From db645ee4adee89877f5628166979050f184f1683 Mon Sep 17 00:00:00 2001
From: Malte Poll <1780588+malt3@users.noreply.github.com>
Date: Wed, 17 Jan 2024 14:07:42 +0100
Subject: [PATCH] image upload: use unique blob name for AWS images uploaded to
 S3

When uploading images to AWS, they need to be uploaded to S3 first.
Since blob names are not unique between attestation variants, there
was a possibility for one S3 upload to be used for the wrong AMI.
---
 internal/osimage/uplosi/uplosiupload.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/internal/osimage/uplosi/uplosiupload.go b/internal/osimage/uplosi/uplosiupload.go
index 31bc67ade..9ef43d7b1 100644
--- a/internal/osimage/uplosi/uplosiupload.go
+++ b/internal/osimage/uplosi/uplosiupload.go
@@ -173,7 +173,7 @@ func imageVersion(csp cloudprovider.Provider, version versionsapi.Version, times
 func extendAWSConfig(awsConfig map[string]any, version versionsapi.Version, attestationVariant string, timestamp time.Time) {
 	awsConfig["amiName"] = awsAMIName(version, attestationVariant, timestamp)
 	awsConfig["snapshotName"] = awsAMIName(version, attestationVariant, timestamp)
-	awsConfig["blobName"] = fmt.Sprintf("image-%s-%s-%d.raw", version.Stream(), version.Version(), timestamp.Unix())
+	awsConfig["blobName"] = fmt.Sprintf("image-%s-%s-%s-%d.raw", version.Stream(), version.Version(), attestationVariant, timestamp.Unix())
 }
 
 func awsAMIName(version versionsapi.Version, attestationVariant string, timestamp time.Time) string {