Issue #5037 Add bundle download command

Add download, list, clear, and prune subcommands to crc bundle.
Download supports preset/version/arch selection, mirror-based
resolution, and signature-verified retrieval. Address review feedback:
reject extra args, fail fast on version resolution, fix CRLF hash
lookup, and implement version-aware per-group pruning.

Author: sebrandon1

cmd/crc/cmd/bundle/bundle.go

@@ -9,11 +9,15 @@ func GetBundleCmd(config *config.Config) *cobra.Command {
 	bundleCmd := &cobra.Command{
 		Use:   "bundle SUBCOMMAND [flags]",
 		Short: "Manage CRC bundles",
-		Long:  "Manage CRC bundles",
+		Long:  "Manage CRC bundles, including downloading, listing, and cleaning up cached bundles.",
 		Run: func(cmd *cobra.Command, _ []string) {
 			_ = cmd.Help()
 		},
 	}
 	bundleCmd.AddCommand(getGenerateCmd(config))
+	bundleCmd.AddCommand(getDownloadCmd(config))
+	bundleCmd.AddCommand(getListCmd(config))
+	bundleCmd.AddCommand(getClearCmd())
+	bundleCmd.AddCommand(getPruneCmd())
 	return bundleCmd
 }

cmd/crc/cmd/bundle/clear.go

@@ -0,0 +1,57 @@
+package bundle
+
+import (
+	"os"
+	"path/filepath"
+	"strings"
+
+	"github.com/crc-org/crc/v2/pkg/crc/constants"
+	"github.com/crc-org/crc/v2/pkg/crc/logging"
+	"github.com/spf13/cobra"
+)
+
+func getClearCmd() *cobra.Command {
+	return &cobra.Command{
+		Use:   "clear",
+		Short: "Clear cached CRC bundles",
+		Long:  "Delete all downloaded CRC bundles from the cache directory.",
+		RunE: func(cmd *cobra.Command, args []string) error {
+			return runClear()
+		},
+	}
+}
+
+func runClear() error {
+	cacheDir := constants.MachineCacheDir
+	if _, err := os.Stat(cacheDir); os.IsNotExist(err) {
+		logging.Infof("Cache directory %s does not exist", cacheDir)
+		return nil
+	}
+
+	files, err := os.ReadDir(cacheDir)
+	if err != nil {
+		return err
+	}
+
+	cleared := false
+	var lastErr error
+	for _, file := range files {
+		if strings.HasSuffix(file.Name(), ".crcbundle") {
+			filePath := filepath.Join(cacheDir, file.Name())
+			logging.Infof("Deleting %s", filePath)
+			if err := os.RemoveAll(filePath); err != nil {
+				logging.Errorf("Failed to remove %s: %v", filePath, err)
+				lastErr = err
+			} else {
+				cleared = true
+			}
+		}
+	}
+
+	if !cleared && lastErr == nil {
+		logging.Infof("No bundles found in %s", cacheDir)
+	} else if cleared {
+		logging.Infof("Cleared cached bundles in %s", cacheDir)
+	}
+	return lastErr
+}

cmd/crc/cmd/bundle/download.go

@@ -0,0 +1,158 @@
+package bundle
+
+import (
+	"context"
+	"encoding/hex"
+	"fmt"
+	"io"
+	"os"
+	"path/filepath"
+	"runtime"
+	"strings"
+
+	crcConfig "github.com/crc-org/crc/v2/pkg/crc/config"
+	"github.com/crc-org/crc/v2/pkg/crc/constants"
+	"github.com/crc-org/crc/v2/pkg/crc/gpg"
+	"github.com/crc-org/crc/v2/pkg/crc/logging"
+	"github.com/crc-org/crc/v2/pkg/crc/machine/bundle"
+	crcPreset "github.com/crc-org/crc/v2/pkg/crc/preset"
+	"github.com/crc-org/crc/v2/pkg/download"
+	"github.com/spf13/cobra"
+)
+
+func getDownloadCmd(config *crcConfig.Config) *cobra.Command {
+	downloadCmd := &cobra.Command{
+		Use:   "download [version] [architecture]",
+		Short: "Download a specific CRC bundle",
+		Long:  "Download a specific CRC bundle from the mirrors. If no version or architecture is specified, the bundle for the current CRC version will be downloaded.",
+		RunE: func(cmd *cobra.Command, args []string) error {
+			force, _ := cmd.Flags().GetBool("force")
+			presetStr, _ := cmd.Flags().GetString("preset")
+
+			var preset crcPreset.Preset
+			if presetStr != "" {
+				var err error
+				preset, err = crcPreset.ParsePresetE(presetStr)
+				if err != nil {
+					return err
+				}
+			} else {
+				preset = crcConfig.GetPreset(config)
+			}
+
+			return runDownload(args, preset, force)
+		},
+	}
+	downloadCmd.Flags().BoolP("force", "f", false, "Overwrite existing bundle if present")
+	downloadCmd.Flags().StringP("preset", "p", "", "Target preset (openshift, okd, microshift)")
+
+	return downloadCmd
+}
+
+func runDownload(args []string, preset crcPreset.Preset, force bool) error {
+	if len(args) > 2 {
+		return fmt.Errorf("too many arguments: expected at most 2 (version, architecture), got %d", len(args))
+	}
+
+	// If no args, use default bundle path
+	if len(args) == 0 {
+		defaultBundlePath := constants.GetDefaultBundlePath(preset)
+		if !force {
+			if _, err := os.Stat(defaultBundlePath); err == nil {
+				logging.Infof("Bundle %s already exists. Use --force to overwrite.", defaultBundlePath)
+				return nil
+			}
+		}
+
+		logging.Debugf("Source: %s", constants.GetDefaultBundleDownloadURL(preset))
+		logging.Debugf("Destination: %s", defaultBundlePath)
+		// For default bundle, we use the existing logic which handles verification internally
+		_, err := bundle.Download(context.Background(), preset, defaultBundlePath, false)
+		return err
+	}
+
+	// If args provided, we are constructing a URL
+	version := args[0]
+
+	// Check if version is partial (Major.Minor) and resolve it if necessary
+	resolvedVersion, err := resolveOpenShiftVersion(preset, version)
+	if err != nil {
+		return fmt.Errorf("failed to resolve version %s: %w", version, err)
+	} else if resolvedVersion != version {
+		logging.Debugf("Resolved version %s to %s", version, resolvedVersion)
+		version = resolvedVersion
+	}
+
+	architecture := runtime.GOARCH
+	if len(args) > 1 {
+		architecture = args[1]
+	}
+
+	bundleName := constants.BundleName(preset, version, architecture)
+	bundlePath := filepath.Join(constants.MachineCacheDir, bundleName)
+
+	if !force {
+		if _, err := os.Stat(bundlePath); err == nil {
+			logging.Infof("Bundle %s already exists. Use --force to overwrite.", bundleName)
+			return nil
+		}
+	}
+
+	// Base URL for the directory containing the bundle and signature
+	baseVersionURL := fmt.Sprintf("%s/%s/%s/", constants.DefaultMirrorURL, preset.String(), version)
+	bundleURL := fmt.Sprintf("%s%s", baseVersionURL, bundleName)
+	sigURL := fmt.Sprintf("%s%s", baseVersionURL, "sha256sum.txt.sig")
+
+	logging.Infof("Downloading bundle: %s", bundleName)
+	logging.Debugf("Source: %s", bundleURL)
+	logging.Debugf("Destination: %s", constants.MachineCacheDir)
+
+	// Implement verification logic
+	logging.Infof("Verifying signature for %s...", version)
+	sha256sum, err := getVerifiedHashForCustomVersion(sigURL, bundleName)
+	if err != nil {
+		// Fallback: try without .sig if .sig not found, maybe just sha256sum.txt?
+		// For now, fail if signature verification fails as requested for "Safeguards"
+		return fmt.Errorf("signature verification failed: %w", err)
+	}
+
+	sha256bytes, err := hex.DecodeString(sha256sum)
+	if err != nil {
+		return fmt.Errorf("failed to decode sha256sum: %w", err)
+	}
+
+	_, err = download.Download(context.Background(), bundleURL, bundlePath, 0664, sha256bytes)
+	return err
+}
+
+func getVerifiedHashForCustomVersion(sigURL string, bundleName string) (string, error) {
+	// Reuse existing verification logic from bundle package via a helper here
+	// We essentially replicate getVerifiedHash but with our custom URL
+
+	res, err := download.InMemory(sigURL)
+	if err != nil {
+		return "", fmt.Errorf("failed to fetch signature file: %w", err)
+	}
+	defer res.Close()
+
+	signedHashes, err := io.ReadAll(res)
+	if err != nil {
+		return "", fmt.Errorf("failed to read signature file: %w", err)
+	}
+
+	verifiedHashes, err := gpg.GetVerifiedClearsignedMsgV3(constants.RedHatReleaseKey, string(signedHashes))
+	if err != nil {
+		return "", fmt.Errorf("invalid signature: %w", err)
+	}
+
+	lines := strings.Split(verifiedHashes, "\n")
+	for _, line := range lines {
+		line = strings.TrimSpace(line)
+		if strings.HasSuffix(line, bundleName) {
+			sha256sum := strings.TrimSuffix(line, "  "+bundleName)
+			sha256sum = strings.TrimSpace(sha256sum)
+			return sha256sum, nil
+		}
+	}
+	return "", fmt.Errorf("hash for %s not found in signature file", bundleName)
+}

cmd/crc/cmd/bundle/list.go

@@ -0,0 +1,69 @@
+package bundle
+
+import (
+	"fmt"
+	"runtime"
+
+	"github.com/Masterminds/semver/v3"
+	crcConfig "github.com/crc-org/crc/v2/pkg/crc/config"
+	"github.com/crc-org/crc/v2/pkg/crc/logging"
+	"github.com/spf13/cobra"
+)
+
+func getListCmd(config *crcConfig.Config) *cobra.Command {
+	return &cobra.Command{
+		Use:   "list [version]",
+		Short: "List available CRC bundles",
+		Long:  "List available CRC bundles from the mirrors. Optionally filter by major.minor version (e.g. 4.19).",
+		RunE: func(cmd *cobra.Command, args []string) error {
+			return runList(args, config)
+		},
+	}
+}
+
+func runList(args []string, config *crcConfig.Config) error {
+	if len(args) > 1 {
+		return fmt.Errorf("too many arguments: expected at most 1 version filter, got %d", len(args))
+	}
+
+	preset := crcConfig.GetPreset(config)
+	versions, err := fetchAvailableVersions(preset)
+	if err != nil {
+		return err
+	}
+
+	if len(versions) == 0 {
+		logging.Infof("No bundles found for preset %s", preset)
+		return nil
+	}
+
+	var filter *semver.Version
+	if len(args) > 0 {
+		v, err := semver.NewVersion(args[0] + ".0") // Treat 4.19 as 4.19.0 for partial matching
+		if err == nil {
+			filter = v
+		} else {
+			// Try parsing as full version just in case
+			v, err = semver.NewVersion(args[0])
+			if err == nil {
+				filter = v
+			}
+		}
+	}
+
+	logging.Infof("Available bundles for %s:", preset)
+	for _, v := range versions {
+		if filter != nil {
+			if v.Major() != filter.Major() || v.Minor() != filter.Minor() {
+				continue
+			}
+		}
+
+		cachedStr := ""
+		if isBundleCached(preset, v.String(), runtime.GOARCH) {
+			cachedStr = " (cached)"
+		}
+		fmt.Printf("%s%s\n", v.String(), cachedStr)
+	}
+	return nil
+}