add --context flag to step-ca command (#851)
* added the --context flag * apply the context and allow for different ca.json * amended usage for consistency * added an extra example * added an extra example * reordered and reworded examples
This commit is contained in:
parent
e27124b037
commit
6d4d4560df
2 changed files with 43 additions and 9 deletions
|
@ -117,7 +117,7 @@ func main() {
|
||||||
app.HelpName = "step-ca"
|
app.HelpName = "step-ca"
|
||||||
app.Version = step.Version()
|
app.Version = step.Version()
|
||||||
app.Usage = "an online certificate authority for secure automated certificate management"
|
app.Usage = "an online certificate authority for secure automated certificate management"
|
||||||
app.UsageText = `**step-ca** <config> [**--password-file**=<file>]
|
app.UsageText = `**step-ca** [config] [**--context**=<name>] [**--password-file**=<file>]
|
||||||
[**--ssh-host-password-file**=<file>] [**--ssh-user-password-file**=<file>]
|
[**--ssh-host-password-file**=<file>] [**--ssh-user-password-file**=<file>]
|
||||||
[**--issuer-password-file**=<file>] [**--resolver**=<addr>] [**--help**] [**--version**]`
|
[**--issuer-password-file**=<file>] [**--resolver**=<addr>] [**--help**] [**--version**]`
|
||||||
app.Description = `**step-ca** runs the Step Online Certificate Authority
|
app.Description = `**step-ca** runs the Step Online Certificate Authority
|
||||||
|
@ -133,6 +133,7 @@ This command will run indefinitely on success and return \>0 if any error occurs
|
||||||
These examples assume that you have already initialized your PKI by running
|
These examples assume that you have already initialized your PKI by running
|
||||||
'step ca init'. If you have not completed this step please see the 'Getting Started'
|
'step ca init'. If you have not completed this step please see the 'Getting Started'
|
||||||
section of the README.
|
section of the README.
|
||||||
|
|
||||||
Run the Step CA and prompt for password:
|
Run the Step CA and prompt for password:
|
||||||
'''
|
'''
|
||||||
$ step-ca $STEPPATH/config/ca.json
|
$ step-ca $STEPPATH/config/ca.json
|
||||||
|
@ -141,7 +142,26 @@ Run the Step CA and read the password from a file - this is useful for
|
||||||
automating deployment:
|
automating deployment:
|
||||||
'''
|
'''
|
||||||
$ step-ca $STEPPATH/config/ca.json --password-file ./password.txt
|
$ step-ca $STEPPATH/config/ca.json --password-file ./password.txt
|
||||||
'''`
|
'''
|
||||||
|
Run the Step CA for the context selected with step and a custom password file:
|
||||||
|
'''
|
||||||
|
$ step context select ssh
|
||||||
|
$ step-ca --password-file ./password.txt
|
||||||
|
'''
|
||||||
|
Run the Step CA for the context named _mybiz_ and prompt for password:
|
||||||
|
'''
|
||||||
|
$ step-ca --context=mybiz
|
||||||
|
'''
|
||||||
|
Run the Step CA for the context named _mybiz_ and an alternate ca.json file:
|
||||||
|
'''
|
||||||
|
$ step-ca --context=mybiz other-ca.json
|
||||||
|
'''
|
||||||
|
Run the Step CA for the context named _mybiz_ and read the password from a file - this is useful for
|
||||||
|
automating deployment:
|
||||||
|
'''
|
||||||
|
$ step-ca --context=mybiz --password-file ./password.txt
|
||||||
|
'''
|
||||||
|
`
|
||||||
app.Flags = append(app.Flags, commands.AppCommand.Flags...)
|
app.Flags = append(app.Flags, commands.AppCommand.Flags...)
|
||||||
app.Flags = append(app.Flags, cli.HelpFlag)
|
app.Flags = append(app.Flags, cli.HelpFlag)
|
||||||
app.Copyright = fmt.Sprintf("(c) 2018-%d Smallstep Labs, Inc.", time.Now().Year())
|
app.Copyright = fmt.Sprintf("(c) 2018-%d Smallstep Labs, Inc.", time.Now().Year())
|
||||||
|
|
|
@ -16,6 +16,7 @@ import (
|
||||||
"github.com/smallstep/certificates/pki"
|
"github.com/smallstep/certificates/pki"
|
||||||
"github.com/urfave/cli"
|
"github.com/urfave/cli"
|
||||||
"go.step.sm/cli-utils/errs"
|
"go.step.sm/cli-utils/errs"
|
||||||
|
"go.step.sm/cli-utils/step"
|
||||||
)
|
)
|
||||||
|
|
||||||
// AppCommand is the action used as the top action.
|
// AppCommand is the action used as the top action.
|
||||||
|
@ -57,6 +58,11 @@ certificate issuer private key used in the RA mode.`,
|
||||||
Usage: "token used to enable the linked ca.",
|
Usage: "token used to enable the linked ca.",
|
||||||
EnvVar: "STEP_CA_TOKEN",
|
EnvVar: "STEP_CA_TOKEN",
|
||||||
},
|
},
|
||||||
|
cli.StringFlag{
|
||||||
|
Name: "context",
|
||||||
|
Usage: "The name of the authority's context.",
|
||||||
|
EnvVar: "STEP_CA_CONTEXT",
|
||||||
|
},
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -69,15 +75,23 @@ func appAction(ctx *cli.Context) error {
|
||||||
resolver := ctx.String("resolver")
|
resolver := ctx.String("resolver")
|
||||||
token := ctx.String("token")
|
token := ctx.String("token")
|
||||||
|
|
||||||
// If zero cmd line args show help, if >1 cmd line args show error.
|
if ctx.NArg() > 1 {
|
||||||
if ctx.NArg() == 0 {
|
return errs.TooManyArguments(ctx)
|
||||||
return cli.ShowAppHelp(ctx)
|
}
|
||||||
}
|
|
||||||
if err := errs.NumberOfArguments(ctx, 1); err != nil {
|
if caCtx := ctx.String("context"); caCtx != "" {
|
||||||
return err
|
if err := step.Contexts().SetCurrent(caCtx); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
var configFile string
|
||||||
|
if ctx.NArg() > 0 {
|
||||||
|
configFile = ctx.Args().Get(0)
|
||||||
|
} else {
|
||||||
|
configFile = step.CaConfigFile()
|
||||||
}
|
}
|
||||||
|
|
||||||
configFile := ctx.Args().Get(0)
|
|
||||||
cfg, err := config.LoadConfiguration(configFile)
|
cfg, err := config.LoadConfiguration(configFile)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
fatal(err)
|
fatal(err)
|
||||||
|
|
Loading…
Reference in a new issue