diff --git a/site/src/content/docs/commands/zarf_package_create.md b/site/src/content/docs/commands/zarf_package_create.md index 892e740323..fca2149f69 100644 --- a/site/src/content/docs/commands/zarf_package_create.md +++ b/site/src/content/docs/commands/zarf_package_create.md @@ -34,8 +34,8 @@ zarf package create [ DIRECTORY ] [flags] -s, --sbom View SBOM contents after creating the package --sbom-out string Specify an output directory for the SBOMs from the created Zarf package --set stringToString Specify package variables to set on the command line (KEY=value) (default []) - --signing-key string Path to private key file for signing packages - --signing-key-pass string Password to the private key file used for signing packages + --signing-key string Private key for signing packages. Accepts either a local file path or a Cosign-supported key provider + --signing-key-pass string Password to the private key used for signing packages --skip-sbom Skip generating SBOM for this package ``` diff --git a/site/src/content/docs/commands/zarf_package_publish.md b/site/src/content/docs/commands/zarf_package_publish.md index 705ea1b0ab..5acf197ab9 100644 --- a/site/src/content/docs/commands/zarf_package_publish.md +++ b/site/src/content/docs/commands/zarf_package_publish.md @@ -29,9 +29,10 @@ $ zarf package publish ./path/to/dir oci://my-registry.com/my-namespace ### Options ``` + --confirm Confirms package publish without prompting. Skips prompt for the signing key password -h, --help help for publish - --signing-key string Path to a private key file for signing or re-signing packages with a new key - --signing-key-pass string Password to the private key file used for publishing packages + --signing-key string Private key for signing or re-signing packages with a new key. Accepts either a local file path or a Cosign-supported key provider + --signing-key-pass string Password to the private key used for publishing packages --skip-signature-validation Skip validating the signature of the Zarf package ``` diff --git a/src/cmd/package.go b/src/cmd/package.go index 5d52b8bbec..9f044c3673 100644 --- a/src/cmd/package.go +++ b/src/cmd/package.go @@ -549,6 +549,7 @@ func NewPackagePublishCommand(v *viper.Viper) *cobra.Command { cmd.Flags().StringVar(&pkgConfig.PublishOpts.SigningKeyPath, "signing-key", v.GetString(common.VPkgPublishSigningKey), lang.CmdPackagePublishFlagSigningKey) cmd.Flags().StringVar(&pkgConfig.PublishOpts.SigningKeyPassword, "signing-key-pass", v.GetString(common.VPkgPublishSigningKeyPassword), lang.CmdPackagePublishFlagSigningKeyPassword) cmd.Flags().BoolVar(&pkgConfig.PkgOpts.SkipSignatureValidation, "skip-signature-validation", false, lang.CmdPackageFlagSkipSignatureValidation) + cmd.Flags().BoolVar(&config.CommonOptions.Confirm, "confirm", false, lang.CmdPackagePublishFlagConfirm) return cmd } diff --git a/src/config/lang/english.go b/src/config/lang/english.go index 2d848a6c1a..5bf02cbeb3 100644 --- a/src/config/lang/english.go +++ b/src/config/lang/english.go @@ -259,8 +259,8 @@ $ zarf package mirror-resources \ CmdPackageCreateFlagSbomOut = "Specify an output directory for the SBOMs from the created Zarf package" CmdPackageCreateFlagSkipSbom = "Skip generating SBOM for this package" CmdPackageCreateFlagMaxPackageSize = "Specify the maximum size of the package in megabytes, packages larger than this will be split into multiple parts to be loaded onto smaller media (i.e. DVDs). Use 0 to disable splitting." - CmdPackageCreateFlagSigningKey = "Path to private key file for signing packages" - CmdPackageCreateFlagSigningKeyPassword = "Password to the private key file used for signing packages" + CmdPackageCreateFlagSigningKey = "Private key for signing packages. Accepts either a local file path or a Cosign-supported key provider" + CmdPackageCreateFlagSigningKeyPassword = "Password to the private key used for signing packages" CmdPackageCreateFlagDeprecatedKey = "[Deprecated] Path to private key file for signing packages (use --signing-key instead)" CmdPackageCreateFlagDeprecatedKeyPassword = "[Deprecated] Password to the private key file used for signing packages (use --signing-key-pass instead)" CmdPackageCreateFlagDifferential = "[beta] Build a package that only contains the differential changes from local resources and differing remote resources from the specified previously built package" @@ -298,8 +298,9 @@ $ zarf package publish my-package.tar oci://my-registry.com/my-namespace # Publish a skeleton package to a remote registry $ zarf package publish ./path/to/dir oci://my-registry.com/my-namespace ` - CmdPackagePublishFlagSigningKey = "Path to a private key file for signing or re-signing packages with a new key" - CmdPackagePublishFlagSigningKeyPassword = "Password to the private key file used for publishing packages" + CmdPackagePublishFlagSigningKey = "Private key for signing or re-signing packages with a new key. Accepts either a local file path or a Cosign-supported key provider" + CmdPackagePublishFlagSigningKeyPassword = "Password to the private key used for publishing packages" + CmdPackagePublishFlagConfirm = "Confirms package publish without prompting. Skips prompt for the signing key password" CmdPackagePullShort = "Pulls a Zarf package from a remote registry and save to the local file system" CmdPackagePullExample = `