Verify default bundles downloaded from mirror.openshift.com

this removes the hardcoded hashes for each bundle and instead
directly gets the bundle hash from the sha256sum.txt.sig file
at mirror.openshift.com by using the helper from the previous
commit which returns gpg verified hash for the default bundle

Author: anjannath

pkg/crc/constants/constants.go

@@ -116,6 +116,14 @@ func GetDefaultBundlePath(preset crcpreset.Preset) string {
 	return filepath.Join(MachineCacheDir, GetDefaultBundle(preset))
 }
 
+func GetDefaultBundleDownloadURL(preset crcpreset.Preset) string {
+	return fmt.Sprintf(DefaultBundleURLBase,
+		preset.String(),
+		version.GetBundleVersion(preset),
+		GetDefaultBundle(preset),
+	)
+}
+
 func GetDefaultBundleSignedHashURL(preset crcpreset.Preset) string {
 	return fmt.Sprintf(DefaultBundleURLBase,
 		preset.String(),

pkg/crc/machine/bundle/constants.go

@@ -9,7 +9,6 @@ import (
 	"path"
 	"path/filepath"
 	"regexp"
-	"runtime"
 	"strconv"
 	"strings"
 	"time"
@@ -286,23 +285,12 @@ func GetBundleNameFromURI(bundleURI string) string {
 	}
 }
 
-type presetDownloadInfo map[crcPreset.Preset]*download.RemoteFile
-type bundlesDownloadInfo map[string]presetDownloadInfo
-
 func getBundleDownloadInfo(preset crcPreset.Preset) (*download.RemoteFile, error) {
-	bundles, ok := bundleLocations[runtime.GOARCH]
-	if !ok {
-		return nil, fmt.Errorf("Unsupported architecture: %s", runtime.GOARCH)
-	}
-	presetdownloadInfo, ok := bundles[runtime.GOOS]
-	if !ok {
-		return nil, fmt.Errorf("Unknown GOOS: %s", runtime.GOOS)
-	}
-	downloadInfo, ok := presetdownloadInfo[preset]
-	if !ok {
-		return nil, fmt.Errorf("Unknown preset: %s", preset)
+	sha256sum, err := getDefaultBundleVerifiedHash(preset)
+	if err != nil {
+		return nil, fmt.Errorf("unable to get verified hash for default bundle: %w", err)
 	}
-
+	downloadInfo := download.NewRemoteFile(constants.GetDefaultBundleDownloadURL(preset), sha256sum)
 	return downloadInfo, nil
 }