def Args(parser): flags.AddLocationFlag(parser, 'certificates', '--issuer-location') concept_parsers.ConceptParser( [ presentation_specs.ResourcePresentationSpec( '--issuer', resource_args.CreateCertificateAuthorityResourceSpec( 'CERTIFICATE_AUTHORITY'), 'The issuing Certificate Authority.', required=False, flag_name_overrides={'location': ''}) ], command_level_fallthroughs={ '--issuer.location': ['--issuer-location'] }).AddToParser(parser) base.PAGE_SIZE_FLAG.SetDefault(parser, 100) parser.display_info.AddFormat(""" table( name.basename(), name.scope().segment(-3):label=ISSUER, name.scope().segment(-5):label=LOCATION, revocation_details.yesno(yes="REVOKED", no="ACTIVE"):label=REVOCATION_STATUS, certificate_description.subject_description.not_before_time():label=NOT_BEFORE, certificate_description.subject_description.not_after_time():label=NOT_AFTER) """) parser.display_info.AddTransforms({ 'not_before_time': text_utils.TransformNotBeforeTime, 'not_after_time': text_utils.TransformNotAfterTime })
def Args(parser): id_group = parser.add_group(mutex=True, required=True, help='The certificate identifier.') base.Argument( '--serial-number', help='The serial number of the certificate.').AddToParser(id_group) concept_parsers.ConceptParser([ presentation_specs.ResourcePresentationSpec( '--certificate', resource_args.CreateCertificateResourceSpec('certificate'), 'The certificate to revoke.', flag_name_overrides={ 'issuer': '', 'issuer-location': '', 'project': '', }, group=id_group), presentation_specs.ResourcePresentationSpec( '--issuer', resource_args.CreateCertificateAuthorityResourceSpec( 'Issuing CA', 'issuer', 'issuer-location'), 'The issuing certificate authority of the certificate to revoke.', required=False), ]).AddToParser(parser) flags.AddRevocationReasonFlag(parser)
def Args(parser): concept_parsers.ConceptParser([ presentation_specs.ResourcePresentationSpec( '--issuer', resource_args.CreateCertificateAuthorityResourceSpec( 'CERTIFICATE_AUTHORITY', ca_id_fallthroughs=[ deps.Fallthrough( function=lambda: '-', hint=('defaults to all Certificate Authorities in the ' 'given location'), active=False, plural=False) ]), 'The issuing Certificate Authority. If this is omitted, ' 'Certificates issued by all Certificate Authorities in the given ' 'location will be listed.', required=True), ]).AddToParser(parser) base.PAGE_SIZE_FLAG.SetDefault(parser, 100) parser.display_info.AddFormat(""" table( name.basename(), name.scope().segment(-3):label=ISSUER, name.scope().segment(-5):label=LOCATION, revocation_details.yesno(yes="REVOKED", no="ACTIVE"):label=REVOCATION_STATUS, certificate_description.subject_description.not_before_time():label=NOT_BEFORE, certificate_description.subject_description.not_after_time():label=NOT_AFTER) """) parser.display_info.AddTransforms({ 'not_before_time': text_utils.TransformNotBeforeTime, 'not_after_time': text_utils.TransformNotAfterTime })
def Args(parser): id_group = parser.add_group(mutex=True, required=True, help='The certificate identifier.') serial_num_group = id_group.add_group( help='The serial number and certificate authority resource.', required=False) serial_num_group.add_argument( '--serial-number', help='The serial number of the certificate.', required=True) concept_parsers.ConceptParser([ presentation_specs.ResourcePresentationSpec( '--certificate', resource_args.CreateCertificateResourceSpec('CERTIFICATE'), 'The certificate to revoke.', required=False, prefixes=True, group=id_group), presentation_specs.ResourcePresentationSpec( '--issuer', resource_args.CreateCertificateAuthorityResourceSpec( 'CERTIFICATE_AUTHORITY', 'issuer', 'issuer-location'), 'The issuing certificate authority of the certificate to revoke.', required=False, group=serial_num_group), ]).AddToParser(parser) flags.AddRevocationReasonFlag(parser)
def _AddCaResourceArg(self, required=False, prefixes=True): concept_parsers.ConceptParser([ presentation_specs.ResourcePresentationSpec( '--issuer', resource_args.CreateCertificateAuthorityResourceSpec('Issuer'), 'Issuing CA', prefixes=prefixes, required=required) ]).AddToParser(self.parser)
def Args(parser): reusable_config_group = parser.add_group( mutex=True, required=False, help='The X.509 configuration used for the CA certificate.') concept_parsers.ConceptParser([ presentation_specs.ResourcePresentationSpec( 'CERTIFICATE_AUTHORITY', privateca_resource_args.CreateCertificateAuthorityResourceSpec( 'Certificate Authority'), 'The name of the root CA to create.', required=True, # We'll get these from the KMS key resource. flag_name_overrides={ 'location': '', 'project': '', }), presentation_specs.ResourcePresentationSpec( '--kms-key-version', kms_resource_args.GetKmsKeyVersionResourceSpec(), 'The KMS key version backing this CA.', required=True), presentation_specs.ResourcePresentationSpec( '--reusable-config', privateca_resource_args.CreateReusableConfigResourceSpec( location_fallthrough=deps.Fallthrough( function=lambda: '', hint=('location will default to the same location as ' 'the CA'), active=False, plural=False)), 'The Reusable Config containing X.509 values for this CA.', flag_name_overrides={ 'location': '', 'project': '', }, group=reusable_config_group) ]).AddToParser(parser) flags.AddSubjectFlags(parser, subject_required=True) flags.AddPublishCaCertFlag(parser, use_update_help_text=False) flags.AddPublishCrlFlag(parser, use_update_help_text=False) flags.AddInlineReusableConfigFlags(reusable_config_group, is_ca=True) flags.AddValidityFlag(parser, resource_name='CA', default_value='P10Y', default_value_text='10 years') flags.AddCertificateAuthorityIssuancePolicyFlag(parser) labels_util.AddCreateLabelsFlags(parser)
def Args(parser): key_spec_group = parser.add_group( mutex=True, help= 'The key configuration used for the CA certificate. Defaults to a ' 'managed key if not specified.') reusable_config_group = parser.add_group( mutex=True, required=False, help='The X.509 configuration used for the CA certificate.') issuer_configuration_group = parser.add_group( mutex=True, required=True, help='The issuer configuration used for this CA certificate.') concept_parsers.ConceptParser([ presentation_specs.ResourcePresentationSpec( 'CERTIFICATE_AUTHORITY', resource_args.CreateCertificateAuthorityResourceSpec( 'Certificate Authority'), 'The name of the subordinate CA to create.', required=True), presentation_specs.ResourcePresentationSpec( '--issuer', resource_args.CreateCertificateAuthorityResourceSpec('Issuer'), 'The issuing certificate authority to use, if it is on Private CA.', prefixes=True, group=issuer_configuration_group), presentation_specs.ResourcePresentationSpec( '--kms-key-version', resource_args.CreateKmsKeyVersionResourceSpec(), 'The KMS key version backing this CA.', group=key_spec_group), presentation_specs.ResourcePresentationSpec( '--reusable-config', resource_args. CreateReusableConfigResourceSpec(location_fallthroughs=[ deps.Fallthrough( function=lambda: '', hint=( 'location will default to the same location as the ' 'CA'), active=False, plural=False) ]), 'The Reusable Config containing X.509 values for this CA.', flag_name_overrides={ 'location': '', 'project': '', }, group=reusable_config_group), presentation_specs.ResourcePresentationSpec( '--from-ca', resource_args.CreateCertificateAuthorityResourceSpec( 'source CA'), 'An existing CA from which to copy configuration values for the ' 'new CA. You can still override any of those values by explicitly ' 'providing the appropriate flags.', flag_name_overrides={'project': '--from-ca-project'}, prefixes=True) ]).AddToParser(parser) flags.AddTierFlag(parser) flags.AddSubjectFlags(parser, subject_required=False) flags.AddPublishCaCertFlag(parser, use_update_help_text=False) flags.AddPublishCrlFlag(parser, use_update_help_text=False) flags.AddKeyAlgorithmFlag(key_spec_group, default='rsa-pkcs1-2048-sha256') flags.AddInlineReusableConfigFlags(reusable_config_group, is_ca=True) flags.AddValidityFlag(parser, resource_name='CA', default_value='P3Y', default_value_text='3 years') flags.AddCertificateAuthorityIssuancePolicyFlag(parser) labels_util.AddCreateLabelsFlags(parser) flags.AddBucketFlag(parser) offline_issuer_group = issuer_configuration_group.add_group(help=( 'If the issuing CA is not hosted on Private CA, you must provide ' 'these settings:')) base.Argument( '--create-csr', help= ('Indicates that a CSR should be generated which can be signed by ' 'the issuing CA. This must be set if --issuer is not provided.'), action='store_const', const=True, default=False, required=True).AddToParser(offline_issuer_group) base.Argument( '--csr-output-file', help=( 'The path where the resulting PEM-encoded CSR file should be ' 'written.'), required=True).AddToParser(offline_issuer_group)
def Args(parser): reusable_config_group = parser.add_group( mutex=True, required=False, help='The X.509 configuration used for the CA certificate.') issuer_configuration_group = parser.add_group( mutex=True, required=True, help='The issuer configuration used for this CA certificate.') concept_parsers.ConceptParser([ presentation_specs.ResourcePresentationSpec( 'CERTIFICATE_AUTHORITY', privateca_resource_args.CreateCertificateAuthorityResourceSpec( 'Certificate Authority'), 'The name of the subordinate CA to create.', required=True, # We'll get these from the KMS key resource. flag_name_overrides={ 'location': '', 'project': '', }), presentation_specs.ResourcePresentationSpec( '--issuer', privateca_resource_args.CreateCertificateAuthorityResourceSpec( 'Issuer'), 'The issuing certificate authority to use, if it is on Private CA.', prefixes=True, group=issuer_configuration_group), presentation_specs.ResourcePresentationSpec( '--kms-key-version', kms_resource_args.GetKmsKeyVersionResourceSpec(), 'The KMS key version backing this CA.', required=True), presentation_specs.ResourcePresentationSpec( '--reusable-config', privateca_resource_args.CreateReusableConfigResourceSpec( location_fallthrough=deps.Fallthrough( function=lambda: '', hint=( 'location will default to the same location as the ' 'CA'), active=False, plural=False)), 'The Reusable Config containing X.509 values for this CA.', flag_name_overrides={ 'location': '', 'project': '', }, group=reusable_config_group) ]).AddToParser(parser) flags.AddSubjectFlags(parser, subject_required=True) flags.AddPublishCaCertFlag(parser, use_update_help_text=False) flags.AddPublishCrlFlag(parser, use_update_help_text=False) flags.AddInlineReusableConfigFlags(reusable_config_group, is_ca=True) flags.AddValidityFlag(parser, resource_name='CA', default_value='P10Y', default_value_text='10 years') flags.AddCertificateAuthorityIssuancePolicyFlag(parser) labels_util.AddCreateLabelsFlags(parser) offline_issuer_group = issuer_configuration_group.add_group(help=( 'If the issuing CA is not hosted on Private CA, you must provide ' 'these settings:')) base.Argument( '--create-csr', help= ('Indicates that a CSR should be generated which can be signed by ' 'the issuing CA. This must be set if --issuer is not provided.'), action='store_const', const=True, default=False, required=True).AddToParser(offline_issuer_group) base.Argument( '--csr-output-file', help=( 'The path where the resulting PEM-encoded CSR file should be ' 'written.'), required=True).AddToParser(offline_issuer_group)
def Args(parser): key_spec_group = parser.add_group( mutex=True, help='The key configuration used for the CA certificate. Defaults to a ' 'managed key if not specified.') reusable_config_group = parser.add_group( mutex=True, required=False, help='The X.509 configuration used for the CA certificate.') concept_parsers.ConceptParser([ presentation_specs.ResourcePresentationSpec( 'CERTIFICATE_AUTHORITY', resource_args.CreateCertificateAuthorityResourceSpec( 'Certificate Authority'), 'The name of the root CA to create.', required=True), presentation_specs.ResourcePresentationSpec( '--kms-key-version', resource_args.CreateKmsKeyVersionResourceSpec(), 'An existing KMS key version to back this CA.', group=key_spec_group), presentation_specs.ResourcePresentationSpec( '--reusable-config', resource_args.CreateReusableConfigResourceSpec( location_fallthroughs=[ deps.Fallthrough( function=lambda: '', hint=('location will default to the same location as ' 'the CA'), active=False, plural=False) ]), 'The Reusable Config containing X.509 values for this CA.', flag_name_overrides={ 'location': '', 'project': '', }, group=reusable_config_group), presentation_specs.ResourcePresentationSpec( '--from-ca', resource_args.CreateCertificateAuthorityResourceSpec('source CA'), 'An existing CA from which to copy configuration values for the new CA. ' 'You can still override any of those values by explicitly providing ' 'the appropriate flags.', flag_name_overrides={'project': '--from-ca-project'}, prefixes=True) ]).AddToParser(parser) flags.AddSubjectFlags(parser, subject_required=False) flags.AddKeyAlgorithmFlag(key_spec_group, default='rsa-pkcs1-4096-sha256') flags.AddValidityFlag( parser, resource_name='CA', default_value='P10Y', default_value_text='10 years') labels_util.AddCreateLabelsFlags(parser) flags.AddBucketFlag(parser) flags.AddTierFlag(parser) flags.AddPublishCaCertFlag(parser, use_update_help_text=False) flags.AddPublishCrlFlag(parser, use_update_help_text=False) flags.AddCertificateAuthorityIssuancePolicyFlag(parser) flags.AddInlineReusableConfigFlags( reusable_config_group, is_ca_command=True, default_max_chain_length=None)