mgr/cephadm: limitting ingress/keepalived pass to 8 chars

Fixes: https://tracker.ceph.com/issues/55491
Signed-off-by: Redouane Kachach <rkachach@redhat.com>

diff --git a/src/pybind/mgr/cephadm/services/ingress.py b/src/pybind/mgr/cephadm/services/ingress.py
index cd5936ec69778eb6f89b2e6f932d3067ac269719..cf735798ba7cf64920bdb24454e96e57912ce550 100644 (file)
--- a/src/pybind/mgr/cephadm/services/ingress.py
+++ b/src/pybind/mgr/cephadm/services/ingress.py
@@ -15,6 +15,7 @@ logger = logging.getLogger(__name__)
 
 class IngressService(CephService):
     TYPE = 'ingress'
+    MAX_KEEPALIVED_PASS_LEN = 8
 
     def primary_daemon_type(self) -> str:
         return 'haproxy'
@@ -77,7 +78,7 @@ class IngressService(CephService):
         password = self.mgr.get_store(pw_key)
         if password is None:
             if not spec.monitor_password:
-                password = ''.join(random.choice(string.ascii_lowercase) for _ in range(20))
+                password = ''.join(random.choice(string.ascii_lowercase) for _ in range(self.MAX_KEEPALIVED_PASS_LEN))
                 self.mgr.set_store(pw_key, password)
         else:
             if spec.monitor_password:
@@ -176,7 +177,7 @@ class IngressService(CephService):
         password = self.mgr.get_store(pw_key)
         if password is None:
             if not spec.keepalived_password:
-                password = ''.join(random.choice(string.ascii_lowercase) for _ in range(20))
+                password = ''.join(random.choice(string.ascii_lowercase) for _ in range(self.MAX_KEEPALIVED_PASS_LEN))
                 self.mgr.set_store(pw_key, password)
         else:
             if spec.keepalived_password: