Merge pull request ManageIQ#1052 from bdunne/database_password_integer

Only return passwords that include letters. (cherry picked from commit 668e699)
bdunne · Feb 8, 2024 · 743ce2c · 743ce2c
1 parent ebb3fc9
commit 743ce2c
Showing 1 changed file with 10 additions and 2 deletions.
diff --git a/manageiq-operator/api/v1alpha1/helpers/miq-components/generators.go b/manageiq-operator/api/v1alpha1/helpers/miq-components/generators.go
@@ -4,6 +4,7 @@ import (
 	"crypto/rand"
 	"encoding/base64"
 	"encoding/hex"
+	"regexp"
 )
 
 func randomBytes(n int) []byte {
@@ -20,6 +21,13 @@ func generateEncryptionKey() string {
 }
 
 func generatePassword() string {
-	buf := randomBytes(8)
-	return hex.EncodeToString(buf)
+	for {
+		buf := randomBytes(8)
+		password := hex.EncodeToString(buf)
+		if match, err := regexp.MatchString(`\D+`, password); err == nil && match {
+			// Only return if a letter is included.
+			// Password decryption can fail if the database password is all numbers because ruby will read it as an integer instead of a string.
+			return password
+		}
+	}
 }