From a396498549668fbe742f9aa7232093a77b2e3d5c Mon Sep 17 00:00:00 2001
From: Mohammed Boukhalfa <mohammed.boukhalfa@est.tech>
Date: Mon, 28 Oct 2024 15:11:00 +0200
Subject: [PATCH] Add tls certs to fakeIPA config

Signed-off-by: Mohammed Boukhalfa <mohammed.boukhalfa@est.tech>
---
 03_launch_mgmt_cluster.sh | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/03_launch_mgmt_cluster.sh b/03_launch_mgmt_cluster.sh
index 4e44e6918..a45f92ff1 100755
--- a/03_launch_mgmt_cluster.sh
+++ b/03_launch_mgmt_cluster.sh
@@ -227,11 +227,15 @@ launch_fake_ipa() {
   mkdir -p "${WORKING_DIR}/fake-ipa"
   if [[ "${EPHEMERAL_CLUSTER}" == "kind" ]] && [[ "${IRONIC_TLS_SETUP}" == "true" ]]; then
     cp "${IRONIC_CACERT_FILE}" "${WORKING_DIR}/fake-ipa/ironic-ca.crt"
+    cp "${IRONIC_CERT_FILE}" "${WORKING_DIR}/fake-ipa/ironic-tls.crt"
+    cp "${IRONIC_KEY_FILE}" "${WORKING_DIR}/fake-ipa/ironic-tls.key"
   elif [[ "${IRONIC_TLS_SETUP}" == "true" ]]; then
     # wait for ironic to be running to ensure ironic-cert is created 
     kubectl -n baremetal-operator-system wait --for=condition=available deployment/baremetal-operator-ironic --timeout=900s
     # Extract ironic-cert to be used inside fakeIPA for TLS 
     kubectl get secret -n baremetal-operator-system ironic-cert -o json -o=jsonpath="{.data.ca\.crt}" | base64 -d > "${WORKING_DIR}/fake-ipa/ironic-ca.crt"
+    kubectl get secret -n baremetal-operator-system ironic-cert -o json -o=jsonpath="{.data.tls\.crt}" | base64 -d > "${WORKING_DIR}/fake-ipa/ironic-tls.crt"
+    kubectl get secret -n baremetal-operator-system ironic-cert -o json -o=jsonpath="{.data.tls\.key}" | base64 -d > "${WORKING_DIR}/fake-ipa/ironic-tls.key"
   fi
   # Create fake IPA custom config
   cat << EOF > "${WORKING_DIR}/fake-ipa/config.py"
@@ -240,6 +244,8 @@ FAKE_IPA_INSPECTION_CALLBACK_URL = "${IRONIC_URL}/continue_inspection"
 FAKE_IPA_ADVERTISE_ADDRESS_IP = "${EXTERNAL_SUBNET_V4_HOST}"
 FAKE_IPA_INSECURE = ${FAKE_IPA_INSECURE:-False}
 FAKE_IPA_CAFILE = "${FAKE_IPA_CAFILE:-/root/cert/ironic-ca.crt}"
+FAKE_IPA_CERTFILE = "${FAKE_IPA_CERTFILE:-/root/cert/ironic-tls.crt}"
+FAKE_IPA_KEYFILE = "${FAKE_IPA_KEYFILE:-/root/cert/ironic-tls.key}"
 FAKE_IPA_MIN_BOOT_TIME = ${FAKE_IPA_MIN_BOOT_TIME:-20}
 FAKE_IPA_MAX_BOOT_TIME = ${FAKE_IPA_MAX_BOOT_TIME:-30}
 EOF