From 770814996b2596976e93889e116801d8e87c63ce Mon Sep 17 00:00:00 2001
From: Ettore Di Giacinto <mudler@users.noreply.github.com>
Date: Mon, 17 Oct 2022 19:08:45 +0000
Subject: [PATCH] Attempt to get also from part name

---
 cmd/discovery/main.go                         | 42 +++++++++++--------
 .../keyserver.kairos.io_sealedvolumes.yaml    | 16 +++----
 2 files changed, 32 insertions(+), 26 deletions(-)

diff --git a/cmd/discovery/main.go b/cmd/discovery/main.go
index d741059..96c2ee0 100644
--- a/cmd/discovery/main.go
+++ b/cmd/discovery/main.go
@@ -31,6 +31,23 @@ func checkErr(err error) {
 	os.Exit(0)
 }
 
+func getPass(server, label string) (string, error) {
+	msg, err := tpm.Get(server, tpm.WithAdditionalHeader("label", label))
+	if err != nil {
+		return "", err
+	}
+	result := map[string]interface{}{}
+	err = json.Unmarshal(msg, &result)
+	if err != nil {
+		return "", err
+	}
+	p, ok := result["passphrase"]
+	if ok {
+		return fmt.Sprint(p), nil
+	}
+	return "", fmt.Errorf("pass for label not found")
+}
+
 // ❯ echo '{ "data": "{ \\"label\\": \\"LABEL\\" }"}' | sudo -E WSS_SERVER="http://localhost:8082/challenge" ./challenger "discovery.password"
 func start() error {
 	factory := pluggable.NewPluginFactory()
@@ -52,7 +69,6 @@ func start() error {
 	// Input: bus.EventInstallPayload
 	// Expected output: map[string]string{}
 	factory.Add(bus.EventDiscoveryPassword, func(e *pluggable.Event) pluggable.EventResponse {
-
 		if server == "" {
 			return pluggable.EventResponse{
 				Error: "no server configured",
@@ -67,28 +83,18 @@ func start() error {
 			}
 		}
 
-		msg, err := tpm.Get(server, tpm.WithAdditionalHeader("label", b.Label))
+		pass, err := getPass(server, b.Label)
 		if err != nil {
-			return pluggable.EventResponse{
-				Error: fmt.Sprintf("failed contacting from wss server: %s", err.Error()),
-			}
-		}
-		result := map[string]interface{}{}
-		err = json.Unmarshal(msg, &result)
-		if err != nil {
-			return pluggable.EventResponse{
-				Error: fmt.Sprintf("failed reading from wss server: %s", err.Error()),
-			}
-		}
-		p, ok := result["passphrase"]
-		if !ok {
-			return pluggable.EventResponse{
-				Error: "not found",
+			pass, err = getPass(server, b.Name)
+			if err != nil {
+				return pluggable.EventResponse{
+					Error: fmt.Sprintf("failed getting pass: %s", err.Error()),
+				}
 			}
 		}
 
 		return pluggable.EventResponse{
-			Data: fmt.Sprint(p),
+			Data: pass,
 		}
 	})
 
diff --git a/config/crd/bases/keyserver.kairos.io_sealedvolumes.yaml b/config/crd/bases/keyserver.kairos.io_sealedvolumes.yaml
index d5ae2cd..6f91639 100644
--- a/config/crd/bases/keyserver.kairos.io_sealedvolumes.yaml
+++ b/config/crd/bases/keyserver.kairos.io_sealedvolumes.yaml
@@ -37,14 +37,14 @@ spec:
             properties:
               TPMHash:
                 type: string
-              label:
-                type: string
-              passphraseRef:
-                properties:
-                  name:
-                    type: string
-                  path:
-                    type: string
+              partitionSecrets:
+                additionalProperties:
+                  properties:
+                    name:
+                      type: string
+                    path:
+                      type: string
+                  type: object
                 type: object
               quarantined:
                 type: boolean