创建静态用户

bcrypt hash of the string "password": $(echo BigQuant@2021 | htpasswd -BinC 10 bqadm | cut -d: -f2)

生成 hash 后的用户名

package main

import (
    "encoding/base32"
    "fmt"
    "hash"
    "hash/fnv"
    "strings"
)

// Kubernetes names must match the regexp '[a-z0-9]([-a-z0-9]*[a-z0-9])?'.
var encoding = base32.NewEncoding("abcdefghijklmnopqrstuvwxyz234567")

var hashVar = func() hash.Hash { return fnv.New64() }

func idToName(s string, h func() hash.Hash) string {
    return strings.TrimRight(encoding.EncodeToString(h().Sum([]byte(s))), "=")
}

func main() {
    fmt.Println(idToName("srliao@test.com", hashVar))
}

再使用用户名建立 Passwords 对象

apiVersion: dex.coreos.com/v1
kind: Password
metadata:
  # 需要由 go 代码生成
  name: onzgy2lbn5ahizltoqxgg33nzpzjzzeeeirsk
  namespace: aipaas-system
email: "srliao@test.com"
# bcrypt hash of the string "password": 
#   $(echo abc123 | htpasswd -BinC 10 srliao | cut -d: -f2 |base64)
hash: "JDJ5JDEwJFVUWkZqdmY0UlN5Y2ZKZEYwVlVYTXVPMmdvU0JUYmFhTVJtRmRVSTZoM3E1NzltMG9HRWhpCgo="
username: "srliao"
userID: "11a8684b-db88-4b73-90a9-3cd1661f5466"