Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
to list certificates that are already enrolled on the current system
Background:
In the Kairos project we need a simple way for our users to enroll custom keys to the firmware. We also need to help them revoke certain keys later. In general, we need a tool that allows them to manage the enrolled keys (list, add, delete).
It was suggested that sbctl could satisfy these (or some of these) requirements. This is a first PR to try this option.
I tried to follow the naming conventions of the other commands to stay consistent but we could discuss a different way to structure this new command to allow us to later add subcommands for other operations (e.g.
sbctl enrolled-keys list
,sbctl enrolled-keys add
etc)I had a look at the integration tests in order to add one for this command but I didn't find a simple way to run them locally and I don't see those running in Github actions either. Let me know if I missed something. If you don't mind me adding testing related changes to this PR, I could try to make those run locally in a streamlined way. We also do integration testing using VMs in Kairos but I'm afraid the testing related changes would be more than what this PR introduces already. Alternatively, I could try to introduce the testing changes to run integration tests in another PR and then get back to this one to consume.
Let us know what you think!
Note: The code in this PR is mostly a copy of what we have already implemented in Kairos: https://github.com/kairos-io/kairos-sdk/pull/103/files