crypt/step-ca-cli
crypt/step-ca-cli
1
0
Fork 0
mirror of https://github.com/smallstep/cli.git synced 2025-04-19 10:42:15 +03:00
Code

Use existing provisioner flag instead of redefining one

Browse Source
This commit is contained in:
Herman Slatman 2025-03-28 19:06:14 +01:00
parent c153ef3e75
commit 1156e4475b
No known key found for this signature in database
GPG Key ID: F4D8A44EA0A75A4F
9 changed files with 12 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
command/ca/policy/actions/cn.go
View File

@ -56,7 +56,7 @@ $ step ca policy authority x509 deny cn "My Bad CA Name"
commonNamesAction,
),
Flags: []cli.Flag{
provisionerFilterFlag,
flags.Provisioner,
flags.EABKeyID,
flags.EABReference,
cli.BoolFlag{

2
command/ca/policy/actions/dns.go
View File

@ -74,7 +74,7 @@ $ step ca policy authority ssh host allow dns "badsshhost.local"
dnsAction,
),
Flags: []cli.Flag{
provisionerFilterFlag,
flags.Provisioner,
flags.EABKeyID,
flags.EABReference,
cli.BoolFlag{

2
command/ca/policy/actions/emails.go
View File

@ -63,7 +63,7 @@ $ step ca policy provisioner ssh user deny email @example.com --provisioner my_p
emailAction,
),
Flags: []cli.Flag{
provisionerFilterFlag,
flags.Provisioner,
cli.BoolFlag{
Name: "remove",
Usage: `removes the provided emails from the policy instead of adding them`,

2
command/ca/policy/actions/ips.go
View File

@ -94,7 +94,7 @@ $ step ca policy authority ssh host deny ip 192.168.0.40
ipAction,
),
Flags: []cli.Flag{
provisionerFilterFlag,
flags.Provisioner,
flags.EABKeyID,
flags.EABReference,
cli.BoolFlag{

11
command/ca/policy/actions/policy.go
View File

@ -7,7 +7,6 @@ import (
"errors"
"fmt"
"github.com/urfave/cli"
"google.golang.org/protobuf/encoding/protojson"
"github.com/smallstep/certificates/ca"
@ -18,11 +17,6 @@ import (
"github.com/smallstep/cli/internal/command"
)
var provisionerFilterFlag = cli.StringFlag{
Name: "provisioner",
Usage: `The provisioner <name>`,
}
func retrieveAndUnsetProvisionerFlagIfRequired(ctx context.Context) string {
// when managing policies on the authority level there's no need
// to select a provisioner, so the flag does not need to be unset.
@ -33,11 +27,14 @@ func retrieveAndUnsetProvisionerFlagIfRequired(ctx context.Context) string {
clictx := command.CLIContextFromContext(ctx)
provisioner := clictx.String("provisioner")
// unset the provisioner flag value, so that it's not used
// unset the provisioner and issuer flag values, so that they're not used
// automatically in token flows.
if err := clictx.Set("provisioner", ""); err != nil {
panic(fmt.Errorf("failed unsetting provisioner flag: %w", err))
}
if err := clictx.Set("issuer", ""); err != nil {
panic(fmt.Errorf("failed unsetting issuer flag: %w", err))
}
return provisioner
}

2
command/ca/policy/actions/principals.go
View File

@ -58,7 +58,7 @@ $ step ca policy provisioner ssh host deny principal root --provisioner my_ssh_u
principalAction,
),
Flags: []cli.Flag{
provisionerFilterFlag,
flags.Provisioner,
cli.BoolFlag{
Name: "remove",
Usage: `removes the provided Principals from the policy instead of adding them`,

2
command/ca/policy/actions/remove.go
View File

@ -55,7 +55,7 @@ $ step ca policy acme remove --provisioner my_acme_provisioner --eab-key-id "lUO
removeAction,
),
Flags: []cli.Flag{
provisionerFilterFlag,
flags.Provisioner,
flags.EABKeyID,
flags.EABReference,
flags.AdminCert,

2
command/ca/policy/actions/uris.go
View File

@ -53,7 +53,7 @@ $ step ca policy provisioner x509 allow uri "*.example.com" --provisioner my_pro
uriAction,
),
Flags: []cli.Flag{
provisionerFilterFlag,
flags.Provisioner,
cli.BoolFlag{
Name: "remove",
Usage: `removes the provided URIs from the policy instead of adding them`,

2
command/ca/policy/actions/view.go
View File

@ -56,7 +56,7 @@ $ step ca policy acme view --provisioner my_acme_provisioner --eab-key-id "lUOTG
viewAction,
),
Flags: []cli.Flag{
provisionerFilterFlag,
flags.Provisioner,
flags.EABKeyID,
flags.EABReference,
flags.AdminCert,