search

spinnaker / roer

A thin Spinnaker CLI
Apache License 2.0
45 stars 45 forks source link

Provide OAuth Token #4

Open idoshamun opened 6 years ago

idoshamun commented 6 years ago

How can I provide an oauth token? roer is always redirected to the login page

cedbossneo commented 6 years ago

Same problem

nextrevision commented 6 years ago

In 66bada2e66a5c83eb372f5002c2fee10d0609aba, the ability to specify an API session token was added.

It's more of a workaround, but I've done the following to be able to use roer when gate is configured to authenticate with GitHub:

  1. Create a personal access token for the account you wish to login to Spinnaker as (I gave the following permissions: read:org, read:user, user:email)
  2. Use the following script to obtain a session token: 
    curl -c cookies.jar -Lv https://gate:8084/credentials -H "Authorization: Bearer $GITHUB_PERSONAL_ACCESS_TOKEN”
SPINNAKER_API_SESSION=$(awk '/SESSION/ { print $NF }' cookies.jar)
  3. Use roer with the API session key: 
    $ SPINNAKER_API=https://gate:8084 roer --as ${SPINNAKER_API_SESSION} app list
karlskewes commented 6 years ago

Thanks @nextrevision

I tried to replicate this with Gitlab OAUTH and also Gitlab Personal Access Tokens but was unsuccessful.

In the end I found another way to get an existing SESSION ID via Chrome browser.

  1. Sign in to Spinnaker via Deck (I have OAUTH enabled)
  2. Visit https://<your Deck URL>/pipelineTemplates in Chrome.
  3. Open Chrome developer tools.
  4. Reload page.
  5. View Network -> pipelineTemplates
  6. Search through the text for cookie: SESSION=<your session id here>
  7. Continue on with step 3 from above. You may need to export or prefix the roer command with SPINNAKER_API_SESSION.