add pkcs11-config-path command line parameter #192
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
avoidik
force-pushed
the
allow-to-change-pkcs-config-path
branch
from
1b8b4f4
to
1d77e15
Compare
lukehinds
reviewed
Sep 30, 2021
cmd/app/createca.go
Outdated
| @@ -46,7 +46,7 @@ such as organization, country etc. This can then be used as the root | |||
| certificate authority for an instance of sigstore fulcio`, | |||
| Run: func(cmd *cobra.Command, args []string) { | |||
| log.Logger.Info("binding to PKCS11 HSM") | |||
| p11Ctx, err := crypto11.ConfigureFromFile("config/crypto11.conf") | |||
| p11Ctx, err := crypto11.ConfigureFromFile(viper.GetString("crypto-config-path")) | |||
There was a problem hiding this comment.
Good idea!
Could we name it pkcs11-config-path instead please?
lukehinds
reviewed
Sep 30, 2021
pkg/pkcs11/pkcs11.go
Outdated
| ) | ||
|
|
||
| func InitHSMCtx() (*crypto11.Context, error) { | ||
| p11Ctx, err := crypto11.ConfigureFromFile("config/crypto11.conf") | ||
| p11Ctx, err := crypto11.ConfigureFromFile(viper.GetString("crypto-config-path")) |
There was a problem hiding this comment.
Did you manage to test this, I am not sure if the viper flags would reach this code (not at my main computer right now)?
There was a problem hiding this comment.
I expected to give it a dry run on CI/CD first, but I checked similar code in pkg directory first, so I assumed that it should be okay
avoidik
changed the title
Signed-off-by: Vasilyev, Viacheslav <viacheslav.vasilyev@accenture.com>
avoidik
force-pushed
the
allow-to-change-pkcs-config-path
branch
from
ed224e7
to
a4c4553
Compare
lukehinds
approved these changes
Oct 1, 2021
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Allow to change crypto11.conf file location via
--pkcs11-config-pathcommand-line parameterTicket Link
No ticket
Release Note