Make sign input argument an option

Making the sign input file as an "--in" option makes more sense considering we added an "--out" option in the previous commits. Signed-off-by: Martin Vrachev <[email protected]>
repository-service-tuf · Jun 7, 2024 · c7591dc · c7591dc
1 parent b7d2bda
commit c7591dc
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 15 deletions.
diff --git a/repository_service_tuf/cli/admin/sign.py b/repository_service_tuf/cli/admin/sign.py
@@ -66,37 +66,42 @@ def _get_pending_roles(settings: Any) -> Dict[str, Dict[str, Any]]:
 
 
 @metadata.command()  # type: ignore
+@click.option(
+    "--in",
+    "input",
+    help=(
+        "Input ile containing the JSON response from the "
+        "'GET /api/v1/metadata/sign' RSTUF API endpoint."
+    ),
+    type=click.File("r"),
+    required=False,
+)
 @click.option(
     "--out",
     is_flag=False,
     flag_value=DEFAULT_PATH,
     help=f"Write output json result to FILENAME (default: '{DEFAULT_PATH}')",
     type=click.File("w"),
-)
-@click.argument(
-    "signing_json_input_file",
     required=False,
-    type=click.File("rb"),
 )
 @click.pass_context
 def sign(
     context: click.Context,
+    input: Optional[click.File],
     out: Optional[click.File],
-    signing_json_input_file: Optional[click.File],
 ) -> None:
     """Add one signature to root metadata."""
     console.print("\n", Markdown("# Metadata Signing Tool"))
     settings = context.obj["settings"]
-    if settings.get("SERVER") is None and signing_json_input_file is None:
+    if settings.get("SERVER") is None and input is None:
         raise click.ClickException(
-            "Either '--api-sever'/'SERVER' in RSTUF config or "
-            "'SIGNING_JSON_INPUT_FILE' must be set"
+            "Either '--api-sever'/'SERVER' in RSTUF config or '--in' needed"
         )
     ###########################################################################
     # Load roots
     pending_roles: Dict[str, Dict[str, Any]]
-    if signing_json_input_file:
-        pending_roles = _parse_pending_data(json.load(signing_json_input_file))  # type: ignore  # noqa
+    if input:
+        pending_roles = _parse_pending_data(json.load(input))  # type: ignore
     else:
         pending_roles = _get_pending_roles(settings)
 

diff --git a/tests/unit/cli/admin/test_sign.py b/tests/unit/cli/admin/test_sign.py
@@ -136,15 +136,15 @@ def test_sign_bootstap_root(self, patch_getpass):
             )
         ]
 
-    def test_sign_local_file_input_and_custom_out(
+    def test_sign_input_option_and_custom_out(
         self, client, test_context, patch_getpass
     ):
         inputs = [
             "1",  # Please enter signing key index
             f"{_PEMS / 'JH.ed25519'}",  # Please enter path to encrypted private key  # noqa
         ]
 
-        args = [f"{_PAYLOADS / 'sign_pending_roles.json'}"]
+        args = ["--in", f"{_PAYLOADS / 'sign_pending_roles.json'}"]
         custom_path = "custom_sign_path.json"
         with client.isolated_filesystem():
             result = client.invoke(
@@ -167,7 +167,7 @@ def test_sign_local_file_input_and_custom_out(
         assert result.data["signature"]["sig"] == expected["sig"]
         assert f"Saved result to '{custom_path}'" in result.stdout
 
-    def test_sign_with_file_input_and_api_server_set(self, patch_getpass):
+    def test_sign_with_input_option_and_api_server_set(self, patch_getpass):
         inputs = [
             "1",  # Please enter signing key index
             f"{_PEMS / 'JH.ed25519'}",  # Please enter path to encrypted private key  # noqa
@@ -176,7 +176,7 @@ def test_sign_with_file_input_and_api_server_set(self, patch_getpass):
         sign.task_status = pretend.call_recorder(lambda *a: "OK")
         sign_input_path = f"{_PAYLOADS / 'sign_pending_roles.json'}"
         api_server = "http://localhost:80"
-        args = ["--api-server", api_server, sign_input_path]
+        args = ["--api-server", api_server, "--in", sign_input_path]
         result = invoke_command(sign.sign, inputs, args)
 
         expected = {
@@ -210,7 +210,7 @@ def test_sign_with_file_input_and_api_server_set(self, patch_getpass):
             )
         ]
 
-    def test_sign_no_api_server_and_no_file_input(self):
+    def test_sign_no_api_server_and_no_input_option(self):
         result = invoke_command(sign.sign, [], [], std_err_empty=False)
 
         assert "Either '--api-sever'/'SERVER'" in result.stderr