diff --git a/Makefile b/Makefile index 76bd50bd0..fd3d24ef6 100644 --- a/Makefile +++ b/Makefile @@ -59,7 +59,7 @@ export GOLANGCI_LINT_VERSION := 2.1.0 # Note: Uses the -N -l go compiler options to disable compiler optimizations # and inlining. Using these build options allows you to subsequently # use source debugging tools like delve. -all: bin/buildah bin/imgtype bin/copy bin/inet bin/tutorial bin/dumpspec docs +all: bin/buildah bin/imgtype bin/copy bin/inet bin/tutorial bin/dumpspec bin/passwd docs bin/buildah: $(SOURCES) internal/mkcw/embed/entrypoint_amd64.gz $(GO_BUILD) $(BUILDAH_LDFLAGS) $(GO_GCFLAGS) "$(GOGCFLAGS)" -o $@ $(BUILDFLAGS) ./cmd/buildah @@ -106,6 +106,9 @@ bin/tutorial: $(SOURCES) bin/inet: tests/inet/inet.go $(GO_BUILD) $(BUILDAH_LDFLAGS) -o $@ $(BUILDFLAGS) ./tests/inet/inet.go +bin/passwd: tests/passwd/passwd.go + $(GO_BUILD) $(BUILDAH_LDFLAGS) -o $@ $(BUILDFLAGS) ./tests/passwd/passwd.go + .PHONY: clean clean: $(RM) -r bin tests/testreport/testreport tests/conformance/testdata/mount-targets/true diff --git a/cmd/buildah/passwd.go b/cmd/buildah/passwd.go deleted file mode 100644 index d90fe0026..000000000 --- a/cmd/buildah/passwd.go +++ /dev/null @@ -1,34 +0,0 @@ -package main - -import ( - "fmt" - - "github.com/spf13/cobra" - "golang.org/x/crypto/bcrypt" -) - -var ( - passwdDescription = `Generate a password hash using golang.org/x/crypto/bcrypt.` - passwdCommand = &cobra.Command{ - Use: "passwd", - Short: "Generate a password hash", - Long: passwdDescription, - RunE: passwdCmd, - Example: `buildah passwd testpassword`, - Args: cobra.ExactArgs(1), - Hidden: true, - } -) - -func passwdCmd(_ *cobra.Command, args []string) error { - passwd, err := bcrypt.GenerateFromPassword([]byte(args[0]), bcrypt.DefaultCost) - if err != nil { - return err - } - fmt.Println(string(passwd)) - return nil -} - -func init() { - rootCmd.AddCommand(passwdCommand) -} diff --git a/tests/helpers.bash b/tests/helpers.bash index ebc37c5b3..d38e8c65f 100644 --- a/tests/helpers.bash +++ b/tests/helpers.bash @@ -833,7 +833,7 @@ auth: ' # roughly equivalent to "htpasswd -nbB testuser testpassword", the registry uses # the same package this does for verifying passwords against hashes in htpasswd files - htpasswd=${testuser}:$(buildah passwd ${testpassword}) + htpasswd=${testuser}:$(passwd ${testpassword}) # generate the htpasswd and config.yml files for the registry mkdir -p "${TEST_SCRATCH_DIR}"/registry/root "${TEST_SCRATCH_DIR}"/registry/run "${TEST_SCRATCH_DIR}"/registry/certs "${TEST_SCRATCH_DIR}"/registry/config diff --git a/tests/passwd/README.md b/tests/passwd/README.md new file mode 100644 index 000000000..baafe8ba5 --- /dev/null +++ b/tests/passwd/README.md @@ -0,0 +1,34 @@ +# passwd + +A standalone password hashing tool for buildah tests. + +## Purpose + +This tool generates bcrypt password hashes and is used exclusively for testing purposes. It was previously part of the main buildah command as a hidden `passwd` subcommand but has been split out into a separate tool to: + +- Keep the main buildah command clean of test-only functionality +- Allow tests to use password hashing independently +- Follow the same pattern as other test tools like `imgtype` + +## Usage + +```bash +passwd +``` + +## Example + +```bash +$ passwd testpassword +$2a$10$ZamosnV9dfpTJn4Uk.Xix.5nwbKNiLw8xpP/6g2z83jhY.WKZuRjG +``` + +The tool outputs a bcrypt hash of the input password to stdout, which can be used in test scenarios that require password hashing (such as setting up test registries with HTTP basic authentication). + +## Building + +The tool is built automatically when running `make all` or can be built individually with: + +```bash +make bin/passwd +``` \ No newline at end of file diff --git a/tests/passwd/passwd.go b/tests/passwd/passwd.go new file mode 100644 index 000000000..785c150be --- /dev/null +++ b/tests/passwd/passwd.go @@ -0,0 +1,23 @@ +package main + +import ( + "fmt" + "os" + + "golang.org/x/crypto/bcrypt" +) + +func main() { + if len(os.Args) != 2 { + fmt.Fprintf(os.Stderr, "Usage: %s \n", os.Args[0]) + fmt.Fprintf(os.Stderr, "Generate a password hash using golang.org/x/crypto/bcrypt.\n") + os.Exit(1) + } + + passwd, err := bcrypt.GenerateFromPassword([]byte(os.Args[1]), bcrypt.DefaultCost) + if err != nil { + fmt.Fprintf(os.Stderr, "Error generating password hash: %v\n", err) + os.Exit(1) + } + fmt.Println(string(passwd)) +}