From adefdaf13717c87b7bd7341e16715dfdb6e51055 Mon Sep 17 00:00:00 2001
From: Ricard Illa <ricard@trkkn.com>
Date: Mon, 9 Jan 2023 18:20:05 +0100
Subject: [PATCH] suricata acme_sync: improved http response code handling

---
 suricata/acme_rsync/Makefile | 25 +++++++++++--------------
 1 file changed, 11 insertions(+), 14 deletions(-)

diff --git a/suricata/acme_rsync/Makefile b/suricata/acme_rsync/Makefile
index 4fa8848..d3861fd 100644
--- a/suricata/acme_rsync/Makefile
+++ b/suricata/acme_rsync/Makefile
@@ -62,31 +62,28 @@ $(JSON_SECRET): $(ACME_KEY_FILE) $(ACME_FULLCHAIN_FILE) $(ACME_KEY_FILE)
 
 ###############################################################################
 
-select_status_code = grep 'HTTP/' | awk '{printf $$2}'
-
 define k8s_api
 	curl \
-		-i \
-		-X $(1) \
+		--include \
+		--request $(1) \
+        --write-out "%{http_code}" \
+        --output /dev/stderr \
 		--cacert "$(K8S_CA_FILE)" \
-		-H "Authorization: Bearer $(K8S_TOKEN)" \
-		-H 'Accept: application/json' \
-		-H "Content-Type: application/json"
+		--header "Authorization: Bearer $(K8S_TOKEN)" \
+		--header 'Accept: application/json' \
+		--header "Content-Type: application/json"
 endef
 
 define get_secret
-	$(call k8s_api,GET) $(K8S_SECRERTS_URL)/$(SECRET_NAME) | \
-	$(select_status_code)
+	$(call k8s_api,GET) $(K8S_SECRERTS_URL)/$(SECRET_NAME)
 endef
 
 define post_secret
-	$(call k8s_api,POST) $(K8S_SECRERTS_URL) --data @$(1) | \
-	$(select_status_code)
+	$(call k8s_api,POST) $(K8S_SECRERTS_URL) --data @$(1)
 endef
 
 define put_secret
-	$(call k8s_api,PUT) $(K8S_SECRERTS_URL)/$(SECRET_NAME) --data @$(1) | \
-	$(select_status_code)
+	$(call k8s_api,PUT) $(K8S_SECRERTS_URL)/$(SECRET_NAME) --data @$(1)
 endef
 
 $(SECRET_UPDATED): $(JSON_SECRET)
@@ -95,7 +92,7 @@ $(SECRET_UPDATED): $(JSON_SECRET)
 	if [ "$${GET_STATUS_CODE}" = "404" ]; then \
 		echo "adding cert"; \
 		POST_STATUS_CODE=$$($(call post_secret,$^)); \
-		[ "$${POST_STATUS_CODE}" = "200" ] && touch $@; \
+		[ "$${POST_STATUS_CODE}" = "201" ] && touch $@; \
 	elif [ "$${GET_STATUS_CODE}" = "200" ]; then \
 		echo "updating existing cert"; \
 		PUT_STATUS_CODE=$$($(call put_secret,$^)); \