Templating Support for Generating Passwords and Password Secrets in Uptest #56
Labels
enhancement
New feature or request
Milestone
Comments
ulucinar
added
enhancement
1 task
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What problem are you facing?
Certain resources depend on "input" secrets that we need to specify as part of resource specification like DB passwords. Currently we can workaround this with something like the following:
https://github.com/upbound/provider-azure/blob/b53e573213055e547a45a1afaa762c90f6f369d5/examples/dbformysql/server.yaml#L59
, i.e., by utilizing the available
Rand.RFC1123Subdomaintemplating expression. However, there can be different constraints in general to be satisfied by the passwords & passphrases (generally defined as password/passphrase policies).How could Upbound help solve your problem?
It makes sense to have a templating support for generating passwords (with special chars, mixed case strings, etc. which violate RFC 1123 subdomain naming. We can also consider a higher level API in resource metadata configuration (or as part of a preprocessor for example manifests) that will inject a secret dependency with a generated password at runtime on top of this templating support.
The text was updated successfully, but these errors were encountered: