@@ -261,22 +261,12 @@ convert_to_var_name() {
261261convert_to_secret_name () {
262262 echo " $1 " | tr ' [:upper:]' ' [:lower:]' | tr ' _' ' -'
263263}
264- # Default password generator using pwgen.sh
265- # shellcheck disable=SC2317
266- default_pwgen () {
267- " ${SCRIPTS_DIR} /pwgen.sh" 2> /dev/null
268- }
269-
270- # Custom password generator with only alphabets
271- # shellcheck disable=SC2317
272- alpha_only_pwgen () {
273- head /dev/urandom | tr -dc A-Za-z | head -c 32
274- }
275264
276265load_or_gen_os_secret () {
277266 local data_var=$1
278267 local secret_var=$2
279- local gen_func=${3:- default_pwgen}
268+ local charset=$3 # Optional third argument for custom charset
269+ local charset_length=${4:- 32} # Optional fourth argument, Default to 32 if not provided
280270
281271 if kubectl -n openstack get secret " ${secret_var} " & > /dev/null; then
282272 data=" $( kubectl -n openstack get secret " ${secret_var} " ' {.data.password}' | base64 -d) "
@@ -286,7 +276,13 @@ load_or_gen_os_secret() {
286276 return 1
287277 else
288278 echo " Generating ${secret_var} "
289- data=" $( ${gen_func} ) "
279+
280+ if [[ -n " $charset " ; then
281+ data=" $( " ${SCRIPTS_DIR} /pwgen.sh" " $charset_length " " $charset " 2> /dev/null) "
282+ else
283+ data=" $( " ${SCRIPTS_DIR} /pwgen.sh" " $charset_length " 2> /dev/null) "
284+ fi
285+
290286 # good ol' bash 3 compat for macOS
291287 eval " ${data_var} =\" ${data} \" "
292288 # return 0 because we need to write this out
@@ -386,7 +382,7 @@ mkdir -p "${DEST_DIR}/keystone"
386382VARNAME_PASSPHRASE=" OS_SSO_PASSPHRASE"
387383SECRET_PASSPHRASE=" sso-passphrase"
388384
389- load_or_gen_os_secret " ${VARNAME_PASSPHRASE} " " ${SECRET_PASSPHRASE} " alpha_only_pwgen && \
385+ load_or_gen_os_secret " ${VARNAME_PASSPHRASE} " " ${SECRET_PASSPHRASE} " " A-Za-z " && \
390386 create_os_secret " PASSPHRASE" " keystone" " passphrase"
391387
392388# Export for Helm templating if needed
0 commit comments