Moved global flag variables to the global scope. Refactored some functions interfaces and removed passing global flags.

ca.go

@@ -271,7 +271,7 @@ func parseValidity(validity string) (time.Duration, error) {
 	}
 }
 
-func SavePEM(filename string, data []byte, secure bool, overwrite bool) error {
+func SavePEM(filename string, data []byte, secure bool) error {
 	if !overwrite {
 		if _, err := os.Stat(filename); err == nil {
 			return fmt.Errorf("file %s already exists (overwrite not allowed)", filename)
@@ -321,7 +321,7 @@ func (c *_CAConfig) Validate() error {
 	return nil
 }
 
-func InitCA(overwrite bool) error {
+func InitCA() error {
 
 	var err error
 
@@ -409,11 +409,11 @@ func InitCA(overwrite bool) error {
 	certPEM := pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: certDER})
 	keyPEM := pem.EncodeToMemory(&pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(priv)})
 
-	if err := SavePEM(filepath.Join(CAConfig.Paths.Certificates, "ca_cert.pem"), certPEM, false, overwrite); err != nil {
+	if err := SavePEM(filepath.Join(CAConfig.Paths.Certificates, "ca_cert.pem"), certPEM, false); err != nil {
 		fmt.Println("Error saving CA certificate:", err)
 		return err
 	}
-	if err := SavePEM(filepath.Join(CAConfig.Paths.PrivateKeys, "ca_key.pem"), keyPEM, true, overwrite); err != nil {
+	if err := SavePEM(filepath.Join(CAConfig.Paths.PrivateKeys, "ca_key.pem"), keyPEM, true); err != nil {
 		fmt.Println("Error saving CA key:", err)
 		return err
 	}
@@ -433,7 +433,7 @@ func InitCA(overwrite bool) error {
 }
 
 // Helper: issue a single certificate and key, save to files, return error if any
-func issueSingleCertificate(def CertificateDefinition, overwrite, verbose bool) error {
+func issueSingleCertificate(def CertificateDefinition) error {
 	// Validate Name
 
 	isValidName, err := regexp.MatchString(`^[A-Za-z0-9_-]+$`, def.Name)
@@ -536,10 +536,10 @@ func issueSingleCertificate(def CertificateDefinition, overwrite, verbose bool)
 	}
 	certFile := filepath.Join(CAConfig.Paths.Certificates, basename+".crt.pem")
 	keyFile := filepath.Join(CAConfig.Paths.PrivateKeys, basename+".key.pem")
-	if err := SavePEM(certFile, certPEM, false, overwrite); err != nil {
+	if err := SavePEM(certFile, certPEM, false); err != nil {
 		return fmt.Errorf("error saving certificate: %v", err)
 	}
-	if err := SavePEM(keyFile, keyPEM, true, overwrite); err != nil {
+	if err := SavePEM(keyFile, keyPEM, true); err != nil {
 		return fmt.Errorf("error saving key: %v", err)
 	}
 	if verbose {
@@ -622,7 +622,7 @@ func ProvisionCertificates(filePath string, overwrite bool, dryRun bool, verbose
 			continue
 		}
 
-		err = issueSingleCertificate(certDefs.Certificates[i], overwrite, verbose)
+		err = issueSingleCertificate(certDefs.Certificates[i])
 		if err != nil {
 			fmt.Printf("error: %v\n", err)
 			errors++
@@ -664,7 +664,7 @@ func IssueCertificate(certDef CertificateDefinition, overwrite bool, dryRun bool
 		return nil
 	}
 
-	err = issueSingleCertificate(certDef, overwrite, verbose)
+	err = issueSingleCertificate(certDef)
 
 	if err != nil {
 		return err

main.go

@@ -9,22 +9,31 @@ import (
 
 var Version = "dev"
 
+// Global flags available to all commands
+var overwrite bool
+var dryRun bool
+var verbose bool
+
 func main() {
 
-	var overwrite bool
+	// issue command flags
+	var name string
 	var subject string
 	var certType string
 	var validity string
 	var san []string
-	var name string
+
-	var dryRun bool
+	// provision command flags
-	var verbose bool
+	var provisionFile string
+
+	// crl command flags
 	var crlFile string
 	var crlValidityDays int
+
+	// revoke command flags
 	var revokeName string
 	var revokeSerial string
 	var revokeReasonStr string
-	var provisionFile string
 
 	var rootCmd = &cobra.Command{
 		Use:   "lab-ca",
@@ -46,7 +55,7 @@ func main() {
 		Use:   "initca",
 		Short: "Generate a new CA certificate and key",
 		Run: func(cmd *cobra.Command, args []string) {
-			InitCA(overwrite)
+			InitCA()
 		},
 	}
 	rootCmd.AddCommand(initCmd)