diff --git a/ziti/cmd/pki/pki_create.go b/ziti/cmd/pki/pki_create.go index 2853fa14d1..2cb3e81a16 100644 --- a/ziti/cmd/pki/pki_create.go +++ b/ziti/cmd/pki/pki_create.go @@ -98,6 +98,31 @@ func (o *PKICreateOptions) Run() error { return o.Cmd.Help() } +// ResolveFlagsFromViper backfills struct fields from viper (env vars) when the +// corresponding CLI flag was not explicitly set. This allows flags like +// --ca-file, --curve, --intermediate-file, etc. to be set via ZITI_CA_FILE, +// ZITI_CURVE, ZITI_INTERMEDIATE_FILE environment variables. +func (o *PKICreateOptions) ResolveFlagsFromViper(cmd *cobra.Command) { + resolve := func(flagName string, target *string) { + if !cmd.Flags().Changed(flagName) { + if v := o.viper.GetString(flagName); v != "" { + *target = v + } + } + } + resolve("ca-file", &o.Flags.CAFile) + resolve("ca-name", &o.Flags.CAName) + resolve("curve", &o.Flags.EcCurve) + resolve("intermediate-file", &o.Flags.IntermediateFile) + resolve("intermediate-name", &o.Flags.IntermediateName) + resolve("server-file", &o.Flags.ServerFile) + resolve("server-name", &o.Flags.ServerName) + resolve("client-file", &o.Flags.ClientFile) + resolve("client-name", &o.Flags.ClientName) + resolve("key-file", &o.Flags.KeyFile) + resolve("trust-domain", &o.Flags.SpiffeID) +} + // ObtainPKIRoot returns the value for pki-root func (o *PKICreateOptions) ObtainPKIRoot() (string, error) { pkiRoot := o.Flags.PKIRoot diff --git a/ziti/cmd/pki/pki_create_ca.go b/ziti/cmd/pki/pki_create_ca.go index a1a44cc32f..79cdfee163 100644 --- a/ziti/cmd/pki/pki_create_ca.go +++ b/ziti/cmd/pki/pki_create_ca.go @@ -82,6 +82,7 @@ func (o *PKICreateCAOptions) addPKICreateCAFlags(cmd *cobra.Command) { // Run implements this command func (o *PKICreateCAOptions) Run() error { + o.ResolveFlagsFromViper(o.Cmd) pkiRoot, err := o.ObtainPKIRoot() if err != nil { return err diff --git a/ziti/cmd/pki/pki_create_client.go b/ziti/cmd/pki/pki_create_client.go index fd6437ff9b..0e06b23e40 100644 --- a/ziti/cmd/pki/pki_create_client.go +++ b/ziti/cmd/pki/pki_create_client.go @@ -87,6 +87,7 @@ func (o *PKICreateClientOptions) addPKICreateClientFlags(cmd *cobra.Command) { // Run implements this command func (o *PKICreateClientOptions) Run() error { + o.ResolveFlagsFromViper(o.Cmd) pkiRoot, err := o.ObtainPKIRoot() if err != nil { return err diff --git a/ziti/cmd/pki/pki_create_intermediate.go b/ziti/cmd/pki/pki_create_intermediate.go index e8985117f0..1c302324c0 100644 --- a/ziti/cmd/pki/pki_create_intermediate.go +++ b/ziti/cmd/pki/pki_create_intermediate.go @@ -81,6 +81,7 @@ func (o *PKICreateIntermediateOptions) addPKICreateIntermediateFlags(cmd *cobra. // Run implements this command func (o *PKICreateIntermediateOptions) Run() error { + o.ResolveFlagsFromViper(o.Cmd) pkiRoot, err := o.ObtainPKIRoot() if err != nil { return err diff --git a/ziti/cmd/pki/pki_create_key.go b/ziti/cmd/pki/pki_create_key.go index 0d5f3b88f8..4ae8cbfaf1 100644 --- a/ziti/cmd/pki/pki_create_key.go +++ b/ziti/cmd/pki/pki_create_key.go @@ -76,6 +76,7 @@ func (options *PKICreateKeyOptions) addPKICreateKeyFlags(cmd *cobra.Command) { // Run implements this command func (options *PKICreateKeyOptions) Run() error { + options.ResolveFlagsFromViper(options.Cmd) pkiRoot, err := options.ObtainPKIRoot() if err != nil { diff --git a/ziti/cmd/pki/pki_create_server.go b/ziti/cmd/pki/pki_create_server.go index 5248af3718..c51d9d1e7e 100644 --- a/ziti/cmd/pki/pki_create_server.go +++ b/ziti/cmd/pki/pki_create_server.go @@ -88,6 +88,7 @@ func (o *PKICreateServerOptions) addPKICreateServerFlags(cmd *cobra.Command) { // Run implements this command func (o *PKICreateServerOptions) Run() error { + o.ResolveFlagsFromViper(o.Cmd) IPs, DNSNames, err := o.ObtainIPsAndDNSNames() if err != nil { return err