Adding support for additional authentication options in client (#56)

* adding support for cloud,ssl, and auth fields in elastic client configuration + documentation * minor doc cleanup * removing ssl due to seeing another PR already open for that feature * added cli support and supporting documentation * tweak documentation to be more accurate * cli doc tweak to be less cloud specific * removed cloud reference in cli usage doc as well * removed cloud reference in reference link in readme * adding cli usage update to readme as well * making the apikey user/pass cli behavior consistent with the elastic client lib * added assertion that auth and cloud properties are allowed to pass through correctly to elastic client
pinojs · Jul 14, 2020 · aaa7962 · aaa7962
1 parent 1e7bbdb
commit aaa7962
Show file tree

Hide file tree

Showing 5 changed files with 142 additions and 2 deletions.
diff --git a/README.md b/README.md
@@ -30,6 +30,12 @@ npm install pino-elasticsearch -g
   -l  | --trace-level       trace level for the elasticsearch client, default 'error' (info, debug, trace).
       | --es-version        specify the major version number of Elasticsearch (eg: 5, 6, 7)
                             (this is needed only if you are using Elasticsearch <= 7)
+  -u  | --username          Username to specify with authentication method
+                            (can only be used in tandem with the 'password' flag)
+  -p  | --password          Password to specify with authentication method
+                            (can only be used in tandem with the 'username' flag)
+  -k  | --api-key           Api key for authentication instead of username/password combination
+  -c  | --cloud             Id of the elastic cloud node to connect to
 
 ```
 
@@ -106,6 +112,60 @@ If you need to use basic authentication to connect with the Elasticsearch cluste
 ```
 cat log | pino-elasticsearch --node https://user:pwd@localhost:9200
 ```
+
+Alternatively you can supply a combination of `username` and `password` OR `api-key`:
+```
+cat log | pino-elasticsearch --node https://localhost:9200 -u user -p pwd
+```
+```
+cat log | pino-elasticsearch --node https://localhost:9200 --api-key=base64EncodedKey
+```
+
+Elastic cloud option `cloud` is also supported:
+```sh
+cat log | pino-elasticsearch --cloud=name:bG9jYWxob3N0JGFiY2QkZWZnaA== --api-key=base64EncodedKey
+```
+
+Note: When using the cli, if you pass username/password AND an apiKey the apiKey will take precedence over the username/password combination.
+
+You can also include the `auth` field in your configuration like so:
+```js
+const pinoElastic = require('pino-elasticsearch')
+
+const streamToElastic = pinoElastic({
+  index: 'an-index',
+  consistency: 'one',
+  node: 'http://localhost:9200',
+  auth: {
+    username: 'user',
+    password: 'pwd'
+  },
+  'es-version': 7,
+  'flush-bytes': 1000
+})
+```
+
+Alternatively you can pass an `apiKey` instead:
+```js
+const pinoElastic = require('pino-elasticsearch')
+
+const streamToElastic = pinoElastic({
+  index: 'an-index',
+  consistency: 'one',
+  node: 'http://localhost:9200',
+  cloud: {
+    id: 'name:bG9jYWxob3N0JGFiY2QkZWZnaA=='
+  },
+  auth: {
+    apiKey: 'apikey123'
+  },
+  'es-version': 7,
+  'flush-bytes': 1000
+})
+```
+
+For a full list of authentication options when using elastic, check out the [authentication configuration docs](https://www.elastic.co/guide/en/elasticsearch/client/javascript-api/current/auth-reference.html)
+
 ## Setup and Testing
 
 Setting up pino-elasticsearch is easy, and you can use the bundled

diff --git a/cli.js b/cli.js
@@ -18,6 +18,21 @@ function start (opts) {
     return
   }
 
+  if (opts.username && opts.password) {
+    opts.auth = {
+      username: opts.username,
+      password: opts.password
+    }
+  }
+
+  if (opts['api-key']) {
+    opts.auth = { apiKey: opts['api-key'] }
+  }
+
+  if (opts.cloud) {
+    opts.cloud = { id: opts.cloud }
+  }
+
   pump(process.stdin, pinoElasticSearch(opts))
 }
 
@@ -29,7 +44,11 @@ start(minimist(process.argv.slice(2), {
     index: 'i',
     'bulk-size': 'b',
     'flush-bytes': 'f',
-    'trace-level': 'l'
+    'trace-level': 'l',
+    username: 'u',
+    password: 'p',
+    'api-key': 'k',
+    cloud: 'c'
   },
   default: {
     node: 'http://localhost:9200'

diff --git a/lib.js b/lib.js
@@ -52,7 +52,7 @@ function pinoElasticSearch (opts) {
     return value
   })
 
-  const client = new Client({ node: opts.node })
+  const client = new Client({ node: opts.node, auth: opts.auth, cloud: opts.cloud })
 
   const esVersion = Number(opts['es-version']) || 7
   const index = opts.index || 'pino'

diff --git a/test/unit.test.js b/test/unit.test.js
@@ -144,3 +144,58 @@ test('ecs format', (t) => {
   another log...`
   log.info(['info'], prettyLog)
 })
+
+test('auth and cloud parameters are properly passed to client', (t) => {
+  const opts = {
+    index: 'pinotest',
+    type: 'log',
+    consistency: 'one',
+    node: 'http://localhost:9200',
+    auth: {
+      username: 'user',
+      password: 'pass'
+    },
+    cloud: {
+      id: 'name:aHR0cHM6Ly9leGFtcGxlLmNvbQ=='
+    }
+  }
+
+  t.plan(3)
+  const Client = function (config) {
+    t.equal(config.node, opts.node)
+    t.equal(config.auth, opts.auth)
+    t.equal(config.cloud, opts.cloud)
+  }
+  Client.prototype.helpers = {
+    async bulk (opts) {}
+  }
+  const elastic = proxyquire('../', {
+    '@elastic/elasticsearch': { Client }
+  })
+  elastic(opts)
+})
+
+test('apikey is passed through auth param properly to client', (t) => {
+  const opts = {
+    index: 'pinotest',
+    type: 'log',
+    consistency: 'one',
+    node: 'http://localhost:9200',
+    auth: {
+      apiKey: 'aHR0cHM6Ly9leGFtcGxlLmNvbQ'
+    }
+  }
+
+  t.plan(2)
+  const Client = function (config) {
+    t.equal(config.node, opts.node)
+    t.equal(config.auth, opts.auth)
+  }
+  Client.prototype.helpers = {
+    async bulk (opts) {}
+  }
+  const elastic = proxyquire('../', {
+    '@elastic/elasticsearch': { Client }
+  })
+  elastic(opts)
+})
diff --git a/usage.txt b/usage.txt
@@ -18,3 +18,9 @@
   -l  | --trace-level       trace level for the elasticsearch client, default 'error' (info, debug, trace).
         --es-version        specify the major version number of Elasticsearch (eg: 5, 6, 7)
                             (this is needed only if you are using Elasticsearch <= 7)
+  -u  | --username          Username to specify with authentication method
+                            (can only be used in tandem with the 'password' flag)
+  -p  | --password          Password to specify with authentication method
+                            (can only be used in tandem with the 'username' flag)
+  -k  | --api-key           Api key for authentication instead of username/password combination
+  -c  | --cloud             Id of the elastic cloud node to connect to