add htpasswd function for clusterbom to deploy yaml

[gowrisankar22]

What would you like to be added:

The htpasswd function takes a username and password and generates a bcrypt hash of the password. The result can be used for basic authentication on Prometheus, alert manager,thanos etc.

Why is this needed: We are using potter to deploy helm/plain yaml based deployments etc. Right now we are doing some manual work to generate htpasswd for Prometheus, alert manager,thanos, etc to have basic auth via plain yamls. it would be great if you can enable this function via cluster bomb

action create_manifest for deployment k8s-monitoring failed. action output:
 could not execute apphub template, cause: template: clusterbom.yml:75:3: executing "clusterbom.yml" at <generateTemplate $basicAuth .>: error calling generateTemplate: template: basic-auth.yml:3: function "htpasswd" not defined

helm already support htpasswd function. Reference from helm: https://helm.sh/docs/chart_template_guide/function_list/#htpasswd

[In-Ko]

Thanks @gowrisankar22 for creating this enhancement request. We will look into this and get back to you.

[achimweigel]

I'm not sure if I understand your use case the right way. Could you perhaps add the clusterbom you want to deploy? htpasswd used in a template of a helm chart should be already supported.

[gowrisankar22]

@achimweigel Yes, helm supports it but if I want to deploy plain yaml via clusterbom with htpasswd it won't work. Example: I have a k8s secret which I want to deploy via clusterbom but it requires htpasswd which comes some values.yml(not via helm). This is what is not working.

apiVersion: v1
kind: Secret
metadata:  
    name: basicauth  
type: Opaque
data:  
  REGISTRY_HTPASSWD: {{ htpasswd .Values.registry.credentials.username .Values.registry.credentials.password  | b64enc | quote }} 

clusterbom section:
--------
- id: basicauth
    configType: kapp
    typeSpecificData:
      fetch:
        - inline:
            paths:
              basicauth.yml: |
{{ generateTemplate $basicAuth . | indent 18 }}
      template:
        - ytt: {}
      deploy:
        - kapp:
            intoNs: xxxx

[robertgraeff]

Hello @gowrisankar22, can you give u please the name of the project and the name of the clusterbom?

[robertgraeff]

Currently, you are using ytt for the templating. Have you tried it with helmTemplate instead?

[gowrisankar22]

@robertgraeff helmTemplate requires a helm chart ? or single yaml file can also use this? If yes can you share the example?

[achimweigel]

@gowrisankar22 we just use the kapp controller syntax here. You find the documentation for it here. We haven't tried this use case so far and do not know if this works. Your example from above looks quite strange. Is it really allowed to reference a secret this way in the kapp syntax?

{{ generateTemplate $basicAuth . | indent 18 }}