feat(options): add tlsCertificateKeyFilePassword flag (#9)

masontikhonov · web-flow · commit 8fb918e7ac1e · 2025-07-17T17:45:07.000+04:00
This adds --tlsCertificateKeyFilePassword flag that specifies the password to de-crypt the --tlsCertificateKeyFile
diff --git a/README.md b/README.md
@@ -63,6 +63,7 @@ Options:
                                                 validate the certificate presented by the mongod/mongos instance
   --tlsCertificateKeyFile <path>                Specifies the location of a local .pem file that contains either the
                                                 client's TLS/SSL certificate and key
+  --tlsCertificateKeyFilePassword <password>    Specifies the password to de-crypt the tlsCertificateKeyFile
   -m --db-map [dump-db-name=target-db-name...]  Map the databases in the dump with the target databases. We have our own naming convention for the production databases, but it is up to the customers to name their databases (default: ["google_production=codefresh","chart-manager=charts-manager","kubernetes-monitor=k8s-monitor"])
   -h, --help                                    display help for command
 ```
@@ -108,6 +109,7 @@ Options:
                                                 validate the certificate presented by the mongod/mongos instance
   --tlsCertificateKeyFile <path>                Specifies the location of a local .pem file that contains either the
                                                 client's TLS/SSL certificate and key
+  --tlsCertificateKeyFilePassword <password>    Specifies the password to de-crypt the tlsCertificateKeyFile
   -h, --help                                    display help for command
 ```
 
@@ -140,6 +142,7 @@ Options:
                                                 validate the certificate presented by the mongod/mongos instance
   --tlsCertificateKeyFile <path>                Specifies the location of a local .pem file that contains either the
                                                 client's TLS/SSL certificate and key
+  --tlsCertificateKeyFilePassword <password>    Specifies the password to de-crypt the tlsCertificateKeyFile
   -f --force                                    Create indexes even on heavily populated collections, which may take a while
   -m --db-map [dump-db-name=target-db-name...]  Map the databases in the dump with the target databases. We have our own naming convention for the production databases, but it is up to the customers to name their databases (default: ["google_production=codefresh","chart-manager=charts-manager","kubernetes-monitor=k8s-monitor"])
   -h, --help                                    display help for command
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "index-alignment",
-  "version": "0.1.0-2.8",
+  "version": "0.2.0-2.8",
   "main": "dist/index.js",
   "private": true,
   "type": "module",
diff --git a/src/get-mongo-client.ts b/src/get-mongo-client.ts
@@ -7,6 +7,7 @@ export const getMongoClient = (options: Partial<MongoClientOptions> & { uri: str
     tlsInsecure: options.tlsInsecure,
     tlsCAFile: options.tlsCAFile,
     tlsCertificateKeyFile: options.tlsCertificateKeyFile,
+    tlsCertificateKeyFilePassword: options.tlsCertificateKeyFilePassword,
   } satisfies MongoClientOptions;
   logger.stderr(`The following options will be used for the MongoDB connection: ${JSON.stringify(clientOptions, null, 2)}`);
   return new MongoClient(options.uri, clientOptions);
diff --git a/src/index.ts b/src/index.ts
@@ -28,6 +28,10 @@ program
     '--tlsCertificateKeyFile <path>',
     `Specifies the location of a local .pem file that contains either the client's TLS/SSL certificate and key`,
   )
+  .option(
+    '--tlsCertificateKeyFilePassword <password>',
+    'Specifies the password to de-crypt the tlsCertificateKeyFile',
+  )
   .action(dumpAllIndexes);
 
 program
@@ -52,6 +56,10 @@ program
     '--tlsCertificateKeyFile <path>',
     `Specifies the location of a local .pem file that contains either the client's TLS/SSL certificate and key`,
   )
+  .option(
+    '--tlsCertificateKeyFilePassword <password>',
+    'Specifies the password to de-crypt the tlsCertificateKeyFile',
+  )
   .action(stats);
 
 program
@@ -77,6 +85,10 @@ program
     '--tlsCertificateKeyFile <path>',
     `Specifies the location of a local .pem file that contains either the client's TLS/SSL certificate and key`,
   )
+  .option(
+    '--tlsCertificateKeyFilePassword <password>',
+    'Specifies the password to de-crypt the tlsCertificateKeyFile',
+  )
   .option(
     '-m --db-map [dump-db-name=target-db-name...]',
     'Map the databases in the dump with the target databases. We have our own naming convention for the production databases, but it is up to the customers to name their databases',
@@ -107,6 +119,10 @@ program
     '--tlsCertificateKeyFile <path>',
     `Specifies the location of a local .pem file that contains either the client's TLS/SSL certificate and key`,
   )
+  .option(
+    '--tlsCertificateKeyFilePassword <password>',
+    'Specifies the password to de-crypt the tlsCertificateKeyFile',
+  )
   .option('-f --force', 'Create indexes even on heavily populated collections, which may take a while')
   .option(
     '-m --db-map [dump-db-name=target-db-name...]',

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "index-alignment",`
`3`		`- "version": "0.1.0-2.8",`
	`3`	`+ "version": "0.2.0-2.8",`
`4`	`4`	`"main": "dist/index.js",`
`5`	`5`	`"private": true,`
`6`	`6`	`"type": "module",`