allow passing c8y.url by a flag to the tedge cert download c8y #3686
Description
Is your feature improvement request related to a problem? Please describe.
Whilst creating a device migration workflow which moves a device from one Cumulocity tenant, to another, a problem arose when trying to use the tedge cert download c8y which made it difficult to download a new device certificate from an alternative Cumulocity instance without changing any the existing c8y.url (to avoid breaking the existing connection before a new device certificate is downloaded).
Normally using environment variables could be used to modify the c8y.url setting, however it does not work if sudo is being used and the SETENV setting is not allowed, which then prevents the tedge user from passing environment variables to the process with elevated privileges.
sudo -u tedge sudo TEDGE_C8Y_URL=example.com tedge cert download c8y --device-id example --one-time-password example
sudo: sorry, you are not allowed to set the following environment variables: TEDGE_C8Y_URLOr trying to use the sudo preserve environment (-E) option:
sudo -u tedge sudo -E TEDGE_C8Y_URL=example.com tedge cert download c8y --device-id example --one-time-password example
sudo: sorry, you are not allowed to preserve the environment
Whilst this could be "corrected" by modifying the sudoers rule to allow the tedge user to preserve environment variables, it would be easier (and more secure) to just allow the user to pass the Cumulocity url as a flag.
Describe the solution you'd like
Add a new flag, --url to the tedge cert download c8y command which controls the url used to try to attempt to download the device certificate from.
Example (proposal)
sudo -u tedge sudo tedge cert download c8y --device-id example --one-time-password example --url example.comDescribe alternatives you've considered
Additional context