diff --git a/.github/workflows/verify-docgen.yaml b/.github/workflows/verify-docgen.yaml index 226499cc454e..f5f7fd63aac8 100644 --- a/.github/workflows/verify-docgen.yaml +++ b/.github/workflows/verify-docgen.yaml @@ -27,6 +27,8 @@ jobs: runs-on: ubuntu-latest steps: + - name: deps + run: sudo apt-get update && sudo apt-get install -yq libpcsclite-dev - uses: actions/checkout@v2 - uses: actions/setup-go@v2 with: diff --git a/cmd/cosign/cli/attach.go b/cmd/cosign/cli/attach.go index dd305137ff5c..12757db572c5 100644 --- a/cmd/cosign/cli/attach.go +++ b/cmd/cosign/cli/attach.go @@ -22,7 +22,7 @@ import ( "github.com/sigstore/cosign/cmd/cosign/cli/options" ) -func addAttach(topLevel *cobra.Command) { +func Attach() *cobra.Command { cmd := &cobra.Command{ Use: "attach", Short: "Provides utilities for attaching artifacts to other artifacts in a registry", @@ -33,7 +33,7 @@ func addAttach(topLevel *cobra.Command) { attachSBOM(), ) - topLevel.AddCommand(cmd) + return cmd } func attachSignature() *cobra.Command { diff --git a/cmd/cosign/cli/attest.go b/cmd/cosign/cli/attest.go index 8ca98c4f38db..3c30f00e5f87 100644 --- a/cmd/cosign/cli/attest.go +++ b/cmd/cosign/cli/attest.go @@ -25,7 +25,7 @@ import ( "github.com/sigstore/cosign/cmd/cosign/cli/sign" ) -func addAttest(topLevel *cobra.Command) { +func Attest() *cobra.Command { o := &options.AttestOptions{} cmd := &cobra.Command{ @@ -74,5 +74,5 @@ func addAttest(topLevel *cobra.Command) { }, } o.AddFlags(cmd) - topLevel.AddCommand(cmd) + return cmd } diff --git a/cmd/cosign/cli/clean.go b/cmd/cosign/cli/clean.go index 8ad80f795e1c..bfd35955c35e 100644 --- a/cmd/cosign/cli/clean.go +++ b/cmd/cosign/cli/clean.go @@ -28,7 +28,7 @@ import ( ociremote "github.com/sigstore/cosign/pkg/oci/remote" ) -func addClean(topLevel *cobra.Command) { +func Clean() *cobra.Command { o := &options.RegistryOptions{} cmd := &cobra.Command{ @@ -42,7 +42,7 @@ func addClean(topLevel *cobra.Command) { } o.AddFlags(cmd) - topLevel.AddCommand(cmd) + return cmd } func CleanCmd(ctx context.Context, regOpts options.RegistryOptions, imageRef string) error { diff --git a/cmd/cosign/cli/commands.go b/cmd/cosign/cli/commands.go index c3f09a410495..2b425e10bf40 100644 --- a/cmd/cosign/cli/commands.go +++ b/cmd/cosign/cli/commands.go @@ -58,28 +58,28 @@ func New() *cobra.Command { ro.AddFlags(cmd) // Add sub-commands. - addPublicKey(cmd) - addPolicy(cmd) - addGenerate(cmd) - addSign(cmd) - addSignBlob(cmd) - addGenerateKeyPair(cmd) - addAttest(cmd) - addUpload(cmd) - addDownload(cmd) - addAttach(cmd) - addVerify(cmd) - addVerifyAttestation(cmd) - addVerifyBlob(cmd) - addManifest(cmd) - addDockerfile(cmd) - addCopy(cmd) - addClean(cmd) - addTriangulate(cmd) - addInitialize(cmd) - addPIVTool(cmd) - addVersion(cmd) - addCompletion(cmd) + cmd.AddCommand(Attach()) + cmd.AddCommand(Attest()) + cmd.AddCommand(Clean()) + cmd.AddCommand(Completion()) + cmd.AddCommand(Copy()) + cmd.AddCommand(Dockerfile()) + cmd.AddCommand(Download()) + cmd.AddCommand(Generate()) + cmd.AddCommand(GenerateKeyPair()) + cmd.AddCommand(Initialize()) + cmd.AddCommand(Manifest()) + cmd.AddCommand(PIVTool()) + cmd.AddCommand(Policy()) + cmd.AddCommand(PublicKey()) + cmd.AddCommand(Sign()) + cmd.AddCommand(SignBlob()) + cmd.AddCommand(Upload()) + cmd.AddCommand(Verify()) + cmd.AddCommand(VerifyAttestation()) + cmd.AddCommand(VerifyBlob()) + cmd.AddCommand(Triangulate()) + cmd.AddCommand(Version()) return cmd } diff --git a/cmd/cosign/cli/completion.go b/cmd/cosign/cli/completion.go index 538f45c2f53a..ce371623d767 100644 --- a/cmd/cosign/cli/completion.go +++ b/cmd/cosign/cli/completion.go @@ -21,7 +21,7 @@ import ( "github.com/spf13/cobra" ) -func addCompletion(topLevel *cobra.Command) { +func Completion() *cobra.Command { completionCmd := &cobra.Command{ Use: "completion [bash|zsh|fish|powershell]", Short: "Generate completion script", @@ -67,5 +67,5 @@ PowerShell: }, } - topLevel.AddCommand(completionCmd) + return completionCmd } diff --git a/cmd/cosign/cli/copy.go b/cmd/cosign/cli/copy.go index fd7b0e292dd7..11c395bccbf8 100644 --- a/cmd/cosign/cli/copy.go +++ b/cmd/cosign/cli/copy.go @@ -22,7 +22,7 @@ import ( "github.com/sigstore/cosign/cmd/cosign/cli/options" ) -func addCopy(topLevel *cobra.Command) { +func Copy() *cobra.Command { o := &options.CopyOptions{} cmd := &cobra.Command{ @@ -46,5 +46,5 @@ func addCopy(topLevel *cobra.Command) { } o.AddFlags(cmd) - topLevel.AddCommand(cmd) + return cmd } diff --git a/cmd/cosign/cli/dockerfile.go b/cmd/cosign/cli/dockerfile.go index 9790e31b34f0..8a61bad3541e 100644 --- a/cmd/cosign/cli/dockerfile.go +++ b/cmd/cosign/cli/dockerfile.go @@ -23,7 +23,7 @@ import ( "github.com/sigstore/cosign/cmd/cosign/cli/options" ) -func addDockerfile(topLevel *cobra.Command) { +func Dockerfile() *cobra.Command { cmd := &cobra.Command{ Use: "dockerfile", Short: "Provides utilities for discovering images in and performing operations on Dockerfiles", @@ -33,7 +33,7 @@ func addDockerfile(topLevel *cobra.Command) { dockerfileVerify(), ) - topLevel.AddCommand(cmd) + return cmd } func dockerfileVerify() *cobra.Command { diff --git a/cmd/cosign/cli/download.go b/cmd/cosign/cli/download.go index 9ff021c542eb..b19f53765bc1 100644 --- a/cmd/cosign/cli/download.go +++ b/cmd/cosign/cli/download.go @@ -22,7 +22,7 @@ import ( "github.com/sigstore/cosign/cmd/cosign/cli/options" ) -func addDownload(topLevel *cobra.Command) { +func Download() *cobra.Command { cmd := &cobra.Command{ Use: "download", Short: "Provides utilities for downloading artifacts and attached artifacts in a registry", @@ -33,7 +33,7 @@ func addDownload(topLevel *cobra.Command) { downloadSBOM(), ) - topLevel.AddCommand(cmd) + return cmd } func downloadSignature() *cobra.Command { diff --git a/cmd/cosign/cli/generate.go b/cmd/cosign/cli/generate.go index e52708f07f2a..85a7a78c753a 100644 --- a/cmd/cosign/cli/generate.go +++ b/cmd/cosign/cli/generate.go @@ -22,7 +22,7 @@ import ( "github.com/sigstore/cosign/cmd/cosign/cli/options" ) -func addGenerate(topLevel *cobra.Command) { +func Generate() *cobra.Command { o := &options.GenerateOptions{} cmd := &cobra.Command{ @@ -53,5 +53,5 @@ to sign payloads with your own tooling or algorithms.`, } o.AddFlags(cmd) - topLevel.AddCommand(cmd) + return cmd } diff --git a/cmd/cosign/cli/generate_key_pair.go b/cmd/cosign/cli/generate_key_pair.go index 9b4162d72c32..6366f697bc0b 100644 --- a/cmd/cosign/cli/generate_key_pair.go +++ b/cmd/cosign/cli/generate_key_pair.go @@ -22,7 +22,7 @@ import ( "github.com/sigstore/cosign/cmd/cosign/cli/options" ) -func addGenerateKeyPair(topLevel *cobra.Command) { +func GenerateKeyPair() *cobra.Command { o := &options.GenerateKeyPairOptions{} cmd := &cobra.Command{ @@ -68,5 +68,5 @@ CAVEATS: } o.AddFlags(cmd) - topLevel.AddCommand(cmd) + return cmd } diff --git a/cmd/cosign/cli/initialize.go b/cmd/cosign/cli/initialize.go index cf7b241e04b0..b94b76ba82f9 100644 --- a/cmd/cosign/cli/initialize.go +++ b/cmd/cosign/cli/initialize.go @@ -22,7 +22,7 @@ import ( "github.com/sigstore/cosign/cmd/cosign/cli/options" ) -func addInitialize(topLevel *cobra.Command) { +func Initialize() *cobra.Command { o := &options.InitializeOptions{} cmd := &cobra.Command{ @@ -57,5 +57,5 @@ with Fulcio root CA) are pulled form the trusted metadata.`, } o.AddFlags(cmd) - topLevel.AddCommand(cmd) + return cmd } diff --git a/cmd/cosign/cli/manifest.go b/cmd/cosign/cli/manifest.go index 875cd7b4b6e0..7c662eff8c35 100644 --- a/cmd/cosign/cli/manifest.go +++ b/cmd/cosign/cli/manifest.go @@ -23,7 +23,7 @@ import ( "github.com/sigstore/cosign/cmd/cosign/cli/options" ) -func addManifest(topLevel *cobra.Command) { +func Manifest() *cobra.Command { cmd := &cobra.Command{ Use: "manifest", Short: "Provides utilities for discovering images in and performing operations on Kubernetes manifests", @@ -33,7 +33,7 @@ func addManifest(topLevel *cobra.Command) { manifestVerify(), ) - topLevel.AddCommand(cmd) + return cmd } func manifestVerify() *cobra.Command { diff --git a/cmd/cosign/cli/piv_tool.go b/cmd/cosign/cli/piv_tool.go index 55a88cf422fc..1989fb48ca8d 100644 --- a/cmd/cosign/cli/piv_tool.go +++ b/cmd/cosign/cli/piv_tool.go @@ -28,7 +28,7 @@ import ( var pivToolForce bool -func addPIVTool(topLevel *cobra.Command) { +func PIVTool() *cobra.Command { cmd := &cobra.Command{ Use: "piv-tool", Short: "Provides utilities for managing a hardware token", @@ -49,7 +49,7 @@ func addPIVTool(topLevel *cobra.Command) { cmd.PersistentFlags().BoolVarP(&pivToolForce, "no-input", "f", false, "skip warnings and confirmations") - topLevel.AddCommand(cmd) + return cmd } func pivToolSetManagementKey() *cobra.Command { diff --git a/cmd/cosign/cli/piv_tool_disabled.go b/cmd/cosign/cli/piv_tool_disabled.go index 71ae924c519c..36b31c38476d 100644 --- a/cmd/cosign/cli/piv_tool_disabled.go +++ b/cmd/cosign/cli/piv_tool_disabled.go @@ -21,6 +21,9 @@ import ( "github.com/spf13/cobra" ) -func addPIVTool(_ *cobra.Command) { - // disabled. +func PIVTool() *cobra.Command { + return &cobra.Command{ + Use: "piv-tool", + Short: "This cosign was not built with piv-tool support!", + } } diff --git a/cmd/cosign/cli/policy_init.go b/cmd/cosign/cli/policy_init.go index 5fcc95356104..889363a148cc 100644 --- a/cmd/cosign/cli/policy_init.go +++ b/cmd/cosign/cli/policy_init.go @@ -53,7 +53,7 @@ func rootPath(imageRef string) string { return filepath.Join(imageRef, "root.json") } -func addPolicy(topLevel *cobra.Command) { +func Policy() *cobra.Command { cmd := &cobra.Command{ Use: "policy", Short: "subcommand to manage a keyless policy.", @@ -68,7 +68,7 @@ func addPolicy(topLevel *cobra.Command) { signPolicy(), ) - topLevel.AddCommand(cmd) + return cmd } func initPolicy() *cobra.Command { diff --git a/cmd/cosign/cli/public_key.go b/cmd/cosign/cli/public_key.go index af912e34d6a5..9f2bf8bac502 100644 --- a/cmd/cosign/cli/public_key.go +++ b/cmd/cosign/cli/public_key.go @@ -25,7 +25,7 @@ import ( "github.com/sigstore/cosign/cmd/cosign/cli/publickey" ) -func addPublicKey(topLevel *cobra.Command) { +func PublicKey() *cobra.Command { o := &options.PublicKeyOptions{} cmd := &cobra.Command{ @@ -82,5 +82,5 @@ func addPublicKey(topLevel *cobra.Command) { } o.AddFlags(cmd) - topLevel.AddCommand(cmd) + return cmd } diff --git a/cmd/cosign/cli/sign.go b/cmd/cosign/cli/sign.go index fe038ffd7927..ec62ba432625 100644 --- a/cmd/cosign/cli/sign.go +++ b/cmd/cosign/cli/sign.go @@ -26,7 +26,7 @@ import ( "github.com/sigstore/cosign/cmd/cosign/cli/sign" ) -func addSign(topLevel *cobra.Command) { +func Sign() *cobra.Command { o := &options.SignOptions{} cmd := &cobra.Command{ @@ -99,5 +99,5 @@ func addSign(topLevel *cobra.Command) { } o.AddFlags(cmd) - topLevel.AddCommand(cmd) + return cmd } diff --git a/cmd/cosign/cli/signblob.go b/cmd/cosign/cli/signblob.go index ced46fc97442..54397ca5372c 100644 --- a/cmd/cosign/cli/signblob.go +++ b/cmd/cosign/cli/signblob.go @@ -24,7 +24,7 @@ import ( "github.com/sigstore/cosign/cmd/cosign/cli/sign" ) -func addSignBlob(topLevel *cobra.Command) { +func SignBlob() *cobra.Command { o := &options.SignBlobOptions{} cmd := &cobra.Command{ @@ -82,5 +82,5 @@ func addSignBlob(topLevel *cobra.Command) { } o.AddFlags(cmd) - topLevel.AddCommand(cmd) + return cmd } diff --git a/cmd/cosign/cli/triangulate.go b/cmd/cosign/cli/triangulate.go index 15857275ca5b..b790ec031859 100644 --- a/cmd/cosign/cli/triangulate.go +++ b/cmd/cosign/cli/triangulate.go @@ -24,7 +24,7 @@ import ( "github.com/sigstore/cosign/cmd/cosign/cli/triangulate" ) -func addTriangulate(topLevel *cobra.Command) { +func Triangulate() *cobra.Command { o := &options.TriangulateOptions{} cmd := &cobra.Command{ @@ -40,5 +40,5 @@ func addTriangulate(topLevel *cobra.Command) { } o.AddFlags(cmd) - topLevel.AddCommand(cmd) + return cmd } diff --git a/cmd/cosign/cli/upload.go b/cmd/cosign/cli/upload.go index ddb0d2ca04f2..3c0c362f856c 100644 --- a/cmd/cosign/cli/upload.go +++ b/cmd/cosign/cli/upload.go @@ -24,7 +24,7 @@ import ( "github.com/sigstore/cosign/cmd/cosign/cli/upload" ) -func addUpload(topLevel *cobra.Command) { +func Upload() *cobra.Command { cmd := &cobra.Command{ Use: "upload", Short: "Provides utilities for uploading artifacts to a registry", @@ -35,7 +35,7 @@ func addUpload(topLevel *cobra.Command) { uploadWASM(), ) - topLevel.AddCommand(cmd) + return cmd } func uploadBlob() *cobra.Command { diff --git a/cmd/cosign/cli/verify.go b/cmd/cosign/cli/verify.go index fc8f1a5f855f..ce2280ff2ef5 100644 --- a/cmd/cosign/cli/verify.go +++ b/cmd/cosign/cli/verify.go @@ -24,7 +24,7 @@ import ( "github.com/sigstore/cosign/cmd/cosign/cli/verify" ) -func addVerify(topLevel *cobra.Command) { +func Verify() *cobra.Command { o := &options.VerifyOptions{} cmd := &cobra.Command{ @@ -84,10 +84,10 @@ against the transparency log.`, } o.AddFlags(cmd) - topLevel.AddCommand(cmd) + return cmd } -func addVerifyAttestation(topLevel *cobra.Command) { +func VerifyAttestation() *cobra.Command { o := &options.VerifyAttestationOptions{} cmd := &cobra.Command{ @@ -140,10 +140,10 @@ against the transparency log.`, } o.AddFlags(cmd) - topLevel.AddCommand(cmd) + return cmd } -func addVerifyBlob(topLevel *cobra.Command) { +func VerifyBlob() *cobra.Command { o := &options.VerifyBlobOptions{} cmd := &cobra.Command{ @@ -200,5 +200,5 @@ The blob may be specified as a path to a file or - for stdin.`, } o.AddFlags(cmd) - topLevel.AddCommand(cmd) + return cmd } diff --git a/cmd/cosign/cli/version.go b/cmd/cosign/cli/version.go index 60b4bdb1b7e9..3586c0552646 100644 --- a/cmd/cosign/cli/version.go +++ b/cmd/cosign/cli/version.go @@ -24,7 +24,7 @@ import ( "github.com/sigstore/cosign/cmd/cosign/cli/options" ) -func addVersion(topLevel *cobra.Command) { +func Version() *cobra.Command { var outputJSON bool cmd := &cobra.Command{ @@ -50,5 +50,5 @@ func addVersion(topLevel *cobra.Command) { cmd.Flags().BoolVar(&outputJSON, "json", false, "print JSON instead of text") - topLevel.AddCommand(cmd) + return cmd } diff --git a/cmd/help/verify.sh b/cmd/help/verify.sh index 43fe6f3880cb..148e66f556fa 100755 --- a/cmd/help/verify.sh +++ b/cmd/help/verify.sh @@ -18,8 +18,8 @@ set -e # Verify that generated Markdown docs are up-to-date. tmpdir=$(mktemp -d) -go run cmd/help/main.go --dir "$tmpdir" +go run -tags pivkey,cgo cmd/help/main.go --dir "$tmpdir" echo "###########################################" -echo "If diffs are found, run: go run ./cmd/help/" +echo "If diffs are found, run: go run -tags pivkey,cgo ./cmd/help/" echo "###########################################" diff -Naur "$tmpdir" doc/ diff --git a/doc/cosign.md b/doc/cosign.md index 5d58fdf38045..1dfb3a85b398 100644 --- a/doc/cosign.md +++ b/doc/cosign.md @@ -24,6 +24,7 @@ cosign clean * [cosign generate-key-pair](cosign_generate-key-pair.md) - Generates a key-pair. * [cosign initialize](cosign_initialize.md) - Initializes SigStore root to retrieve trusted certificate and key targets for verification. * [cosign manifest](cosign_manifest.md) - Provides utilities for discovering images in and performing operations on Kubernetes manifests +* [cosign piv-tool](cosign_piv-tool.md) - Provides utilities for managing a hardware token * [cosign policy](cosign_policy.md) - subcommand to manage a keyless policy. * [cosign public-key](cosign_public-key.md) - Gets a public key from the key-pair. * [cosign sign](cosign_sign.md) - Sign the supplied container image. diff --git a/doc/cosign_piv-tool.md b/doc/cosign_piv-tool.md new file mode 100644 index 000000000000..daa662b464f3 --- /dev/null +++ b/doc/cosign_piv-tool.md @@ -0,0 +1,29 @@ +## cosign piv-tool + +Provides utilities for managing a hardware token + +### Options + +``` + -h, --help help for piv-tool + -f, --no-input skip warnings and confirmations +``` + +### Options inherited from parent commands + +``` + --output-file string log output to a file + -d, --verbose log debug output +``` + +### SEE ALSO + +* [cosign](cosign.md) - +* [cosign piv-tool attestation](cosign_piv-tool_attestation.md) - attestation contains commands to manage a hardware token +* [cosign piv-tool generate-key](cosign_piv-tool_generate-key.md) - generate-key generates a new signing key on the hardware token +* [cosign piv-tool reset](cosign_piv-tool_reset.md) - reset resets the hardware token completely +* [cosign piv-tool set-management-key](cosign_piv-tool_set-management-key.md) - sets the management key of a hardware token +* [cosign piv-tool set-pin](cosign_piv-tool_set-pin.md) - sets the PIN on a hardware token +* [cosign piv-tool set-puk](cosign_piv-tool_set-puk.md) - sets the PUK on a hardware token +* [cosign piv-tool unblock](cosign_piv-tool_unblock.md) - unblocks the hardware token, sets a new PIN + diff --git a/doc/cosign_piv-tool_attestation.md b/doc/cosign_piv-tool_attestation.md new file mode 100644 index 000000000000..a0d15466fffb --- /dev/null +++ b/doc/cosign_piv-tool_attestation.md @@ -0,0 +1,28 @@ +## cosign piv-tool attestation + +attestation contains commands to manage a hardware token + +``` +cosign piv-tool attestation [flags] +``` + +### Options + +``` + -h, --help help for attestation + -o, --output string format to output attestation information in. (text|json) (default "text") + --slot string Slot to use for generated key (authentication|signature|card-authentication|key-management) +``` + +### Options inherited from parent commands + +``` + -f, --no-input skip warnings and confirmations + --output-file string log output to a file + -d, --verbose log debug output +``` + +### SEE ALSO + +* [cosign piv-tool](cosign_piv-tool.md) - Provides utilities for managing a hardware token + diff --git a/doc/cosign_piv-tool_generate-key.md b/doc/cosign_piv-tool_generate-key.md new file mode 100644 index 000000000000..ef64257db494 --- /dev/null +++ b/doc/cosign_piv-tool_generate-key.md @@ -0,0 +1,31 @@ +## cosign piv-tool generate-key + +generate-key generates a new signing key on the hardware token + +``` +cosign piv-tool generate-key [flags] +``` + +### Options + +``` + -h, --help help for generate-key + --management-key string management key, uses default if empty + --pin-policy string PIN policy for slot (never|once|always) + --random-management-key if set to true, generates a new random management key and deletes it after + --slot string Slot to use for generated key (authentication|signature|card-authentication|key-management) + --touch-policy string Touch policy for slot (never|always|cached) +``` + +### Options inherited from parent commands + +``` + -f, --no-input skip warnings and confirmations + --output-file string log output to a file + -d, --verbose log debug output +``` + +### SEE ALSO + +* [cosign piv-tool](cosign_piv-tool.md) - Provides utilities for managing a hardware token + diff --git a/doc/cosign_piv-tool_reset.md b/doc/cosign_piv-tool_reset.md new file mode 100644 index 000000000000..50e334de2d07 --- /dev/null +++ b/doc/cosign_piv-tool_reset.md @@ -0,0 +1,26 @@ +## cosign piv-tool reset + +reset resets the hardware token completely + +``` +cosign piv-tool reset [flags] +``` + +### Options + +``` + -h, --help help for reset +``` + +### Options inherited from parent commands + +``` + -f, --no-input skip warnings and confirmations + --output-file string log output to a file + -d, --verbose log debug output +``` + +### SEE ALSO + +* [cosign piv-tool](cosign_piv-tool.md) - Provides utilities for managing a hardware token + diff --git a/doc/cosign_piv-tool_set-management-key.md b/doc/cosign_piv-tool_set-management-key.md new file mode 100644 index 000000000000..6d7dcb81d25e --- /dev/null +++ b/doc/cosign_piv-tool_set-management-key.md @@ -0,0 +1,29 @@ +## cosign piv-tool set-management-key + +sets the management key of a hardware token + +``` +cosign piv-tool set-management-key [flags] +``` + +### Options + +``` + -h, --help help for set-management-key + --new-key string new management key, uses default if empty + --old-key string existing management key, uses default if empty + --random-management-key if set to true, generates a new random management key and deletes it after +``` + +### Options inherited from parent commands + +``` + -f, --no-input skip warnings and confirmations + --output-file string log output to a file + -d, --verbose log debug output +``` + +### SEE ALSO + +* [cosign piv-tool](cosign_piv-tool.md) - Provides utilities for managing a hardware token + diff --git a/doc/cosign_piv-tool_set-pin.md b/doc/cosign_piv-tool_set-pin.md new file mode 100644 index 000000000000..da808a2efacf --- /dev/null +++ b/doc/cosign_piv-tool_set-pin.md @@ -0,0 +1,28 @@ +## cosign piv-tool set-pin + +sets the PIN on a hardware token + +``` +cosign piv-tool set-pin [flags] +``` + +### Options + +``` + -h, --help help for set-pin + --new-pin string new PIN, uses default if empty + --old-pin string existing PIN, uses default if empty +``` + +### Options inherited from parent commands + +``` + -f, --no-input skip warnings and confirmations + --output-file string log output to a file + -d, --verbose log debug output +``` + +### SEE ALSO + +* [cosign piv-tool](cosign_piv-tool.md) - Provides utilities for managing a hardware token + diff --git a/doc/cosign_piv-tool_set-puk.md b/doc/cosign_piv-tool_set-puk.md new file mode 100644 index 000000000000..bece4f5aefe4 --- /dev/null +++ b/doc/cosign_piv-tool_set-puk.md @@ -0,0 +1,28 @@ +## cosign piv-tool set-puk + +sets the PUK on a hardware token + +``` +cosign piv-tool set-puk [flags] +``` + +### Options + +``` + -h, --help help for set-puk + --new-puk string new PUK, uses default if empty + --old-puk string existing PUK, uses default if empty +``` + +### Options inherited from parent commands + +``` + -f, --no-input skip warnings and confirmations + --output-file string log output to a file + -d, --verbose log debug output +``` + +### SEE ALSO + +* [cosign piv-tool](cosign_piv-tool.md) - Provides utilities for managing a hardware token + diff --git a/doc/cosign_piv-tool_unblock.md b/doc/cosign_piv-tool_unblock.md new file mode 100644 index 000000000000..2fe475c56f9f --- /dev/null +++ b/doc/cosign_piv-tool_unblock.md @@ -0,0 +1,28 @@ +## cosign piv-tool unblock + +unblocks the hardware token, sets a new PIN + +``` +cosign piv-tool unblock [flags] +``` + +### Options + +``` + -h, --help help for unblock + --new-PIN string new PIN, uses default if empty + --puk string existing PUK, uses default if empty +``` + +### Options inherited from parent commands + +``` + -f, --no-input skip warnings and confirmations + --output-file string log output to a file + -d, --verbose log debug output +``` + +### SEE ALSO + +* [cosign piv-tool](cosign_piv-tool.md) - Provides utilities for managing a hardware token +