MCPcopy
hub / github.com/smallstep/cli / certificateAction

Function certificateAction

command/ssh/certificate.go:221–549  ·  view source on GitHub ↗
(ctx *cli.Context)

Source from the content-addressed store, hash-verified

219}
220
221func certificateAction(ctx *cli.Context) error {
222 if err := errs.NumberOfArguments(ctx, 2); err != nil {
223 return err
224 }
225
226 args := ctx.Args()
227 subject := args.Get(0)
228 keyFile := args.Get(1)
229 baseName := keyFile
230 // SSH uses fixed suffixes for public keys and certificates
231 pubFile := baseName + ".pub"
232 crtFile := baseName + "-cert.pub"
233
234 comment := ctx.String("comment")
235 if comment == "" {
236 comment = subject
237 }
238
239 // Flags
240 token := ctx.String("token")
241 isHost := ctx.Bool("host")
242 hostID := ctx.String("host-id")
243 isSign := ctx.Bool("sign")
244 isAddUser := ctx.Bool("add-user")
245 principals := ctx.StringSlice("principal")
246 passwordFile := ctx.String("password-file")
247 provisionerPasswordFile := ctx.String("provisioner-password-file")
248 noPassword := ctx.Bool("no-password")
249 insecure := ctx.Bool("insecure")
250 sshPrivKeyFile := ctx.String("private-key")
251 minPasswordLength := ctx.Int("min-password-length")
252 validAfter, validBefore, err := flags.ParseTimeDuration(ctx)
253 if err != nil {
254 return err
255 }
256 templateData, err := flags.ParseTemplateData(ctx)
257 if err != nil {
258 return err
259 }
260
261 kty, curve, size, err := utils.GetKeyDetailsFromCLI(ctx, insecure, "kty", "curve", "size")
262 if err != nil {
263 return err
264 }
265
266 // Validation
267 switch {
268 case noPassword && !insecure:
269 return errs.RequiredInsecureFlag(ctx, "no-password")
270 case noPassword && minPasswordLength > 0:
271 return errs.IncompatibleFlagWithFlag(ctx, "no-password", "min-password-length")
272 case noPassword && passwordFile != "":
273 return errs.IncompatibleFlagWithFlag(ctx, "no-password", "password-file")
274 case token != "" && provisionerPasswordFile != "":
275 return errs.IncompatibleFlagWithFlag(ctx, "token", "provisioner-password-file")
276 case isHost && isAddUser:
277 return errs.IncompatibleFlagWithFlag(ctx, "host", "add-user")
278 case !isHost && hostID != "":

Callers

nothing calls this directly

Calls 15

GenerateSSHTokenMethod · 0.95
GetClientMethod · 0.95
ParseTimeDurationFunction · 0.92
ParseTemplateDataFunction · 0.92
GetKeyDetailsFromCLIFunction · 0.92
ReadFileFunction · 0.92
WithSSHPublicKeyFunction · 0.92
NewCertificateFlowFunction · 0.92
DialAgentFunction · 0.92
readExistingUUIDFunction · 0.85
deriveMachineIDFunction · 0.85

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…