From 03fd760feeeca9724f133604a06b214b4fa30f69 Mon Sep 17 00:00:00 2001 From: Austin Abro <37223396+AustinAbro321@users.noreply.github.com> Date: Mon, 5 Aug 2024 09:02:47 -0400 Subject: [PATCH] refactor: change isInternal variables to functions (#2768) Signed-off-by: Austin Abro Signed-off-by: Tim Seagren --- src/cmd/internal.go | 2 +- src/cmd/tools/zarf.go | 6 +- src/internal/agent/hooks/flux-helmrepo.go | 2 +- src/internal/agent/hooks/flux-ocirepo.go | 2 +- src/internal/packager/template/template.go | 2 +- src/pkg/cluster/state.go | 33 +--- src/pkg/cluster/state_test.go | 171 ++++++++------------- src/pkg/cluster/tunnel.go | 2 +- src/pkg/message/credentials.go | 2 +- src/pkg/packager/deploy.go | 2 +- src/types/k8s.go | 36 +++-- 11 files changed, 100 insertions(+), 160 deletions(-) diff --git a/src/cmd/internal.go b/src/cmd/internal.go index d212445cde..ab14a9d5d6 100644 --- a/src/cmd/internal.go +++ b/src/cmd/internal.go @@ -278,7 +278,7 @@ var createPackageRegistryToken = &cobra.Command{ } // If we are setup to use an internal artifact server, create the artifact registry token - if state.ArtifactServer.InternalServer { + if state.ArtifactServer.IsInternal() { tunnel, err := c.NewTunnel(cluster.ZarfNamespaceName, cluster.SvcResource, cluster.ZarfGitServerName, "", 0, cluster.ZarfGitServerPort) if err != nil { return err diff --git a/src/cmd/tools/zarf.go b/src/cmd/tools/zarf.go index 56198fe8ef..7c6ba91e88 100644 --- a/src/cmd/tools/zarf.go +++ b/src/cmd/tools/zarf.go @@ -148,7 +148,7 @@ var updateCredsCmd = &cobra.Command{ } // Update artifact token (if internal) - if slices.Contains(args, message.ArtifactKey) && newState.ArtifactServer.PushToken == "" && newState.ArtifactServer.InternalServer { + if slices.Contains(args, message.ArtifactKey) && newState.ArtifactServer.PushToken == "" && newState.ArtifactServer.IsInternal() { tunnel, err := c.NewTunnel(cluster.ZarfNamespaceName, cluster.SvcResource, cluster.ZarfGitServerName, "", 0, cluster.ZarfGitServerPort) if err != nil { return err @@ -186,14 +186,14 @@ var updateCredsCmd = &cobra.Command{ // Update Zarf 'init' component Helm releases if present h := helm.NewClusterOnly(&types.PackagerConfig{}, template.GetZarfVariableConfig(), newState, c) - if slices.Contains(args, message.RegistryKey) && newState.RegistryInfo.InternalRegistry { + if slices.Contains(args, message.RegistryKey) && newState.RegistryInfo.IsInternal() { err = h.UpdateZarfRegistryValues(ctx) if err != nil { // Warn if we couldn't actually update the registry (it might not be installed and we should try to continue) message.Warnf(lang.CmdToolsUpdateCredsUnableUpdateRegistry, err.Error()) } } - if slices.Contains(args, message.GitKey) && newState.GitServer.InternalServer { + if slices.Contains(args, message.GitKey) && newState.GitServer.IsInternal() { tunnel, err := c.NewTunnel(cluster.ZarfNamespaceName, cluster.SvcResource, cluster.ZarfGitServerName, "", 0, cluster.ZarfGitServerPort) if err != nil { return err diff --git a/src/internal/agent/hooks/flux-helmrepo.go b/src/internal/agent/hooks/flux-helmrepo.go index 64ad78e40a..a2fca0b9a4 100644 --- a/src/internal/agent/hooks/flux-helmrepo.go +++ b/src/internal/agent/hooks/flux-helmrepo.go @@ -80,7 +80,7 @@ func mutateHelmRepo(ctx context.Context, r *v1.AdmissionRequest, cluster *cluste message.Debugf("original HelmRepo URL of (%s) got mutated to (%s)", src.Spec.URL, patchedURL) - patches := populateHelmRepoPatchOperations(patchedURL, zarfState.RegistryInfo.InternalRegistry) + patches := populateHelmRepoPatchOperations(patchedURL, zarfState.RegistryInfo.IsInternal()) patches = append(patches, getLabelPatch(src.Labels)) diff --git a/src/internal/agent/hooks/flux-ocirepo.go b/src/internal/agent/hooks/flux-ocirepo.go index e00362c906..e8c3d21a0f 100644 --- a/src/internal/agent/hooks/flux-ocirepo.go +++ b/src/internal/agent/hooks/flux-ocirepo.go @@ -99,7 +99,7 @@ func mutateOCIRepo(ctx context.Context, r *v1.AdmissionRequest, cluster *cluster message.Debugf("original OCIRepo URL of (%s) got mutated to (%s)", src.Spec.URL, patchedURL) - patches := populateOCIRepoPatchOperations(patchedURL, zarfState.RegistryInfo.InternalRegistry, patchedRef) + patches := populateOCIRepoPatchOperations(patchedURL, zarfState.RegistryInfo.IsInternal(), patchedRef) patches = append(patches, getLabelPatch(src.Labels)) return &operations.Result{ diff --git a/src/internal/packager/template/template.go b/src/internal/packager/template/template.go index 70f7808cc2..645982865e 100644 --- a/src/internal/packager/template/template.go +++ b/src/internal/packager/template/template.go @@ -107,7 +107,7 @@ func GetZarfTemplates(componentName string, state *types.ZarfState) (templateMap // generateHtpasswd returns an htpasswd string for the current state's RegistryInfo. func generateHtpasswd(regInfo *types.RegistryInfo) (string, error) { // Only calculate this for internal registries to allow longer external passwords - if regInfo.InternalRegistry { + if regInfo.IsInternal() { pushUser, err := utils.GetHtpasswdString(regInfo.PushUsername, regInfo.PushPassword) if err != nil { return "", fmt.Errorf("error generating htpasswd string: %w", err) diff --git a/src/pkg/cluster/state.go b/src/pkg/cluster/state.go index 82ee49424b..6ac941e87b 100644 --- a/src/pkg/cluster/state.go +++ b/src/pkg/cluster/state.go @@ -306,21 +306,14 @@ func MergeZarfState(oldState *types.ZarfState, initOptions types.ZarfInitOptions if slices.Contains(services, message.RegistryKey) { // TODO: Replace use of reflections with explicit setting newState.RegistryInfo = helpers.MergeNonZero(newState.RegistryInfo, initOptions.RegistryInfo) - // Set the state of the internal registry if it has changed - // TODO: Internal registry should be a function of the address and not a property. - if newState.RegistryInfo.Address == fmt.Sprintf("%s:%d", helpers.IPV4Localhost, newState.RegistryInfo.NodePort) { - newState.RegistryInfo.InternalRegistry = true - } else { - newState.RegistryInfo.InternalRegistry = false - } // Set the new passwords if they should be autogenerated - if newState.RegistryInfo.PushPassword == oldState.RegistryInfo.PushPassword && oldState.RegistryInfo.InternalRegistry { + if newState.RegistryInfo.PushPassword == oldState.RegistryInfo.PushPassword && oldState.RegistryInfo.IsInternal() { if newState.RegistryInfo.PushPassword, err = helpers.RandomString(types.ZarfGeneratedPasswordLen); err != nil { return nil, fmt.Errorf("%s: %w", lang.ErrUnableToGenerateRandomSecret, err) } } - if newState.RegistryInfo.PullPassword == oldState.RegistryInfo.PullPassword && oldState.RegistryInfo.InternalRegistry { + if newState.RegistryInfo.PullPassword == oldState.RegistryInfo.PullPassword && oldState.RegistryInfo.IsInternal() { if newState.RegistryInfo.PullPassword, err = helpers.RandomString(types.ZarfGeneratedPasswordLen); err != nil { return nil, fmt.Errorf("%s: %w", lang.ErrUnableToGenerateRandomSecret, err) } @@ -330,21 +323,13 @@ func MergeZarfState(oldState *types.ZarfState, initOptions types.ZarfInitOptions // TODO: Replace use of reflections with explicit setting newState.GitServer = helpers.MergeNonZero(newState.GitServer, initOptions.GitServer) - // Set the state of the internal git server if it has changed - // TODO: Internal server should be a function of the address and not a property. - if newState.GitServer.Address == types.ZarfInClusterGitServiceURL { - newState.GitServer.InternalServer = true - } else { - newState.GitServer.InternalServer = false - } - // Set the new passwords if they should be autogenerated - if newState.GitServer.PushPassword == oldState.GitServer.PushPassword && oldState.GitServer.InternalServer { + if newState.GitServer.PushPassword == oldState.GitServer.PushPassword && oldState.GitServer.IsInternal() { if newState.GitServer.PushPassword, err = helpers.RandomString(types.ZarfGeneratedPasswordLen); err != nil { return nil, fmt.Errorf("%s: %w", lang.ErrUnableToGenerateRandomSecret, err) } } - if newState.GitServer.PullPassword == oldState.GitServer.PullPassword && oldState.GitServer.InternalServer { + if newState.GitServer.PullPassword == oldState.GitServer.PullPassword && oldState.GitServer.IsInternal() { if newState.GitServer.PullPassword, err = helpers.RandomString(types.ZarfGeneratedPasswordLen); err != nil { return nil, fmt.Errorf("%s: %w", lang.ErrUnableToGenerateRandomSecret, err) } @@ -354,16 +339,8 @@ func MergeZarfState(oldState *types.ZarfState, initOptions types.ZarfInitOptions // TODO: Replace use of reflections with explicit setting newState.ArtifactServer = helpers.MergeNonZero(newState.ArtifactServer, initOptions.ArtifactServer) - // Set the state of the internal artifact server if it has changed - // TODO: Internal server should be a function of the address and not a property. - if newState.ArtifactServer.Address == types.ZarfInClusterArtifactServiceURL { - newState.ArtifactServer.InternalServer = true - } else { - newState.ArtifactServer.InternalServer = false - } - // Set an empty token if it should be autogenerated - if newState.ArtifactServer.PushToken == oldState.ArtifactServer.PushToken && oldState.ArtifactServer.InternalServer { + if newState.ArtifactServer.PushToken == oldState.ArtifactServer.PushToken && oldState.ArtifactServer.IsInternal() { newState.ArtifactServer.PushToken = "" } } diff --git a/src/pkg/cluster/state_test.go b/src/pkg/cluster/state_test.go index cf52d195dc..fd3497cc7f 100644 --- a/src/pkg/cluster/state_test.go +++ b/src/pkg/cluster/state_test.go @@ -199,59 +199,46 @@ func TestMergeZarfStateRegistry(t *testing.T) { { name: "internal server auto generate", oldRegistry: types.RegistryInfo{ - Address: fmt.Sprintf("%s:%d", helpers.IPV4Localhost, 1), - NodePort: 1, - InternalRegistry: true, + Address: fmt.Sprintf("%s:%d", helpers.IPV4Localhost, 1), + NodePort: 1, }, expectedRegistry: types.RegistryInfo{ - Address: fmt.Sprintf("%s:%d", helpers.IPV4Localhost, 1), - NodePort: 1, - InternalRegistry: true, + Address: fmt.Sprintf("%s:%d", helpers.IPV4Localhost, 1), + NodePort: 1, }, }, { - name: "external server", + name: "init options merged", oldRegistry: types.RegistryInfo{ - Address: "example.com", - InternalRegistry: false, - PushPassword: "push", - PullPassword: "pull", - }, - expectedRegistry: types.RegistryInfo{ - Address: "example.com", - InternalRegistry: false, - PushPassword: "push", - PullPassword: "pull", + PushUsername: "doesn't matter", + PullUsername: "doesn't matter", + Address: "doesn't matter", + NodePort: 0, + Secret: "doesn't matter", }, - }, - { - name: "init options merged", initRegistry: types.RegistryInfo{ - PushUsername: "push-user", - PullUsername: "pull-user", - Address: "address", - NodePort: 1, - InternalRegistry: false, - Secret: "secret", + PushUsername: "push-user", + PullUsername: "pull-user", + Address: "address", + NodePort: 1, + Secret: "secret", }, expectedRegistry: types.RegistryInfo{ - PushUsername: "push-user", - PullUsername: "pull-user", - Address: "address", - NodePort: 1, - InternalRegistry: false, - Secret: "secret", + PushUsername: "push-user", + PullUsername: "pull-user", + Address: "address", + NodePort: 1, + Secret: "secret", }, }, { name: "init options not merged", expectedRegistry: types.RegistryInfo{ - PushUsername: "", - PullUsername: "", - Address: "", - NodePort: 0, - InternalRegistry: false, - Secret: "", + PushUsername: "", + PullUsername: "", + Address: "", + NodePort: 0, + Secret: "", }, }, } @@ -269,7 +256,6 @@ func TestMergeZarfStateRegistry(t *testing.T) { require.Equal(t, tt.expectedRegistry.PullUsername, newState.RegistryInfo.PullUsername) require.Equal(t, tt.expectedRegistry.Address, newState.RegistryInfo.Address) require.Equal(t, tt.expectedRegistry.NodePort, newState.RegistryInfo.NodePort) - require.Equal(t, tt.expectedRegistry.InternalRegistry, newState.RegistryInfo.InternalRegistry) require.Equal(t, tt.expectedRegistry.Secret, newState.RegistryInfo.Secret) }) } @@ -286,12 +272,14 @@ func TestMergeZarfStateGit(t *testing.T) { expectedGitServer types.GitServerInfo }{ { - name: "username is unmodified", + name: "address and usernames are unmodified", oldGitServer: types.GitServerInfo{ + Address: "address", PushUsername: "push-user", PullUsername: "pull-user", }, expectedGitServer: types.GitServerInfo{ + Address: "address", PushUsername: "push-user", PullUsername: "pull-user", }, @@ -299,51 +287,36 @@ func TestMergeZarfStateGit(t *testing.T) { { name: "internal server auto generate", oldGitServer: types.GitServerInfo{ - Address: types.ZarfInClusterGitServiceURL, - InternalServer: true, + Address: types.ZarfInClusterGitServiceURL, }, expectedGitServer: types.GitServerInfo{ - Address: types.ZarfInClusterGitServiceURL, - InternalServer: true, + Address: types.ZarfInClusterGitServiceURL, }, }, { - name: "external server", + name: "init options merged", oldGitServer: types.GitServerInfo{ - Address: "example.com", - InternalServer: false, - PushPassword: "push", - PullPassword: "pull", - }, - expectedGitServer: types.GitServerInfo{ - Address: "example.com", - InternalServer: false, - PushPassword: "push", - PullPassword: "pull", + Address: "doesn't matter", + PushUsername: "doesn't matter", + PullUsername: "doesn't matter", }, - }, - { - name: "init options merged", initGitServer: types.GitServerInfo{ - PushUsername: "push-user", - PullUsername: "pull-user", - Address: "address", - InternalServer: false, + PushUsername: "push-user", + PullUsername: "pull-user", + Address: "address", }, expectedGitServer: types.GitServerInfo{ - PushUsername: "push-user", - PullUsername: "pull-user", - Address: "address", - InternalServer: false, + PushUsername: "push-user", + PullUsername: "pull-user", + Address: "address", }, }, { name: "empty init options not merged", expectedGitServer: types.GitServerInfo{ - PushUsername: "", - PullUsername: "", - Address: "", - InternalServer: false, + PushUsername: "", + PullUsername: "", + Address: "", }, }, } @@ -360,7 +333,6 @@ func TestMergeZarfStateGit(t *testing.T) { require.Equal(t, tt.expectedGitServer.PushUsername, newState.GitServer.PushUsername) require.Equal(t, tt.expectedGitServer.PullUsername, newState.GitServer.PullUsername) require.Equal(t, tt.expectedGitServer.Address, newState.GitServer.Address) - require.Equal(t, tt.expectedGitServer.InternalServer, newState.GitServer.InternalServer) }) } } @@ -386,14 +358,12 @@ func TestMergeZarfStateArtifact(t *testing.T) { { name: "old state is internal server auto generate push token", oldArtifactServer: types.ArtifactServerInfo{ - PushToken: "foobar", - Address: types.ZarfInClusterArtifactServiceURL, - InternalServer: true, + PushToken: "foobar", + Address: types.ZarfInClusterArtifactServiceURL, }, expectedArtifactServer: types.ArtifactServerInfo{ - PushToken: "", - Address: types.ZarfInClusterArtifactServiceURL, - InternalServer: true, + PushToken: "", + Address: types.ZarfInClusterArtifactServiceURL, }, }, { @@ -402,51 +372,38 @@ func TestMergeZarfStateArtifact(t *testing.T) { PushToken: "hello world", }, oldArtifactServer: types.ArtifactServerInfo{ - PushToken: "foobar", - Address: types.ZarfInClusterArtifactServiceURL, - InternalServer: false, + PushToken: "foobar", + Address: types.ZarfInClusterArtifactServiceURL, }, expectedArtifactServer: types.ArtifactServerInfo{ - PushToken: "hello world", - Address: types.ZarfInClusterArtifactServiceURL, - InternalServer: true, + PushToken: "hello world", + Address: types.ZarfInClusterArtifactServiceURL, }, }, { - name: "external server same push token", + name: "init options merged", oldArtifactServer: types.ArtifactServerInfo{ - PushToken: "foobar", - Address: "http://example.com", - InternalServer: false, - }, - expectedArtifactServer: types.ArtifactServerInfo{ - PushToken: "foobar", - Address: "http://example.com", - InternalServer: false, + PushUsername: "doesn't matter", + PushToken: "doesn't matter", + Address: "doesn't matter", }, - }, - { - name: "init options merged", initArtifactServer: types.ArtifactServerInfo{ - PushUsername: "user", - PushToken: "token", - Address: "address", - InternalServer: false, + PushUsername: "user", + PushToken: "token", + Address: "address", }, expectedArtifactServer: types.ArtifactServerInfo{ - PushUsername: "user", - PushToken: "token", - Address: "address", - InternalServer: false, + PushUsername: "user", + PushToken: "token", + Address: "address", }, }, { name: "empty init options not merged", expectedArtifactServer: types.ArtifactServerInfo{ - PushUsername: "", - PushToken: "", - Address: "", - InternalServer: false, + PushUsername: "", + PushToken: "", + Address: "", }, }, } diff --git a/src/pkg/cluster/tunnel.go b/src/pkg/cluster/tunnel.go index 301739f311..61fd090546 100644 --- a/src/pkg/cluster/tunnel.go +++ b/src/pkg/cluster/tunnel.go @@ -146,7 +146,7 @@ func (c *Cluster) ConnectToZarfRegistryEndpoint(ctx context.Context, registryInf var err error var tunnel *Tunnel - if registryInfo.InternalRegistry { + if registryInfo.IsInternal() { // Establish a registry tunnel to send the images to the zarf registry if tunnel, err = c.NewTunnel(ZarfNamespaceName, SvcResource, ZarfRegistryName, "", 0, ZarfRegistryPort); err != nil { return "", tunnel, err diff --git a/src/pkg/message/credentials.go b/src/pkg/message/credentials.go index 34134e6484..a0fc97537c 100644 --- a/src/pkg/message/credentials.go +++ b/src/pkg/message/credentials.go @@ -35,7 +35,7 @@ func PrintCredentialTable(state *types.ZarfState, componentsToDeploy []types.Dep } loginData := [][]string{} - if state.RegistryInfo.InternalRegistry { + if state.RegistryInfo.IsInternal() { loginData = append(loginData, []string{"Registry", state.RegistryInfo.PushUsername, state.RegistryInfo.PushPassword, "zarf connect registry", RegistryKey}, []string{"Registry (read-only)", state.RegistryInfo.PullUsername, state.RegistryInfo.PullPassword, "zarf connect registry", RegistryReadKey}, diff --git a/src/pkg/packager/deploy.go b/src/pkg/packager/deploy.go index 5f2f2f4ab3..612fa5eb10 100644 --- a/src/pkg/packager/deploy.go +++ b/src/pkg/packager/deploy.go @@ -310,7 +310,7 @@ func (p *Packager) deployComponent(ctx context.Context, component types.ZarfComp } // Disable the registry HPA scale down if we are deploying images and it is not already disabled - if hasImages && !p.hpaModified && p.state.RegistryInfo.InternalRegistry { + if hasImages && !p.hpaModified && p.state.RegistryInfo.IsInternal() { if err := p.cluster.DisableRegHPAScaleDown(ctx); err != nil { message.Debugf("unable to disable the registry HPA scale down: %s", err.Error()) } else { diff --git a/src/types/k8s.go b/src/types/k8s.go index 6804de17ee..6277a0f7d7 100644 --- a/src/types/k8s.go +++ b/src/types/k8s.go @@ -134,8 +134,11 @@ type GitServerInfo struct { PullPassword string `json:"pullPassword"` // URL address of the git server Address string `json:"address"` - // Indicates if we are using a git server that Zarf is directly managing - InternalServer bool `json:"internalServer"` +} + +// IsInternal returns true if the git server URL is equivalent to a git server deployed through the default init package +func (gs GitServerInfo) IsInternal() bool { + return gs.Address == ZarfInClusterGitServiceURL } // FillInEmptyValues sets every necessary value that's currently empty to a reasonable default @@ -144,7 +147,6 @@ func (gs *GitServerInfo) FillInEmptyValues() error { // Set default svc url if an external repository was not provided if gs.Address == "" { gs.Address = ZarfInClusterGitServiceURL - gs.InternalServer = true } // Generate a push-user password if not provided by init flag @@ -156,14 +158,14 @@ func (gs *GitServerInfo) FillInEmptyValues() error { // Set read-user information if using an internal repository, otherwise copy from the push-user if gs.PullUsername == "" { - if gs.InternalServer { + if gs.IsInternal() { gs.PullUsername = ZarfGitReadUser } else { gs.PullUsername = gs.PushUsername } } if gs.PullPassword == "" { - if gs.InternalServer { + if gs.IsInternal() { if gs.PullPassword, err = helpers.RandomString(ZarfGeneratedPasswordLen); err != nil { return fmt.Errorf("%s: %w", lang.ErrUnableToGenerateRandomSecret, err) } @@ -183,8 +185,11 @@ type ArtifactServerInfo struct { PushToken string `json:"pushPassword"` // URL address of the artifact registry Address string `json:"address"` - // Indicates if we are using a artifact registry that Zarf is directly managing - InternalServer bool `json:"internalServer"` +} + +// IsInternal returns true if the artifact server URL is equivalent to the artifact server deployed through the default init package +func (as ArtifactServerInfo) IsInternal() bool { + return as.Address == ZarfInClusterArtifactServiceURL } // FillInEmptyValues sets every necessary value that's currently empty to a reasonable default @@ -192,7 +197,6 @@ func (as *ArtifactServerInfo) FillInEmptyValues() { // Set default svc url if an external registry was not provided if as.Address == "" { as.Address = ZarfInClusterArtifactServiceURL - as.InternalServer = true } // Set the push username to the git push user if not specified @@ -215,23 +219,25 @@ type RegistryInfo struct { Address string `json:"address"` // Nodeport of the registry. Only needed if the registry is running inside the kubernetes cluster NodePort int `json:"nodePort"` - // Indicates if we are using a registry that Zarf is directly managing - InternalRegistry bool `json:"internalRegistry"` // Secret value that the registry was seeded with Secret string `json:"secret"` } +// IsInternal returns true if the registry URL is equivalent to the registry deployed through the default init package +func (ri RegistryInfo) IsInternal() bool { + return ri.Address == fmt.Sprintf("%s:%d", helpers.IPV4Localhost, ri.NodePort) +} + // FillInEmptyValues sets every necessary value not already set to a reasonable default func (ri *RegistryInfo) FillInEmptyValues() error { var err error - // Set default NodePort if none was provided - if ri.NodePort == 0 { + // Set default NodePort if none was provided and the registry is internal + if ri.NodePort == 0 && ri.Address == "" { ri.NodePort = ZarfInClusterContainerRegistryNodePort } // Set default url if an external registry was not provided if ri.Address == "" { - ri.InternalRegistry = true ri.Address = fmt.Sprintf("%s:%d", helpers.IPV4Localhost, ri.NodePort) } @@ -244,7 +250,7 @@ func (ri *RegistryInfo) FillInEmptyValues() error { // Set pull-username if not provided by init flag if ri.PullUsername == "" { - if ri.InternalRegistry { + if ri.IsInternal() { ri.PullUsername = ZarfRegistryPullUser } else { // If this is an external registry and a pull-user wasn't provided, use the same credentials as the push user @@ -252,7 +258,7 @@ func (ri *RegistryInfo) FillInEmptyValues() error { } } if ri.PullPassword == "" { - if ri.InternalRegistry { + if ri.IsInternal() { if ri.PullPassword, err = helpers.RandomString(ZarfGeneratedPasswordLen); err != nil { return fmt.Errorf("%s: %w", lang.ErrUnableToGenerateRandomSecret, err) }