Open gberche-orange opened 1 year ago
hey @gberche-orange thanks for the suggestion! Yes, we would like to support bcrypt
- we are open to PR's and happy to help if you might want to contribute. Otherwise I suspect due to current bandwidth of the team, this is a long term priority
Thanks for considering this suggestion. I fully understand the necessary prioritization that the carvel team is carefully applying in hands with the community of users and contributors. I'm sorry that I'm unable to help beyond sharing feedback from my experience.
This functionality is needed to support Harbor. Here is how I am currently creating my Harbor secrets. Note the use of htpasswd
is required for Harbor.
apiVersion: v1
kind: Secret
metadata:
name: harbor-registry-password
namespace: harbor
annotations:
# Only apply this password on install because the htpasswd function is not idempotent
helm.sh/hook: post-install
type: Opaque
data:
{{- $harborRegPass := randAlphaNum 32 }}
REGISTRY_PASSWD: {{ $harborRegPass | b64enc | quote }}
REGISTRY_HTPASSWD: {{ htpasswd "harbor_registry_user" $harborRegPass | b64enc | quote }}
Describe the problem/challenge you have
As a secretgen-controller user In order to use a generated secret in workloads that expect bcrypt encoded password I need the SecretTemplate to support a bcrypt export format beyond base64 encoding
Describe the solution you'd like [A clear and concise description of what you want to happen. If applicable a visual representation of the UX.]
SecretTemplate to support an additional
format
field with defaultbase64
and an additionalbcrypt
valueSee https://github.com/carvel-dev/secretgen-controller/blob/a09e1b8d755e19cee8f54881b0e6122777850b59/docs/secret-template.md?plain=1#L49-L53
Anything else you would like to add:
https://docs.gitops.weave.works/docs/installation/weave-gitops-enterprise/#6-configure-password
Similar request on ytt in https://github.com/carvel-dev/ytt/issues/106
Vote on this request
This is an invitation to the community to vote on issues, to help us prioritize our backlog. Use the "smiley face" up to the right of this comment to vote.
👍 "I would like to see this addressed as soon as possible" 👎 "There are other more important things to focus on right now"
We are also happy to receive and review Pull Requests if you would like to work on this issue.