aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSylvain Desbureaux <sylvain.desbureaux@orange.com>2020-09-07 07:53:28 +0000
committerGerrit Code Review <gerrit@onap.org>2020-09-07 07:53:28 +0000
commit27444aa8fabaecf121d1c6269e4b08fcffce6bcf (patch)
treeb344c8cc3de3d60b07a15d79f4026e69754cf314
parent92878fe491ab5166573fefbf8a3a2e5010813f08 (diff)
parentf5ee1c5aa533c47f93b091eafb366c4185b4ab49 (diff)
Merge "[COMMON] Allow to set default password complexity"
-rw-r--r--kubernetes/common/common/templates/_createPassword.tpl15
-rwxr-xr-xkubernetes/onap/values.yaml5
2 files changed, 19 insertions, 1 deletions
diff --git a/kubernetes/common/common/templates/_createPassword.tpl b/kubernetes/common/common/templates/_createPassword.tpl
index 8b2f1e274d..bfa96daf64 100644
--- a/kubernetes/common/common/templates/_createPassword.tpl
+++ b/kubernetes/common/common/templates/_createPassword.tpl
@@ -37,6 +37,18 @@
{{ end }}
{{- end -}}
+{{- define "common._defaultPasswordStrength" -}}
+ {{ if .Values.passwordStrengthOverride }}
+ {{- printf "%s" .Values.passwordStrengthOverride -}}
+ {{ else if .Values.global.passwordStrength }}
+ {{- printf "%s" .Values.global.passwordStrength -}}
+ {{ else if .Values.passwordStrength }}
+ {{- printf "%s" .Values.passwordStrength -}}
+ {{ else }}
+ {{- printf "long" }}
+ {{ end }}
+{{- end -}}
+
{{/*
Generate a new password based on masterPassword. The new password is not
random, it is derived from masterPassword, fully qualified chart name and
@@ -59,7 +71,8 @@
{{- define "common.createPassword" -}}
{{- $dot := default . .dot -}}
{{- $uid := default "onap" .uid -}}
- {{- $strength := default "long" .strength -}}
+ {{- $defaultStrength := include "common._defaultPasswordStrength" $dot | trim -}}
+ {{- $strength := default $defaultStrength .strength -}}
{{- $mp := include "common.masterPassword" $dot -}}
{{- derivePassword 1 $strength $mp (include "common.fullname" $dot) $uid -}}
{{- end -}}
diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml
index 394c0b4f7e..9928e93445 100755
--- a/kubernetes/onap/values.yaml
+++ b/kubernetes/onap/values.yaml
@@ -89,6 +89,11 @@ global:
# flag to enable debugging - application support required
debugEnabled: false
+ # default password complexity
+ # available options: phrase, name, pin, basic, short, medium, long, maximum security
+ # More datails: https://masterpassword.app/masterpassword-algorithm.pdf
+ passwordStrength: long
+
# configuration to set log level to all components (the one that are using
# "common.log.level" to set this)
# can be overrided per components by setting logConfiguration.logLevelOverride