image upload: use unique blob name for AWS images uploaded to S3 (#2830)

When uploading images to AWS, they need to be uploaded to S3 first. Since blob names are not unique between attestation variants, there was a possibility for one S3 upload to be used for the wrong AMI.
edgelesssys · Jan 17, 2024 · b893356 · b893356
1 parent 6259815
commit b893356
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/internal/osimage/uplosi/uplosiupload.go b/internal/osimage/uplosi/uplosiupload.go
@@ -173,7 +173,7 @@ func imageVersion(csp cloudprovider.Provider, version versionsapi.Version, times
 func extendAWSConfig(awsConfig map[string]any, version versionsapi.Version, attestationVariant string, timestamp time.Time) {
 	awsConfig["amiName"] = awsAMIName(version, attestationVariant, timestamp)
 	awsConfig["snapshotName"] = awsAMIName(version, attestationVariant, timestamp)
-	awsConfig["blobName"] = fmt.Sprintf("image-%s-%s-%d.raw", version.Stream(), version.Version(), timestamp.Unix())
+	awsConfig["blobName"] = fmt.Sprintf("image-%s-%s-%s-%d.raw", version.Stream(), version.Version(), attestationVariant, timestamp.Unix())
 }
 
 func awsAMIName(version versionsapi.Version, attestationVariant string, timestamp time.Time) string {