From 5580ee0856b6fb0056ed9b0ef5a04a3108eee31c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20Wei=C3=9Fe?= <dw@edgeless.systems>
Date: Tue, 28 Nov 2023 09:31:55 +0100
Subject: [PATCH] Create Rekor client in Configure method
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
---
 .../provider/attestation_data_source.go         | 17 +++++++++--------
 1 file changed, 9 insertions(+), 8 deletions(-)

diff --git a/terraform-provider-constellation/internal/provider/attestation_data_source.go b/terraform-provider-constellation/internal/provider/attestation_data_source.go
index de2e12995c..3a6230afad 100644
--- a/terraform-provider-constellation/internal/provider/attestation_data_source.go
+++ b/terraform-provider-constellation/internal/provider/attestation_data_source.go
@@ -41,6 +41,7 @@ func NewAttestationDataSource() datasource.DataSource {
 type AttestationDataSource struct {
 	client  *http.Client
 	fetcher attestationconfigapi.Fetcher
+	rekor   *sigstore.Rekor
 }
 
 // AttestationDataSourceModel describes the data source data model.
@@ -55,9 +56,15 @@ type AttestationDataSourceModel struct {
 }
 
 // Configure configures the data source.
-func (d *AttestationDataSource) Configure(_ context.Context, _ datasource.ConfigureRequest, _ *datasource.ConfigureResponse) {
+func (d *AttestationDataSource) Configure(_ context.Context, _ datasource.ConfigureRequest, resp *datasource.ConfigureResponse) {
 	d.client = http.DefaultClient
 	d.fetcher = attestationconfigapi.NewFetcher()
+	rekor, err := sigstore.NewRekor()
+	if err != nil {
+		resp.Diagnostics.AddError("constructing rekor client", err.Error())
+		return
+	}
+	d.rekor = rekor
 }
 
 // Metadata returns the metadata for the data source.
@@ -194,13 +201,7 @@ func (d *AttestationDataSource) Read(ctx context.Context, req datasource.ReadReq
 		}
 	}
 
-	rekor, err := sigstore.NewRekor()
-	if err != nil {
-		resp.Diagnostics.AddError("constructing rekor client", err.Error())
-		return
-	}
-	verifyFetcher := measurements.NewVerifyFetcher(sigstore.NewCosignVerifier, rekor, d.client)
-
+	verifyFetcher := measurements.NewVerifyFetcher(sigstore.NewCosignVerifier, d.rekor, d.client)
 	fetchedMeasurements, err := verifyFetcher.FetchAndVerifyMeasurements(ctx, data.ImageVersion.ValueString(),
 		csp, attestationVariant, false)
 	if err != nil {