- PR #929 introduced the ability to generate passwords for the
gateway admin user, this is a good step forwards for Windows
users. It did introduce an inconsistency in the format that
passwords are stored by not using a form of hashing. Hashing
of secrets is used extensively within OpenFaaS/OpenFaaS Cloud
whether with Swarm or Kubernetes via helm. If there are
concerns about using a hashed value for a password I would
suggest raising an issue to track this and have any decision
we make applied for all users (not just PowerShell users).
As a compromise I've introduced hashing by default and added
a new flag called -noHash which can be used to replicate the
behaviour of the original PR.
After feedback from other contributors I also looked into whether
the flag syntax could match the existing syntax but left this as
is. Bash will use --no-auth and PowerShell will use --noAuth.
This was tested on Docker Swarm on Windows.
Signed-off-by: Alex Ellis (VMware) <alexellis2@gmail.com>
- Generates the password to mirror deploy_stack.sh
- Uses hardcoded admin to mirror deploy_stack.sh
- Uses throw to exit when error
- Updates faas-cli login command for Powershell
Signed-off-by: John McCabe <john@johnmccabe.net>
This commit updates the Windows deploy_stack.ps1 to set the
basic-auth-user and basic-auth-password secrets if absent.
Signed-off-by: John McCabe <john@johnmccabe.net>
This commit adds a PowerShell script that mirrors the existing `deploy_stack.*` scripts.
It also checks that docker is installed and returns a readable error if not found (the alternative is a rather cryptic PowerShell error).
The docker stack command itself returns a readable error if no swarm has been initialised.
Signed-off-by: John McCabe <john@johnmccabe.net>