cli: get the toolname from the k8s cert
This allows avoiding to parse the username, and acting on a tool based on the certificate you use. Allowing also running inside containers as a different user than the tool user.
This might get overwritten eventually by the a user-specified parameter (ex. --tool othertool
) when we have other auth types available.
Bug: T369573
Signed-off-by: David Caro dcaro@wikimedia.org