2

i'm trying to mimic the Rabbitmq's password hash generation algorithm in my helm chart: How to generate password_hash for RabbitMQ Management HTTP API

I need to work with bytes, instead of strings, so obviously the following template did not work:

{{ printf "%s%s" "salt" ("saltpass" | sha256sum) | b64enc }}

Is there any way to add my custom go code?

Also, if not, is there any option to work with bytes there? (convert string to UTF-8 bytes, then use the sha256sum and the b64enc on bytes? or they have only string implementation?)

Thanks

ArielB
  • 1,184
  • 2
  • 11
  • 36

1 Answers1

1

This unfortunately isn't possible, since Helm can't expose the actual Go types, it's really just giving you yaml/text. Here are some references that might help explain this better:

Hope this helps.

Out of curiosity, why do you need to work with bytes in this case?

cewood
  • 1,011
  • 8
  • 11
  • I think it's adding \0 to the sha256 compute, so it's not accurate. thus, i cannot replicate the RabbitMQ's hashing algorithm in helm charts – ArielB Sep 12 '19 at 15:46
  • Yeah that could be tricky. My only suggestion would be to try using `helm template --debug` with some intermediate steps/variables to try and see the different stages/steps of the data and validate if this extra `\0` is there or not. For example `{{ "saltpass" | sha256sum }}`, then `{{ "saltpass" | sha256sum | b64enc }}`, then finally `{{ printf "%s%s" "salt" ("saltpass" | sha256sum) | b64enc }}` as just one approach. – cewood Sep 12 '19 at 16:39
  • Ill try, thank you. I do have a feeling it will be kinda tricky, i would hate to run an external tool to generate the hash and the support 2 values in the template, one for the regular password and one for the hashed – ArielB Sep 12 '19 at 16:44
  • 1
    well, i've tested it - sadly helm's sha256 actually converts the bytes to their string hex values, Rabbit needs it as the raw bytes (in base64 – ArielB Sep 13 '19 at 10:45