add create cert bundle when add user

This commit is contained in:
Trevor Batley 2023-09-06 10:04:26 +10:00
parent 6fdbc0c9ca
commit 79e78ec394

View File

@ -50,4 +50,43 @@ pushd "$KOJI_PKI_DIR"
$SCRIPT_DIR/koji-gencert.sh "$NEW_USER" "/C=$COUNTRY_CODE/ST=$STATE/L=$LOCATION/O=$ORGANIZATION/CN=$NEW_USER"
popd
echo "The Koji CLI key for $NEW_USER is $KOJI_PKI_DIR/$NEW_USER.pem and the browser key $KOJI_PKI_DIR/certs/$NEW_USER_browser_cert.p12"
# crete a bundle (tarball) for deployment to the user
if [[ ! -d $KOJI_PKI_DIR/bundle ]] ; then
mkdir -p $KOJI_PKI_DIR/bundle
fi
WORK_DIR=`mktemp -d $NEW_USER-XXXXXXXX`
# check if tmp dir was created
if [[ ! "$WORK_DIR" || ! -d "$WORK_DIR" ]]; then
echo "Could not create temp dir"
exit 1
fi
# register the cleanup function to be called on the EXIT signal
trap cleanup EXIT
pushd $WORK_DIR
mkdir -p .koji
cp $KOJI_PKI_DIR/$NEW_USER.pem $WORK_DIR/.koji/client.crt
cp $KOJI_PKI_DIR/koji_ca_cert.crt $WORK_DIR/.koji/serverca.crt
cp $KOJI_PKI_DIR/certs/"$NEW_USER"_browser_cert.p12 $WORK_DIR/.koji/.
cat > $WORK_DIR/.koji/config <<- EOT
[koji]
server = $KOJI_URL/kojihub
weburl = $KOJI_URL/koji
topurl = $KOJI_URL/kojifiles
topdir = $KOJI_DIR
cert = ~/.koji/client.crt
serverca = ~/.koji/serverca.crt
anon_retry = true
authtype = ssl
EOT
tar -zcf koji-"$NEW_USER"-bundle.tgz .koji
cp koji-"$NEW_USER"-bundle.tgz $KOJI_PKI_DIR/bundle/.
popd
echo "The Koji CLI and Web key bundle for $NEW_USER is $KOJI_PKI_DIR/bundle/koij-$NEW_USER-bundle.tgz"
# function to delete the temp directory
function cleanup {
rm -rf "$WORK_DIR"
}