From 02a3bdceff4b24e64a06fc71d9477ea01dc05476 Mon Sep 17 00:00:00 2001
From: Daniele Monti <62102073+Monska85@users.noreply.github.com>
Date: Tue, 27 Aug 2024 10:48:23 +0200
Subject: [PATCH] fix: change strategy to fetch the basic auth secret to
 increase compatibility (#70)

---
 bash_functions.sh | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/bash_functions.sh b/bash_functions.sh
index 75c5a96..eb3224e 100644
--- a/bash_functions.sh
+++ b/bash_functions.sh
@@ -22,13 +22,14 @@ function print-basic-auth() {
 
   for INGRESS in $(kubectl --namespace "${CURRENT_NAMESPACE}" get ingresses -o jsonpath='{.items[*].metadata.name}'); do
     FIRST_HOST="https://$(kubectl --namespace "${CURRENT_NAMESPACE}" get ingress "${INGRESS}" -o jsonpath="{.spec.rules[0].host}")"
-    SECRET=$(kubectl --namespace "${CURRENT_NAMESPACE}" get ingress "${INGRESS}" -o jsonpath="{.metadata.annotations.nginx\\.ingress\\.kubernetes\\.io/auth-secret}")
+    # We can't use the jsonpath directly because the 'auth-secret' annotation could be prefixed with custom prefix.
+    SECRET="$(kubectl --namespace "${CURRENT_NAMESPACE}" get ingress "${INGRESS}" -o yaml | grep "ingress.kubernetes.io/auth-secret:" | awk '{print $2}')"
     if [ -z "${SECRET}" ]; then
       echo "No auth secret found for ingress ${INGRESS} (${FIRST_HOST})"
       continue
     fi
-    USERNAME=$(kubectl --namespace "${CURRENT_NAMESPACE}" get secret "${SECRET}" -o jsonpath="{.data.username}" | base64 --decode)
-    PASSWORD=$(kubectl --namespace "${CURRENT_NAMESPACE}" get secret "${SECRET}" -o jsonpath="{.data.password}" | base64 --decode)
+    USERNAME=$(kubectl --namespace "${CURRENT_NAMESPACE}" get secret "${SECRET}" -o jsonpath="{.data.username}" | base64 -d)
+    PASSWORD=$(kubectl --namespace "${CURRENT_NAMESPACE}" get secret "${SECRET}" -o jsonpath="{.data.password}" | base64 -d)
     if [ -z "${USERNAME}" ] || [ -z "${PASSWORD}" ]; then
       echo "No auth credentials found in secret ${SECRET} (${INGRESS} - ${FIRST_HOST})"
       continue