From c85cf5a178620d5e1f007928142d77c8c2121979 Mon Sep 17 00:00:00 2001
From: Alba Hita Catala <ahitacat@redhat.com>
Date: Thu, 5 Sep 2024 16:24:05 +0200
Subject: [PATCH] Add make option and doc to copy FPC

Added an option that copies the firstPartyMock certificate into the
service-kv keyvault. Also added some lines of documentation.

Signed-off-by: Alba Hita Catala <ahitacat@redhat.com>

change
---
 cluster-service/Makefile                     | 6 +++++-
 dev-infrastructure/docs/development-setup.md | 6 ++++++
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/cluster-service/Makefile b/cluster-service/Makefile
index 680710a7f..24511ee82 100644
--- a/cluster-service/Makefile
+++ b/cluster-service/Makefile
@@ -23,7 +23,6 @@ deploy:
 			--query clientId) && \
 	CS_SERVICE_PRINCIPAL_CREDS_BASE64='$(shell az keyvault secret show --vault-name "service-kv-aro-hcp-dev" --name "aro-hcp-dev-sp-cs" | jq .value -r | base64 | tr -d '\n')' && \
 	TENANT_ID=$(shell az account show --query tenantId --output tsv) && \
-	KEYVAULT_NAME=$(shell az keyvault list --query "[?starts_with(name, 'service-kv')].name" -g ${REGIONAL_RESOURCEGROUP} --output tsv) && \
 	oc process --local -f deploy/openshift-templates/arohcp-service-template.yml \
 	  -p AZURE_CS_MI_CLIENT_ID=$${AZURE_CS_MI_CLIENT_ID} \
 	  -p TENANT_ID=$${TENANT_ID} \
@@ -44,3 +43,8 @@ provision-shard:
 	sed -e "s#ZONE_RESOURCE_ID#$${ZONE_RESOURCE_ID}#g" -e "s/REGION/${REGION}/g" -e "s/CONSUMER_NAME/${CONSUMER_NAME}/g" deploy/dev-provisioning-shards.yml
 
 .PHONY: deploy deploy-integ provision-shard
+
+copy-fpc:
+	@FPC_SECRET=$(shell az keyvault secret show --vault-name "service-kv-aro-hcp-dev" --name ${FPA_CERT_NAME} --query "value" -o tsv) && \
+ 	../dev-infrastructure/scripts/kv-add-secret.sh ${KEYVAULT_NAME} ${RESOURCEGROUP} ${FPA_CERT_NAME} $${FPC_SECRET}
+.PHONY: copy-fpc
diff --git a/dev-infrastructure/docs/development-setup.md b/dev-infrastructure/docs/development-setup.md
index 19454ca9e..5cacb9cb6 100644
--- a/dev-infrastructure/docs/development-setup.md
+++ b/dev-infrastructure/docs/development-setup.md
@@ -161,6 +161,12 @@ To access the HTTP and GRPC endpoints of maestro, run
 
 ### Cluster Service
 
+To make use of the first party certificate it is needed to copy the cert into the service-kv.
+   ```bash
+   cd cluster-service/
+   make copy-fpc
+   ```
+Then deploy CS:
    ```bash
    cd cluster-service/
    make deploy