search

openziti / ziti

The parent project for OpenZiti. Here you will find the executables for a fully zero trust, application embedded, programmable network @OpenZiti
https://openziti.io
Apache License 2.0
2.82k stars 159 forks source link

CLI should use default PKI root #1152

Open qrkourier opened 1 year ago

qrkourier commented 1 year ago

ziti pki always prompts to confirm it should use the default PKI root when --pki-root is not set. It should just use the default PKI root, not prompt.

dovholuknf commented 1 year ago

The problem is there's no "default PKI root". We could use "." but that feels wrong. I'd say the only answer to this is "set ZITI_PKI_ROOT before calling ziti pki create"

qrkourier commented 1 year ago

By "default PKI root" path I mean the path that ziti CLI computes and suggests when --pki-root or ZITI_PKI_ROOT are not specified.

For example, this default path is computed when I run ziti CLI on Linux: ~/.config/ziti/environments/pki. Ziti should use this default path automatically instead of prompting for an override of the default value.

$ ziti pki create ca --ca-name magenta --ca-file magenta
? Required flag 'pki-root' not specified; Enter PKI Root now: (/home/kbingham/.config/ziti/environments/pki)