported", version.Kind)
 	}
 
-	measurementPath, err := url.JoinPath(version.ArtifactsURL(apiVersion), "image", constants.CDNMeasurementsFile)
+	measurementPath, err := url.JoinPath(version.ArtifactsURL(APIV2), "image", constants.CDNMeasurementsFile)
 	if err != nil {
 		return &url.URL{}, &url.URL{}, fmt.Errorf("joining path for measurement: %w", err)
 	}
-	signaturePath, err := url.JoinPath(version.ArtifactsURL(apiVersion), "image", constants.CDNMeasurementsSignature)
+	signaturePath, err := url.JoinPath(version.ArtifactsURL(APIV2), "image", constants.CDNMeasurementsSignature)
 	if err != nil {
 		return &url.URL{}, &url.URL{}, fmt.Errorf("joining path for signature: %w", err)
 	}

internal/versionsapi/version_test.go

@@ -561,9 +561,9 @@ func TestVersionArtifactPathURL(t *testing.T) {
 		t.Run(name, func(t *testing.T) {
 			assert := assert.New(t)
 
-			path := tc.ver.ArtifactPath("v1")
+			path := tc.ver.ArtifactPath(APIV1)
 			assert.Equal(tc.wantPath, path)
-			url := tc.ver.ArtifactsURL("v1")
+			url := tc.ver.ArtifactsURL(APIV1)
 			assert.Equal(constants.CDNRepositoryURL+"/"+tc.wantPath, url)
 		})
 	}