diff --git a/cmd/korrel8rcli/main.go b/cmd/korrel8rcli/main.go index dfea671..5f035ae 100644 --- a/cmd/korrel8rcli/main.go +++ b/cmd/korrel8rcli/main.go @@ -7,11 +7,12 @@ import ( "fmt" "log" "net/url" + "os/exec" "path/filepath" "os" - rtclient "github.com/go-openapi/runtime/client" + httptransport "github.com/go-openapi/runtime/client" "github.com/korrel8r/client/pkg/build" "github.com/korrel8r/client/pkg/swagger/client" "github.com/spf13/cobra" @@ -25,11 +26,25 @@ var ( } // Global Flags - output = EnumFlag("yaml", "json-pretty", "json") - korrel8rURL = rootCmd.PersistentFlags().StringP("url", "u", "", "URL of remote korrel8r service (you can also set the KORREL8R_URL environment variable)") - insecure = rootCmd.PersistentFlags().BoolP("insecure", "k", false, "Insecure connection, skip TLS verification.") + output = EnumFlag("yaml", "json-pretty", "json") + korrel8rURL = rootCmd.PersistentFlags().StringP("url", "u", os.Getenv("KORREL8RCLI_URL"), "URL of remote korrel8r service, environment KORREL8RCLI_URL") + insecure = rootCmd.PersistentFlags().BoolP("insecure", "k", false, "Insecure connection, skip TLS verification.") + bearerTokenFlag = rootCmd.PersistentFlags().String("bearer-token", "", "Bearer token for Authorization, will try environment KORREL8RCLI_BEARER_TOKEN or `oc whoami`") ) +func bearerToken() string { + if *bearerTokenFlag != "" { + return *bearerTokenFlag + } + if token := os.Getenv("KORREL8RCLI_BEARER_TOKEN"); token != "" { + return token + } + if b, err := exec.Command("oc", "whoami", "-t").Output(); err == nil { + return string(b) + } + return "" +} + func main() { rootCmd.PersistentFlags().VarP(output, "output", "o", "Output format") log.SetPrefix(filepath.Base(os.Args[0]) + ": ") @@ -48,9 +63,6 @@ func init() { } func newClient() *client.RESTAPI { - if *korrel8rURL == "" { - *korrel8rURL = os.Getenv("KORREL8R_URL") - } if *korrel8rURL == "" { check(errors.New("Either command line flag --url or environment variable KORREL8R_URL must be set. ")) } @@ -59,15 +71,18 @@ func newClient() *client.RESTAPI { if u.Path == "" || u.Path == "/" { u.Path = client.DefaultBasePath } - var rt *rtclient.Runtime + var transport *httptransport.Runtime if *insecure { - tlsClient, err := rtclient.TLSClient(rtclient.TLSClientOptions{InsecureSkipVerify: true}) + tlsClient, err := httptransport.TLSClient(httptransport.TLSClientOptions{InsecureSkipVerify: *insecure}) check(err) - rt = rtclient.NewWithClient(u.Host, u.Path, []string{u.Scheme}, tlsClient) + transport = httptransport.NewWithClient(u.Host, u.Path, []string{u.Scheme}, tlsClient) } else { - rt = rtclient.New(u.Host, u.Path, []string{u.Scheme}) + transport = httptransport.New(u.Host, u.Path, []string{u.Scheme}) + } + if bearerToken() != "" { + transport.DefaultAuthentication = httptransport.BearerToken(*bearerTokenFlag) } - return client.New(rt, nil) + return client.New(transport, nil) } func check(err error) {