From 0b3d0fe3fb04efcc0780e6ec5437e8ebfbbb530a Mon Sep 17 00:00:00 2001
From: Saverio Proto <zioproto@gmail.com>
Date: Mon, 4 Mar 2024 14:14:04 +0000
Subject: [PATCH] Terraform needs a pfx certificate file format

---
 .devcontainer/script.sh | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/.devcontainer/script.sh b/.devcontainer/script.sh
index d7aba4c..28bdf09 100644
--- a/.devcontainer/script.sh
+++ b/.devcontainer/script.sh
@@ -25,8 +25,13 @@ fi
 
 # If ARM_CLIENT_CERTIFICATE is set, decode it and save to a temp file
 if [ -n "$ARM_CLIENT_CERTIFICATE" ]; then
-    echo "$ARM_CLIENT_CERTIFICATE" | base64 -d > /tmp/certfile
-    az login --service-principal -u $ARM_CLIENT_ID --tenant $ARM_TENANT_ID -p /tmp/certfile
+    echo "$ARM_CLIENT_CERTIFICATE" | base64 -d > /tmp/certfile.pem
+    export ARM_CLIENT_CERTIFICATE_PATH="/tmp/certfile.pfx"
+    export ARM_CLIENT_CERTIFICATE_PASSWORD=$(date '+%s')
+    echo "$ARM_CLIENT_CERTIFICATE" | base64 -d | openssl pkcs12 -export -password pass:"$(ARM_CLIENT_CERTIFICATE_PASSWORD)" -out $ARM_CLIENT_CERTIFICATE_PATH
+    unset ARM_CLIENT_CERTIFICATE
+    az login --service-principal -u $ARM_CLIENT_ID --tenant $ARM_TENANT_ID -p /tmp/certfile.pem
+
 else
     # Otherwise, use ARM_CLIENT_SECRET
     az login --service-principal -u $ARM_CLIENT_ID -p $ARM_CLIENT_SECRET --tenant $ARM_TENANT_ID