Released v1

2026-02-12 10:37:19 +00:00
commit b07572fed5
77 changed files with 19518 additions and 0 deletions
@@ -0,0 +1,31 @@
+## Why
+
+Planka now supports user-level API key authentication. The current pcli authentication uses session-based JWT tokens (via `Authorization: Bearer <token>`) with an optional OIDC httpOnlyToken cookie path. API keys are simpler, long-lived, and eliminate the need for multiple auth modes. Replacing the current auth with API key auth simplifies both the codebase and the user experience.
+
+## What Changes
+
+- **BREAKING**: Replace `Authorization: Bearer <token>` header with `x-api-key: <key>` header on all API requests
+- **BREAKING**: Rename environment variable `PLANKA_TOKEN` → `PLANKA_API_KEY`
+- **BREAKING**: Rename CLI flag `--token` → `--api-key`
+- Remove `PLANKA_HTTP_TOKEN` environment variable support
+- Remove `--http-token` CLI flag
+- Remove `HttpOnlyToken` field from the `Client` struct and all OIDC cookie logic
+- Simplify `NewClient` constructor to accept only base URL, API key, and logger
+
+## Capabilities
+
+### New Capabilities
+
+(none)
+
+### Modified Capabilities
+
+- `api-client`: Authentication header changes from `Authorization: Bearer` to `x-api-key`. Client struct drops `HttpOnlyToken` field. `NewClient` signature simplifies. OIDC cookie logic removed.
+- `cli-commands`: Root command global flags change: `--token` → `--api-key`, `--http-token` removed. Environment variable changes: `PLANKA_TOKEN` → `PLANKA_API_KEY`, `PLANKA_HTTP_TOKEN` removed.
+
+## Impact
+
+- **Code**: `client/client.go` (struct, constructor, `Do()` method), `cmd/root.go` (flags, env vars, client init)
+- **Users**: All existing users must update their environment variables and any scripts from `PLANKA_TOKEN` to `PLANKA_API_KEY` and generate an API key in Planka
+- **Dependencies**: No dependency changes
+- **API**: No Planka API endpoint changes — only the authentication mechanism used by pcli changes