From 618949eabd60a5887d2e8928086841bcaff5ef8f Mon Sep 17 00:00:00 2001
From: darallium <46854880+darallium@users.noreply.github.com>
Date: Sun, 5 Apr 2026 16:24:05 +0900
Subject: [PATCH 1/2] Allow hyphen values for secret key option

---
 src/bin/sccache-dist/cmdline/parse.rs | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/bin/sccache-dist/cmdline/parse.rs b/src/bin/sccache-dist/cmdline/parse.rs
index 4ead7131a1..09916c851e 100644
--- a/src/bin/sccache-dist/cmdline/parse.rs
+++ b/src/bin/sccache-dist/cmdline/parse.rs
@@ -126,6 +126,7 @@ fn get_clap_command() -> ClapCommand {
                             flag_infer_long("secret-key")
                                 .help("Use specified key to create the token")
                                 .value_name("KEY"),
+                                .allow_hyphen_values(true),
                             config_with_help_message(
                                 "Use the key from the scheduler config file at PATH",
                             ),

From 81b030dd1a46db1cb456a29a5945b76e187061ee Mon Sep 17 00:00:00 2001
From: darallium <contact@darallium.com>
Date: Tue, 7 Apr 2026 16:03:07 +0900
Subject: [PATCH 2/2] Added test for allow hyphen values for sccache-dist
 secret key option

---
 src/bin/sccache-dist/cmdline/parse.rs | 23 ++++++++++++++++++++++-
 1 file changed, 22 insertions(+), 1 deletion(-)

diff --git a/src/bin/sccache-dist/cmdline/parse.rs b/src/bin/sccache-dist/cmdline/parse.rs
index 09916c851e..52a086d8fd 100644
--- a/src/bin/sccache-dist/cmdline/parse.rs
+++ b/src/bin/sccache-dist/cmdline/parse.rs
@@ -125,7 +125,7 @@ fn get_clap_command() -> ClapCommand {
                                 .required(true),
                             flag_infer_long("secret-key")
                                 .help("Use specified key to create the token")
-                                .value_name("KEY"),
+                                .value_name("KEY")
                                 .allow_hyphen_values(true),
                             config_with_help_message(
                                 "Use the key from the scheduler config file at PATH",
@@ -350,6 +350,26 @@ mod tests {
         );
     }
 
+    #[test]
+    fn auth_generate_jwt_hs256_server_token_allows_hyphenated_secret_key() {
+        let args = auth_generate_jwt_hs256_server_token(&[
+            "--server",
+            "127.0.0.1:4321",
+            "--secret-key",
+            "-9DumMyDuMMyRV6hR4sb37JFaVEmSiXVPKr-dummykU",
+        ]);
+        let server_socket: SocketAddr = "127.0.0.1:4321".parse().unwrap();
+        let server_id = ServerId::new(server_socket);
+
+        assert_args_parse_to_auth(
+            args,
+            AuthSubcommand::JwtHS256ServerToken {
+                server_id,
+                secret_key: "-9DumMyDuMMyRV6hR4sb37JFaVEmSiXVPKr-dummykU".to_owned(),
+            },
+        );
+    }
+
     #[test]
     fn auth_generate_shared_token_good() {
         let raw_to_expected_bit_vals = &[
@@ -369,4 +389,5 @@ mod tests {
             );
         }
     }
+
 }