stacklok
diff --git a/‎.gitignore
Lines changed: 1 addition & 1 deletion b/‎.gitignore
Lines changed: 1 addition & 1 deletion
diff --git a/‎cert_gen.py
Lines changed: 0 additions & 178 deletions b/‎cert_gen.py
Lines changed: 0 additions & 178 deletions
diff --git a/‎docs/cli.md
Lines changed: 52 additions & 0 deletions b/‎docs/cli.md
Lines changed: 52 additions & 0 deletions
diff --git a/‎poetry.lock
Lines changed: 1 addition & 1 deletion b/‎poetry.lock
Lines changed: 1 addition & 1 deletion
diff --git a/‎scripts/entrypoint.sh
Lines changed: 11 additions & 2 deletions b/‎scripts/entrypoint.sh
Lines changed: 11 additions & 2 deletions
diff --git a/‎src/codegate/ca/codegate_ca.py
Lines changed: 27 additions & 25 deletions b/‎src/codegate/ca/codegate_ca.py
Lines changed: 27 additions & 25 deletions
@@ -47,4 +47,4 @@ weaviate_data/
 codegate.db
 
 # certificate directory
-certs/
+*certs/
@@ -29,10 +29,12 @@ codegate serve [OPTIONS]
   - Overrides configuration file and environment variables
 
 - `--log-level [ERROR|WARNING|INFO|DEBUG]`: Set the log level (default: INFO)
+  - Optional
   - Case-insensitive
   - Overrides configuration file and environment variables
 
 - `--log-format [JSON|TEXT]`: Set the log format (default: JSON)
+  - Optional
   - Case-insensitive
   - Overrides configuration file and environment variables
 
@@ -72,6 +74,10 @@ codegate serve [OPTIONS]
 - `--embedding-model TEXT`: Name of the model used for embeddings
   - Optional
 
+- `--db-path TEXT`: Path to a SQLite DB. It will create one if it doesn't exist. (default: ./codegate_volume/db/codegate.db)
+  - Optional
+  - Overrides configuration file and environment variables
+
 ### show-prompts
 
 Display the loaded system prompts:
@@ -87,6 +93,46 @@ codegate show-prompts [OPTIONS]
   - Must be a valid YAML file
   - If not provided, shows default prompts from prompts/default.yaml
 
+### generate_certs
+
+Generate certificates for the CodeGate server.
+
+```bash
+codegate generate-certs [OPTIONS]
+```
+
+#### Options
+
+- `--certs-out-dir PATH`: Directory path where the certificates are going to be generated. (default: ./codegate_volume/certs)
+  - Optional
+  - Overrides configuration file and environment variables
+
+- `--ca-cert-name TEXT`: Name that will be given to the created CA certificate. (default: ca.crt)
+  - Optional
+  - Overrides configuration file and environment variables
+
+- `--ca-key-name TEXT`: Name that will be given to the created CA key. (default: ca.key)
+  - Optional
+  - Overrides configuration file and environment variables
+
+- `--server-cert-name TEXT`: Name that will be given to the created server certificate. (default: server.crt)
+  - Optional
+  - Overrides configuration file and environment variables
+
+- `--server-key-name TEXT`: Name that will be given to the created server key. (default: server.key)
+  - Optional
+  - Overrides configuration file and environment variables
+
+- `--log-level [ERROR|WARNING|INFO|DEBUG]`: Set the log level (default: INFO)
+  - Optional
+  - Case-insensitive
+  - Overrides configuration file and environment variables
+  
+- `--log-format [JSON|TEXT]`: Set the log format (default: JSON)
+  - Optional
+  - Case-insensitive
+  - Overrides configuration file and environment variables
+
 ## Error Handling
 
 The CLI provides user-friendly error messages for:
@@ -144,3 +190,9 @@ codegate show-prompts
 Show prompts from a custom file:
 ```bash
 codegate show-prompts --prompts my-prompts.yaml
+```
+
+Generate certificates with default settings:
+```bash
+codegate generate-certs
+```
@@ -7,6 +7,7 @@ BACKUP_PATH="/tmp/weaviate_backup"
 BACKUP_NAME="backup"
 MODEL_BASE_PATH="/app/codegate_volume/models"
 CODEGATE_DB_FILE="/app/codegate_volume/db/codegate.db"
+CODEGATE_CERTS="/app/codegate_volume/certs"
 
 # Function to restore backup if paths are provided
 restore_backup() {
@@ -22,6 +23,11 @@ restore_backup() {
     fi
 }
 
+genrerate_certs() {
+    echo "Generating certificates..."
+    python -m src.codegate.cli generate-certs --certs-out-dir "$CODEGATE_CERTS"
+}
+
 # Function to start Nginx server for the dashboard
 start_dashboard() {
     echo "Starting the dashboard..."
@@ -54,8 +60,11 @@ echo "Initializing entrypoint script..."
 # Step 1: Restore backup if applicable
 restore_backup
 
-# Step 2: Start the dashboard
+# Step 2: Generate certificates
+genrerate_certs
+
+# Step 3: Start the dashboard
 start_dashboard
 
-# Step 3: Start the main application
+# Step 4: Start the main application
 start_application
@@ -297,7 +297,7 @@ def generate_certificates(self) -> Tuple[str, str]:
 
         # CA generated, now generate server certificate
 
-        # Generate new certificate for domain
+        ## Generate new certificate for domain
         logger.debug("Generating private key for server")
         server_key = rsa.generate_private_key(
             public_exponent=65537,
@@ -369,31 +369,34 @@ def generate_certificates(self) -> Tuple[str, str]:
             )
 
         # Print instructions for trusting the certificates
-        print("Certificates generated successfully in the 'certs' directory")
-        print("\nTo trust these certificates:")
-        print("\nOn macOS:")
-        print(
-            "`sudo security add-trusted-cert -d -r trustRoot "
-            "-k /Library/Keychains/System.keychain certs/ca.crt"
-        )
-        print("\nOn Windows (PowerShell as Admin):")
-        print(
-            'Import-Certificate -FilePath "certs\\ca.crt" '
-            '-CertStoreLocation Cert:\\LocalMachine\\Root'
-        )
-        print("\nOn Linux:")
-        print("sudo cp certs/ca.crt /usr/local/share/ca-certificates/codegate.crt")
-        print("sudo update-ca-certificates")
-        print("\nFor VSCode, add to settings.json:")
-        print(
-            """{
+        logger.info(
+            """
+Certificates generated successfully in the 'certs' directory
+To trust these certificates:
+
+On macOS:
+`sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain certs/ca.crt`
+
+On Windows (PowerShell as Admin):
+`Import-Certificate -FilePath "certs\\ca.crt" -CertStoreLocation Cert:\\LocalMachine\\Root`
+
+On Linux:
+`sudo cp certs/ca.crt /usr/local/share/ca-certificates/codegate.crt`
+`sudo update-ca-certificates`
+
+For VSCode, add to settings.json:
+{
     "http.proxy": "https://localhost:8990",
+    "http.proxyStrictSSL": true,
     "http.proxySupport": "on",
     "github.copilot.advanced": {
+        "debug.useNodeFetcher": true,
+        "debug.useElectronFetcher": true,
         "debug.testOverrideProxyUrl": "https://localhost:8990",
         "debug.overrideProxyUrl": "https://localhost:8990"
-    }
-}"""
+    },
+}
+"""
         )
         logger.debug("Certificates generated successfully")
         return server_cert, server_key
@@ -434,10 +437,9 @@ def ensure_certificates_exist(self) -> None:
             logger.debug("Certificates not found, generating new certificates")
             self.generate_certificates()
         else:
-            logger.debug(
-                f"Certificates found at: {Config.get_config().server_cert} "
-                "and {Config.get_config().server_key}"
-            )
+            server_cert = Config.get_config().server_cert
+            server_key = Config.get_config().server_key
+            logger.debug(f"Certificates found at: {server_cert} and {server_key}.")
 
     def get_ssl_context(self) -> ssl.SSLContext:
         """Get SSL context with certificates"""