harbor
harbor copied to clipboard
Invalid initial admin password when password contains a dollar followed by a number
When specifying a custom harbor_admin_password
in the harbor.yml
which contains a dollar ($
) followed by any number, the login is not possible with the admin due to a password mismatch.
The password specified in the harbor.yml
file is put into the common/config/core/env
file as HARBOR_ADMIN_PASSWORD
var based on the env.jinja
template. The problem is, that the password value is stored without single quotes and therefore the bash interpreter tries to resolve all variables starting with $
.
Excerpt from man bash
: Enclosing characters in single quotes preserves the literal value of each character within the quotes. A single quote may not occur between single quotes, even when preceded by a backslash. Enclosing characters in double quotes preserves the literal value of all characters within the quotes, with the exception of $, `, , and, when history expansion is enabled, !.
https://github.com/goharbor/harbor/blob/44f477e965e57ba619d494a7122c69a636906666/make/photon/prepare/templates/core/env.jinja#L22
Surrounding the variable value with single quotes, resolves this issue.
[root@registry harbor]# echo a$7a
aa
[root@registry harbor]# echo "a$7a"
aa
[root@registry harbor]# echo 'a$7a'
a$7a
Expected behaviour
The password specified in the harbor_admin_password
variable in the harbor.yml
file can be used to log into the web interface with the admin user.
Actual behaviour
The password specified in the harbor_admin_password
variable in the harbor.yml
file can only be used, as long there are no dollars followed by numbers in the password.
Steps to reproduce the problem:
- Create a
harbor.yml
and setharbor_admin_password: a$7a
- Run
install.sh
- Run
docker-compose up
- Open the web browser and try to login with user
admin
and passworda$7a
. Fails with the error Invalid user name or password. - Try to login with the user
admin
and the passwordaa
. Succeed.
Versions: Please specify the versions of following systems.
- harbor version: v2.4.1
- docker engine version: 20.10.12
- docker-compose version: 2.2.3
Hi @fgierlinger
Sorry I can't reproduce this problem. I am using harbor version: v2.4.1
with docker engine version 0.10.12
, and I can login using the password with a dollar sign like a$7a
, just work as we expected.
Distributor ID: Ubuntu
Description: Ubuntu 20.04.3 LTS
Release: 20.04
Codename: focal
This issue is being marked stale due to a period of inactivity. If this issue is still relevant, please comment or remove the stale label. Otherwise, this issue will close in 30 days.
This issue was closed because it has been stalled for 30 days with no activity. If this issue is still relevant, please re-open a new issue.
This issue was closed because it has been stalled for 30 days with no activity. If this issue is still relevant, please re-open a new issue.