From faa2306a3012bca3e8c93ed82e03010136156e15 Mon Sep 17 00:00:00 2001
From: Maksim Fedotov <m_fedotov@wargaming.net>
Date: Tue, 20 Jul 2021 12:03:43 +0300
Subject: [PATCH] chore: support multiple groups in
 create-{user}/{user-openshift}.sh scripts

---
 hack/create-user-openshift.sh | 10 ++++++++--
 hack/create-user.sh           | 11 +++++++++--
 2 files changed, 17 insertions(+), 4 deletions(-)

diff --git a/hack/create-user-openshift.sh b/hack/create-user-openshift.sh
index 99ba3e61..979f1ffe 100755
--- a/hack/create-user-openshift.sh
+++ b/hack/create-user-openshift.sh
@@ -30,6 +30,7 @@ fi
 
 USER=$1
 TENANT=$2
+GROUP=$3
 
 if [[ -z ${USER} ]]; then
     echo "User has not been specified!"
@@ -41,13 +42,18 @@ if [[ -z ${TENANT} ]]; then
     exit 1
 fi
 
-GROUP=capsule.clastix.io
+if [[ -z ${GROUP} ]]; then
+    GROUP=capsule.clastix.io
+fi
 
 TMPDIR=$(mktemp -d)
 echo "creating certs in TMPDIR ${TMPDIR} "
 
+MERGED_GROUPS=$(echo "/O=$GROUP" | sed "s/,/\/O=/g")
+echo "merging groups ${MERGED_GROUPS}"
+
 openssl genrsa -out ${TMPDIR}/tls.key 2048
-openssl req -new -key ${TMPDIR}/tls.key -subj "/CN=${USER}/O=${GROUP}" -out ${TMPDIR}/${USER}-${TENANT}.csr
+openssl req -new -key ${TMPDIR}/tls.key -subj "/CN=${USER}${MERGED_GROUPS}" -out ${TMPDIR}/${USER}-${TENANT}.csr
 
 # Clean any previously created CSR for the same user.
 kubectl delete csr ${USER}-${TENANT} 2>/dev/null || true
diff --git a/hack/create-user.sh b/hack/create-user.sh
index 792ecac8..c41c431f 100755
--- a/hack/create-user.sh
+++ b/hack/create-user.sh
@@ -24,6 +24,7 @@ fi
 
 USER=$1
 TENANT=$2
+GROUP=$3
 
 if [[ -z ${USER} ]]; then
     echo "User has not been specified!"
@@ -35,13 +36,19 @@ if [[ -z ${TENANT} ]]; then
     exit 1
 fi
 
-GROUP=capsule.clastix.io
+if [[ -z ${GROUP} ]]; then
+    GROUP=capsule.clastix.io
+fi
+
 
 TMPDIR=$(mktemp -d)
 echo "creating certs in TMPDIR ${TMPDIR} "
 
+MERGED_GROUPS=$(echo "/O=$GROUP" | sed "s/,/\/O=/g")
+echo "merging groups ${MERGED_GROUPS}"
+
 openssl genrsa -out ${USER}-${TENANT}.key 2048
-openssl req -new -key ${USER}-${TENANT}.key -subj "/CN=${USER}/O=${GROUP}" -out ${TMPDIR}/${USER}-${TENANT}.csr
+openssl req -new -key ${USER}-${TENANT}.key -subj "/CN=${USER}${MERGED_GROUPS}" -out ${TMPDIR}/${USER}-${TENANT}.csr
 
 # Clean any previously created CSR for the same user.
 kubectl delete csr ${USER}-${TENANT} 2>/dev/null || true