From fa71388ba08cb440a7c5257089372e9e95283f72 Mon Sep 17 00:00:00 2001
From: Guillaume Lecerf <glecerf@gmail.com>
Date: Tue, 27 Jul 2021 13:19:59 +0200
Subject: [PATCH] Allow to specify ES_USERNAME/ES_PASSWORD environment
 variables to connect to the ES node

Signed-off-by: Guillaume Lecerf <glecerf@gmail.com>
---
 README.md | 3 +++
 main.go   | 7 +++++++
 2 files changed, 10 insertions(+)

diff --git a/README.md b/README.md
index 00bf0ed3..ead79f09 100644
--- a/README.md
+++ b/README.md
@@ -67,6 +67,9 @@ by replacing `.` and `-` with `_` and upper-casing the parameter name.
 
 #### Elasticsearch 7.x security privileges
 
+Username and password can be passed either directly in the URI or through the `ES_USERNAME` and `ES_PASSWORD` environment variables.
+Specifying those two environment variables will override authentication passed in the URI (if any).
+
 ES 7.x supports RBACs. The following security privileges are required for the elasticsearch_exporter.
 
 Setting | Privilege Required | Description
diff --git a/main.go b/main.go
index 878fa23e..c01fca71 100644
--- a/main.go
+++ b/main.go
@@ -111,6 +111,13 @@ func main() {
 		os.Exit(1)
 	}
 
+	esUsername := os.Getenv("ES_USERNAME")
+	esPassword := os.Getenv("ES_PASSWORD")
+
+	if esUsername != "" && esPassword != "" {
+		esURL.User = url.UserPassword(esUsername, esPassword)
+	}
+
 	// returns nil if not provided and falls back to simple TCP.
 	tlsConfig := createTLSConfig(*esCA, *esClientCert, *esClientPrivateKey, *esInsecureSkipVerify)