Move sget -key to --key, support but warn on -key. (#724)

* Move sget -key to --key * Migrate ffcli flags to POSIX with a warning message. Signed-off-by: Scott Nichols <[email protected]>
sigstore · Sep 20, 2021 · 96d39a9 · 96d39a9
1 parent acba596
commit 96d39a9
Show file tree

Hide file tree

Showing 3 changed files with 25 additions and 4 deletions.
diff --git a/README.md b/README.md
@@ -234,7 +234,7 @@ Fetching contents without verifying them is dangerous, so we require the artifac
 $ sget gcr.io/dlorenc-vmtest2/artifact
 error: public key must be specified when fetching by tag, you must fetch by digest or supply a public key
 
-$ sget -key cosign.pub us.gcr.io/dlorenc-vmtest2/readme > foo
+$ sget --key cosign.pub us.gcr.io/dlorenc-vmtest2/readme > foo
 
 Verification for us.gcr.io/dlorenc-vmtest2/readme --
 The following checks were performed on each of these signatures:

diff --git a/cmd/sget/main.go b/cmd/sget/main.go
@@ -16,12 +16,33 @@
 package main
 
 import (
+	"fmt"
 	"log"
+	"os"
+	"strings"
 
 	"github.com/sigstore/cosign/cmd/sget/cli"
 )
 
 func main() {
+	// Fix up flags to POSIX standard flags.
+	for i, arg := range os.Args {
+		if (strings.HasPrefix(arg, "-") && len(arg) == 2) || (strings.HasPrefix(arg, "--") && len(arg) >= 4) {
+			continue
+		}
+		if strings.HasPrefix(arg, "--") && len(arg) == 3 {
+			// Handle --o, convert to -o
+			newArg := fmt.Sprintf("-%c", arg[2])
+			fmt.Fprintf(os.Stderr, "WARNING: the flag %s is deprecated and will be removed in a future release. Please use the flag %s.\n", arg, newArg)
+			os.Args[i] = newArg
+		} else if strings.HasPrefix(arg, "-") {
+			// Handle -output, convert to --output
+			newArg := fmt.Sprintf("-%s", arg)
+			fmt.Fprintf(os.Stderr, "WARNING: the flag %s is deprecated and will be removed in a future release. Please use the flag %s.\n", arg, newArg)
+			os.Args[i] = newArg
+		}
+	}
+
 	if err := cli.New().Execute(); err != nil {
 		log.Fatalf("error during command execution: %v", err)
 	}

diff --git a/test/e2e_test_secrets.sh b/test/e2e_test_secrets.sh
@@ -124,11 +124,11 @@ dgst=$(./cosign upload blob -f randomblob ${blobimg})
 ./cosign verify -key ${verification_key} ${dgst} # For sanity
 
 # sget w/ signature verification should work via tag or digest
-./sget -key ${verification_key} -o verified_randomblob_from_digest $dgst
-./sget -key ${verification_key} -o verified_randomblob_from_tag $blobimg
+./sget --key ${verification_key} -o verified_randomblob_from_digest $dgst
+./sget --key ${verification_key} -o verified_randomblob_from_tag $blobimg
 
 # sget w/o signature verification should only work for ref by digest
-./sget -key ${verification_key} -o randomblob_from_digest $dgst
+./sget --key ${verification_key} -o randomblob_from_digest $dgst
 if (./sget -o randomblob_from_tag $blobimg); then false; fi
 
 # clean up a bit