ref: Change underscore to hypens for identityd flags.
Note this will require a change to the identity config file on the
vanadium.staging and vanadium.production instances, before pushing
new binaries after these CLs are submitted.
Change-Id: I6500ea5f9fa4592b0557aebde754b9f4a9c845bc
MultiPart: 1/3
diff --git a/cmd/servicerunner/main.go b/cmd/servicerunner/main.go
index a04cc1c..3df6a21 100644
--- a/cmd/servicerunner/main.go
+++ b/cmd/servicerunner/main.go
@@ -127,7 +127,7 @@
panicOnError(err)
panicOnError(updateVars(h, vars, "WSPR_ADDR"))
- h, err = sh.Start(identityd.TestIdentitydCommand, nil, "--v23.tcp.protocol=ws", "--v23.tcp.address=127.0.0.1:0", "--v23.proxy=test/proxy", "--httpaddr=localhost:0")
+ h, err = sh.Start(identityd.TestIdentitydCommand, nil, "--v23.tcp.protocol=ws", "--v23.tcp.address=127.0.0.1:0", "--v23.proxy=test/proxy", "--http-addr=localhost:0")
panicOnError(err)
panicOnError(updateVars(h, vars, "TEST_IDENTITYD_NAME", "TEST_IDENTITYD_HTTP_ADDR"))
diff --git a/services/identity/identityd/identityd_v23_test.go b/services/identity/identityd/identityd_v23_test.go
index 923d72a..36e9b28 100644
--- a/services/identity/identityd/identityd_v23_test.go
+++ b/services/identity/identityd/identityd_v23_test.go
@@ -20,11 +20,11 @@
const urlRE = "^(https://.*)$"
-func seekBlessings(i *v23tests.T, principal *v23tests.Binary, httpaddr string) {
+func seekBlessings(i *v23tests.T, principal *v23tests.Binary, httpAddr string) {
args := []string{
"seekblessings",
"--browser=false",
- fmt.Sprintf("--from=%s/auth/google", httpaddr),
+ fmt.Sprintf("--from=%s/auth/google", httpAddr),
"-v=3",
}
inv := principal.Start(args...)
@@ -75,19 +75,19 @@
i.Fatal(err)
}
identityd = identityd.WithStartOpts(identityd.StartOpts().WithCustomCredentials(creds))
- httpaddr := identityd.Start(
+ httpAddr := identityd.Start(
"-v23.tcp.address=127.0.0.1:0",
- "-httpaddr=127.0.0.1:0").ExpectVar("HTTP_ADDR")
+ "-http-addr=127.0.0.1:0").ExpectVar("HTTP_ADDR")
// Use the principal tool to seekblessings.
// This tool will not run with any credentials: Its whole purpose is to "seek" them!
principal := i.BuildGoPkg("v.io/x/ref/cmd/principal")
// Test an initial seekblessings call.
- seekBlessings(i, principal, httpaddr)
+ seekBlessings(i, principal, httpAddr)
// Test that a subsequent call succeeds with the same
// credentials. This means that the blessings and principal from the
// first call works correctly.
// TODO(ashankar): Does anyone recall what was the intent here? Running
// the tool twice doesn't seem to help?
- seekBlessings(i, principal, httpaddr)
+ seekBlessings(i, principal, httpAddr)
}
diff --git a/services/identity/identityd/main.go b/services/identity/identityd/main.go
index 5f14b6d..5b9f07c 100644
--- a/services/identity/identityd/main.go
+++ b/services/identity/identityd/main.go
@@ -29,21 +29,21 @@
var (
// Configuration for various Google OAuth-based clients.
- googleConfigWeb = flag.String("google_config_web", "", "Path to JSON-encoded OAuth client configuration for the web application that renders the audit log for blessings provided by this provider.")
- googleConfigChrome = flag.String("google_config_chrome", "", "Path to the JSON-encoded OAuth client configuration for Chrome browser applications that obtain blessings from this server (via the OAuthBlesser.BlessUsingAccessToken RPC) from this server.")
- googleConfigAndroid = flag.String("google_config_android", "", "Path to the JSON-encoded OAuth client configuration for Android applications that obtain blessings from this server (via the OAuthBlesser.BlessUsingAccessToken RPC) from this server.")
+ googleConfigWeb = flag.String("google-config-web", "", "Path to JSON-encoded OAuth client configuration for the web application that renders the audit log for blessings provided by this provider.")
+ googleConfigChrome = flag.String("google-config-chrome", "", "Path to the JSON-encoded OAuth client configuration for Chrome browser applications that obtain blessings from this server (via the OAuthBlesser.BlessUsingAccessToken RPC) from this server.")
+ googleConfigAndroid = flag.String("google-config-android", "", "Path to the JSON-encoded OAuth client configuration for Android applications that obtain blessings from this server (via the OAuthBlesser.BlessUsingAccessToken RPC) from this server.")
emailClassifier util.EmailClassifier
// Flags controlling the HTTP server
- externalHttpAddr = flag.String("externalhttpaddr", "", "External address on which the HTTP server listens on. If none is provided the server will only listen on -httpaddr.")
- httpaddr = flag.String("httpaddr", "localhost:8125", "Address on which the HTTP server listens on.")
- tlsconfig = flag.String("tlsconfig", "", "Comma-separated list of TLS certificate and private key files, in that order. This must be provided.")
- assetsprefix = flag.String("assetsprefix", "", "host serving the web assets for the identity server")
- mountPrefix = flag.String("mountprefix", "identity", "mount name prefix to use. May be rooted.")
+ externalHttpAddr = flag.String("external-http-addr", "", "External address on which the HTTP server listens on. If none is provided the server will only listen on -http-addr.")
+ httpAddr = flag.String("http-addr", "localhost:8125", "Address on which the HTTP server listens on.")
+ tlsConfig = flag.String("tls-config", "", "Comma-separated list of TLS certificate and private key files, in that order. This must be provided.")
+ assetsPrefix = flag.String("assets-prefix", "", "host serving the web assets for the identity server")
+ mountPrefix = flag.String("mount-prefix", "identity", "mount name prefix to use. May be rooted.")
)
func main() {
- flag.Var(&emailClassifier, "email_classifier", "A comma-separated list of <domain>=<prefix> pairs. For example 'google.com=internal,v.io=trusted'. When specified, then the blessings generated for email address of <domain> will use the extension <prefix>/<email> instead of the default extension of users/<email>.")
+ flag.Var(&emailClassifier, "email-classifier", "A comma-separated list of <domain>=<prefix> pairs. For example 'google.com=internal,v.io=trusted'. When specified, then the blessings generated for email address of <domain> will use the extension <prefix>/<email> instead of the default extension of users/<email>.")
flag.Usage = usage
ctx, shutdown := v23.Init()
defer shutdown()
@@ -78,11 +78,11 @@
reader,
revocationManager,
googleOAuthBlesserParams(googleoauth, revocationManager),
- caveats.NewBrowserCaveatSelector(*assetsprefix),
+ caveats.NewBrowserCaveatSelector(*assetsPrefix),
&emailClassifier,
- *assetsprefix,
+ *assetsPrefix,
*mountPrefix)
- s.Serve(ctx, &listenSpec, *externalHttpAddr, *httpaddr, *tlsconfig)
+ s.Serve(ctx, &listenSpec, *externalHttpAddr, *httpAddr, *tlsConfig)
}
func usage() {
@@ -91,7 +91,7 @@
To generate TLS certificates so the HTTP server can use SSL:
go run $(go list -f {{.Dir}} "crypto/tls")/generate_cert.go --host <IP address>
-To use Google as an OAuth provider the --google_config_* flags must be set to point to
+To use Google as an OAuth provider the --google-config-* flags must be set to point to
the a JSON file obtained after registering the application with the Google Developer Console
at https://cloud.google.com/console
diff --git a/services/identity/identityd/sql.go b/services/identity/identityd/sql.go
index f99879c..b01e47a 100644
--- a/services/identity/identityd/sql.go
+++ b/services/identity/identityd/sql.go
@@ -17,7 +17,7 @@
)
// Flag controlling auditing and revocation of Blessing operations.
-var sqlConf = flag.String("sqlconfig", "", `Path to file containing a json object of the following form:
+var sqlConf = flag.String("sql-config", "", `Path to file containing a json object of the following form:
{
"dataSourceName": "[username[:password]@][protocol[(address)]]/dbname", (the connection string required by go-sql-driver)
"tlsServerName": "serverName", (the domain name of the sql server for ssl)
diff --git a/services/identity/identityd_test/main.go b/services/identity/identityd_test/main.go
index 0e58ec9..9fc860d 100644
--- a/services/identity/identityd_test/main.go
+++ b/services/identity/identityd_test/main.go
@@ -27,11 +27,11 @@
var (
// Flags controlling the HTTP server
- externalHttpAddr = flag.String("externalhttpaddr", "", "External address on which the HTTP server listens on. If none is provided the server will only listen on -httpaddr.")
- httpAddr = flag.String("httpaddr", "localhost:0", "Address on which the HTTP server listens on.")
- tlsconfig = flag.String("tlsconfig", "", "Comma-separated list of TLS certificate and private key files, in that order. This must be provided.")
- assetsprefix = flag.String("assetsprefix", "", "host serving the web assets for the identity server")
- mountPrefix = flag.String("mountprefix", "identity", "mount name prefix to use. May be rooted.")
+ externalHttpAddr = flag.String("external-http-addr", "", "External address on which the HTTP server listens on. If none is provided the server will only listen on -http-addr.")
+ httpAddr = flag.String("http-addr", "localhost:0", "Address on which the HTTP server listens on.")
+ tlsConfig = flag.String("tls-config", "", "Comma-separated list of TLS certificate and private key files, in that order. This must be provided.")
+ assetsPrefix = flag.String("assets-prefix", "", "host serving the web assets for the identity server")
+ mountPrefix = flag.String("mount-prefix", "identity", "mount name prefix to use. May be rooted.")
)
func main() {
@@ -41,8 +41,8 @@
// Duration to use for tls cert and blessing duration.
duration := 365 * 24 * time.Hour
- // If no tlsconfig has been provided, write and use our own.
- if flag.Lookup("tlsconfig").Value.String() == "" {
+ // If no tlsConfig has been provided, write and use our own.
+ if flag.Lookup("tls-config").Value.String() == "" {
addr := *externalHttpAddr
if *externalHttpAddr == "" {
addr = *httpAddr
@@ -55,7 +55,7 @@
if err != nil {
vlog.Fatal(err)
}
- if err := flag.Set("tlsconfig", certFile+","+keyFile); err != nil {
+ if err := flag.Set("tls-config", certFile+","+keyFile); err != nil {
vlog.Fatal(err)
}
}
@@ -82,9 +82,9 @@
params,
caveats.NewMockCaveatSelector(),
nil,
- *assetsprefix,
+ *assetsPrefix,
*mountPrefix)
- s.Serve(ctx, &listenSpec, *externalHttpAddr, *httpAddr, *tlsconfig)
+ s.Serve(ctx, &listenSpec, *externalHttpAddr, *httpAddr, *tlsConfig)
}
func usage() {
diff --git a/services/identity/internal/server/identityd.go b/services/identity/internal/server/identityd.go
index 1a8c130..089a765 100644
--- a/services/identity/internal/server/identityd.go
+++ b/services/identity/internal/server/identityd.go
@@ -108,21 +108,21 @@
return 0, nil
}
-func (s *IdentityServer) Serve(ctx *context.T, listenSpec *rpc.ListenSpec, externalHttpAddr, httpaddr, tlsconfig string) {
+func (s *IdentityServer) Serve(ctx *context.T, listenSpec *rpc.ListenSpec, externalHttpAddr, httpAddr, tlsConfig string) {
ctx, err := v23.SetPrincipal(ctx, audit.NewPrincipal(
v23.GetPrincipal(ctx), s.auditor))
if err != nil {
vlog.Panic(err)
}
- httphost, httpport, err := net.SplitHostPort(httpaddr)
+ httphost, httpport, err := net.SplitHostPort(httpAddr)
if err != nil || httpport == "0" {
httpportNum, err := findUnusedPort()
if err != nil {
vlog.Panic(err)
}
- httpaddr = net.JoinHostPort(httphost, strconv.Itoa(httpportNum))
+ httpAddr = net.JoinHostPort(httphost, strconv.Itoa(httpportNum))
}
- rpcServer, _, externalAddr := s.Listen(ctx, listenSpec, externalHttpAddr, httpaddr, tlsconfig)
+ rpcServer, _, externalAddr := s.Listen(ctx, listenSpec, externalHttpAddr, httpAddr, tlsConfig)
fmt.Printf("HTTP_ADDR=%s\n", externalAddr)
if len(s.rootedObjectAddrs) > 0 {
fmt.Printf("NAME=%s\n", s.rootedObjectAddrs[0].Name())
@@ -133,7 +133,7 @@
}
}
-func (s *IdentityServer) Listen(ctx *context.T, listenSpec *rpc.ListenSpec, externalHttpAddr, httpaddr, tlsconfig string) (rpc.Server, []string, string) {
+func (s *IdentityServer) Listen(ctx *context.T, listenSpec *rpc.ListenSpec, externalHttpAddr, httpAddr, tlsConfig string) (rpc.Server, []string, string) {
// Setup handlers
// json-encoded public key and blessing names of this server
@@ -150,7 +150,7 @@
vlog.Fatalf("Failed to setup vanadium services for blessing: %v", err)
}
- externalHttpAddr = httpaddress(externalHttpAddr, httpaddr)
+ externalHttpAddr = httpAddress(externalHttpAddr, httpAddr)
n := "/auth/google/"
h, err := oauth.NewHandler(oauth.HandlerArgs{
@@ -196,7 +196,7 @@
}
})
vlog.Infof("Running HTTP server at: %v", externalHttpAddr)
- go runHTTPSServer(httpaddr, tlsconfig)
+ go runHTTPSServer(httpAddr, tlsConfig)
return rpcServer, published, externalHttpAddr
}
@@ -272,13 +272,13 @@
return inputParams
}
-func runHTTPSServer(addr, tlsconfig string) {
- if len(tlsconfig) == 0 {
- vlog.Fatal("Please set the --tlsconfig flag")
+func runHTTPSServer(addr, tlsConfig string) {
+ if len(tlsConfig) == 0 {
+ vlog.Fatal("Please set the --tls-config flag")
}
- paths := strings.Split(tlsconfig, ",")
+ paths := strings.Split(tlsConfig, ",")
if len(paths) != 2 {
- vlog.Fatalf("Could not parse --tlsconfig. Must have exactly two components, separated by a comma")
+ vlog.Fatalf("Could not parse --tls-config. Must have exactly two components, separated by a comma")
}
vlog.Infof("Starting HTTP server with TLS using certificate [%s] and private key [%s] at https://%s", paths[0], paths[1], addr)
if err := http.ListenAndServeTLS(addr, paths[0], paths[1], nil); err != nil {
@@ -286,10 +286,10 @@
}
}
-func httpaddress(externalHttpAddr, httpaddr string) string {
+func httpAddress(externalHttpAddr, httpAddr string) string {
// If an externalHttpAddr is provided use that.
if externalHttpAddr != "" {
- httpaddr = externalHttpAddr
+ httpAddr = externalHttpAddr
}
- return fmt.Sprintf("https://%v", httpaddr)
+ return fmt.Sprintf("https://%v", httpAddr)
}
diff --git a/services/identity/modules/test_identityd.go b/services/identity/modules/test_identityd.go
index d8309b1..724445a 100644
--- a/services/identity/modules/test_identityd.go
+++ b/services/identity/modules/test_identityd.go
@@ -25,9 +25,9 @@
)
var (
- externalHttpAddr = flag.String("externalhttpaddr", "", "External address on which the HTTP server listens on. If none is provided the server will only listen on -httpaddr.")
- httpAddr = flag.CommandLine.String("httpaddr", "localhost:0", "Address on which the HTTP server listens on.")
- tlsconfig = flag.CommandLine.String("tlsconfig", "", "Comma-separated list of TLS certificate and private key files. This must be provided.")
+ externalHttpAddr = flag.String("external-http-addr", "", "External address on which the HTTP server listens on. If none is provided the server will only listen on -http-addr.")
+ httpAddr = flag.CommandLine.String("http-addr", "localhost:0", "Address on which the HTTP server listens on.")
+ tlsConfig = flag.CommandLine.String("tls-config", "", "Comma-separated list of TLS certificate and private key files. This must be provided.")
)
const (
@@ -45,8 +45,8 @@
ctx, shutdown := v23.Init()
defer shutdown()
- // If no tlsconfig has been provided, generate new cert and key and use them.
- if flag.CommandLine.Lookup("tlsconfig").Value.String() == "" {
+ // If no tls-config has been provided, generate new cert and key and use them.
+ if flag.CommandLine.Lookup("tls-config").Value.String() == "" {
addr := *externalHttpAddr
if *externalHttpAddr == "" {
addr = *httpAddr
@@ -59,19 +59,19 @@
if err != nil {
return fmt.Errorf("Could not write cert and key: %v", err)
}
- if err := flag.CommandLine.Set("tlsconfig", certFile+","+keyFile); err != nil {
- return fmt.Errorf("Could not set tlsconfig: %v", err)
+ if err := flag.CommandLine.Set("tls-config", certFile+","+keyFile); err != nil {
+ return fmt.Errorf("Could not set tls-config: %v", err)
}
}
- // Pick a free port if httpaddr flag is not set.
+ // Pick a free port if http-addr flag is not set.
// We can't use :0 here, because the identity server calls
// http.ListenAndServeTLS, which blocks, leaving us with no way to tell
// what port the server is running on. Hence, we must pass in an
// actual port so we know where the server is running.
- if flag.CommandLine.Lookup("httpaddr").Value.String() == flag.CommandLine.Lookup("httpaddr").DefValue {
- if err := flag.CommandLine.Set("httpaddr", "localhost:"+freePort()); err != nil {
- return fmt.Errorf("Could not set httpaddr: %v", err)
+ if flag.CommandLine.Lookup("http-addr").Value.String() == flag.CommandLine.Lookup("http-addr").DefValue {
+ if err := flag.CommandLine.Set("http-addr", "localhost:"+freePort()); err != nil {
+ return fmt.Errorf("Could not set http-addr: %v", err)
}
}
@@ -98,7 +98,7 @@
l := v23.GetListenSpec(ctx)
- _, eps, externalHttpAddress := s.Listen(ctx, &l, *externalHttpAddr, *httpAddr, *tlsconfig)
+ _, eps, externalHttpAddress := s.Listen(ctx, &l, *externalHttpAddr, *httpAddr, *tlsConfig)
fmt.Fprintf(stdout, "TEST_IDENTITYD_NAME=%s\n", eps[0])
fmt.Fprintf(stdout, "TEST_IDENTITYD_HTTP_ADDR=%s\n", externalHttpAddress)
