apple-codesign: finish migrating off clap builder API

And we're done. Finally. It looks like clap automatically trims periods when pulling strings from comments. So I just deleted the periods as part of the refactor.
indygreg · Jun 4, 2023 · 6fc8329 · 6fc8329
1 parent e68abc5
commit 6fc8329
Show file tree

Hide file tree

Showing 24 changed files with 46 additions and 50 deletions.
diff --git a/apple-codesign/CHANGELOG.md b/apple-codesign/CHANGELOG.md
@@ -9,6 +9,10 @@ Released on ReleaseDate.
 * Notarization features are now optional and can be controlled via the
   enabled-by-default `notarize` crate feature. (#78)
 * Minimum supported Rust version changed from 1.62.1 to 1.65.0.
+* CLI argument parsing has been rewritten to use clap's derive mode
+  instead of the builder mode. The intent was to mostly preserve existing
+  CLI behavior. However, some minor changes - possibly bugs - may have
+  occurred as a result of this refactor.
 * cryptographic-message-syntax 0.19 -> 0.23.
 * once_cell 1.16 -> 1.17.
 * p256 0.11 -> 0.13.

diff --git a/apple-codesign/src/cli.rs b/apple-codesign/src/cli.rs
@@ -25,7 +25,7 @@ use {
         signing_settings::{SettingsScope, SigningSettings},
     },
     base64::{engine::general_purpose::STANDARD as STANDARD_ENGINE, Engine},
-    clap::{Arg, ArgAction, Args, Command, FromArgMatches, Parser, Subcommand},
+    clap::{ArgAction, Args, Parser},
     cryptographic_message_syntax::SignedData,
     difference::{Changeset, Difference},
     log::{error, warn, LevelFilter},
@@ -2689,27 +2689,23 @@ enum Subcommands {
     X509Oids,
 }
 
-pub fn main_impl() -> Result<(), AppleCodesignError> {
-    let app = Command::new("Cross platform Apple code signing in pure Rust")
-        .version(env!("CARGO_PKG_VERSION"))
-        .author("Gregory Szorc <[email protected]>")
-        .about("Sign and notarize Apple programs. See https://gregoryszorc.com/docs/apple-codesign/main/ for more docs.")
-        .arg_required_else_help(true)
-        .arg(
-            Arg::new("verbose")
-                .long("verbose")
-                .short('v')
-                .global(true)
-                .action(ArgAction::Count)
-                .help("Increase logging verbosity. Can be specified multiple times."),
-        );
+/// Sign and notarize Apple programs. See https://gregoryszorc.com/docs/apple-codesign/main/ for more docs
+#[derive(Parser)]
+#[command(author, version, arg_required_else_help = true)]
+struct Cli {
+    /// Increase logging verbosity. Can be specified multiple times
+    #[arg(short = 'v', long, global = true, action = ArgAction::Count)]
+    verbose: u8,
 
-    let app = Subcommands::augment_subcommands(app);
+    #[command(subcommand)]
+    command: Subcommands,
+}
 
-    let matches = app.get_matches();
+pub fn main_impl() -> Result<(), AppleCodesignError> {
+    let cli = Cli::parse();
 
     // TODO make default log level warn once we audit logging sites.
-    let log_level = match matches.get_count("verbose") {
+    let log_level = match cli.verbose {
         0 => LevelFilter::Info,
         1 => LevelFilter::Debug,
         _ => LevelFilter::Trace,
@@ -2734,11 +2730,7 @@ pub fn main_impl() -> Result<(), AppleCodesignError> {
 
     builder.init();
 
-    let subcommands = Subcommands::from_arg_matches(&matches).map_err(|e| {
-        AppleCodesignError::CliGeneralError(format!("error parsing arguments: {}", e))
-    })?;
-
-    match &subcommands {
+    match &cli.command {
         Subcommands::AnalyzeCertificate(args) => command_analyze_certificate(args),
         Subcommands::ComputeCodeHashes(args) => command_compute_code_hashes(args),
         Subcommands::DiffSignatures(args) => command_diff_signatures(args),

diff --git a/apple-codesign/tests/cmd/analyze-certificate.trycmd b/apple-codesign/tests/cmd/analyze-certificate.trycmd
@@ -13,7 +13,7 @@ Options:
           Smartcard slot number of signing certificate to use (9c is common)
 
   -v, --verbose...
-          Increase logging verbosity. Can be specified multiple times.
+          Increase logging verbosity. Can be specified multiple times
 
       --smartcard-pin-env <SMARTCARD_PIN_ENV>
           Environment variable holding the smartcard PIN

diff --git a/apple-codesign/tests/cmd/compute-code-hashes.trycmd b/apple-codesign/tests/cmd/compute-code-hashes.trycmd
@@ -11,7 +11,7 @@ Options:
       --hash <HASH>
           Hashing algorithm to use [default: sha256] [possible values: none, sha1, sha256, sha256-truncated, sha384, sha512]
   -v, --verbose...
-          Increase logging verbosity. Can be specified multiple times.
+          Increase logging verbosity. Can be specified multiple times
       --page-size <PAGE_SIZE>
           Chunk size to digest over [default: 4096]
       --universal-index <UNIVERSAL_INDEX>

diff --git a/apple-codesign/tests/cmd/diff-signatures.trycmd b/apple-codesign/tests/cmd/diff-signatures.trycmd
@@ -9,7 +9,7 @@ Arguments:
   <PATH1>  The second path to compare
 
 Options:
-  -v, --verbose...  Increase logging verbosity. Can be specified multiple times.
+  -v, --verbose...  Increase logging verbosity. Can be specified multiple times
   -h, --help        Print help
 
 ```
diff --git a/apple-codesign/tests/cmd/encode-app-store-connect-api-key.trycmd b/apple-codesign/tests/cmd/encode-app-store-connect-api-key.trycmd
@@ -49,7 +49,7 @@ Options:
           Path to a JSON file to create the output to
 
   -v, --verbose...
-          Increase logging verbosity. Can be specified multiple times.
+          Increase logging verbosity. Can be specified multiple times
 
   -h, --help
           Print help (see a summary with '-h')

diff --git a/apple-codesign/tests/cmd/extract.trycmd b/apple-codesign/tests/cmd/extract.trycmd
@@ -73,7 +73,7 @@ Options:
           [possible values: blobs, cms-info, cms-pem, cms-raw, cms, code-directory-raw, code-directory-serialized-raw, code-directory-serialized, code-directory, linkedit-info, linkedit-segment-raw, macho-load-commands, macho-segments, macho-target, requirements-raw, requirements-rust, requirements-serialized-raw, requirements-serialized, requirements, signature-raw, superblob]
 
   -v, --verbose...
-          Increase logging verbosity. Can be specified multiple times.
+          Increase logging verbosity. Can be specified multiple times
 
       --universal-index <UNIVERSAL_INDEX>
           Index of Mach-O binary to operate on within a universal/fat binary

diff --git a/apple-codesign/tests/cmd/generate-csr.trycmd b/apple-codesign/tests/cmd/generate-csr.trycmd
@@ -8,7 +8,7 @@ Options:
       --csr-pem-path <CSR_PEM_PATH>
           Path to file to write PEM encoded CSR to
   -v, --verbose...
-          Increase logging verbosity. Can be specified multiple times.
+          Increase logging verbosity. Can be specified multiple times
       --smartcard-slot <SMARTCARD_SLOT>
           Smartcard slot number of signing certificate to use (9c is common)
       --smartcard-pin-env <SMARTCARD_PIN_ENV>

diff --git a/apple-codesign/tests/cmd/generate-self-signed-cert.trycmd b/apple-codesign/tests/cmd/generate-self-signed-cert.trycmd
@@ -33,7 +33,7 @@ Options:
           [possible values: ecdsa, ed25519]
 
   -v, --verbose...
-          Increase logging verbosity. Can be specified multiple times.
+          Increase logging verbosity. Can be specified multiple times
 
       --profile <PROFILE>
           [default: apple-development]

diff --git a/apple-codesign/tests/cmd/help.trycmd b/apple-codesign/tests/cmd/help.trycmd
@@ -1,9 +1,9 @@
 ```
 $ rcodesign
 ? 2
-Sign and notarize Apple programs. See https://gregoryszorc.com/docs/apple-codesign/main/ for more docs.
+Sign and notarize Apple programs. See https://gregoryszorc.com/docs/apple-codesign/main/ for more docs
 
-Usage: rcodesign[EXE] [OPTIONS] [COMMAND]
+Usage: rcodesign[EXE] [OPTIONS] <COMMAND>
 
 Commands:
   analyze-certificate                   Analyze an X.509 certificate for Apple code signing properties
@@ -31,17 +31,17 @@ Commands:
   help                                  Print this message or the help of the given subcommand(s)
 
 Options:
-  -v, --verbose...  Increase logging verbosity. Can be specified multiple times.
+  -v, --verbose...  Increase logging verbosity. Can be specified multiple times
   -h, --help        Print help
   -V, --version     Print version
 
 ```
 
 ```
 $ rcodesign help
-Sign and notarize Apple programs. See https://gregoryszorc.com/docs/apple-codesign/main/ for more docs.
+Sign and notarize Apple programs. See https://gregoryszorc.com/docs/apple-codesign/main/ for more docs
 
-Usage: rcodesign[EXE] [OPTIONS] [COMMAND]
+Usage: rcodesign[EXE] [OPTIONS] <COMMAND>
 
 Commands:
   analyze-certificate                   Analyze an X.509 certificate for Apple code signing properties
@@ -69,7 +69,7 @@ Commands:
   help                                  Print this message or the help of the given subcommand(s)
 
 Options:
-  -v, --verbose...  Increase logging verbosity. Can be specified multiple times.
+  -v, --verbose...  Increase logging verbosity. Can be specified multiple times
   -h, --help        Print help
   -V, --version     Print version
 

diff --git a/apple-codesign/tests/cmd/keychain-export-certificate-chain.trycmd b/apple-codesign/tests/cmd/keychain-export-certificate-chain.trycmd
@@ -6,7 +6,7 @@ Usage: rcodesign[EXE] keychain-export-certificate-chain [OPTIONS] --user-id <USE
 
 Options:
       --domain <DOMAIN>                Keychain domain to operate on [default: user] [possible values: user, system, common, dynamic]
-  -v, --verbose...                     Increase logging verbosity. Can be specified multiple times.
+  -v, --verbose...                     Increase logging verbosity. Can be specified multiple times
       --password <PASSWORD>            Password to unlock the Keychain
       --password-file <PASSWORD_FILE>  File containing password to use to unlock the Keychain
       --no-print-self                  Print only the issuing certificate chain, not the subject certificate

diff --git a/apple-codesign/tests/cmd/keychain-print-certificates.trycmd b/apple-codesign/tests/cmd/keychain-print-certificates.trycmd
@@ -6,7 +6,7 @@ Usage: rcodesign[EXE] keychain-print-certificates [OPTIONS]
 
 Options:
       --domain <DOMAIN>  Keychain domain to operate on [default: user] [possible values: user, system, common, dynamic]
-  -v, --verbose...       Increase logging verbosity. Can be specified multiple times.
+  -v, --verbose...       Increase logging verbosity. Can be specified multiple times
   -h, --help             Print help
 
 ```
diff --git a/apple-codesign/tests/cmd/notary-log.trycmd b/apple-codesign/tests/cmd/notary-log.trycmd
@@ -9,7 +9,7 @@ Arguments:
 
 Options:
       --api-key-path <API_KEY_PATH>  Path to a JSON file containing the API Key
-  -v, --verbose...                   Increase logging verbosity. Can be specified multiple times.
+  -v, --verbose...                   Increase logging verbosity. Can be specified multiple times
       --api-issuer <API_ISSUER>      App Store Connect Issuer ID (likely a UUID)
       --api-key <API_KEY>            App Store Connect API Key ID
   -h, --help                         Print help

diff --git a/apple-codesign/tests/cmd/notary-submit.trycmd b/apple-codesign/tests/cmd/notary-submit.trycmd
@@ -56,7 +56,7 @@ Arguments:
 
 Options:
   -v, --verbose...
-          Increase logging verbosity. Can be specified multiple times.
+          Increase logging verbosity. Can be specified multiple times
 
       --wait
           Whether to wait for upload processing to complete

diff --git a/apple-codesign/tests/cmd/notary-wait.trycmd b/apple-codesign/tests/cmd/notary-wait.trycmd
@@ -11,7 +11,7 @@ Options:
       --max-wait-seconds <MAX_WAIT_SECONDS>
           Maximum time in seconds to wait for the upload result [default: 600]
   -v, --verbose...
-          Increase logging verbosity. Can be specified multiple times.
+          Increase logging verbosity. Can be specified multiple times
       --api-key-path <API_KEY_PATH>
           Path to a JSON file containing the API Key
       --api-issuer <API_ISSUER>

diff --git a/apple-codesign/tests/cmd/parse-code-signing-requirement.trycmd b/apple-codesign/tests/cmd/parse-code-signing-requirement.trycmd
@@ -33,7 +33,7 @@ Options:
           [possible values: csrl, expression-tree]
 
   -v, --verbose...
-          Increase logging verbosity. Can be specified multiple times.
+          Increase logging verbosity. Can be specified multiple times
 
   -h, --help
           Print help (see a summary with '-h')

diff --git a/apple-codesign/tests/cmd/print-signature-info.trycmd b/apple-codesign/tests/cmd/print-signature-info.trycmd
@@ -8,7 +8,7 @@ Arguments:
   <PATH>  Filesystem path to entity whose info to print
 
 Options:
-  -v, --verbose...  Increase logging verbosity. Can be specified multiple times.
+  -v, --verbose...  Increase logging verbosity. Can be specified multiple times
   -h, --help        Print help
 
 ```
diff --git a/apple-codesign/tests/cmd/remote-sign.trycmd b/apple-codesign/tests/cmd/remote-sign.trycmd
@@ -11,7 +11,7 @@ Options:
       --editor
           Open an editor to input the session join string
   -v, --verbose...
-          Increase logging verbosity. Can be specified multiple times.
+          Increase logging verbosity. Can be specified multiple times
       --sjs-path <SESSION_JOIN_STRING_PATH>
           Path to file containing session join string
       --smartcard-slot <SMARTCARD_SLOT>

diff --git a/apple-codesign/tests/cmd/sign.trycmd b/apple-codesign/tests/cmd/sign.trycmd
@@ -221,7 +221,7 @@ Options:
           Identifier string for binary. The value normally used by CFBundleIdentifier
 
   -v, --verbose...
-          Increase logging verbosity. Can be specified multiple times.
+          Increase logging verbosity. Can be specified multiple times
 
       --code-requirements-path <CODE_REQUIREMENTS_PATH>
           Path to a file containing binary code requirements data to be used as designated requirements

diff --git a/apple-codesign/tests/cmd/smartcard-generate-key.trycmd b/apple-codesign/tests/cmd/smartcard-generate-key.trycmd
@@ -8,7 +8,7 @@ Options:
       --smartcard-slot <SMARTCARD_SLOT>
           Smartcard slot number to store key in (9c is common)
   -v, --verbose...
-          Increase logging verbosity. Can be specified multiple times.
+          Increase logging verbosity. Can be specified multiple times
       --touch-policy <TOUCH_POLICY>
           Smartcard touch policy to protect key access [default: default] [possible values: default, always, never, cached]
       --pin-policy <PIN_POLICY>

diff --git a/apple-codesign/tests/cmd/smartcard-import.trycmd b/apple-codesign/tests/cmd/smartcard-import.trycmd
@@ -8,7 +8,7 @@ Options:
       --existing-key
           Re-use the existing private key in the smartcard slot
   -v, --verbose...
-          Increase logging verbosity. Can be specified multiple times.
+          Increase logging verbosity. Can be specified multiple times
       --dry-run
           Don't actually perform the import
       --smartcard-slot <SMARTCARD_SLOT>

diff --git a/apple-codesign/tests/cmd/smartcard-scan.trycmd b/apple-codesign/tests/cmd/smartcard-scan.trycmd
@@ -5,7 +5,7 @@ Show information about available smartcard (SC) devices
 Usage: rcodesign[EXE] smartcard-scan [OPTIONS]
 
 Options:
-  -v, --verbose...  Increase logging verbosity. Can be specified multiple times.
+  -v, --verbose...  Increase logging verbosity. Can be specified multiple times
   -h, --help        Print help
 
 ```
diff --git a/apple-codesign/tests/cmd/staple.trycmd b/apple-codesign/tests/cmd/staple.trycmd
@@ -8,7 +8,7 @@ Arguments:
   <PATH>  Path to entity to attempt to staple
 
 Options:
-  -v, --verbose...  Increase logging verbosity. Can be specified multiple times.
+  -v, --verbose...  Increase logging verbosity. Can be specified multiple times
   -h, --help        Print help
 
 ```
diff --git a/apple-codesign/tests/cmd/verify.trycmd b/apple-codesign/tests/cmd/verify.trycmd
@@ -8,7 +8,7 @@ Arguments:
   <PATH>  Path of Mach-O binary to examine
 
 Options:
-  -v, --verbose...  Increase logging verbosity. Can be specified multiple times.
+  -v, --verbose...  Increase logging verbosity. Can be specified multiple times
   -h, --help        Print help
 
 ```