sigstore · haydentherapper · Nov 28, 2023 · Nov 21, 2023 · Nov 27, 2023 · zhaoyonghe
diff --git a/cmd/cosign/cli/import_key_pair.go b/cmd/cosign/cli/import_key_pair.go
@@ -42,7 +42,7 @@ CAVEATS:
   the COSIGN_PASSWORD environment variable to provide one.`,
 		PersistentPreRun: options.BindViper,
 		RunE: func(cmd *cobra.Command, args []string) error {
-			return importkeypair.ImportKeyPairCmd(cmd.Context(), o.Key, o.OutputKeyPrefix, args)
+			return importkeypair.ImportKeyPairCmd(cmd.Context(), *o, args)
 		},
 	}
 

diff --git a/cmd/cosign/cli/importkeypair/import_key_pair.go b/cmd/cosign/cli/importkeypair/import_key_pair.go
@@ -21,6 +21,7 @@ import (
 	"io"
 	"os"
 
+	"github.com/sigstore/cosign/v2/cmd/cosign/cli/options"
 	icos "github.com/sigstore/cosign/v2/internal/pkg/cosign"
 	"github.com/sigstore/cosign/v2/internal/ui"
 	"github.com/sigstore/cosign/v2/pkg/cosign"
@@ -33,14 +34,14 @@ var (
 )
 
 // nolint
-func ImportKeyPairCmd(ctx context.Context, keyVal string, outputKeyPrefixVal string, args []string) error {
-	keys, err := cosign.ImportKeyPair(keyVal, GetPass)
+func ImportKeyPairCmd(ctx context.Context, o options.ImportKeyPairOptions, args []string) error {
+	keys, err := cosign.ImportKeyPair(o.Key, GetPass)
 	if err != nil {
 		return err
 	}
 
-	privateKeyFileName := outputKeyPrefixVal + ".key"
-	publicKeyFileName := outputKeyPrefixVal + ".pub"
+	privateKeyFileName := o.OutputKeyPrefix + ".key"
+	publicKeyFileName := o.OutputKeyPrefix + ".pub"
 
 	fileExists, err := icos.FileExists(privateKeyFileName)
 	if err != nil {
@@ -49,8 +50,10 @@ func ImportKeyPairCmd(ctx context.Context, keyVal string, outputKeyPrefixVal str
 
 	if fileExists {
 		ui.Warnf(ctx, "File %s already exists. Overwrite?", privateKeyFileName)
-		if err := ui.ConfirmContinue(ctx); err != nil {
-			return err
+		if !o.SkipConfirmation {
+			if err := ui.ConfirmContinue(ctx); err != nil {
+				return err
+			}
 		}
 	}
 	// TODO: make sure the perms are locked down first.

diff --git a/cmd/cosign/cli/importkeypair/import_key_pair_test.go b/cmd/cosign/cli/importkeypair/import_key_pair_test.go
@@ -25,6 +25,7 @@ import (
 	"testing"
 
 	"github.com/google/go-cmp/cmp"
+	"github.com/sigstore/cosign/v2/cmd/cosign/cli/options"
 	icos "github.com/sigstore/cosign/v2/internal/pkg/cosign"
 )
 
@@ -62,7 +63,11 @@ func TestImportOfKeys(t *testing.T) {
 	// framework if there is no value set by the user when running the
 	// command.
 	outputtedKeyPairFileName := "my-test"
-	ImportKeyPairCmd(context.Background(), privateKeyFileName, outputtedKeyPairFileName, nil)
+	ImportKeyPairCmd(context.Background(), options.ImportKeyPairOptions{
+		Key:              privateKeyFileName,
+		OutputKeyPrefix:  outputtedKeyPairFileName,
+		SkipConfirmation: false,
+	}, nil)
 
 	// removes temporary RSA private key used for test
 	checkIfFileExistsThenDelete(privateKeyFileName, t)

diff --git a/cmd/cosign/cli/options/import_key_pair.go b/cmd/cosign/cli/options/import_key_pair.go
@@ -26,6 +26,8 @@ type ImportKeyPairOptions struct {
 
 	// Filename used for outputted keys
 	OutputKeyPrefix string
+
+	SkipConfirmation bool
 }
 
 var _ Interface = (*ImportKeyPairOptions)(nil)
@@ -39,4 +41,7 @@ func (o *ImportKeyPairOptions) AddFlags(cmd *cobra.Command) {
 	cmd.Flags().StringVarP(&o.OutputKeyPrefix, "output-key-prefix", "o", "import-cosign",
 		"name used for outputted key pairs")
 	_ = cmd.Flags().SetAnnotation("output-key-prefix", cobra.BashCompFilenameExt, []string{})
+
+	cmd.Flags().BoolVarP(&o.SkipConfirmation, "yes", "y", false,
+		"skip confirmation prompts for non-destructive operations")
 }
diff --git a/doc/cosign_import-key-pair.md b/doc/cosign_import-key-pair.md