From 13c86908ce2093556855b27e0e20acef428093c4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nicolas=20Mass=C3=A9?= <nicolas.masse@itix.fr>
Date: Fri, 2 Jun 2023 20:43:14 +0200
Subject: [PATCH] wip

---
 infrastructure/files/stackrox-init-hook/configure-acs.sh | 6 +++++-
 infrastructure/templates/acs.yaml                        | 6 ++++--
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/infrastructure/files/stackrox-init-hook/configure-acs.sh b/infrastructure/files/stackrox-init-hook/configure-acs.sh
index 9a3b646..cc0a0da 100644
--- a/infrastructure/files/stackrox-init-hook/configure-acs.sh
+++ b/infrastructure/files/stackrox-init-hook/configure-acs.sh
@@ -15,11 +15,15 @@ echo "========================================================================"
 echo
 
 export ROX_CENTRAL_ADDRESS="$(oc get route central -n stackrox -o go-template='{{.spec.host}}'):443"
-export ROX_CENTRAL_HOSTNAME="$ROX_CENTRAL_ADDRESS"
 while ! curl -sfko /dev/null "https://$ROX_CENTRAL_ADDRESS/"; do
     echo "Red Hat ACS not ready..."
     sleep 5
+    
+    # There is a risk the central's route to be created after this script started
+    # so we need to periodically refresh it
+    export ROX_CENTRAL_ADDRESS="$(oc get route central -n stackrox -o go-template='{{.spec.host}}'):443"
 done
+export ROX_CENTRAL_HOSTNAME="$ROX_CENTRAL_ADDRESS"
 
 echo "========================================================================"
 echo " Retrieving an API Token for Red Hat ACS"
diff --git a/infrastructure/templates/acs.yaml b/infrastructure/templates/acs.yaml
index 5bdb52d..2f31d6a 100644
--- a/infrastructure/templates/acs.yaml
+++ b/infrastructure/templates/acs.yaml
@@ -41,7 +41,7 @@ apiVersion: project.openshift.io/v1
 kind: Project
 metadata:
   annotations:
-    argocd.argoproj.io/sync-wave: "15"
+    argocd.argoproj.io/sync-wave: "10"
     openshift.io/description: ""
     openshift.io/display-name: ""
   labels:
@@ -54,8 +54,10 @@ spec:
 apiVersion: v1
 kind: Secret
 metadata:
+  # The secret needs to be created before the creation of the "Central" Custom Resource.
+  # Otherwise, a race condition is possible and the installation of the Central might get stuck.
   annotations:
-    argocd.argoproj.io/sync-wave: "15"
+    argocd.argoproj.io/sync-wave: "10"
   name: central-admin
   namespace: stackrox
 type: Opaque