From 96345c65cea1c5801bd3263532fc71fffd29fa0d Mon Sep 17 00:00:00 2001 From: Miguel Ortega Date: Thu, 12 Feb 2026 11:26:02 +0100 Subject: [PATCH 1/2] feat(config): read flags from env vars automatically --- docker/entrypoint.sh | 7 +------ main.go | 4 +--- 2 files changed, 2 insertions(+), 9 deletions(-) diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh index 0c14d2a..26ba233 100644 --- a/docker/entrypoint.sh +++ b/docker/entrypoint.sh @@ -59,13 +59,8 @@ fi args=() [[ -n "$CURRENT_KEYSTORE" ]] && args+=("-keystorePath" "$CURRENT_KEYSTORE") +# legacy support: KEYSTORE_PASS is the new env vars mapped automatically [[ -n "$STORE_PASS" ]] && args+=("-keystorePassword" "$STORE_PASS") -[[ -n "$OUTPUT_FILE" ]] && args+=("-outputFile" "$OUTPUT_FILE") -[[ -n "$OUTPUT_FORMAT" ]] && args+=("-outputFormat" "$OUTPUT_FORMAT") -[[ -n "$DID_TYPE" ]] && args+=("-didType" "$DID_TYPE") -[[ -n "$KEY_TYPE" ]] && args+=("-keyType" "$KEY_TYPE") -[[ -n "$HOST_URL" ]] && args+=("-hostUrl" "$HOST_URL") -[[ -n "$CERT_URL" ]] && args+=("-certUrl" "$CERT_URL") if [[ "${RUN_SERVER:-}" == "true" ]]; then args+=("-server=true") diff --git a/main.go b/main.go index 89a11ca..d4ed0e7 100644 --- a/main.go +++ b/main.go @@ -24,7 +24,7 @@ func main() { var resultingDid string var err error - filler := flagsfiller.New() + filler := flagsfiller.New(flagsfiller.WithEnv("")) err = filler.Fill(flag.CommandLine, &cfg) if err != nil { zap.L().Sugar().Fatal("error reading config. error %s", err) @@ -108,5 +108,3 @@ func main() { fmt.Println("Output: ", string(fileContent)) } } - - From fd7427ab30b91a6820cb32500356c68672a9aad2 Mon Sep 17 00:00:00 2001 From: Miguel Ortega Date: Thu, 12 Feb 2026 11:26:23 +0100 Subject: [PATCH 2/2] update readme with new env vars and config options --- README.md | 47 +++++++++++++++++++++++++++-------------------- 1 file changed, 27 insertions(+), 20 deletions(-) diff --git a/README.md b/README.md index 0207ee8..adbca94 100644 --- a/README.md +++ b/README.md @@ -21,23 +21,26 @@ The container can be configured, using the following environment-variables: | Var | Description | Values |Default | |-----|-------------|---|----------| -| KEY_TYPE_TO_GENERATE | Type of the key to be generated. RSA is only supported for did:jwk | "EC", "ED-25519" or "RSA" | "EC" | -| STORE_PASS | Password to be used for the keystore | string | "myPassword" | -| KEY_ALIAS | Alias for the key inside the keystore | string | "myAlias" | +| KEYSTORE_PATH | Path to the keystore to be read. | string | +| KEYSTORE_PASSWORD | Deprecated: Password to be used for the keystore | string | "myPassword" | +| STORE_PASS | Deprecated: Password to be used for the keystore | string | "myPassword" | +| CERT_PATH | Path to the PEM certificate | string | +| KEY_PATH | Path to the key PEM certificate | string | | OUTPUT_FORMAT | Output format for the did result file. | "json", "env", "json_jwk" | "json" | +| OUTPUT_FILE | File to write the did, format depends on the requested format. Will not write the file if empty. | string | "/cert/did.json" | | DID_TYPE | Type of the did to generate. | "key", "jwk" or "web" | "key" | | KEY_TYPE | Type of the key provided. | "P-256", "P-384" or "ED-25519" | "P-256" | -| OUTPUT_FILE | File to write the did, format depends on the requested format. Will not write the file if empty. | string | "/cert/did.json" | | HOST_URL | Base URL where the DID document will be located, excluding 'did.json'. (e.g., https://example.com/alice for https://example.com/alice/did.json). Required for did:web | | | CERT_URL | URL to retrieve the public certificate | string | `HOST_URL` + `/.well-known/tls.crt` | RUN_SERVER | Run a server with /did.json and /.well-known/tls.crt endpoints | false -| SERVER_PORT | Server port | 8080 +| SERVER_PORT | Server port | 8080 | +| KEY_TYPE_TO_GENERATE | Type of the key to be generated. RSA is only supported for did:jwk | "EC", "ED-25519" or "RSA" | "EC" | +| KEY_ALIAS | Alias for the key inside the keystore | string | "myAlias" | | COUNTRY | Country to be set for the created certificate. | string | "DE" | | STATE | State to be set for the created certificate. | string | "Saxony" | | LOCALITY | Locality to be set for the created certificate. | string | "Dresden" | | ORGANIZATION | Organization to be set for the created certificate. | string | "M&P Operations Inc." | | COMMON_NAME | Common name to be set for the created certificate. | string | "www.mp-operations.org" | -| KEYSTORE_PATH | Path to the keystore | string | ### Executable @@ -101,24 +104,28 @@ The helper supports the following parameters: ```shell Usage of ./did-helper: + -certPath string + Path to the PEM certificate. (env CERT_PATH) + -certUrl string + URL to retrieve the public certificate. Defaults to 'hostUrl' + /.well-known/tls.crt (env CERT_URL) -didType string - Type of the did to generate. did:key, did:jwk and did:web are supported. (default "key") - -keyType - Type of the did-key to be created. Supported ED-25519, P-256, P-384. (default "P-256") + Type of the DID to generate. did:key and did:jwk are supported. (env DID_TYPE) (default "key") + -hostUrl string + Base URL where the DID document will be located, excluding 'did.json'. (env HOST_URL) + -keyPath string + Path to the key PEM certificate. (env KEY_PATH) + -keyType string + Type of the DID key to be created. Supported: ED-25519, P-256, P-384. (env KEY_TYPE) (default "P-256") -keystorePassword string - Password for the keystore. + Password for the keystore. (env KEYSTORE_PASSWORD) -keystorePath string - Path to the keystore to be read. + Path to the keystore to be read. (env KEYSTORE_PATH) -outputFile string - File to write the did, format depends on the requested format. Will not write the file if empty. + File to write the DID; will not write if empty. (env OUTPUT_FILE) -outputFormat string - Output format for the did result file. Can be json or env. (default "json") - -hostUrl - Base URL where the DID document will be located, excluding 'did.json'. (e.g., https://example.com/alice for https://example.com/alice/did.json) - -certUrl - URL to retrieve the public certificate. Default is 'hostUrl' + /.well-known/. tls.crt + Output format for the DID result file. Can be json, env or json_jwk. (env OUTPUT_FORMAT) (default "json") + -port int + Server port. Default 8080. (env SERVER_PORT) (default 8080) -server - Run a server with /did.json and /.well-known/tls.crt endpoints under hostUrl path (e.g. hostUrl=https://test.com/did -> /did/did.json and /did/.well-known/tls.crt) - -port - Server port. (default 8080) + Run a server with /did.json and /.well-known/tls.crt endpoints. (env RUN_SERVER) ```