From e22c84cc9088c68e9ac9cec26002777eb6495f4b Mon Sep 17 00:00:00 2001 From: Oliver Gould Date: Fri, 29 Mar 2019 00:22:18 +0000 Subject: [PATCH] Split issuer flags into a separate flagset so they're not recorded --- cli/cmd/install.go | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/cli/cmd/install.go b/cli/cmd/install.go index 5b965aadeb462..2a382799932cb 100644 --- a/cli/cmd/install.go +++ b/cli/cmd/install.go @@ -197,6 +197,7 @@ func newInstallIdentityOptionsWithDefaults() *installIdentityOptions { func newCmdInstall() *cobra.Command { options := newInstallOptionsWithDefaults() flags := options.flagSet(pflag.ExitOnError) + cmd := &cobra.Command{ Use: "install [flags]", Short: "Output Kubernetes configs to install Linkerd", @@ -213,6 +214,10 @@ func newCmdInstall() *cobra.Command { } cmd.PersistentFlags().AddFlagSet(flags) + + // Issuer flags are currently only supported on the initial install. + cmd.PersistentFlags().AddFlagSet(options.issuerFlagSet(pflag.ExitOnError)) + return cmd } @@ -245,6 +250,17 @@ func (options *installOptions) flagSet(e pflag.ErrorHandling) *pflag.FlagSet { &options.disableH2Upgrade, "disable-h2-upgrade", options.disableH2Upgrade, "Prevents the controller from instructing proxies to perform transparent HTTP/2 upgrading (default false)", ) + flags.DurationVar( + &options.identityOptions.issuanceLifetime, "identity-issuance-lifetime", options.identityOptions.issuanceLifetime, + "The amount of time for which the Identity issuer should certify identity", + ) + + return flags +} + +func (options *installOptions) issuerFlagSet(e pflag.ErrorHandling) *pflag.FlagSet { + flags := pflag.NewFlagSet("issuer", e) + flags.StringVar( &options.identityOptions.trustDomain, "identity-trust-domain", options.identityOptions.trustDomain, "Configures the name suffix used for identities.",