dice-mfg: Allow passing most parameters through the environment.

Clap doesn't yet support an easy derive mechanism for adding a prefix to the environment variable names: clap-rs/clap#3221. If we run into any conflicts / issues we can prefix these manually.
oxidecomputer · Nov 10, 2022 · 3a5d62c · 3a5d62c
1 parent f400b72
commit 3a5d62c
Showing 1 changed file with 13 additions and 13 deletions.
diff --git a/dice-mfg/src/main.rs b/dice-mfg/src/main.rs
@@ -26,7 +26,7 @@ struct Args {
     command: Command,
 
     /// verbosity
-    #[clap(long)]
+    #[clap(long, env)]
     verbose: bool,
 }
 
@@ -44,38 +44,38 @@ enum Command {
     },
     Manufacture {
         /// Path to openssl.cnf file used for signing operation.
-        #[clap(long)]
+        #[clap(long, env)]
         openssl_cnf: PathBuf,
 
         /// CA section from openssl.cnf used for signing operation.
         /// If omitted default from openssl.cnf is used.
-        #[clap(long)]
+        #[clap(long, env)]
         ca_section: Option<String>,
 
         /// x509 v3 extension section from openssl.cnf used for signing operation.
         /// If omitted default from openssl.cnf is used.
-        #[clap(long)]
+        #[clap(long, env)]
         v3_section: Option<String>,
 
         /// engine section from openssl.cnf used for signing operation.
         /// If omitted openssl will fall back to files.
-        #[clap(long)]
+        #[clap(long, env)]
         engine_section: Option<String>,
 
         /// Maximum number of retries in liveness test.
         #[clap(long, default_value = "10")]
         max_retry: u8,
 
         /// Path to intermediate cert sent to manufactured system.
-        #[clap(long)]
+        #[clap(long, env)]
         intermediate_cert: PathBuf,
 
         /// Platform serial number
-        #[clap(value_parser = validate_sn)]
+        #[clap(value_parser = validate_sn, env)]
         serial_number: SerialNumber,
 
         /// Don't use yubikey for private key operations.
-        #[clap(long)]
+        #[clap(long, env)]
         no_yubi: bool,
     },
     Ping,
@@ -98,30 +98,30 @@ enum Command {
         cert_out: PathBuf,
 
         /// Path to openssl.cnf file used for signing operation.
-        #[clap(long)]
+        #[clap(long, env)]
         openssl_cnf: PathBuf,
 
         /// CA section from openssl.cnf used for signing operation.
         /// If omitted default from openssl.cnf is used.
-        #[clap(long)]
+        #[clap(long, env)]
         ca_section: Option<String>,
 
         /// x509 v3 extension section from openssl.cnf used for signing operation.
         /// If omitted default from openssl.cnf is used.
-        #[clap(long)]
+        #[clap(long, env)]
         v3_section: Option<String>,
 
         /// engine section from openssl.cnf used for signing operation.
         /// If omitted openssl will fall back to files.
-        #[clap(long)]
+        #[clap(long, env)]
         engine_section: Option<String>,
 
         /// Path to input CSR file.
         #[clap(long)]
         csr_in: PathBuf,
 
         /// Don't use yubikey for private key operations.
-        #[clap(long)]
+        #[clap(long, env)]
         no_yubi: bool,
     },
 }