Add coyote revoke and coyote certs CLI commands#12
Merged
Conversation
Codecov Report✅ All modified and coverable lines are covered by tests. 📢 Thoughts on this report? Let us know! |
- Add `coyote revoke` command: revokes a stored certificate via the CA that issued it. Accepts --identifier, --provider, --storage, --key-type, --reason (all 9 RFC 5280 reasons), and EAB options for ZeroSSL/GTS/SSL.com. Uses a protected performRevoke() hook (same pattern as IssueCommand) so the stub test approach works cleanly. - Add `coyote certs` command: lists all certificates in a filesystem storage directory, sorted by expiry date. Shows domain(s), key type, status, and expiry date with the same colour coding as `coyote status`. - Register both commands in Application.php. - Fix three em-dashes in README.md (two introduced in this session, one pre-existing in the provider slug docs section). - Update CLI docs in README: replace the shell-tooling workaround and the "no revoke command" placeholder with proper documentation for both new commands, including options tables and the revocation reasons table. - Add RevokeCommandTest (25 tests), ListCommandTest (16 tests), and update ApplicationTest to cover the two new commands.
Cover the three previously-missing lines in resolveKeyType() (ec384 and
rsa4096 arms) via a dataset test across all four key types. Cover
performRevoke() by running the real RevokeCommand against a fake-PEM
certificate, which triggers AcmeException('Could not parse the
certificate.') inside Certificate::revoke() before any network call.
Cover the ListCommand continue branch (unrecognised key type in filename)
with a test that writes a bare example.com.cert.json file.
bashgeek
force-pushed
the
add-revoke-certs-commands
branch
from
681ae91 to
e370a97
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
coyote revoke— revokes a stored certificate by calling the issuing CA's ACME revocation endpoint. Accepts--identifier,--provider(must match the issuing CA),--storage,--key-type,--reason(all 9 RFC 5280 reasons), and EAB options for ZeroSSL/GTS/SSL.com. Uses a protectedperformRevoke()hook (same pattern asIssueCommand::performIssue()) for clean test stubbing.coyote certs— lists all certificates in a filesystem storage directory, sorted by expiry date. Shows domain(s), key type, status, and expiry date with the same colour coding ascoyote status.--helpentries). Also removed three em-dashes.Test plan
RevokeCommandTest— 25 tests: input validation (missing identifier/provider, unknown provider/key-type/reason, missing EAB), cert-not-found, success output (reason name, provider name, key type),AuthExceptionandAcmeExceptionhandling, dataset covering all 9 reason stringsListCommandTest— 16 tests: missing directory, empty storage, single/multiple certs with count, multi-domain display, all four status labels, all four key type labels, sort order (soonest-expiring first)ApplicationTest— updated to assertcertsandrevokeare registered and appear in--helpoutput