From d6a403ec6e973666dd66c7f98aa12cac6b7b34da Mon Sep 17 00:00:00 2001
From: Brad Davidson <brad.davidson@rancher.com>
Date: Tue, 29 Sep 2020 11:19:25 -0700
Subject: [PATCH] Move profile flag to common flags

Move profile flag to common flags for server/agent so that it can be
loaded from config YAML.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
---
 pkg/cli/cmds/agent.go  | 10 +++++++++-
 pkg/cli/cmds/root.go   | 22 ++++++----------------
 pkg/cli/cmds/server.go | 10 +++++++++-
 pkg/rke2/rke2.go       | 12 ++----------
 4 files changed, 26 insertions(+), 28 deletions(-)

diff --git a/pkg/cli/cmds/agent.go b/pkg/cli/cmds/agent.go
index eaafa932a8..fa17c3a1e0 100644
--- a/pkg/cli/cmds/agent.go
+++ b/pkg/cli/cmds/agent.go
@@ -54,8 +54,16 @@ func NewAgentCommand() cli.Command {
 }
 
 func AgentRun(clx *cli.Context) error {
-	if profile == "" {
+	switch profile {
+	case "cis-1.5":
+		if err := validateCISreqs(); err != nil {
+			logrus.Fatal(err)
+		}
+	case "":
 		logrus.Warn("not running in CIS 1.5 mode")
+	default:
+		logrus.Fatal("invalid value provided for --profile flag")
 	}
+
 	return rke2.Agent(clx, config)
 }
diff --git a/pkg/cli/cmds/root.go b/pkg/cli/cmds/root.go
index d2ea009e51..715e59e1dd 100644
--- a/pkg/cli/cmds/root.go
+++ b/pkg/cli/cmds/root.go
@@ -37,6 +37,12 @@ var (
 			EnvVar:      "RKE2_CLOUD_PROVIDER_CONFIG",
 			Destination: &config.CloudProviderConfig,
 		},
+		&cli.StringFlag{
+			Name:        "profile",
+			Usage:       "(security) Validate system configuration against the selected benchmark (valid items: cis-1.5)",
+			EnvVar:      "RKE2_CIS_PROFILE",
+			Destination: &profile,
+		},
 	}
 )
 
@@ -133,28 +139,12 @@ func NewApp() *cli.App {
 			Destination: &debug,
 			EnvVar:      "RKE2_DEBUG",
 		},
-		cli.StringFlag{
-			Name:        "profile",
-			Usage:       "Indicate we need to run in CIS 1.5 mode",
-			Destination: &profile,
-			EnvVar:      "RKE2_CIS_PROFILE",
-		},
 	}
 
 	app.Before = func(clx *cli.Context) error {
 		if debug {
 			logrus.SetLevel(logrus.DebugLevel)
 		}
-		switch profile {
-		case "cis-1.5":
-			if err := validateCISreqs(); err != nil {
-				logrus.Fatal(err)
-			}
-		case "":
-			// continue. warning output another layer down.
-		default:
-			logrus.Fatal("invalid value provided for --profile flag")
-		}
 		return nil
 	}
 
diff --git a/pkg/cli/cmds/server.go b/pkg/cli/cmds/server.go
index c7d597d0cb..9182650f1e 100644
--- a/pkg/cli/cmds/server.go
+++ b/pkg/cli/cmds/server.go
@@ -103,8 +103,16 @@ func NewServerCommand() cli.Command {
 }
 
 func ServerRun(clx *cli.Context) error {
-	if profile == "" {
+	switch profile {
+	case "cis-1.5":
+		if err := validateCISreqs(); err != nil {
+			logrus.Fatal(err)
+		}
+	case "":
 		logrus.Warn("not running in CIS 1.5 mode")
+	default:
+		logrus.Fatal("invalid value provided for --profile flag")
 	}
+
 	return rke2.Server(clx, config)
 }
diff --git a/pkg/rke2/rke2.go b/pkg/rke2/rke2.go
index b9088036db..a3d3a5b115 100644
--- a/pkg/rke2/rke2.go
+++ b/pkg/rke2/rke2.go
@@ -60,18 +60,10 @@ func setup(clx *cli.Context, cfg Config) error {
 		case cli.StringFlag:
 			if strings.Contains(t.Name, "data-dir") {
 				dataDir = *t.Destination
-			}
-		}
-	}
-
-	for _, f := range clx.App.Flags {
-		switch t := f.(type) {
-		case cli.StringFlag:
-			if t.Name == "profile" && t.Destination != nil && *t.Destination != "" {
+			} else if t.Name == "profile" && t.Destination != nil && *t.Destination != "" {
 				cisMode = true
 			}
-		default:
-			// nothing to do. Keep moving.
+
 		}
 	}