buildah: move passwd command to tests

https://github.com/containers/buildah/issues/6182

Signed-off-by: flouthoc <flouthoc.git@gmail.com>

Makefile

@@ -59,7 +59,7 @@ export GOLANGCI_LINT_VERSION := 2.1.0
 #     Note: Uses the -N -l go compiler options to disable compiler optimizations
 #           and inlining. Using these build options allows you to subsequently
 #           use source debugging tools like delve.
-all: bin/buildah bin/imgtype bin/copy bin/inet bin/tutorial bin/dumpspec docs
+all: bin/buildah bin/imgtype bin/copy bin/inet bin/tutorial bin/dumpspec bin/passwd docs
 
 bin/buildah: $(SOURCES) internal/mkcw/embed/entrypoint_amd64.gz
 	$(GO_BUILD) $(BUILDAH_LDFLAGS) $(GO_GCFLAGS) "$(GOGCFLAGS)" -o $@ $(BUILDFLAGS) ./cmd/buildah
@@ -106,6 +106,9 @@ bin/tutorial: $(SOURCES)
 bin/inet: tests/inet/inet.go
 	$(GO_BUILD) $(BUILDAH_LDFLAGS) -o $@ $(BUILDFLAGS) ./tests/inet/inet.go
 
+bin/passwd: tests/passwd/passwd.go
+	$(GO_BUILD) $(BUILDAH_LDFLAGS) -o $@ $(BUILDFLAGS) ./tests/passwd/passwd.go
+
 .PHONY: clean
 clean:
 	$(RM) -r bin tests/testreport/testreport tests/conformance/testdata/mount-targets/true

cmd/buildah/passwd.go

@@ -1,34 +0,0 @@
-package main
-
-import (
-	"fmt"
-
-	"github.com/spf13/cobra"
-	"golang.org/x/crypto/bcrypt"
-)
-
-var (
-	passwdDescription = `Generate a password hash using golang.org/x/crypto/bcrypt.`
-	passwdCommand     = &cobra.Command{
-		Use:     "passwd",
-		Short:   "Generate a password hash",
-		Long:    passwdDescription,
-		RunE:    passwdCmd,
-		Example: `buildah passwd testpassword`,
-		Args:    cobra.ExactArgs(1),
-		Hidden:  true,
-	}
-)
-
-func passwdCmd(_ *cobra.Command, args []string) error {
-	passwd, err := bcrypt.GenerateFromPassword([]byte(args[0]), bcrypt.DefaultCost)
-	if err != nil {
-		return err
-	}
-	fmt.Println(string(passwd))
-	return nil
-}
-
-func init() {
-	rootCmd.AddCommand(passwdCommand)
-}

tests/helpers.bash

@@ -833,7 +833,7 @@ auth:
 '
   # roughly equivalent to "htpasswd -nbB testuser testpassword", the registry uses
   # the same package this does for verifying passwords against hashes in htpasswd files
-  htpasswd=${testuser}:$(buildah passwd ${testpassword})
+  htpasswd=${testuser}:$(passwd ${testpassword})
 
   # generate the htpasswd and config.yml files for the registry
   mkdir -p "${TEST_SCRATCH_DIR}"/registry/root "${TEST_SCRATCH_DIR}"/registry/run "${TEST_SCRATCH_DIR}"/registry/certs "${TEST_SCRATCH_DIR}"/registry/config

tests/passwd/README.md

@@ -0,0 +1,34 @@
+# passwd
+
+A standalone password hashing tool for buildah tests.
+
+## Purpose
+
+This tool generates bcrypt password hashes and is used exclusively for testing purposes. It was previously part of the main buildah command as a hidden `passwd` subcommand but has been split out into a separate tool to:
+
+- Keep the main buildah command clean of test-only functionality
+- Allow tests to use password hashing independently
+- Follow the same pattern as other test tools like `imgtype`
+
+## Usage
+
+```bash
+passwd <password>
+```
+
+## Example
+
+```bash
+$ passwd testpassword
+$2a$10$ZamosnV9dfpTJn4Uk.Xix.5nwbKNiLw8xpP/6g2z83jhY.WKZuRjG
+```
+
+The tool outputs a bcrypt hash of the input password to stdout, which can be used in test scenarios that require password hashing (such as setting up test registries with HTTP basic authentication).
+
+## Building
+
+The tool is built automatically when running `make all` or can be built individually with:
+
+```bash
+make bin/passwd
+```

tests/passwd/passwd.go

@@ -0,0 +1,23 @@
+package main
+
+import (
+	"fmt"
+	"os"
+
+	"golang.org/x/crypto/bcrypt"
+)
+
+func main() {
+	if len(os.Args) != 2 {
+		fmt.Fprintf(os.Stderr, "Usage: %s <password>\n", os.Args[0])
+		fmt.Fprintf(os.Stderr, "Generate a password hash using golang.org/x/crypto/bcrypt.\n")
+		os.Exit(1)
+	}
+
+	passwd, err := bcrypt.GenerateFromPassword([]byte(os.Args[1]), bcrypt.DefaultCost)
+	if err != nil {
+		fmt.Fprintf(os.Stderr, "Error generating password hash: %v\n", err)
+		os.Exit(1)
+	}
+	fmt.Println(string(passwd))
+}