Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Avoid special symbols in passwords #149

Merged
merged 2 commits into from
Apr 20, 2024
Merged

Avoid special symbols in passwords #149

merged 2 commits into from
Apr 20, 2024

Conversation

dmage
Copy link
Contributor

@dmage dmage commented Apr 17, 2024

Some special characters may cause issues in DB URI unless they are properly escaped. For example, the password "ab/cd" cannot be used directly in the URI

postgresql://user:ab/cd@localhost/quay

because netloc became "user:ab", while we want it to be "user:ab/cd@localhost".

@dmage
Avoid special symbols in passwords
b1e485a 
Some special characters may cause issues in DB URI unless they are
properly escaped. For example, the password "ab/cd" cannot be used
directly in the URI

    postgresql://user:ab/cd@localhost/quay

because netloc became "user:ab", while we want it to be
"user:ab/cd@localhost".
@dmage dmage added the ok-to-test Indicates a non-member PR verified by an org member that is safe to test. label Apr 17, 2024
BadgerOps
BadgerOps reviewed Apr 18, 2024
View reviewed changes
ansible-runner/context/app/project/roles/mirror_appliance/tasks/secret-vars.yaml
@@ -2,5 +2,5 @@
set_fact:
secret_key: "{{ lookup('community.general.random_string', length=48, base64=True) }}"
database_secret_key: "{{ lookup('community.general.random_string', length=48, base64=True) }}"
pgdb_password: "{{ lookup('community.general.random_string', length=24, base64=True) }}"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ah, I went with base64 thinking [a-z[A-Z][0-9] would be safe enough for this automation and forgot about the couple special characters it allows.

@dmage dmage added ok-to-test Indicates a non-member PR verified by an org member that is safe to test. and removed ok-to-test Indicates a non-member PR verified by an org member that is safe to test. labels Apr 18, 2024
@dmage
Copy link
Contributor Author

dmage commented Apr 18, 2024

@harishsurf @jonathankingfc can you approve it? it'll fix intermittent issues during installation and reduce unnecessary support requests.

harishsurf
harishsurf approved these changes Apr 18, 2024
View reviewed changes
Copy link
Contributor

@harishsurf harishsurf left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm!

@dmage dmage merged commit 26d82ce into quay:main Apr 20, 2024
8 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@BadgerOps BadgerOps BadgerOps left review comments

@harishsurf harishsurf harishsurf approved these changes

Assignees
No one assigned
Labels
ok-to-test Indicates a non-member PR verified by an org member that is safe to test.
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@dmage @BadgerOps @harishsurf