add crypto-config-path command line parameter

sigstore · Sep 30, 2021 · 1b8b4f4 · 1b8b4f4
1 parent 9f97249
commit 1b8b4f4
Show file tree

Hide file tree

Showing 3 changed files with 4 additions and 2 deletions.
diff --git a/cmd/app/createca.go b/cmd/app/createca.go
@@ -46,7 +46,7 @@ such as organization, country etc. This can then be used as the root
 certificate authority for an instance of sigstore fulcio`,
 	Run: func(cmd *cobra.Command, args []string) {
 		log.Logger.Info("binding to PKCS11 HSM")
-		p11Ctx, err := crypto11.ConfigureFromFile("config/crypto11.conf")
+		p11Ctx, err := crypto11.ConfigureFromFile(viper.GetString("crypto-config-path"))
 		if err != nil {
 			log.Logger.Fatal(err)
 		}

diff --git a/cmd/app/root.go b/cmd/app/root.go
@@ -51,6 +51,7 @@ func init() {
 	rootCmd.PersistentFlags().String("hsm-caroot-id", "", "HSM ID for Root CA (only used with --ca fulcio)")
 	rootCmd.PersistentFlags().String("ct-log-url", "http://localhost:6962/test", "host and path (with log prefix at the end) to the ct log")
 	rootCmd.PersistentFlags().String("config-path", "/etc/fulcio-config/config.json", "path to fulcio config json")
+	rootCmd.PersistentFlags().String("crypto-config-path", "config/crypto11.conf", "path to fulcio pkcs11 config file")
 
 	if err := viper.BindPFlags(rootCmd.PersistentFlags()); err != nil {
 		log.Logger.Fatal(err)

diff --git a/pkg/pkcs11/pkcs11.go b/pkg/pkcs11/pkcs11.go
@@ -17,10 +17,11 @@ package pkcs11
 
 import (
 	"github.com/ThalesIgnite/crypto11"
+	"github.com/spf13/viper"
 )
 
 func InitHSMCtx() (*crypto11.Context, error) {
-	p11Ctx, err := crypto11.ConfigureFromFile("config/crypto11.conf")
+	p11Ctx, err := crypto11.ConfigureFromFile(viper.GetString("crypto-config-path"))
 	if err != nil {
 		return nil, err
 	}