[CLI] Support passing of Service Account to tkn-results

User can pass flag --sa for serviceaccount name and --sa-ns for
serviceaccount namespace. Latter is optional. If not given, then
namespace from current context is assumed.

tools/tkn-results/cmd/root.go

@@ -73,6 +73,8 @@ func Root() *cobra.Command {
 
 	cmd.PersistentFlags().StringP("addr", "a", "", "Result API server address. If not specified, tkn-result would port-forward to service/tekton-results-api-service automatically")
 	cmd.PersistentFlags().StringP("authtoken", "t", "", "authorization bearer token to use for authenticated requests")
+	cmd.PersistentFlags().String("sa", "", "ServiceAccount to use instead of token for authorization and authentication")
+	cmd.PersistentFlags().String("sa-ns", "", "ServiceAccount Namespace, if not given, it will be taken from current context")
 	cmd.PersistentFlags().Bool("portforward", true, "enable auto portforwarding to tekton-results-api-service, when addr is set and portforward is true, tkn-results will portforward tekton-results-api-service automatically")
 
 	cmd.AddCommand(ListCommand(params), records.Command(params))

tools/tkn-results/docs/tkn-results.md

@@ -5,15 +5,14 @@ tkn CLI plugin for Tekton Results API
 ### Synopsis
 
 Environment Variables:
-TKN_RESULTS_SSL_ROOTS_FILE_PATH: Path to local SSL cert to use.
-TKN_RESULTS_SSL_SERVER_NAME_OVERRIDE: SSL server name override (useful if using with a proxy such as kubectl
-port-forward).
+        TKN_RESULTS_SSL_ROOTS_FILE_PATH: Path to local SSL cert to use.
+        TKN_RESULTS_SSL_SERVER_NAME_OVERRIDE: SSL server name override (useful if using with a proxy such as kubectl port-forward).
 
 Config:
-A config file may be stored in `~/.config/tkn/results.yaml` to configure the CLI client.
+    A config file may be stored in `~/.config/tkn/results.yaml` to configure the CLI client.
 
     Fields:
-    - address: Result API server address. If not specified, tkn-result would port-forward to service/tekton-results-api-service automatically
+    - address: Results API Server address
     - service_account: When specified, the CLI will first fetch a bearer token
                        for the specified ServiceAccount and attach that to Result API requests.
         - namespace: ServiceAccount namespace
@@ -25,7 +24,7 @@ A config file may be stored in `~/.config/tkn/results.yaml` to configure the CLI
     - portforward: enable auto portforwarding to tekton-results-api-service when address is set and portforward is true, tkn-results will portforward tekton-results-api-service automatically
 
     Example:
-    
+
     ```
     address: results.dogfooding.tekton.dev:443
     token: abcd1234
@@ -35,19 +34,25 @@ A config file may be stored in `~/.config/tkn/results.yaml` to configure the CLI
     service_account:
         namespace: default
         name: result-reader
+    portforward: false
     ```
 
+
+
 ### Options
 
 ```
-  -a, --addr string        Result API server address. If not specified, tkn-result would port-forward to service/tekton-results-api-service automatically"
+  -a, --addr string        Result API server address. If not specified, tkn-result would port-forward to service/tekton-results-api-service automatically
   -t, --authtoken string   authorization bearer token to use for authenticated requests
   -h, --help               help for tkn-results
+      --portforward        enable auto portforwarding to tekton-results-api-service, when addr is set and portforward is true, tkn-results will portforward tekton-results-api-service automatically (default true)
+      --sa string          ServiceAccount to use instead of token for authorization and authentication
+      --sa-ns string       ServiceAccount Namespace, if not given, it will be taken from current context
 ```
 
 ### SEE ALSO
 
-* [tkn-results list](tkn-results_list.md)     - List Results
-* [tkn-results records](tkn-results_records.md)     - Command sub-group for querying Records
+* [tkn-results list](tkn-results_list.md)	 - List Results
+* [tkn-results records](tkn-results_records.md)	 - Command sub-group for querying Records
 
-###### Auto generated by spf13/cobra on 17-Nov-2021
+###### Auto generated by spf13/cobra on 24-Aug-2023

tools/tkn-results/docs/tkn-results_list.md

@@ -21,12 +21,15 @@ tkn-results list [flags] <parent>
 ### Options inherited from parent commands
 
 ```
-  -a, --addr string        Result API server address
+  -a, --addr string        Result API server address. If not specified, tkn-result would port-forward to service/tekton-results-api-service automatically
   -t, --authtoken string   authorization bearer token to use for authenticated requests
+      --portforward        enable auto portforwarding to tekton-results-api-service, when addr is set and portforward is true, tkn-results will portforward tekton-results-api-service automatically (default true)
+      --sa string          ServiceAccount to use instead of token for authorization and authentication
+      --sa-ns string       ServiceAccount Namespace, if not given, it will be taken from current context
 ```
 
 ### SEE ALSO
 
 * [tkn-results](tkn-results.md)	 - tkn CLI plugin for Tekton Results API
 
-###### Auto generated by spf13/cobra on 17-Nov-2021
+###### Auto generated by spf13/cobra on 24-Aug-2023

tools/tkn-results/docs/tkn-results_records.md

@@ -11,13 +11,16 @@ Command sub-group for querying Records
 ### Options inherited from parent commands
 
 ```
-  -a, --addr string        Result API server address
+  -a, --addr string        Result API server address. If not specified, tkn-result would port-forward to service/tekton-results-api-service automatically
   -t, --authtoken string   authorization bearer token to use for authenticated requests
+      --portforward        enable auto portforwarding to tekton-results-api-service, when addr is set and portforward is true, tkn-results will portforward tekton-results-api-service automatically (default true)
+      --sa string          ServiceAccount to use instead of token for authorization and authentication
+      --sa-ns string       ServiceAccount Namespace, if not given, it will be taken from current context
 ```
 
 ### SEE ALSO
 
 * [tkn-results](tkn-results.md)	 - tkn CLI plugin for Tekton Results API
 * [tkn-results records list](tkn-results_records_list.md)	 - List Records
 
-###### Auto generated by spf13/cobra on 17-Nov-2021
+###### Auto generated by spf13/cobra on 24-Aug-2023

tools/tkn-results/docs/tkn-results_records_list.md

@@ -21,12 +21,15 @@ tkn-results records list [flags] <result parent>
 ### Options inherited from parent commands
 
 ```
-  -a, --addr string        Result API server address
+  -a, --addr string        Result API server address. If not specified, tkn-result would port-forward to service/tekton-results-api-service automatically
   -t, --authtoken string   authorization bearer token to use for authenticated requests
+      --portforward        enable auto portforwarding to tekton-results-api-service, when addr is set and portforward is true, tkn-results will portforward tekton-results-api-service automatically (default true)
+      --sa string          ServiceAccount to use instead of token for authorization and authentication
+      --sa-ns string       ServiceAccount Namespace, if not given, it will be taken from current context
 ```
 
 ### SEE ALSO
 
 * [tkn-results records](tkn-results_records.md)	 - Command sub-group for querying Records
 
-###### Auto generated by spf13/cobra on 17-Nov-2021
+###### Auto generated by spf13/cobra on 24-Aug-2023

tools/tkn-results/internal/client/client.go

@@ -35,6 +35,14 @@ func NewDefaultFactory() (*ClientFactory, error) {
 	if err != nil {
 		return nil, err
 	}
+	if cfg.ServiceAccount != nil && cfg.ServiceAccount.Name != "" &&
+		cfg.ServiceAccount.Namespace == "" {
+		ns, _, err := kubeconfig.Namespace()
+		if err != nil {
+			return nil, err
+		}
+		cfg.ServiceAccount.Namespace = ns
+	}
 	client, err := kubernetes.NewForConfig(clientconfig)
 	if err != nil {
 		return nil, err

tools/tkn-results/internal/config/config.go

@@ -97,6 +97,15 @@ func setConfig() error {
 	if s := viper.GetString("authtoken"); s != "" {
 		cfg.Token = viper.GetString("authtoken")
 	}
+	if s := viper.GetString("sa"); s != "" {
+		cfg.ServiceAccount = &ServiceAccount{}
+		cfg.ServiceAccount.Name = viper.GetString("sa")
+		if s := viper.GetString("sa-ns"); s != "" {
+			cfg.ServiceAccount.Namespace = viper.GetString("sa-ns")
+		}
+
+	}
+
 	cfg.Portforward = viper.GetBool("portforward")
 	return nil
 }