Group commands in oadm for ease of use

Group oadm certificate related cmds under 'oadm ca'

To maintain backward compatibility, old commands still work
with deprecated message but are not surfaced in the help message.

Author: Ravi Sankar Penta

hack/test-cmd.sh

@@ -112,7 +112,7 @@ do
     SERVER_HOSTNAME_LIST="${SERVER_HOSTNAME_LIST},${IP_ADDRESS}"
 done <<< "${ALL_IP_ADDRESSES}"
 
-openshift admin create-master-certs \
+openshift admin ca create-master-certs \
   --overwrite=false \
   --cert-dir="${MASTER_CONFIG_DIR}" \
   --hostnames="${SERVER_HOSTNAME_LIST}" \
@@ -283,7 +283,15 @@ echo "templates: ok"
 [ "$(openshift kubectl 2>&1 | grep 'Kubernetes cluster')" ]
 [ "$(oadm 2>&1 | grep 'OpenShift Administrative Commands')" ]
 [ "$(openshift admin 2>&1 | grep 'OpenShift Administrative Commands')" ]
+[ "$(oadm | grep 'Basic Commands:')" ]
+[ "$(oadm | grep 'Install Commands:')" ]
+[ "$(oadm ca | grep 'Manage certificates')" ]
 [ "$(openshift start kubernetes 2>&1 | grep 'Kubernetes server components')" ]
+# check deprecated admin cmds for backward compatibility
+[ "$(oadm create-master-certs -h 2>&1 | grep 'Create keys and certificates')" ]
+[ "$(oadm create-key-pair -h 2>&1 | grep 'Create a 2048-bit RSA key pair')" ]
+[ "$(oadm create-server-cert -h 2>&1 | grep 'Create a key and server certificate')" ]
+[ "$(oadm create-signer-cert -h 2>&1 | grep 'Create a self-signed CA')" ]
 
 # help for root commands with --help flag must be consistent
 [ "$(openshift --help 2>&1 | grep 'OpenShift Application Platform')" ]

hack/test-end-to-end.sh

@@ -197,7 +197,7 @@ do
 	SERVER_HOSTNAME_LIST="${SERVER_HOSTNAME_LIST},${IP_ADDRESS}"
 done <<< "${ALL_IP_ADDRESSES}"
 
-openshift admin create-master-certs \
+openshift admin ca create-master-certs \
 	--overwrite=false \
 	--cert-dir="${MASTER_CONFIG_DIR}" \
 	--hostnames="${SERVER_HOSTNAME_LIST}" \

hack/test-extended.sh

@@ -60,7 +60,7 @@ start_server() {
   done <<< "${ALL_IP_ADDRESSES}"
 
   echo "[INFO] Create certificates for the OpenShift master"
-  env "PATH=${PATH}" openshift admin create-master-certs \
+  env "PATH=${PATH}" openshift admin ca create-master-certs \
     --overwrite=false \
     --cert-dir="${MASTER_CONFIG_DIR}" \
     --hostnames="${SERVER_HOSTNAME_LIST}" \

pkg/cmd/admin/admin.go

@@ -6,6 +6,7 @@ import (
 
 	"github.com/spf13/cobra"
 
+	"github.com/openshift/origin/pkg/cmd/admin/cert"
 	"github.com/openshift/origin/pkg/cmd/admin/node"
 	"github.com/openshift/origin/pkg/cmd/admin/policy"
 	"github.com/openshift/origin/pkg/cmd/admin/project"
@@ -38,31 +39,68 @@ func NewCommandAdmin(name, fullName string, out io.Writer) *cobra.Command {
 
 	f := clientcmd.New(cmds.PersistentFlags())
 
-	cmds.AddCommand(project.NewCmdNewProject(project.NewProjectRecommendedName, fullName+" "+project.NewProjectRecommendedName, f, out))
-	cmds.AddCommand(policy.NewCmdPolicy(policy.PolicyRecommendedName, fullName+" "+policy.PolicyRecommendedName, f, out))
-	cmds.AddCommand(exipfailover.NewCmdIPFailoverConfig(f, fullName, "ipfailover", out))
-	cmds.AddCommand(router.NewCmdRouter(f, fullName, "router", out))
-	cmds.AddCommand(registry.NewCmdRegistry(f, fullName, "registry", out))
-	cmds.AddCommand(buildchain.NewCmdBuildChain(f, fullName, "build-chain"))
-	cmds.AddCommand(node.NewCommandManageNode(f, node.ManageNodeCommandName, fullName+" "+node.ManageNodeCommandName, out))
-	cmds.AddCommand(cmd.NewCmdConfig(fullName, "config"))
-	cmds.AddCommand(prune.NewCommandPrune(prune.PruneRecommendedName, fullName+" "+prune.PruneRecommendedName, f, out))
+	groups := templates.CommandGroups{
+		{
+			Message: "Basic Commands:",
+			Commands: []*cobra.Command{
+				project.NewCmdNewProject(project.NewProjectRecommendedName, fullName+" "+project.NewProjectRecommendedName, f, out),
+				policy.NewCmdPolicy(policy.PolicyRecommendedName, fullName+" "+policy.PolicyRecommendedName, f, out),
+			},
+		},
+		{
+			Message: "Install Commands:",
+			Commands: []*cobra.Command{
+				router.NewCmdRouter(f, fullName, "router", out),
+				exipfailover.NewCmdIPFailoverConfig(f, fullName, "ipfailover", out),
+				registry.NewCmdRegistry(f, fullName, "registry", out),
+			},
+		},
+		{
+			Message: "Maintenance Commands:",
+			Commands: []*cobra.Command{
+				buildchain.NewCmdBuildChain(f, fullName, "build-chain"),
+				node.NewCommandManageNode(f, node.ManageNodeCommandName, fullName+" "+node.ManageNodeCommandName, out),
+				prune.NewCommandPrune(prune.PruneRecommendedName, fullName+" "+prune.PruneRecommendedName, f, out),
+			},
+		},
+		{
+			Message: "Settings Commands:",
+			Commands: []*cobra.Command{
+				cmd.NewCmdConfig(fullName, "config"),
 
-	// TODO: these probably belong in a sub command
-	cmds.AddCommand(admin.NewCommandCreateKubeConfig(admin.CreateKubeConfigCommandName, fullName+" "+admin.CreateKubeConfigCommandName, out))
-	cmds.AddCommand(admin.NewCommandCreateBootstrapPolicyFile(admin.CreateBootstrapPolicyFileCommand, fullName+" "+admin.CreateBootstrapPolicyFileCommand, out))
-	cmds.AddCommand(admin.NewCommandCreateBootstrapProjectTemplate(f, admin.CreateBootstrapProjectTemplateCommand, fullName+" "+admin.CreateBootstrapProjectTemplateCommand, out))
-	cmds.AddCommand(admin.NewCommandOverwriteBootstrapPolicy(admin.OverwriteBootstrapPolicyCommandName, fullName+" "+admin.OverwriteBootstrapPolicyCommandName, fullName+" "+admin.CreateBootstrapPolicyFileCommand, out))
-	cmds.AddCommand(admin.NewCommandNodeConfig(admin.NodeConfigCommandName, fullName+" "+admin.NodeConfigCommandName, out))
-	// TODO: these should be rolled up together
-	cmds.AddCommand(admin.NewCommandCreateMasterCerts(admin.CreateMasterCertsCommandName, fullName+" "+admin.CreateMasterCertsCommandName, out))
-	cmds.AddCommand(admin.NewCommandCreateClient(admin.CreateClientCommandName, fullName+" "+admin.CreateClientCommandName, out))
-	cmds.AddCommand(admin.NewCommandCreateKeyPair(admin.CreateKeyPairCommandName, fullName+" "+admin.CreateKeyPairCommandName, out))
-	cmds.AddCommand(admin.NewCommandCreateServerCert(admin.CreateServerCertCommandName, fullName+" "+admin.CreateServerCertCommandName, out))
-	cmds.AddCommand(admin.NewCommandCreateSignerCert(admin.CreateSignerCertCommandName, fullName+" "+admin.CreateSignerCertCommandName, out))
+				// TODO: these probably belong in a sub command
+				admin.NewCommandCreateKubeConfig(admin.CreateKubeConfigCommandName, fullName+" "+admin.CreateKubeConfigCommandName, out),
+				admin.NewCommandCreateClient(admin.CreateClientCommandName, fullName+" "+admin.CreateClientCommandName, out),
+			},
+		},
+		{
+			Message: "Advanced Commands:",
+			Commands: []*cobra.Command{
+				admin.NewCommandCreateBootstrapProjectTemplate(f, admin.CreateBootstrapProjectTemplateCommand, fullName+" "+admin.CreateBootstrapProjectTemplateCommand, out),
+				admin.NewCommandCreateBootstrapPolicyFile(admin.CreateBootstrapPolicyFileCommand, fullName+" "+admin.CreateBootstrapPolicyFileCommand, out),
+				admin.NewCommandOverwriteBootstrapPolicy(admin.OverwriteBootstrapPolicyCommandName, fullName+" "+admin.OverwriteBootstrapPolicyCommandName, fullName+" "+admin.CreateBootstrapPolicyFileCommand, out),
+				admin.NewCommandNodeConfig(admin.NodeConfigCommandName, fullName+" "+admin.NodeConfigCommandName, out),
+				cert.NewCmdCert(cert.CertRecommendedName, fullName+" "+cert.CertRecommendedName, out),
+			},
+		},
+	}
+
+	groups.Add(cmds)
+	templates.ActsAsRootCommand(cmds, groups...)
 
-	// TODO: use groups
-	templates.ActsAsRootCommand(cmds)
+	// Deprecated commands that are bundled with the binary but not displayed to end users directly
+	deprecatedCommands := []*cobra.Command{
+		admin.NewCommandCreateMasterCerts(admin.CreateMasterCertsCommandName, fullName+" "+admin.CreateMasterCertsCommandName, out),
+		admin.NewCommandCreateKeyPair(admin.CreateKeyPairCommandName, fullName+" "+admin.CreateKeyPairCommandName, out),
+		admin.NewCommandCreateServerCert(admin.CreateServerCertCommandName, fullName+" "+admin.CreateServerCertCommandName, out),
+		admin.NewCommandCreateSignerCert(admin.CreateSignerCertCommandName, fullName+" "+admin.CreateSignerCertCommandName, out),
+	}
+	for _, cmd := range deprecatedCommands {
+		// Unsetting Short description will not show this command in help
+		cmd.Short = ""
+		cmd.Deprecated = fmt.Sprintf("Use '%s ca' instead.", fullName)
+		cmds.AddCommand(cmd)
+	}
 
 	if name == fullName {
 		cmds.AddCommand(version.NewVersionCommand(fullName))

pkg/cmd/admin/cert/cert.go

@@ -0,0 +1,30 @@
+package cert
+
+import (
+	"io"
+
+	"github.com/spf13/cobra"
+
+	"github.com/openshift/origin/pkg/cmd/server/admin"
+	"github.com/openshift/origin/pkg/cmd/util"
+)
+
+const CertRecommendedName = "ca"
+
+// NewCmdCert implements the OpenShift cli ca command
+func NewCmdCert(name, fullName string, out io.Writer) *cobra.Command {
+	// Parent command to which all subcommands are added.
+	cmds := &cobra.Command{
+		Use:   name,
+		Short: "Manage certificates and keys",
+		Long:  `Manage certificates and keys`,
+		Run:   util.DefaultSubCommandRun(out),
+	}
+
+	cmds.AddCommand(admin.NewCommandCreateMasterCerts(admin.CreateMasterCertsCommandName, fullName+" "+admin.CreateMasterCertsCommandName, out))
+	cmds.AddCommand(admin.NewCommandCreateKeyPair(admin.CreateKeyPairCommandName, fullName+" "+admin.CreateKeyPairCommandName, out))
+	cmds.AddCommand(admin.NewCommandCreateServerCert(admin.CreateServerCertCommandName, fullName+" "+admin.CreateServerCertCommandName, out))
+	cmds.AddCommand(admin.NewCommandCreateSignerCert(admin.CreateSignerCertCommandName, fullName+" "+admin.CreateSignerCertCommandName, out))
+
+	return cmds
+}

pkg/cmd/server/admin/create_mastercerts.go

@@ -52,7 +52,7 @@ server cert and run the command to fill it in:
             --public-master=https://external.master.fqdn:8443 \
             --hostnames=external.master.fqdn,internal.master.fqdn,localhost,127.0.0.1,172.17.42.1,kubernetes.default.local
 
-Alternatively, use the related "create-server-cert" command to explicitly
+Alternatively, use the related "ca create-server-cert" command to explicitly
 create a certificate.
 
 Regardless of --overwrite, the master server key/cert will be updated 
@@ -81,7 +81,7 @@ func NewCommandCreateMasterCerts(commandName string, fullName string, out io.Wri
 
 	cmd := &cobra.Command{
 		Use:   commandName,
-		Short: "Create certificates for an OpenShift master",
+		Short: "Create certificates and keys for an OpenShift master",
 		Long:  fmt.Sprintf(masterCertLong, fullName),
 		Run: func(cmd *cobra.Command, args []string) {
 			if err := options.Validate(args); err != nil {

pkg/cmd/server/admin/create_signercert.go

@@ -52,7 +52,7 @@ func NewCommandCreateSignerCert(commandName string, fullName string, out io.Writ
 
 	cmd := &cobra.Command{
 		Use:   commandName,
-		Short: "Create a signer (certificate authority/CA) certificate",
+		Short: "Create a signer (certificate authority/CA) certificate and key",
 		Long:  createSignerLong,
 		Run: func(cmd *cobra.Command, args []string) {
 			if err := options.Validate(args); err != nil {

pkg/cmd/templates/templater.go

@@ -40,7 +40,8 @@ func (g CommandGroups) Has(c *cobra.Command) bool {
 func AddAdditionalCommands(g CommandGroups, message string, cmds []*cobra.Command) CommandGroups {
 	group := CommandGroup{Message: message}
 	for _, c := range cmds {
-		if !g.Has(c) {
+		// Don't show commands that has no short description
+		if !g.Has(c) && len(c.Short) != 0 {
 			group.Commands = append(group.Commands, c)
 		}
 	}