From 4c34e4a0803aba41f12d460e873069cb223d2e9c Mon Sep 17 00:00:00 2001
From: Andrew Azores <aazores@redhat.com>
Date: Tue, 15 Oct 2024 13:48:54 -0400
Subject: [PATCH] tmp secret hash

---
 Makefile                                      | 19 ++++++++++++++++++-
 .../samples/sample-app-agent-tls-proxy.yaml   |  3 +--
 2 files changed, 19 insertions(+), 3 deletions(-)

diff --git a/Makefile b/Makefile
index 01f9c234..851a5bda 100644
--- a/Makefile
+++ b/Makefile
@@ -414,7 +414,24 @@ undeploy_sample_app_agent_proxy: ## Undeploy sample app with Cryostat Agent conf
 
 .PHONY: sample_app_agent_proxy
 sample_app_agent_proxy: undeploy_sample_app_agent_proxy ## Deploy sample app with Cryostat Agent configured for TLS client auth on nginx proxy.
-	$(CLUSTER_CLIENT) apply $(SAMPLE_APP_FLAGS) -f config/samples/sample-app-agent-tls-proxy.yaml
+	@if [ -z "${SECRET_HASH}" ]; then \
+		if [ -z "${DEPLOY_NAMESPACE}" ]; then \
+			if [ "${CLUSTER_CLIENT}" = "oc" ]; then \
+				DEPLOY_NAMESPACE=`oc project -q`; \
+			else \
+				echo "'DEPLOY_NAMESPACE' must be specified."; \
+				exit 1; \
+			fi; \
+		fi; \
+		if [ -z "${SAMPLE_APP_NAMESPACE}" ]; then \
+			echo "'SAMPLE_APP_NAMESPACE' must be specified."; \
+			exit 1; \
+		fi ;\
+		SECRET_HASH=`echo -n ${DEPLOY_NAMESPACE}/cryostat-sample/${SAMPLE_APP_NAMESPACE} | sha256sum`; \
+	fi; \
+	$(CLUSTER_CLIENT) patch -f config/samples/sample-app-agent-tls-proxy.yaml --local=true --type=merge \
+	-p "{\"spec\":{\"template\":{\"spec\":{\"\$setElementOrder/volumes\":[{\"name\":\"agent-tls\"}],\"volumes\":[{\"\$retainKeys\":[\"name\",\"secret\"],\"name\":\"agent-tls\",\"secret\":{\"secretName\":\"cryostat-agent-$${SECRET_HASH}\"}}]}}}}" \
+	-o yaml | oc apply -f -
 
 .PHONY: undeploy_sample_app_agent
 undeploy_sample_app_agent: ## Undeploy sample app with Cryostat Agent.
diff --git a/config/samples/sample-app-agent-tls-proxy.yaml b/config/samples/sample-app-agent-tls-proxy.yaml
index 8ecefaa4..835ca91d 100644
--- a/config/samples/sample-app-agent-tls-proxy.yaml
+++ b/config/samples/sample-app-agent-tls-proxy.yaml
@@ -71,8 +71,7 @@ spec:
       volumes:
       - name: agent-tls
         secret:
-          # FIXME determine the secretName at deployment time in the Makefile and patch it here
-          secretName: cryostat-agent-f46ed1c40de4d61ac533fef337f7705ac39c8690f91a9cdca5185140f0455563
+          secretName: cryostat-agent-abcd1234
           defaultMode: 420
 ---
 apiVersion: v1