functions/kubernetes/secrets/GenerateSecretPassword.ps1

<#
.SYNOPSIS
GenerateSecretPassword
 
.DESCRIPTION
GenerateSecretPassword
 
.INPUTS
GenerateSecretPassword - The name of GenerateSecretPassword
 
.OUTPUTS
None
 
.EXAMPLE
GenerateSecretPassword
 
.EXAMPLE
GenerateSecretPassword
 
 
#>

function GenerateSecretPassword() {
    [CmdletBinding()]
    param
    (
        [Parameter(Mandatory = $true)]
        [ValidateNotNullOrEmpty()]
        [string]
        $secretname
        ,
        [Parameter(Mandatory = $true)]
        [ValidateNotNullOrEmpty()]
        [string]
        $namespace
    )

    Write-Verbose 'GenerateSecretPassword: Starting'

    [hashtable]$Return = @{}

    if ([string]::IsNullOrWhiteSpace($namespace)) { $namespace = "default"}
    if ([string]::IsNullOrWhiteSpace($(kubectl get secret $secretname -n $namespace -o jsonpath='{.data}' --ignore-not-found=true))) {

        Write-Host "$secretname not found so generating it"
        [string] $mypassword = ""
        # MySQL password requirements: https://dev.mysql.com/doc/refman/5.6/en/validate-password-plugin.html
        # we also use sed to replace configs: https://unix.stackexchange.com/questions/32907/what-characters-do-i-need-to-escape-when-using-sed-in-a-sh-script
        Do {
            $mypassword = GeneratePassword
        }
        while (($mypassword -notmatch "^[a-z0-9!.*@\s]+$") -or ($mypassword.Length -lt 8 ))

        Write-Verbose "Setting secret $secretname to [$mypassword]"
        SaveSecretPassword -secretname $secretname -namespace $namespace -value "$mypassword"

        $Return.Password = $mypassword
    }
    else {
        Write-Host "$secretname secret already set so will reuse it"
        $Return.Password = $(ReadSecretPassword -secretname $secretname -namespace $namespace)
    }

    Write-Verbose 'GenerateSecretPassword: Done'
    return $Return

}

Export-ModuleMember -Function 'GenerateSecretPassword'