Merge pull request #64 from smallstep/mariano/init-flags

Add flags to specify the arguments to `step ca init`

Author: maraino

command/ca/init.go

@@ -6,13 +6,13 @@ import (
 	"io"
 	"strings"
 
-	"github.com/smallstep/cli/crypto/pemutil"
-
 	"github.com/smallstep/cli/command"
+	"github.com/smallstep/cli/crypto/pemutil"
 	"github.com/smallstep/cli/crypto/pki"
 	"github.com/smallstep/cli/errs"
 	stepx509 "github.com/smallstep/cli/pkg/x509"
 	"github.com/smallstep/cli/ui"
+	"github.com/smallstep/cli/utils"
 	"github.com/urfave/cli"
 )
 
@@ -38,7 +38,31 @@ func initCommand() cli.Command {
 			},
 			cli.BoolFlag{
 				Name:  "pki",
-				Usage: "Generate only the PKI without the CA configuration",
+				Usage: "Generate only the PKI without the CA configuration.",
+			},
+			cli.StringFlag{
+				Name:  "name",
+				Usage: "The <name> of the new PKI.",
+			},
+			cli.StringFlag{
+				Name:  "dns",
+				Usage: "The comma sepparated DNS <names> or IP addresses of the new CA.",
+			},
+			cli.StringFlag{
+				Name:  "address",
+				Usage: "The <address> that the new CA will listen at.",
+			},
+			cli.StringFlag{
+				Name:  "provisioner",
+				Usage: "The <name> of the first provisioner.",
+			},
+			cli.StringFlag{
+				Name:  "password-file",
+				Usage: `The path to the <file> containing the password to encrypt the keys.`,
+			},
+			cli.StringFlag{
+				Name:  "with-ca-url",
+				Usage: `<URI> of the Step Certificate Authority to write in defaults.json`,
 			},
 		},
 	}
@@ -49,12 +73,14 @@ func initAction(ctx *cli.Context) error {
 		return err
 	}
 
+	var password string
 	var rootCrt *stepx509.Certificate
 	var rootKey interface{}
 
 	root := ctx.String("root")
 	key := ctx.String("key")
 	configure := !ctx.Bool("pki")
+	caURL := ctx.String("with-ca-url")
 	switch {
 	case len(root) > 0 && len(key) == 0:
 		return errs.RequiredWithFlag(ctx, "root", "key")
@@ -70,18 +96,29 @@ func initAction(ctx *cli.Context) error {
 		}
 	}
 
+	passwordFile := ctx.String("password-file")
+	if passwordFile != "" {
+		b, err := utils.ReadPasswordFromFile(passwordFile)
+		if err != nil {
+			return err
+		}
+		password = string(b)
+	}
+
 	p, err := pki.New(pki.GetPublicPath(), pki.GetSecretsPath(), pki.GetConfigPath())
 	if err != nil {
 		return err
 	}
 
-	name, err := ui.Prompt("What would you like to name your new PKI? (e.g. Smallstep)", ui.WithValidateNotEmpty())
+	name, err := ui.Prompt("What would you like to name your new PKI? (e.g. Smallstep)",
+		ui.WithValidateNotEmpty(), ui.WithValue(ctx.String("name")))
 	if err != nil {
 		return err
 	}
 
 	if configure {
-		names, err := ui.Prompt("What DNS names or IP addresses would you like to add to your new CA? (e.g. ca.smallstep.com[,1.1.1.1,etc.])", ui.WithValidateFunc(ui.DNS()))
+		names, err := ui.Prompt("What DNS names or IP addresses would you like to add to your new CA? (e.g. ca.smallstep.com[,1.1.1.1,etc.])",
+			ui.WithValidateFunc(ui.DNS()), ui.WithValue(ctx.String("dns")))
 		if err != nil {
 			return err
 		}
@@ -95,22 +132,26 @@ func initAction(ctx *cli.Context) error {
 			dnsNames = append(dnsNames, strings.TrimSpace(name))
 		}
 
-		address, err := ui.Prompt("What address will your new CA listen at? (e.g. :443)", ui.WithValidateFunc(ui.Address()))
+		address, err := ui.Prompt("What address will your new CA listen at? (e.g. :443)",
+			ui.WithValidateFunc(ui.Address()), ui.WithValue(ctx.String("address")))
 		if err != nil {
 			return err
 		}
 
-		provisioner, err := ui.Prompt("What would you like to name the first provisioner for your new CA? (e.g. [email protected])", ui.WithValidateNotEmpty())
+		provisioner, err := ui.Prompt("What would you like to name the first provisioner for your new CA? (e.g. [email protected])",
+			ui.WithValidateNotEmpty(), ui.WithValue(ctx.String("provisioner")))
 		if err != nil {
 			return err
 		}
 
 		p.SetProvisioner(provisioner)
 		p.SetAddress(address)
 		p.SetDNSNames(dnsNames)
+		p.SetCAURL(caURL)
 	}
 
-	pass, err := ui.PromptPasswordGenerate("What do you want your password to be? [leave empty and we'll generate one]", ui.WithRichPrompt())
+	pass, err := ui.PromptPasswordGenerate("What do you want your password to be? [leave empty and we'll generate one]",
+		ui.WithRichPrompt(), ui.WithValue(password))
 	if err != nil {
 		return err
 	}

crypto/pki/pki.go

@@ -119,6 +119,7 @@ type PKI struct {
 	provisioner                     string
 	address                         string
 	dnsNames                        []string
+	caURL                           string
 }
 
 // New creates a new PKI configuration.
@@ -193,6 +194,11 @@ func (p *PKI) SetDNSNames(s []string) {
 	p.dnsNames = s
 }
 
+// SetCAURL sets the ca-url to use in the defaults.json.
+func (p *PKI) SetCAURL(s string) {
+	p.caURL = s
+}
+
 // GenerateKeyPairs generates the key pairs used by the certificate authority.
 func (p *PKI) GenerateKeyPairs(pass []byte) error {
 	var err error
@@ -315,21 +321,23 @@ func (p *PKI) Save() error {
 	}
 
 	// Generate the CA URL.
-	url := p.dnsNames[0]
-	_, port, err := net.SplitHostPort(p.address)
-	if err != nil {
-		return errors.Wrapf(err, "error parsing %s", p.address)
-	}
-	if port == "443" {
-		url = fmt.Sprintf("https://%s", url)
-	} else {
-		url = fmt.Sprintf("https://%s:%s", url, port)
+	if p.caURL == "" {
+		p.caURL = p.dnsNames[0]
+		_, port, err := net.SplitHostPort(p.address)
+		if err != nil {
+			return errors.Wrapf(err, "error parsing %s", p.address)
+		}
+		if port == "443" {
+			p.caURL = fmt.Sprintf("https://%s", p.caURL)
+		} else {
+			p.caURL = fmt.Sprintf("https://%s:%s", p.caURL, port)
+		}
 	}
 
 	defaults := &caDefaults{
 		Root:        p.root,
 		CAConfig:    p.config,
-		CAUrl:       url,
+		CAUrl:       p.caURL,
 		Fingerprint: p.rootFingerprint,
 	}
 	b, err = json.MarshalIndent(defaults, "", "   ")

ui/options.go

@@ -7,20 +7,44 @@ import (
 type options struct {
 	mask            rune
 	defaultValue    string
+	value           string
 	allowEdit       bool
 	printTemplate   string
 	promptTemplates *promptui.PromptTemplates
 	selectTemplates *promptui.SelectTemplates
 	validateFunc    promptui.ValidateFunc
 }
 
+// apply applies the given options.
 func (o *options) apply(opts []Option) *options {
 	for _, fn := range opts {
 		fn(o)
 	}
 	return o
 }
 
+// getValue validates the value and returns it.
+func (o *options) getValue() (string, error) {
+	if o.validateFunc == nil {
+		return o.value, nil
+	}
+	if err := o.validateFunc(o.value); err != nil {
+		return "", err
+	}
+	return o.value, nil
+}
+
+// getValueBytes validates the value and returns it as a byte slice.
+func (o *options) getValueBytes() ([]byte, error) {
+	if o.validateFunc == nil {
+		return []byte(o.value), nil
+	}
+	if err := o.validateFunc(o.value); err != nil {
+		return nil, err
+	}
+	return []byte(o.value), nil
+}
+
 // Option is the type of the functions that modify the prompt options.
 type Option func(*options)
 
@@ -38,6 +62,14 @@ func WithDefaultValue(s string) Option {
 	}
 }
 
+// WithValue sets a custom string as the result of a prompt. If value is set,
+// the prompt won't be displayed.
+func WithValue(value string) Option {
+	return func(o *options) {
+		o.value = value
+	}
+}
+
 // WithAllowEdit if true, let's the user edit the default value set.
 func WithAllowEdit(b bool) Option {
 	return func(o *options) {

ui/ui.go

@@ -98,6 +98,11 @@ func Prompt(label string, opts ...Option) (string, error) {
 	}
 	o.apply(opts)
 
+	// Return value if set
+	if o.value != "" {
+		return o.getValue()
+	}
+
 	prompt := &promptui.Prompt{
 		Label:     label,
 		Default:   o.defaultValue,
@@ -128,6 +133,11 @@ func PromptPassword(label string, opts ...Option) ([]byte, error) {
 	}
 	o.apply(opts)
 
+	// Return value if set
+	if o.value != "" {
+		return o.getValueBytes()
+	}
+
 	prompt := &promptui.Prompt{
 		Label:     label,
 		Mask:      o.mask,