refactor to remove generatePassword func

Philip Hurst · Philip Hurst · commit c76ce140deb5 · 2025-01-31T01:05:42.000Z
diff --git a/internal/pgbouncer/postgres.go b/internal/pgbouncer/postgres.go
@@ -12,8 +12,6 @@ import (
 
 	"github.com/crunchydata/postgres-operator/internal/logging"
 	"github.com/crunchydata/postgres-operator/internal/postgres"
-	"github.com/crunchydata/postgres-operator/internal/postgres/password"
-	"github.com/crunchydata/postgres-operator/internal/util"
 )
 
 const (
@@ -203,21 +201,6 @@ REVOKE ALL PRIVILEGES
 	return err
 }
 
-func generatePassword() (plaintext, verifier string, err error) {
-	// PgBouncer can login to PostgreSQL using either MD5 or SCRAM-SHA-256.
-	// When using MD5, the (hashed) verifier can be stored in PgBouncer's
-	// authentication file. When using SCRAM, the plaintext password must be
-	// stored.
-	// - https://www.pgbouncer.org/config.html#authentication-file-format
-	// - https://github.com/pgbouncer/pgbouncer/issues/508#issuecomment-713339834
-
-	plaintext, err = util.GenerateASCIIPassword(32)
-	if err == nil {
-		verifier, err = password.NewSCRAMPassword(plaintext).Build()
-	}
-	return
-}
-
 func postgresqlHBAs() []*postgres.HostBasedAuthentication {
 	// PgBouncer must connect over TLS using a SCRAM password. Other network
 	// connections are forbidden.
diff --git a/internal/pgbouncer/reconcile.go b/internal/pgbouncer/reconcile.go
@@ -17,7 +17,8 @@ import (
 	"github.com/crunchydata/postgres-operator/internal/naming"
 	"github.com/crunchydata/postgres-operator/internal/pki"
 	"github.com/crunchydata/postgres-operator/internal/postgres"
-	pwd "github.com/crunchydata/postgres-operator/internal/postgres/password"
+	passwd "github.com/crunchydata/postgres-operator/internal/postgres/password"
+	"github.com/crunchydata/postgres-operator/internal/util"
 	"github.com/crunchydata/postgres-operator/pkg/apis/postgres-operator.crunchydata.com/v1beta1"
 )
 
@@ -62,13 +63,13 @@ func Secret(ctx context.Context,
 	// If the password is empty, generate a new one.
 	// Ignore the verifier for now.
 	if err == nil && len(password) == 0 {
-		password, _, err = generatePassword()
+		password, err = util.GenerateASCIIPassword(32)
 		err = errors.WithStack(err)
 	}
 
 	// If the verifier is empty, generate a new one.
 	if err == nil && len(verifier) == 0 {
-		verifier, err = pwd.NewSCRAMPassword(password).Build()
+		verifier, err = passwd.NewSCRAMPassword(password).Build()
 		err = errors.WithStack(err)
 	}
 
