forked from TrueCloudLab/certificates
add --context flag to step-ca command (#851)
* added the --context flag * apply the context and allow for different ca.json * amended usage for consistency * added an extra example * added an extra example * reordered and reworded examples
This commit is contained in:
parent
a852223717
commit
27c1d0afc3
2 changed files with 43 additions and 9 deletions
|
@ -117,7 +117,7 @@ func main() {
|
|||
app.HelpName = "step-ca"
|
||||
app.Version = step.Version()
|
||||
app.Usage = "an online certificate authority for secure automated certificate management"
|
||||
app.UsageText = `**step-ca** <config> [**--password-file**=<file>]
|
||||
app.UsageText = `**step-ca** [config] [**--context**=<name>] [**--password-file**=<file>]
|
||||
[**--ssh-host-password-file**=<file>] [**--ssh-user-password-file**=<file>]
|
||||
[**--issuer-password-file**=<file>] [**--resolver**=<addr>] [**--help**] [**--version**]`
|
||||
app.Description = `**step-ca** runs the Step Online Certificate Authority
|
||||
|
@ -133,6 +133,7 @@ This command will run indefinitely on success and return \>0 if any error occurs
|
|||
These examples assume that you have already initialized your PKI by running
|
||||
'step ca init'. If you have not completed this step please see the 'Getting Started'
|
||||
section of the README.
|
||||
|
||||
Run the Step CA and prompt for password:
|
||||
'''
|
||||
$ step-ca $STEPPATH/config/ca.json
|
||||
|
@ -141,7 +142,26 @@ Run the Step CA and read the password from a file - this is useful for
|
|||
automating deployment:
|
||||
'''
|
||||
$ step-ca $STEPPATH/config/ca.json --password-file ./password.txt
|
||||
'''`
|
||||
'''
|
||||
Run the Step CA for the context selected with step and a custom password file:
|
||||
'''
|
||||
$ step context select ssh
|
||||
$ step-ca --password-file ./password.txt
|
||||
'''
|
||||
Run the Step CA for the context named _mybiz_ and prompt for password:
|
||||
'''
|
||||
$ step-ca --context=mybiz
|
||||
'''
|
||||
Run the Step CA for the context named _mybiz_ and an alternate ca.json file:
|
||||
'''
|
||||
$ step-ca --context=mybiz other-ca.json
|
||||
'''
|
||||
Run the Step CA for the context named _mybiz_ and read the password from a file - this is useful for
|
||||
automating deployment:
|
||||
'''
|
||||
$ step-ca --context=mybiz --password-file ./password.txt
|
||||
'''
|
||||
`
|
||||
app.Flags = append(app.Flags, commands.AppCommand.Flags...)
|
||||
app.Flags = append(app.Flags, cli.HelpFlag)
|
||||
app.Copyright = fmt.Sprintf("(c) 2018-%d Smallstep Labs, Inc.", time.Now().Year())
|
||||
|
|
|
@ -16,6 +16,7 @@ import (
|
|||
"github.com/smallstep/certificates/pki"
|
||||
"github.com/urfave/cli"
|
||||
"go.step.sm/cli-utils/errs"
|
||||
"go.step.sm/cli-utils/step"
|
||||
)
|
||||
|
||||
// AppCommand is the action used as the top action.
|
||||
|
@ -57,6 +58,11 @@ certificate issuer private key used in the RA mode.`,
|
|||
Usage: "token used to enable the linked ca.",
|
||||
EnvVar: "STEP_CA_TOKEN",
|
||||
},
|
||||
cli.StringFlag{
|
||||
Name: "context",
|
||||
Usage: "The name of the authority's context.",
|
||||
EnvVar: "STEP_CA_CONTEXT",
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
|
@ -69,15 +75,23 @@ func appAction(ctx *cli.Context) error {
|
|||
resolver := ctx.String("resolver")
|
||||
token := ctx.String("token")
|
||||
|
||||
// If zero cmd line args show help, if >1 cmd line args show error.
|
||||
if ctx.NArg() == 0 {
|
||||
return cli.ShowAppHelp(ctx)
|
||||
}
|
||||
if err := errs.NumberOfArguments(ctx, 1); err != nil {
|
||||
return err
|
||||
if ctx.NArg() > 1 {
|
||||
return errs.TooManyArguments(ctx)
|
||||
}
|
||||
|
||||
if caCtx := ctx.String("context"); caCtx != "" {
|
||||
if err := step.Contexts().SetCurrent(caCtx); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
||||
var configFile string
|
||||
if ctx.NArg() > 0 {
|
||||
configFile = ctx.Args().Get(0)
|
||||
} else {
|
||||
configFile = step.CaConfigFile()
|
||||
}
|
||||
|
||||
configFile := ctx.Args().Get(0)
|
||||
cfg, err := config.LoadConfiguration(configFile)
|
||||
if err != nil {
|
||||
fatal(err)
|
||||
|
|
Loading…
Reference in a new issue