-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathcommon.go
63 lines (51 loc) · 2.28 KB
/
common.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
package main
import (
"flag"
"os"
"path/filepath"
"github.com/daolinet/daolictl/cli"
"github.com/daolinet/daolictl/opts"
)
const (
defaultCaFile = "ca.pem"
defaultKeyFile = "key.pem"
defaultCertFile = "cert.pem"
tlsverify = "tlsverify"
)
var (
commonFlags = &cli.CommonFlags{FlagSet: new(flag.FlagSet)}
daoliCertPath = os.Getenv("DOCKER_CERT_PATH")
daoliTLSVerify = os.Getenv("DOCKER_TLS_VERIFY") != ""
)
func init() {
commonFlags.PostParse = postParseCommon
cmd := commonFlags.FlagSet
cmd.BoolVar(&commonFlags.Debug, "D,-debug", false, "Enable debug mode")
cmd.StringVar(&commonFlags.LogLevel, "l,-log-level", "info", "Set the logging level")
cmd.BoolVar(&commonFlags.TLS, "-tls", false, "Use TLS; implied by --tlsverify")
cmd.BoolVar(&commonFlags.TLSVerify, "-tlsverify", daoliTLSVerify, "Use TLS and verify the remote")
// TODO use flag flag.String("i,-identity", "", "Path to libtrust key file")
var tlsOptions cli.Options
commonFlags.TLSOptions = &tlsOptions
cmd.StringVar(&tlsOptions.CAFile, "-tlscacert", filepath.Join(daoliCertPath, defaultCaFile), "Trust certs signed only by this CA")
cmd.StringVar(&tlsOptions.CertFile, "-tlscert", filepath.Join(daoliCertPath, defaultCertFile), "Path to TLS certificate file")
cmd.StringVar(&tlsOptions.KeyFile, "-tlskey", filepath.Join(daoliCertPath, defaultKeyFile), "Path to TLS key file")
validateHost := func(val string) (string, error) {return val, nil }
cmd.Var(opts.NewNamedListOptsRef("hosts", &commonFlags.Hosts, validateHost), "H,-host", "Daemon socket(s) to connect to")
}
func postParseCommon() {
// Regardless of whether the user sets it to true or false, if they
// specify --tlsverify at all then we need to turn on tls
// TLSVerify can be true even if not set due to DOCKER_TLS_VERIFY env var, so we need to check that here as well
if commonFlags.TLSVerify {
commonFlags.TLS = true
}
if !commonFlags.TLS {
commonFlags.TLSOptions = nil
} else {
tlsOptions := commonFlags.TLSOptions
tlsOptions.InsecureSkipVerify = !commonFlags.TLSVerify
tlsOptions.CertFile = ""
tlsOptions.KeyFile = ""
}
}