From 514d318ecec48e1e5bc1bc0fe6927d48c90675d9 Mon Sep 17 00:00:00 2001
From: Camila Macedo <camilamacedo86@gmail.com>
Date: Wed, 6 Nov 2024 19:14:22 +0000
Subject: [PATCH] fix: add kubectl_wait_for_caBundle to handle caBundle
 readiness checks

- Added `kubectl_wait_for_caBundle` function to independently check if `caBundle` is populated in webhook configurations.
- Resolves error: `jsonpath wait format must be --for=jsonpath='{.status.readyReplicas}'=3`, which occurs because the script initially assumes 3 ready replicas for cert-manager deployments. This assumption is inaccurate for development purposes and for users following the getting started documentation where cert-manager is installed using the `install.sh` script from releases.
---
 scripts/install.tpl.sh | 28 ++++++++++++++++++++++++++--
 1 file changed, 26 insertions(+), 2 deletions(-)

diff --git a/scripts/install.tpl.sh b/scripts/install.tpl.sh
index c1907ddc9..afe604c0c 100644
--- a/scripts/install.tpl.sh
+++ b/scripts/install.tpl.sh
@@ -41,13 +41,37 @@ function kubectl_wait_rollout() {
     kubectl rollout status --namespace="${namespace}" "${runtime}" --timeout="${timeout}"
 }
 
+function kubectl_wait_for_caBundle() {
+    resource=$1
+    jsonpath_query=$2
+    timeout=$3
+
+    start_time=$(date +%s)
+    while true; do
+        caBundle_value=$(kubectl get "${resource}" -o jsonpath="${jsonpath_query}" 2>/dev/null || echo "")
+
+        if [[ -n "${caBundle_value}" ]]; then
+            echo "${resource} has populated ${jsonpath_query}."
+            break
+        fi
+
+        if [[ $(( $(date +%s) - start_time )) -ge ${timeout} ]]; then
+            echo "Timed out waiting for ${resource} to populate ${jsonpath_query}."
+            exit 1
+        fi
+
+        sleep 5
+    done
+}
+
+
 kubectl apply -f "https://github.com/cert-manager/cert-manager/releases/download/${cert_mgr_version}/cert-manager.yaml"
 # Wait for cert-manager to be fully ready
 kubectl_wait "cert-manager" "deployment/cert-manager-webhook" "60s"
 kubectl_wait "cert-manager" "deployment/cert-manager-cainjector" "60s"
 kubectl_wait "cert-manager" "deployment/cert-manager" "60s"
-kubectl wait mutatingwebhookconfigurations/cert-manager-webhook --for=jsonpath='{.webhooks[0].clientConfig.caBundle}' --timeout=60s
-kubectl wait validatingwebhookconfigurations/cert-manager-webhook --for=jsonpath='{.webhooks[0].clientConfig.caBundle}' --timeout=60s
+kubectl_wait_for_caBundle "mutatingwebhookconfigurations/cert-manager-webhook" '{.webhooks[0].clientConfig.caBundle}' 60
+kubectl_wait_for_caBundle "validatingwebhookconfigurations/cert-manager-webhook" '{.webhooks[0].clientConfig.caBundle}' 60
 
 kubectl apply -f "https://github.com/operator-framework/catalogd/releases/download/${catalogd_version}/catalogd.yaml"
 # Wait for the rollout, and then wait for the deployment to be Available