Merge "[COMMON] Allow to set default password complexity"

author Sylvain Desbureaux <sylvain.desbureaux@orange.com>

Mon, 7 Sep 2020 07:53:28 +0000 (07:53 +0000)

committer Gerrit Code Review <gerrit@onap.org>

Mon, 7 Sep 2020 07:53:28 +0000 (07:53 +0000)
author Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Mon, 7 Sep 2020 07:53:28 +0000 (07:53 +0000)
committer Gerrit Code Review <gerrit@onap.org>
Mon, 7 Sep 2020 07:53:28 +0000 (07:53 +0000)
diff --git a/kubernetes/common/common/templates/_createPassword.tpl b/kubernetes/common/common/templates/_createPassword.tpl

index 8b2f1e2..bfa96da 100644 (file)
--- a/kubernetes/common/common/templates/_createPassword.tpl
+++ b/kubernetes/common/common/templates/_createPassword.tpl
@@ -37,6 +37,18 @@
    {{ end }}
  {{- end -}}
  
+{{- define "common._defaultPasswordStrength" -}}
+  {{ if .Values.passwordStrengthOverride }}
+    {{- printf "%s" .Values.passwordStrengthOverride -}}
+  {{ else if .Values.global.passwordStrength }}
+    {{- printf "%s" .Values.global.passwordStrength -}}
+  {{ else if .Values.passwordStrength }}
+    {{- printf "%s" .Values.passwordStrength -}}
+  {{ else }}
+    {{- printf "long" }}
+  {{ end }}
+{{- end -}}
+
  {{/*
    Generate a new password based on masterPassword. The new password is not
    random, it is derived from masterPassword, fully qualified chart name and
@@ -59,7 +71,8 @@
  {{- define "common.createPassword" -}}
    {{- $dot := default . .dot -}}
    {{- $uid := default "onap" .uid -}}
-  {{- $strength := default "long" .strength -}}
+  {{- $defaultStrength := include "common._defaultPasswordStrength" $dot | trim -}}
+  {{- $strength := default $defaultStrength .strength -}}
    {{- $mp := include "common.masterPassword" $dot -}}
    {{- derivePassword 1 $strength $mp (include "common.fullname" $dot) $uid -}}
  {{- end -}}
diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml

index 394c0b4..9928e93 100755 (executable)
--- a/kubernetes/onap/values.yaml
+++ b/kubernetes/onap/values.yaml
@@ -89,6 +89,11 @@ global:
    # flag to enable debugging - application support required
    debugEnabled: false
  
+  # default password complexity
+  # available options: phrase, name, pin, basic, short, medium, long, maximum security
+  # More datails: https://masterpassword.app/masterpassword-algorithm.pdf
+  passwordStrength: long
+
    # configuration to set log level to all components (the one that are using
    # "common.log.level" to set this)
    # can be overrided per components by setting logConfiguration.logLevelOverride
author	Sylvain Desbureaux <sylvain.desbureaux@orange.com>
	Mon, 7 Sep 2020 07:53:28 +0000 (07:53 +0000)
committer	Gerrit Code Review <gerrit@onap.org>
	Mon, 7 Sep 2020 07:53:28 +0000 (07:53 +0000)
kubernetes/common/common/templates/_createPassword.tpl		patch \| blob \| history
kubernetes/onap/values.yaml		patch \| blob \| history