From eff6861e4228ec0b51883ffa509f2ef1d024aaa8 Mon Sep 17 00:00:00 2001 From: Michael Tharp Date: Wed, 16 Aug 2023 15:53:02 -0400 Subject: [PATCH] feat: add --no-timestamp option to sign commands --- internal/signinit/signinit.go | 2 +- signers/options.go | 51 +++++++++++++++++++++-------------- signers/signers.go | 1 + 3 files changed, 33 insertions(+), 21 deletions(-) diff --git a/internal/signinit/signinit.go b/internal/signinit/signinit.go index 1ae0f2f..08df1dc 100644 --- a/internal/signinit/signinit.go +++ b/internal/signinit/signinit.go @@ -68,7 +68,7 @@ func Init(ctx context.Context, mod *signers.Signer, tok token.Token, keyName str } else if mod.CertTypes&signers.CertTypePgp != 0 { return nil, nil, sigerrors.ErrNoCertificate{Type: "pgp"} } - if kconf.Timestamp { + if kconf.Timestamp && !flags.GetBool("no-timestamp") { cert.Timestamper, err = GetTimestamper() if err != nil { return nil, nil, err diff --git a/signers/options.go b/signers/options.go index 5da49ca..e2c92fe 100644 --- a/signers/options.go +++ b/signers/options.go @@ -35,6 +35,13 @@ import ( "github.com/sassoftware/relic/v7/lib/pkcs9" ) +var common *pflag.FlagSet + +func init() { + common = pflag.NewFlagSet("common", pflag.ExitOnError) + common.Bool("no-timestamp", false, "Do not attach a trusted timestamp even if the selected key configures one") +} + type SignOpts struct { Path string Hash crypto.Hash @@ -89,6 +96,22 @@ type FlagValues struct { Values map[string]string } +func (v *FlagValues) mergeAll(defs *pflag.FlagSet, getter func(string) string) { + if defs != nil { + v.mergeSet(defs, getter) + } + v.mergeSet(common, getter) +} + +func (v *FlagValues) mergeSet(defs *pflag.FlagSet, getter func(string) string) { + defs.VisitAll(func(flag *pflag.Flag) { + value := getter(flag.Name) + if value != "" { + v.Values[flag.Name] = value + } + }) +} + // FlagsFromCmdline creates a FlagValues from the (merged) command-line options of a command func (s *Signer) FlagsFromCmdline(fs *pflag.FlagSet) (*FlagValues, error) { for flag, users := range flagMap { @@ -106,43 +129,31 @@ func (s *Signer) FlagsFromCmdline(fs *pflag.FlagSet) (*FlagValues, error) { return nil, fmt.Errorf("flag \"%s\" is not allowed for signature type \"%s\"", flag, s.Name) } } - if s.flags == nil { - return nil, nil - } values := &FlagValues{ Defs: s.flags, Values: make(map[string]string), } - s.flags.VisitAll(func(flag *pflag.Flag) { - if fs.Changed(flag.Name) { - values.Values[flag.Name] = fs.Lookup(flag.Name).Value.String() + values.mergeAll(s.flags, func(name string) string { + if !fs.Changed(name) { + return "" } + return fs.Lookup(name).Value.String() }) return values, nil } // FlagsFromQuery creates a FlagValues from URL query parameters func (s *Signer) FlagsFromQuery(q url.Values) (*FlagValues, error) { - if s.flags == nil { - return nil, nil - } values := &FlagValues{ Defs: s.flags, Values: make(map[string]string), } - s.flags.VisitAll(func(flag *pflag.Flag) { - if value := q.Get(flag.Name); value != "" { - values.Values[flag.Name] = value - } - }) + values.mergeAll(s.flags, q.Get) return values, nil } // ToQuery appends query parameters to a URL for each option in the flag set func (values *FlagValues) ToQuery(q url.Values) error { - if values == nil { - return nil - } for key, value := range values.Values { q.Set(key, value) } @@ -151,10 +162,10 @@ func (values *FlagValues) ToQuery(q url.Values) error { // GetString returns the flag's value as a string func (values *FlagValues) GetString(name string) string { - if values == nil { - panic("flag " + name + " not defined for signer module") + flag := common.Lookup(name) + if flag == nil && values.Defs != nil { + flag = values.Defs.Lookup(name) } - flag := values.Defs.Lookup(name) if flag == nil { panic("flag " + name + " not defined for signer module") } diff --git a/signers/signers.go b/signers/signers.go index 4899b70..a6840a2 100644 --- a/signers/signers.go +++ b/signers/signers.go @@ -185,6 +185,7 @@ func MergeFlags(cmd *cobra.Command) { flagMap = make(map[string][]string) } fs := cmd.Flags() + fs.AddFlagSet(common) for _, s := range registered { if s.flags == nil { continue