From db640d225f752109d4338f6cab92a163d5d7ba6c Mon Sep 17 00:00:00 2001
From: Alex Gartner <git@agartner.com>
Date: Mon, 20 Jun 2022 21:17:20 -0700
Subject: [PATCH] --impersonate-service-account compatibility

---
 auth/token.go | 6 ++++++
 main.go       | 4 ++++
 2 files changed, 10 insertions(+)

diff --git a/auth/token.go b/auth/token.go
index 2a2e2f5..69b1cb3 100644
--- a/auth/token.go
+++ b/auth/token.go
@@ -34,12 +34,18 @@ func Token() (*oauth2.Token, error) {
 	return ts.Token()
 }
 
+// easily impersonate a service account and maintain the TokenSource interface
+var ImpersonateServiceAccount = ""
+
 func maybeGetImpersonatedTokenSource(ctx context.Context) (oauth2.TokenSource, error) {
 	mainTs, err := getMainTokenSource(ctx)
 	if err != nil {
 		return nil, fmt.Errorf("unable to get main tokensource: %w", err)
 	}
 	email := os.Getenv("GOOGLE_IMPERSONATE_SERVICE_ACCOUNT")
+	if email == "" {
+		email = ImpersonateServiceAccount
+	}
 	if email != "" {
 		impersonateTs, err := NewGoogleImpersonateTokenSourceWrapper(ctx, email, mainTs)
 		if err != nil {
diff --git a/main.go b/main.go
index 9366271..3352978 100644
--- a/main.go
+++ b/main.go
@@ -15,6 +15,9 @@ import (
 
 var rootCmd = &cobra.Command{
 	Use: "gcloud <command> [command-flags] [command-args]",
+	PersistentPreRun: func(cmd *cobra.Command, args []string) {
+		auth.ImpersonateServiceAccount, _ = cmd.Flags().GetString("impersonate-service-account")
+	},
 }
 
 func gcloudFallback() error {
@@ -78,6 +81,7 @@ func maybeFallback() {
 }
 
 func main() {
+	rootCmd.PersistentFlags().String("impersonate-service-account", "", "service account email to impersonate")
 	rootCmd.AddCommand(auth.GetRootCmd())
 	rootCmd.AddCommand(config.GetRootCmd())
 	rootCmd.AddCommand(container.GetRootCmd())