From 1592da921de1e6b363fcc70d887ffa5cdc0aab74 Mon Sep 17 00:00:00 2001 From: Stephan Date: Mon, 6 Jan 2020 19:51:29 +0100 Subject: [PATCH] fix(nebula-cert): flag duration is optional, so reflect this is the cli help (#117) * fix: nebula-cert duration is optional, so reflect this is the cli help nebula-cert sign defaults the duration flag to 1 second before the CA expires, so it is not required to be provided. * tests: Fix test for duration flag help message * nebula-cert: add duration default value hint --- cmd/nebula-cert/sign.go | 2 +- cmd/nebula-cert/sign_test.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/cmd/nebula-cert/sign.go b/cmd/nebula-cert/sign.go index 759065e..7e3949e 100644 --- a/cmd/nebula-cert/sign.go +++ b/cmd/nebula-cert/sign.go @@ -36,7 +36,7 @@ func newSignFlags() *signFlags { sf.caCertPath = sf.set.String("ca-crt", "ca.crt", "Optional: path to the signing CA cert") sf.name = sf.set.String("name", "", "Required: name of the cert, usually a hostname") sf.ip = sf.set.String("ip", "", "Required: ip and network in CIDR notation to assign the cert") - sf.duration = sf.set.Duration("duration", 0, "Required: how long the cert should be valid for. Valid time units are seconds: \"s\", minutes: \"m\", hours: \"h\"") + sf.duration = sf.set.Duration("duration", 0, "Optional: how long the cert should be valid for. The default is 1 second before the signing cert expires. Valid time units are seconds: \"s\", minutes: \"m\", hours: \"h\"") sf.inPubPath = sf.set.String("in-pub", "", "Optional (if out-key not set): path to read a previously generated public key") sf.outKeyPath = sf.set.String("out-key", "", "Optional (if in-pub not set): path to write the private key to") sf.outCertPath = sf.set.String("out-crt", "", "Optional: path to write the certificate to") diff --git a/cmd/nebula-cert/sign_test.go b/cmd/nebula-cert/sign_test.go index 355dc6b..88f7f3e 100644 --- a/cmd/nebula-cert/sign_test.go +++ b/cmd/nebula-cert/sign_test.go @@ -32,7 +32,7 @@ func Test_signHelp(t *testing.T) { " -ca-key string\n"+ " \tOptional: path to the signing CA key (default \"ca.key\")\n"+ " -duration duration\n"+ - " \tRequired: how long the cert should be valid for. Valid time units are seconds: \"s\", minutes: \"m\", hours: \"h\"\n"+ + " \tOptional: how long the cert should be valid for. The default is 1 second before the signing cert expires. Valid time units are seconds: \"s\", minutes: \"m\", hours: \"h\"\n"+ " -groups string\n"+ " \tOptional: comma separated list of groups\n"+ " -in-pub string\n"+