From 570ea39c25a265da4a7314cca7d9b6f2a25c7387 Mon Sep 17 00:00:00 2001
From: Redouane Kachach <rkachach@redhat.com>
Date: Thu, 30 Jun 2022 14:10:34 +0200
Subject: [PATCH] mgr/cephadm: limitting ingress/keepalived pass to 8 chars
 Fixes: https://tracker.ceph.com/issues/55491

Signed-off-by: Redouane Kachach <rkachach@redhat.com>
(cherry picked from commit 4fe59545ec8a4d7677bb7949ab283acf4b15b6cf)
---
 src/pybind/mgr/cephadm/services/ingress.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/pybind/mgr/cephadm/services/ingress.py b/src/pybind/mgr/cephadm/services/ingress.py
index cd5936ec697..cf735798ba7 100644
--- a/src/pybind/mgr/cephadm/services/ingress.py
+++ b/src/pybind/mgr/cephadm/services/ingress.py
@@ -15,6 +15,7 @@ logger = logging.getLogger(__name__)
 
 class IngressService(CephService):
     TYPE = 'ingress'
+    MAX_KEEPALIVED_PASS_LEN = 8
 
     def primary_daemon_type(self) -> str:
         return 'haproxy'
@@ -77,7 +78,7 @@ class IngressService(CephService):
         password = self.mgr.get_store(pw_key)
         if password is None:
             if not spec.monitor_password:
-                password = ''.join(random.choice(string.ascii_lowercase) for _ in range(20))
+                password = ''.join(random.choice(string.ascii_lowercase) for _ in range(self.MAX_KEEPALIVED_PASS_LEN))
                 self.mgr.set_store(pw_key, password)
         else:
             if spec.monitor_password:
@@ -176,7 +177,7 @@ class IngressService(CephService):
         password = self.mgr.get_store(pw_key)
         if password is None:
             if not spec.keepalived_password:
-                password = ''.join(random.choice(string.ascii_lowercase) for _ in range(20))
+                password = ''.join(random.choice(string.ascii_lowercase) for _ in range(self.MAX_KEEPALIVED_PASS_LEN))
                 self.mgr.set_store(pw_key, password)
         else:
             if spec.keepalived_password:
-- 
2.47.3