initial commit

This commit is contained in:
2026-02-23 20:06:44 -06:00
parent 0a5a6c6a1d
commit 53104542f7
11 changed files with 5070 additions and 0 deletions
+31
View File
@@ -0,0 +1,31 @@
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.TH ca-certs 8 "ca-certs 0.1.0"
.SH NAME
ca\-certs \- Manage Linux CA trust store sources and extracted bundles (p11\-kit/trust)
.SH SYNOPSIS
\fBca\-certs\fR [\fB\-h\fR|\fB\-\-help\fR] [\fB\-V\fR|\fB\-\-version\fR] <\fIsubcommands\fR>
.SH DESCRIPTION
Manage Linux CA trust store sources and extracted bundles (p11\-kit/trust)
.SH OPTIONS
.TP
\fB\-h\fR, \fB\-\-help\fR
Print help
.TP
\fB\-V\fR, \fB\-\-version\fR
Print version
.SH SUBCOMMANDS
.TP
ca\-certs\-add(8)
Add a PEM CA certificate to trust\-source/anchors and refresh extracted outputs
.TP
ca\-certs\-extract(8)
Regenerate extracted trust bundles (like update\-ca\-trust extract)
.TP
ca\-certs\-certdata(8)
Fetch and parse Mozilla/NSS certdata.txt (no certificate generation yet)
.TP
ca\-certs\-help(8)
Print this message or the help of the given subcommand(s)
.SH VERSION
v0.1.0
+401
View File
@@ -0,0 +1,401 @@
#compdef ca-certs
autoload -U is-at-least
_ca-certs() {
typeset -A opt_args
typeset -a _arguments_options
local ret=1
if is-at-least 5.2; then
_arguments_options=(-s -S -C)
else
_arguments_options=(-s -C)
fi
local context curcontext="$curcontext" state line
_arguments "${_arguments_options[@]}" : \
'-h[Print help]' \
'--help[Print help]' \
'-V[Print version]' \
'--version[Print version]' \
":: :_ca-certs_commands" \
"*::: :->ca-certs" \
&& ret=0
case $state in
(ca-certs)
words=($line[1] "${words[@]}")
(( CURRENT += 1 ))
curcontext="${curcontext%:*:*}:ca-certs-command-$line[1]:"
case $line[1] in
(add)
_arguments "${_arguments_options[@]}" : \
'-n+[Output certificate name (without extension). Defaults to the input filename stem]:NAME:_default' \
'--name=[Output certificate name (without extension). Defaults to the input filename stem]:NAME:_default' \
'-o+[Extracted output directory inside the target root (default\: /etc/ca-certificates/extracted)]:OUTPUT:_files' \
'--output=[Extracted output directory inside the target root (default\: /etc/ca-certificates/extracted)]:OUTPUT:_files' \
'--root=[Target root filesystem (for chroot/image builds)]:ROOT:_files' \
'--force[Overwrite an existing anchor if contents differ]' \
'--no-extract[Add certificate but do not run extraction]' \
'--dry-run[Print actions without modifying files]' \
'-h[Print help]' \
'--help[Print help]' \
':cert -- Path to a PEM-encoded CA certificate:_files' \
&& ret=0
;;
(extract)
_arguments "${_arguments_options[@]}" : \
'-o+[Extracted output directory inside the target root (default\: /etc/ca-certificates/extracted)]:OUTPUT:_files' \
'--output=[Extracted output directory inside the target root (default\: /etc/ca-certificates/extracted)]:OUTPUT:_files' \
'--root=[Target root filesystem (for chroot/image builds)]:ROOT:_files' \
'--dry-run[Print actions without modifying files]' \
'-h[Print help]' \
'--help[Print help]' \
&& ret=0
;;
(certdata)
_arguments "${_arguments_options[@]}" : \
'-h[Print help]' \
'--help[Print help]' \
":: :_ca-certs__certdata_commands" \
"*::: :->certdata" \
&& ret=0
case $state in
(certdata)
words=($line[1] "${words[@]}")
(( CURRENT += 1 ))
curcontext="${curcontext%:*:*}:ca-certs-certdata-command-$line[1]:"
case $line[1] in
(fetch)
_arguments "${_arguments_options[@]}" : \
'--url=[Source URL for certdata.txt]:URL:_default' \
'--log-url=[Override log URL used to determine the latest revision (optional)]:LOG_URL:_default' \
'-o+[Output file path]:OUTPUT:_files' \
'--output=[Output file path]:OUTPUT:_files' \
'--force[Overwrite an existing file if contents differ]' \
'--no-revision-check[Always download even if the local file revision matches the remote revision]' \
'--no-parse[Skip parsing/summary after download]' \
'--dry-run[Print actions without modifying files]' \
'-h[Print help]' \
'--help[Print help]' \
&& ret=0
;;
(parse)
_arguments "${_arguments_options[@]}" : \
'--limit=[Print up to N object summaries after the aggregate stats]:LIMIT:_default' \
'-h[Print help]' \
'--help[Print help]' \
'::input -- Path to certdata.txt:_files' \
&& ret=0
;;
(convert)
_arguments "${_arguments_options[@]}" : \
'--root=[Target root filesystem (for chroot/image builds)]:ROOT:_files' \
'--output=[Destination p11-kit trust source file inside the target root]:OUTPUT:_files' \
'-o+[Extracted output directory inside the target root (default\: /etc/ca-certificates/extracted)]:EXTRACT_OUTPUT:_files' \
'--extract-output=[Extracted output directory inside the target root (default\: /etc/ca-certificates/extracted)]:EXTRACT_OUTPUT:_files' \
'--force[Overwrite an existing output file if contents differ]' \
'--no-extract[Skip running trust extraction after writing the Mozilla source bundle]' \
'--dry-run[Print actions without modifying files]' \
'-h[Print help]' \
'--help[Print help]' \
'::input -- Path to certdata.txt:_files' \
&& ret=0
;;
(sync)
_arguments "${_arguments_options[@]}" : \
'--url=[Source URL for certdata.txt]:URL:_default' \
'--log-url=[Override log URL used to determine the latest revision (optional)]:LOG_URL:_default' \
'--certdata-output=[Local certdata.txt path used for fetch and convert]:CERTDATA_OUTPUT:_files' \
'--root=[Target root filesystem (for chroot/image builds)]:ROOT:_files' \
'--mozilla-output=[Destination p11-kit trust source file inside the target root]:MOZILLA_OUTPUT:_files' \
'-o+[Extracted output directory inside the target root (default\: /etc/ca-certificates/extracted)]:EXTRACT_OUTPUT:_files' \
'--extract-output=[Extracted output directory inside the target root (default\: /etc/ca-certificates/extracted)]:EXTRACT_OUTPUT:_files' \
'--force[Overwrite existing files if contents differ]' \
'--no-revision-check[Always download even if the local certdata revision matches the remote revision]' \
'--no-parse[Skip parsing/summary after download]' \
'--no-extract[Skip running trust extraction after writing the Mozilla source bundle]' \
'--dry-run[Print actions without modifying files]' \
'-h[Print help]' \
'--help[Print help]' \
&& ret=0
;;
(help)
_arguments "${_arguments_options[@]}" : \
":: :_ca-certs__certdata__help_commands" \
"*::: :->help" \
&& ret=0
case $state in
(help)
words=($line[1] "${words[@]}")
(( CURRENT += 1 ))
curcontext="${curcontext%:*:*}:ca-certs-certdata-help-command-$line[1]:"
case $line[1] in
(fetch)
_arguments "${_arguments_options[@]}" : \
&& ret=0
;;
(parse)
_arguments "${_arguments_options[@]}" : \
&& ret=0
;;
(convert)
_arguments "${_arguments_options[@]}" : \
&& ret=0
;;
(sync)
_arguments "${_arguments_options[@]}" : \
&& ret=0
;;
(help)
_arguments "${_arguments_options[@]}" : \
&& ret=0
;;
esac
;;
esac
;;
esac
;;
esac
;;
(gen-artifacts)
_arguments "${_arguments_options[@]}" : \
'--out-dir=[Directory to write generated packaging artifacts into]:OUT_DIR:_files' \
'*--shell=[Shell completions to generate]:SHELLS:(bash fish zsh)' \
'--dry-run[Print actions without modifying files]' \
'-h[Print help]' \
'--help[Print help]' \
&& ret=0
;;
(help)
_arguments "${_arguments_options[@]}" : \
":: :_ca-certs__help_commands" \
"*::: :->help" \
&& ret=0
case $state in
(help)
words=($line[1] "${words[@]}")
(( CURRENT += 1 ))
curcontext="${curcontext%:*:*}:ca-certs-help-command-$line[1]:"
case $line[1] in
(add)
_arguments "${_arguments_options[@]}" : \
&& ret=0
;;
(extract)
_arguments "${_arguments_options[@]}" : \
&& ret=0
;;
(certdata)
_arguments "${_arguments_options[@]}" : \
":: :_ca-certs__help__certdata_commands" \
"*::: :->certdata" \
&& ret=0
case $state in
(certdata)
words=($line[1] "${words[@]}")
(( CURRENT += 1 ))
curcontext="${curcontext%:*:*}:ca-certs-help-certdata-command-$line[1]:"
case $line[1] in
(fetch)
_arguments "${_arguments_options[@]}" : \
&& ret=0
;;
(parse)
_arguments "${_arguments_options[@]}" : \
&& ret=0
;;
(convert)
_arguments "${_arguments_options[@]}" : \
&& ret=0
;;
(sync)
_arguments "${_arguments_options[@]}" : \
&& ret=0
;;
esac
;;
esac
;;
(gen-artifacts)
_arguments "${_arguments_options[@]}" : \
&& ret=0
;;
(help)
_arguments "${_arguments_options[@]}" : \
&& ret=0
;;
esac
;;
esac
;;
esac
;;
esac
}
(( $+functions[_ca-certs_commands] )) ||
_ca-certs_commands() {
local commands; commands=(
'add:Add a PEM CA certificate to trust-source/anchors and refresh extracted outputs' \
'extract:Regenerate extracted trust bundles (like update-ca-trust extract)' \
'certdata:Fetch and parse Mozilla/NSS certdata.txt (no certificate generation yet)' \
'gen-artifacts:' \
'help:Print this message or the help of the given subcommand(s)' \
)
_describe -t commands 'ca-certs commands' commands "$@"
}
(( $+functions[_ca-certs__add_commands] )) ||
_ca-certs__add_commands() {
local commands; commands=()
_describe -t commands 'ca-certs add commands' commands "$@"
}
(( $+functions[_ca-certs__certdata_commands] )) ||
_ca-certs__certdata_commands() {
local commands; commands=(
'fetch:Fetch certdata.txt from an NSS source URL' \
'parse:Parse a local certdata.txt file and print a summary' \
'convert:Convert certdata.txt into a Mozilla p11-kit trust bundle and optionally extract outputs' \
'sync:Run the full pipeline\: fetch certdata.txt, convert to p11-kit source, then extract outputs' \
'help:Print this message or the help of the given subcommand(s)' \
)
_describe -t commands 'ca-certs certdata commands' commands "$@"
}
(( $+functions[_ca-certs__certdata__convert_commands] )) ||
_ca-certs__certdata__convert_commands() {
local commands; commands=()
_describe -t commands 'ca-certs certdata convert commands' commands "$@"
}
(( $+functions[_ca-certs__certdata__fetch_commands] )) ||
_ca-certs__certdata__fetch_commands() {
local commands; commands=()
_describe -t commands 'ca-certs certdata fetch commands' commands "$@"
}
(( $+functions[_ca-certs__certdata__help_commands] )) ||
_ca-certs__certdata__help_commands() {
local commands; commands=(
'fetch:Fetch certdata.txt from an NSS source URL' \
'parse:Parse a local certdata.txt file and print a summary' \
'convert:Convert certdata.txt into a Mozilla p11-kit trust bundle and optionally extract outputs' \
'sync:Run the full pipeline\: fetch certdata.txt, convert to p11-kit source, then extract outputs' \
'help:Print this message or the help of the given subcommand(s)' \
)
_describe -t commands 'ca-certs certdata help commands' commands "$@"
}
(( $+functions[_ca-certs__certdata__help__convert_commands] )) ||
_ca-certs__certdata__help__convert_commands() {
local commands; commands=()
_describe -t commands 'ca-certs certdata help convert commands' commands "$@"
}
(( $+functions[_ca-certs__certdata__help__fetch_commands] )) ||
_ca-certs__certdata__help__fetch_commands() {
local commands; commands=()
_describe -t commands 'ca-certs certdata help fetch commands' commands "$@"
}
(( $+functions[_ca-certs__certdata__help__help_commands] )) ||
_ca-certs__certdata__help__help_commands() {
local commands; commands=()
_describe -t commands 'ca-certs certdata help help commands' commands "$@"
}
(( $+functions[_ca-certs__certdata__help__parse_commands] )) ||
_ca-certs__certdata__help__parse_commands() {
local commands; commands=()
_describe -t commands 'ca-certs certdata help parse commands' commands "$@"
}
(( $+functions[_ca-certs__certdata__help__sync_commands] )) ||
_ca-certs__certdata__help__sync_commands() {
local commands; commands=()
_describe -t commands 'ca-certs certdata help sync commands' commands "$@"
}
(( $+functions[_ca-certs__certdata__parse_commands] )) ||
_ca-certs__certdata__parse_commands() {
local commands; commands=()
_describe -t commands 'ca-certs certdata parse commands' commands "$@"
}
(( $+functions[_ca-certs__certdata__sync_commands] )) ||
_ca-certs__certdata__sync_commands() {
local commands; commands=()
_describe -t commands 'ca-certs certdata sync commands' commands "$@"
}
(( $+functions[_ca-certs__extract_commands] )) ||
_ca-certs__extract_commands() {
local commands; commands=()
_describe -t commands 'ca-certs extract commands' commands "$@"
}
(( $+functions[_ca-certs__gen-artifacts_commands] )) ||
_ca-certs__gen-artifacts_commands() {
local commands; commands=()
_describe -t commands 'ca-certs gen-artifacts commands' commands "$@"
}
(( $+functions[_ca-certs__help_commands] )) ||
_ca-certs__help_commands() {
local commands; commands=(
'add:Add a PEM CA certificate to trust-source/anchors and refresh extracted outputs' \
'extract:Regenerate extracted trust bundles (like update-ca-trust extract)' \
'certdata:Fetch and parse Mozilla/NSS certdata.txt (no certificate generation yet)' \
'gen-artifacts:' \
'help:Print this message or the help of the given subcommand(s)' \
)
_describe -t commands 'ca-certs help commands' commands "$@"
}
(( $+functions[_ca-certs__help__add_commands] )) ||
_ca-certs__help__add_commands() {
local commands; commands=()
_describe -t commands 'ca-certs help add commands' commands "$@"
}
(( $+functions[_ca-certs__help__certdata_commands] )) ||
_ca-certs__help__certdata_commands() {
local commands; commands=(
'fetch:Fetch certdata.txt from an NSS source URL' \
'parse:Parse a local certdata.txt file and print a summary' \
'convert:Convert certdata.txt into a Mozilla p11-kit trust bundle and optionally extract outputs' \
'sync:Run the full pipeline\: fetch certdata.txt, convert to p11-kit source, then extract outputs' \
)
_describe -t commands 'ca-certs help certdata commands' commands "$@"
}
(( $+functions[_ca-certs__help__certdata__convert_commands] )) ||
_ca-certs__help__certdata__convert_commands() {
local commands; commands=()
_describe -t commands 'ca-certs help certdata convert commands' commands "$@"
}
(( $+functions[_ca-certs__help__certdata__fetch_commands] )) ||
_ca-certs__help__certdata__fetch_commands() {
local commands; commands=()
_describe -t commands 'ca-certs help certdata fetch commands' commands "$@"
}
(( $+functions[_ca-certs__help__certdata__parse_commands] )) ||
_ca-certs__help__certdata__parse_commands() {
local commands; commands=()
_describe -t commands 'ca-certs help certdata parse commands' commands "$@"
}
(( $+functions[_ca-certs__help__certdata__sync_commands] )) ||
_ca-certs__help__certdata__sync_commands() {
local commands; commands=()
_describe -t commands 'ca-certs help certdata sync commands' commands "$@"
}
(( $+functions[_ca-certs__help__extract_commands] )) ||
_ca-certs__help__extract_commands() {
local commands; commands=()
_describe -t commands 'ca-certs help extract commands' commands "$@"
}
(( $+functions[_ca-certs__help__gen-artifacts_commands] )) ||
_ca-certs__help__gen-artifacts_commands() {
local commands; commands=()
_describe -t commands 'ca-certs help gen-artifacts commands' commands "$@"
}
(( $+functions[_ca-certs__help__help_commands] )) ||
_ca-certs__help__help_commands() {
local commands; commands=()
_describe -t commands 'ca-certs help help commands' commands "$@"
}
if [ "$funcstack[1]" = "_ca-certs" ]; then
_ca-certs "$@"
else
compdef _ca-certs ca-certs
fi
+558
View File
@@ -0,0 +1,558 @@
_ca-certs() {
local i cur prev opts cmd
COMPREPLY=()
if [[ "${BASH_VERSINFO[0]}" -ge 4 ]]; then
cur="$2"
else
cur="${COMP_WORDS[COMP_CWORD]}"
fi
prev="$3"
cmd=""
opts=""
for i in "${COMP_WORDS[@]:0:COMP_CWORD}"
do
case "${cmd},${i}" in
",$1")
cmd="ca__certs"
;;
ca__certs,add)
cmd="ca__certs__add"
;;
ca__certs,certdata)
cmd="ca__certs__certdata"
;;
ca__certs,extract)
cmd="ca__certs__extract"
;;
ca__certs,gen-artifacts)
cmd="ca__certs__gen__artifacts"
;;
ca__certs,help)
cmd="ca__certs__help"
;;
ca__certs__certdata,convert)
cmd="ca__certs__certdata__convert"
;;
ca__certs__certdata,fetch)
cmd="ca__certs__certdata__fetch"
;;
ca__certs__certdata,help)
cmd="ca__certs__certdata__help"
;;
ca__certs__certdata,parse)
cmd="ca__certs__certdata__parse"
;;
ca__certs__certdata,sync)
cmd="ca__certs__certdata__sync"
;;
ca__certs__certdata__help,convert)
cmd="ca__certs__certdata__help__convert"
;;
ca__certs__certdata__help,fetch)
cmd="ca__certs__certdata__help__fetch"
;;
ca__certs__certdata__help,help)
cmd="ca__certs__certdata__help__help"
;;
ca__certs__certdata__help,parse)
cmd="ca__certs__certdata__help__parse"
;;
ca__certs__certdata__help,sync)
cmd="ca__certs__certdata__help__sync"
;;
ca__certs__help,add)
cmd="ca__certs__help__add"
;;
ca__certs__help,certdata)
cmd="ca__certs__help__certdata"
;;
ca__certs__help,extract)
cmd="ca__certs__help__extract"
;;
ca__certs__help,gen-artifacts)
cmd="ca__certs__help__gen__artifacts"
;;
ca__certs__help,help)
cmd="ca__certs__help__help"
;;
ca__certs__help__certdata,convert)
cmd="ca__certs__help__certdata__convert"
;;
ca__certs__help__certdata,fetch)
cmd="ca__certs__help__certdata__fetch"
;;
ca__certs__help__certdata,parse)
cmd="ca__certs__help__certdata__parse"
;;
ca__certs__help__certdata,sync)
cmd="ca__certs__help__certdata__sync"
;;
*)
;;
esac
done
case "${cmd}" in
ca__certs)
opts="-h -V --help --version add extract certdata gen-artifacts help"
if [[ ${cur} == -* || ${COMP_CWORD} -eq 1 ]] ; then
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
fi
case "${prev}" in
*)
COMPREPLY=()
;;
esac
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
;;
ca__certs__add)
opts="-n -o -h --name --force --no-extract --output --root --dry-run --help <CERT>"
if [[ ${cur} == -* || ${COMP_CWORD} -eq 2 ]] ; then
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
fi
case "${prev}" in
--name)
COMPREPLY=($(compgen -f "${cur}"))
return 0
;;
-n)
COMPREPLY=($(compgen -f "${cur}"))
return 0
;;
--output)
COMPREPLY=($(compgen -f "${cur}"))
return 0
;;
-o)
COMPREPLY=($(compgen -f "${cur}"))
return 0
;;
--root)
COMPREPLY=($(compgen -f "${cur}"))
return 0
;;
*)
COMPREPLY=()
;;
esac
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
;;
ca__certs__certdata)
opts="-h --help fetch parse convert sync help"
if [[ ${cur} == -* || ${COMP_CWORD} -eq 2 ]] ; then
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
fi
case "${prev}" in
*)
COMPREPLY=()
;;
esac
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
;;
ca__certs__certdata__convert)
opts="-o -h --root --output --force --no-extract --extract-output --dry-run --help [INPUT]"
if [[ ${cur} == -* || ${COMP_CWORD} -eq 3 ]] ; then
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
fi
case "${prev}" in
--root)
COMPREPLY=($(compgen -f "${cur}"))
return 0
;;
--output)
COMPREPLY=($(compgen -f "${cur}"))
return 0
;;
--extract-output)
COMPREPLY=($(compgen -f "${cur}"))
return 0
;;
-o)
COMPREPLY=($(compgen -f "${cur}"))
return 0
;;
*)
COMPREPLY=()
;;
esac
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
;;
ca__certs__certdata__fetch)
opts="-o -h --url --log-url --output --force --no-revision-check --no-parse --dry-run --help"
if [[ ${cur} == -* || ${COMP_CWORD} -eq 3 ]] ; then
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
fi
case "${prev}" in
--url)
COMPREPLY=($(compgen -f "${cur}"))
return 0
;;
--log-url)
COMPREPLY=($(compgen -f "${cur}"))
return 0
;;
--output)
COMPREPLY=($(compgen -f "${cur}"))
return 0
;;
-o)
COMPREPLY=($(compgen -f "${cur}"))
return 0
;;
*)
COMPREPLY=()
;;
esac
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
;;
ca__certs__certdata__help)
opts="fetch parse convert sync help"
if [[ ${cur} == -* || ${COMP_CWORD} -eq 3 ]] ; then
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
fi
case "${prev}" in
*)
COMPREPLY=()
;;
esac
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
;;
ca__certs__certdata__help__convert)
opts=""
if [[ ${cur} == -* || ${COMP_CWORD} -eq 4 ]] ; then
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
fi
case "${prev}" in
*)
COMPREPLY=()
;;
esac
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
;;
ca__certs__certdata__help__fetch)
opts=""
if [[ ${cur} == -* || ${COMP_CWORD} -eq 4 ]] ; then
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
fi
case "${prev}" in
*)
COMPREPLY=()
;;
esac
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
;;
ca__certs__certdata__help__help)
opts=""
if [[ ${cur} == -* || ${COMP_CWORD} -eq 4 ]] ; then
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
fi
case "${prev}" in
*)
COMPREPLY=()
;;
esac
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
;;
ca__certs__certdata__help__parse)
opts=""
if [[ ${cur} == -* || ${COMP_CWORD} -eq 4 ]] ; then
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
fi
case "${prev}" in
*)
COMPREPLY=()
;;
esac
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
;;
ca__certs__certdata__help__sync)
opts=""
if [[ ${cur} == -* || ${COMP_CWORD} -eq 4 ]] ; then
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
fi
case "${prev}" in
*)
COMPREPLY=()
;;
esac
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
;;
ca__certs__certdata__parse)
opts="-h --limit --help [INPUT]"
if [[ ${cur} == -* || ${COMP_CWORD} -eq 3 ]] ; then
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
fi
case "${prev}" in
--limit)
COMPREPLY=($(compgen -f "${cur}"))
return 0
;;
*)
COMPREPLY=()
;;
esac
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
;;
ca__certs__certdata__sync)
opts="-o -h --url --log-url --certdata-output --root --mozilla-output --force --no-revision-check --no-parse --no-extract --extract-output --dry-run --help"
if [[ ${cur} == -* || ${COMP_CWORD} -eq 3 ]] ; then
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
fi
case "${prev}" in
--url)
COMPREPLY=($(compgen -f "${cur}"))
return 0
;;
--log-url)
COMPREPLY=($(compgen -f "${cur}"))
return 0
;;
--certdata-output)
COMPREPLY=($(compgen -f "${cur}"))
return 0
;;
--root)
COMPREPLY=($(compgen -f "${cur}"))
return 0
;;
--mozilla-output)
COMPREPLY=($(compgen -f "${cur}"))
return 0
;;
--extract-output)
COMPREPLY=($(compgen -f "${cur}"))
return 0
;;
-o)
COMPREPLY=($(compgen -f "${cur}"))
return 0
;;
*)
COMPREPLY=()
;;
esac
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
;;
ca__certs__extract)
opts="-o -h --output --root --dry-run --help"
if [[ ${cur} == -* || ${COMP_CWORD} -eq 2 ]] ; then
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
fi
case "${prev}" in
--output)
COMPREPLY=($(compgen -f "${cur}"))
return 0
;;
-o)
COMPREPLY=($(compgen -f "${cur}"))
return 0
;;
--root)
COMPREPLY=($(compgen -f "${cur}"))
return 0
;;
*)
COMPREPLY=()
;;
esac
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
;;
ca__certs__gen__artifacts)
opts="-h --out-dir --shell --dry-run --help"
if [[ ${cur} == -* || ${COMP_CWORD} -eq 2 ]] ; then
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
fi
case "${prev}" in
--out-dir)
COMPREPLY=($(compgen -f "${cur}"))
return 0
;;
--shell)
COMPREPLY=($(compgen -W "bash fish zsh" -- "${cur}"))
return 0
;;
*)
COMPREPLY=()
;;
esac
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
;;
ca__certs__help)
opts="add extract certdata gen-artifacts help"
if [[ ${cur} == -* || ${COMP_CWORD} -eq 2 ]] ; then
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
fi
case "${prev}" in
*)
COMPREPLY=()
;;
esac
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
;;
ca__certs__help__add)
opts=""
if [[ ${cur} == -* || ${COMP_CWORD} -eq 3 ]] ; then
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
fi
case "${prev}" in
*)
COMPREPLY=()
;;
esac
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
;;
ca__certs__help__certdata)
opts="fetch parse convert sync"
if [[ ${cur} == -* || ${COMP_CWORD} -eq 3 ]] ; then
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
fi
case "${prev}" in
*)
COMPREPLY=()
;;
esac
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
;;
ca__certs__help__certdata__convert)
opts=""
if [[ ${cur} == -* || ${COMP_CWORD} -eq 4 ]] ; then
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
fi
case "${prev}" in
*)
COMPREPLY=()
;;
esac
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
;;
ca__certs__help__certdata__fetch)
opts=""
if [[ ${cur} == -* || ${COMP_CWORD} -eq 4 ]] ; then
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
fi
case "${prev}" in
*)
COMPREPLY=()
;;
esac
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
;;
ca__certs__help__certdata__parse)
opts=""
if [[ ${cur} == -* || ${COMP_CWORD} -eq 4 ]] ; then
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
fi
case "${prev}" in
*)
COMPREPLY=()
;;
esac
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
;;
ca__certs__help__certdata__sync)
opts=""
if [[ ${cur} == -* || ${COMP_CWORD} -eq 4 ]] ; then
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
fi
case "${prev}" in
*)
COMPREPLY=()
;;
esac
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
;;
ca__certs__help__extract)
opts=""
if [[ ${cur} == -* || ${COMP_CWORD} -eq 3 ]] ; then
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
fi
case "${prev}" in
*)
COMPREPLY=()
;;
esac
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
;;
ca__certs__help__gen__artifacts)
opts=""
if [[ ${cur} == -* || ${COMP_CWORD} -eq 3 ]] ; then
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
fi
case "${prev}" in
*)
COMPREPLY=()
;;
esac
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
;;
ca__certs__help__help)
opts=""
if [[ ${cur} == -* || ${COMP_CWORD} -eq 3 ]] ; then
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
fi
case "${prev}" in
*)
COMPREPLY=()
;;
esac
COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
return 0
;;
esac
}
if [[ "${BASH_VERSINFO[0]}" -eq 4 && "${BASH_VERSINFO[1]}" -ge 4 || "${BASH_VERSINFO[0]}" -gt 4 ]]; then
complete -F _ca-certs -o nosort -o bashdefault -o default ca-certs
else
complete -F _ca-certs -o bashdefault -o default ca-certs
fi
+99
View File
@@ -0,0 +1,99 @@
# Print an optspec for argparse to handle cmd's options that are independent of any subcommand.
function __fish_ca_certs_global_optspecs
string join \n h/help V/version
end
function __fish_ca_certs_needs_command
# Figure out if the current invocation already has a command.
set -l cmd (commandline -opc)
set -e cmd[1]
argparse -s (__fish_ca_certs_global_optspecs) -- $cmd 2>/dev/null
or return
if set -q argv[1]
# Also print the command, so this can be used to figure out what it is.
echo $argv[1]
return 1
end
return 0
end
function __fish_ca_certs_using_subcommand
set -l cmd (__fish_ca_certs_needs_command)
test -z "$cmd"
and return 1
contains -- $cmd[1] $argv
end
complete -c ca-certs -n "__fish_ca_certs_needs_command" -s h -l help -d 'Print help'
complete -c ca-certs -n "__fish_ca_certs_needs_command" -s V -l version -d 'Print version'
complete -c ca-certs -n "__fish_ca_certs_needs_command" -f -a "add" -d 'Add a PEM CA certificate to trust-source/anchors and refresh extracted outputs'
complete -c ca-certs -n "__fish_ca_certs_needs_command" -f -a "extract" -d 'Regenerate extracted trust bundles (like update-ca-trust extract)'
complete -c ca-certs -n "__fish_ca_certs_needs_command" -f -a "certdata" -d 'Fetch and parse Mozilla/NSS certdata.txt (no certificate generation yet)'
complete -c ca-certs -n "__fish_ca_certs_needs_command" -f -a "gen-artifacts"
complete -c ca-certs -n "__fish_ca_certs_needs_command" -f -a "help" -d 'Print this message or the help of the given subcommand(s)'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand add" -s n -l name -d 'Output certificate name (without extension). Defaults to the input filename stem' -r
complete -c ca-certs -n "__fish_ca_certs_using_subcommand add" -s o -l output -d 'Extracted output directory inside the target root (default: /etc/ca-certificates/extracted)' -r -F
complete -c ca-certs -n "__fish_ca_certs_using_subcommand add" -l root -d 'Target root filesystem (for chroot/image builds)' -r -F
complete -c ca-certs -n "__fish_ca_certs_using_subcommand add" -l force -d 'Overwrite an existing anchor if contents differ'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand add" -l no-extract -d 'Add certificate but do not run extraction'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand add" -l dry-run -d 'Print actions without modifying files'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand add" -s h -l help -d 'Print help'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand extract" -s o -l output -d 'Extracted output directory inside the target root (default: /etc/ca-certificates/extracted)' -r -F
complete -c ca-certs -n "__fish_ca_certs_using_subcommand extract" -l root -d 'Target root filesystem (for chroot/image builds)' -r -F
complete -c ca-certs -n "__fish_ca_certs_using_subcommand extract" -l dry-run -d 'Print actions without modifying files'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand extract" -s h -l help -d 'Print help'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand certdata; and not __fish_seen_subcommand_from fetch parse convert sync help" -s h -l help -d 'Print help'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand certdata; and not __fish_seen_subcommand_from fetch parse convert sync help" -f -a "fetch" -d 'Fetch certdata.txt from an NSS source URL'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand certdata; and not __fish_seen_subcommand_from fetch parse convert sync help" -f -a "parse" -d 'Parse a local certdata.txt file and print a summary'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand certdata; and not __fish_seen_subcommand_from fetch parse convert sync help" -f -a "convert" -d 'Convert certdata.txt into a Mozilla p11-kit trust bundle and optionally extract outputs'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand certdata; and not __fish_seen_subcommand_from fetch parse convert sync help" -f -a "sync" -d 'Run the full pipeline: fetch certdata.txt, convert to p11-kit source, then extract outputs'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand certdata; and not __fish_seen_subcommand_from fetch parse convert sync help" -f -a "help" -d 'Print this message or the help of the given subcommand(s)'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand certdata; and __fish_seen_subcommand_from fetch" -l url -d 'Source URL for certdata.txt' -r
complete -c ca-certs -n "__fish_ca_certs_using_subcommand certdata; and __fish_seen_subcommand_from fetch" -l log-url -d 'Override log URL used to determine the latest revision (optional)' -r
complete -c ca-certs -n "__fish_ca_certs_using_subcommand certdata; and __fish_seen_subcommand_from fetch" -s o -l output -d 'Output file path' -r -F
complete -c ca-certs -n "__fish_ca_certs_using_subcommand certdata; and __fish_seen_subcommand_from fetch" -l force -d 'Overwrite an existing file if contents differ'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand certdata; and __fish_seen_subcommand_from fetch" -l no-revision-check -d 'Always download even if the local file revision matches the remote revision'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand certdata; and __fish_seen_subcommand_from fetch" -l no-parse -d 'Skip parsing/summary after download'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand certdata; and __fish_seen_subcommand_from fetch" -l dry-run -d 'Print actions without modifying files'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand certdata; and __fish_seen_subcommand_from fetch" -s h -l help -d 'Print help'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand certdata; and __fish_seen_subcommand_from parse" -l limit -d 'Print up to N object summaries after the aggregate stats' -r
complete -c ca-certs -n "__fish_ca_certs_using_subcommand certdata; and __fish_seen_subcommand_from parse" -s h -l help -d 'Print help'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand certdata; and __fish_seen_subcommand_from convert" -l root -d 'Target root filesystem (for chroot/image builds)' -r -F
complete -c ca-certs -n "__fish_ca_certs_using_subcommand certdata; and __fish_seen_subcommand_from convert" -l output -d 'Destination p11-kit trust source file inside the target root' -r -F
complete -c ca-certs -n "__fish_ca_certs_using_subcommand certdata; and __fish_seen_subcommand_from convert" -s o -l extract-output -d 'Extracted output directory inside the target root (default: /etc/ca-certificates/extracted)' -r -F
complete -c ca-certs -n "__fish_ca_certs_using_subcommand certdata; and __fish_seen_subcommand_from convert" -l force -d 'Overwrite an existing output file if contents differ'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand certdata; and __fish_seen_subcommand_from convert" -l no-extract -d 'Skip running trust extraction after writing the Mozilla source bundle'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand certdata; and __fish_seen_subcommand_from convert" -l dry-run -d 'Print actions without modifying files'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand certdata; and __fish_seen_subcommand_from convert" -s h -l help -d 'Print help'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand certdata; and __fish_seen_subcommand_from sync" -l url -d 'Source URL for certdata.txt' -r
complete -c ca-certs -n "__fish_ca_certs_using_subcommand certdata; and __fish_seen_subcommand_from sync" -l log-url -d 'Override log URL used to determine the latest revision (optional)' -r
complete -c ca-certs -n "__fish_ca_certs_using_subcommand certdata; and __fish_seen_subcommand_from sync" -l certdata-output -d 'Local certdata.txt path used for fetch and convert' -r -F
complete -c ca-certs -n "__fish_ca_certs_using_subcommand certdata; and __fish_seen_subcommand_from sync" -l root -d 'Target root filesystem (for chroot/image builds)' -r -F
complete -c ca-certs -n "__fish_ca_certs_using_subcommand certdata; and __fish_seen_subcommand_from sync" -l mozilla-output -d 'Destination p11-kit trust source file inside the target root' -r -F
complete -c ca-certs -n "__fish_ca_certs_using_subcommand certdata; and __fish_seen_subcommand_from sync" -s o -l extract-output -d 'Extracted output directory inside the target root (default: /etc/ca-certificates/extracted)' -r -F
complete -c ca-certs -n "__fish_ca_certs_using_subcommand certdata; and __fish_seen_subcommand_from sync" -l force -d 'Overwrite existing files if contents differ'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand certdata; and __fish_seen_subcommand_from sync" -l no-revision-check -d 'Always download even if the local certdata revision matches the remote revision'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand certdata; and __fish_seen_subcommand_from sync" -l no-parse -d 'Skip parsing/summary after download'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand certdata; and __fish_seen_subcommand_from sync" -l no-extract -d 'Skip running trust extraction after writing the Mozilla source bundle'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand certdata; and __fish_seen_subcommand_from sync" -l dry-run -d 'Print actions without modifying files'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand certdata; and __fish_seen_subcommand_from sync" -s h -l help -d 'Print help'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand certdata; and __fish_seen_subcommand_from help" -f -a "fetch" -d 'Fetch certdata.txt from an NSS source URL'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand certdata; and __fish_seen_subcommand_from help" -f -a "parse" -d 'Parse a local certdata.txt file and print a summary'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand certdata; and __fish_seen_subcommand_from help" -f -a "convert" -d 'Convert certdata.txt into a Mozilla p11-kit trust bundle and optionally extract outputs'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand certdata; and __fish_seen_subcommand_from help" -f -a "sync" -d 'Run the full pipeline: fetch certdata.txt, convert to p11-kit source, then extract outputs'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand certdata; and __fish_seen_subcommand_from help" -f -a "help" -d 'Print this message or the help of the given subcommand(s)'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand gen-artifacts" -l out-dir -d 'Directory to write generated packaging artifacts into' -r -F
complete -c ca-certs -n "__fish_ca_certs_using_subcommand gen-artifacts" -l shell -d 'Shell completions to generate' -r -f -a "bash\t''
fish\t''
zsh\t''"
complete -c ca-certs -n "__fish_ca_certs_using_subcommand gen-artifacts" -l dry-run -d 'Print actions without modifying files'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand gen-artifacts" -s h -l help -d 'Print help'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand help; and not __fish_seen_subcommand_from add extract certdata gen-artifacts help" -f -a "add" -d 'Add a PEM CA certificate to trust-source/anchors and refresh extracted outputs'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand help; and not __fish_seen_subcommand_from add extract certdata gen-artifacts help" -f -a "extract" -d 'Regenerate extracted trust bundles (like update-ca-trust extract)'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand help; and not __fish_seen_subcommand_from add extract certdata gen-artifacts help" -f -a "certdata" -d 'Fetch and parse Mozilla/NSS certdata.txt (no certificate generation yet)'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand help; and not __fish_seen_subcommand_from add extract certdata gen-artifacts help" -f -a "gen-artifacts"
complete -c ca-certs -n "__fish_ca_certs_using_subcommand help; and not __fish_seen_subcommand_from add extract certdata gen-artifacts help" -f -a "help" -d 'Print this message or the help of the given subcommand(s)'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand help; and __fish_seen_subcommand_from certdata" -f -a "fetch" -d 'Fetch certdata.txt from an NSS source URL'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand help; and __fish_seen_subcommand_from certdata" -f -a "parse" -d 'Parse a local certdata.txt file and print a summary'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand help; and __fish_seen_subcommand_from certdata" -f -a "convert" -d 'Convert certdata.txt into a Mozilla p11-kit trust bundle and optionally extract outputs'
complete -c ca-certs -n "__fish_ca_certs_using_subcommand help; and __fish_seen_subcommand_from certdata" -f -a "sync" -d 'Run the full pipeline: fetch certdata.txt, convert to p11-kit source, then extract outputs'