Merge pull request ManageIQ#1052 from bdunne/database_password_integer

Only return passwords that include letters.
miq-bot · Feb 8, 2024 · 668e699 · 668e699
2 parents 16fee3b + 57227fd
commit 668e699
Showing 1 changed file with 10 additions and 2 deletions.
diff --git a/manageiq-operator/api/v1alpha1/helpers/miq-components/generators.go b/manageiq-operator/api/v1alpha1/helpers/miq-components/generators.go
@@ -4,6 +4,7 @@ import (
 	"crypto/rand"
 	"encoding/base64"
 	"encoding/hex"
+	"regexp"
 )
 
 func randomBytes(n int) []byte {
@@ -20,6 +21,13 @@ func generateEncryptionKey() string {
 }
 
 func generatePassword() string {
-	buf := randomBytes(8)
-	return hex.EncodeToString(buf)
+	for {
+		buf := randomBytes(8)
+		password := hex.EncodeToString(buf)
+		if match, err := regexp.MatchString(`\D+`, password); err == nil && match {
+			// Only return if a letter is included.
+			// Password decryption can fail if the database password is all numbers because ruby will read it as an integer instead of a string.
+			return password
+		}
+	}
 }