Reset Loft Admin Password
If you have lost the password for a loft user, you can also reset it via kubectl. Make sure you have cluster wide access to the kubernetes cluster where loft is running in.
Find the kubernetes secret with the password hash
In order to find the kubernetes secret where the password hash for a specific user is stored, run the following command:
$ kubectl get user admin -o yaml
apiVersion: management.loft.sh/v1
kind: User
metadata:
...
spec:
passwordRef:
key: password
secretName: loft-user-secret-admin
secretNamespace: loft
...
The important part of the yaml is the password ref, which holds the reference for the secret where the password is stored.
Reset the password
The next step is to create a sha256 hash of your new password:
echo -n my-new-password | sha256sum
which should print something like:
d7ff0c3cf3be79e0ecd30971c163b6be693fcb26578f18f1b9a3926eaf7b339d -
Now copy the hash (d7ff0c3cf3be79e0ecd30971c163b6be693fcb26578f18f1b9a3926eaf7b339d
) without the -
and patch the secret with the new password hash:
kubectl get secret loft-user-secret-admin -n loft -o json | jq --arg password "$(echo d7ff0c3cf3be79e0ecd30971c163b6be693fcb26578f18f1b9a3926eaf7b339d | base64)" '.data["password"]=$password' | kubectl apply -f -
After that you should be able to login with the user admin
and your new password into loft.