alexvanin/certificates
1
0
Fork 0
forked from TrueCloudLab/certificates
Code Pull requests Activity

Add pidfile flag

Browse source 
This commit adds an optional flag --pidfile which allows to pass
a filename where step-ca will write its process id.

Fixes #754
This commit is contained in:
Mariano Cano 2023-01-31 12:04:06 -08:00
parent dd9b97221e
commit 0df942b8f6
No known key found for this signature in database
1 changed files with 25 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

26
commands/app.go
View file

@ -8,6 +8,7 @@ import (
"net/http" "net/http"
"os" "os"
"path/filepath" "path/filepath"
"strconv"
"strings" "strings"
"unicode" "unicode"
@ -29,7 +30,7 @@ var AppCommand = cli.Command{
Action: appAction, Action: appAction,
UsageText: `**step-ca** <config> [**--password-file**=<file>] UsageText: `**step-ca** <config> [**--password-file**=<file>]
[**--ssh-host-password-file**=<file>] [**--ssh-user-password-file**=<file>] [**--ssh-host-password-file**=<file>] [**--ssh-user-password-file**=<file>]
[**--issuer-password-file**=<file>] [**--resolver**=<addr>]`, [**--issuer-password-file**=<file>] [**--pidfile**=<file>] [**--resolver**=<addr>]`,
Flags: []cli.Flag{ Flags: []cli.Flag{
cli.StringFlag{ cli.StringFlag{
Name: "password-file", Name: "password-file",
@ -82,6 +83,10 @@ Requires **--insecure** flag.`,
Usage: `the <port> used on tls-alpn-01 challenges. It can be changed for testing purposes. Usage: `the <port> used on tls-alpn-01 challenges. It can be changed for testing purposes.
Requires **--insecure** flag.`, Requires **--insecure** flag.`,
}, },
cli.StringFlag{
Name: "pidfile",
Usage: "that path to the <file> to write the process ID.",
},
cli.BoolFlag{ cli.BoolFlag{
Name: "insecure", Name: "insecure",
Usage: "enable insecure flags.", Usage: "enable insecure flags.",
@ -89,6 +94,8 @@ Requires **--insecure** flag.`,
}, },
} }
var pidfile string
// AppAction is the action used when the top command runs. // AppAction is the action used when the top command runs.
func appAction(ctx *cli.Context) error { func appAction(ctx *cli.Context) error {
passFile := ctx.String("password-file") passFile := ctx.String("password-file")
@ -213,6 +220,15 @@ To get a linked authority token:
issuerPassword = bytes.TrimRightFunc(issuerPassword, unicode.IsSpace) issuerPassword = bytes.TrimRightFunc(issuerPassword, unicode.IsSpace)
} }
if filename := ctx.String("pidfile"); filename != "" {
pid := []byte(strconv.Itoa(os.Getpid()) + "\n")
//nolint:gosec // 0644 (-rw-r--r--) are common permissions for a pid file
if err := os.WriteFile(filename, pid, 0644); err != nil {
fatal(errors.Wrap(err, "error writing pidfile"))
}
pidfile = filename
}
// replace resolver if requested // replace resolver if requested
if resolver != "" { if resolver != "" {
net.DefaultResolver.PreferGo = true net.DefaultResolver.PreferGo = true
@ -237,6 +253,11 @@ To get a linked authority token:
if err = srv.Run(); err != nil && !errors.Is(err, http.ErrServerClosed) { if err = srv.Run(); err != nil && !errors.Is(err, http.ErrServerClosed) {
fatal(err) fatal(err)
} }
if pidfile != "" {
os.Remove(pidfile)
}
return nil return nil
} }
@ -269,5 +290,8 @@ func fatal(err error) {
} else { } else {
fmt.Fprintln(os.Stderr, err) fmt.Fprintln(os.Stderr, err)
} }
if pidfile != "" {
os.Remove(pidfile)
}
os.Exit(2) os.Exit(2)
} }