bigtable/cmd/cbt: Add support for -auth-token flag in CBT CLI
Change-Id: Id70d7d7c3e9e182a29e743b71c9c27f6864dec80
Reviewed-on: https://code-review.googlesource.com/c/gocloud/+/45750
Reviewed-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Gary Elliott <garyelliott@google.com>
diff --git a/bigtable/cmd/cbt/cbt.go b/bigtable/cmd/cbt/cbt.go
index 458b9df..c95dd08 100644
--- a/bigtable/cmd/cbt/cbt.go
+++ b/bigtable/cmd/cbt/cbt.go
@@ -41,6 +41,7 @@
"google.golang.org/api/iterator"
"google.golang.org/api/option"
"google.golang.org/grpc"
+ "google.golang.org/grpc/metadata"
)
var (
@@ -150,6 +151,10 @@
}
ctx := context.Background()
+ if config.AuthToken != "" {
+ ctx = metadata.AppendToOutgoingContext(ctx, "x-goog-iam-authorization-token", config.AuthToken)
+ }
+
for _, cmd := range commands {
if cmd.Name == flag.Arg(0) {
if err := config.CheckFlags(cmd.Required); err != nil {
@@ -193,7 +198,7 @@
column qualifier).
For convenience, values of the -project, -instance, -creds,
--admin-endpoint and -data-endpoint flags may be specified in
+-admin-endpoint, -data-endpoint and -auth-token flags may be specified in
~/.cbtrc in this format:
project = my-project-123
@@ -201,6 +206,7 @@
creds = path-to-account-key.json
admin-endpoint = hostname:port
data-endpoint = hostname:port
+ auth-token = AJP...
All values are optional, and all will be overridden by flags.
`
diff --git a/bigtable/internal/cbtconfig/cbtconfig.go b/bigtable/internal/cbtconfig/cbtconfig.go
index a313399..62d0204 100644
--- a/bigtable/internal/cbtconfig/cbtconfig.go
+++ b/bigtable/internal/cbtconfig/cbtconfig.go
@@ -46,6 +46,7 @@
DataEndpoint string // optional
CertFile string // optional
UserAgent string // optional
+ AuthToken string // optional
TokenSource oauth2.TokenSource // derived
TLSCreds credentials.TransportCredentials // derived
}
@@ -74,6 +75,7 @@
flag.StringVar(&c.DataEndpoint, "data-endpoint", c.DataEndpoint, "Override the data api endpoint")
flag.StringVar(&c.CertFile, "cert-file", c.CertFile, "Override the TLS certificates file")
flag.StringVar(&c.UserAgent, "user-agent", c.UserAgent, "Override the user agent string")
+ flag.StringVar(&c.AuthToken, "auth-token", c.AuthToken, "if set, use IAM Auth Token for requests")
}
// CheckFlags checks that the required config values are set.
@@ -151,6 +153,8 @@
c.CertFile = val
case "user-agent":
c.UserAgent = val
+ case "auth-token":
+ c.AuthToken = val
}
}