K8SPXC-1568: prevent having * prefix in proxyadmin password

[pooknull]

https://perconadev.atlassian.net/browse/K8SPXC-1568

DESCRIPTION

It's not possible to use a proxyadmin password, which starts with * char.

This PR ensures the operator generates proxyadmin password that do not begin with *.

CHECKLIST

Jira

• Is the Jira ticket created and referenced properly?
• Does the Jira ticket have the proper statuses for documentation (Needs Doc) and QA (Needs QA)?
• Does the Jira ticket link to the proper milestone (Fix Version field)?

Tests

• Is an E2E test/test case added for the new feature/change?
• Are unit tests added where appropriate?
• Are OpenShift compare files changed for E2E tests (compare/*-oc.yml)?

Config/Logging/Testability

• Are all needed new/changed options added to default YAML files?
• Are all needed new/changed options added to the Helm Chart?
• Did we add proper logging messages for operator actions?
• Did we ensure compatibility with the previous version or cluster upgrade process?
• Does the change support oldest and newest supported PXC version?
• Does the change support oldest and newest supported Kubernetes version?

[egegunes]

isn't rules ...string a bit confusing if we just passing usernames?

[pooknull]

7dd7f45

[nmarukovich]

Why we use passSymbols here? Should we use symbols instead?

[pooknull]

e39a7b6

[gkech]

Why dont we use assert and require for ensuring that we have the expected results?

[pooknull]

e9ffa96

[gkech]

Why usernames is not username? We are passing a single user.

[pooknull]

253b6d3

[gkech]

We can determine if we are proxyadmin by running simply something like this, correct?

 len(username) > 0 && username[0] == users.ProxyAdmin

[gkech]

Also this can be pre calculated insteda of resolving it for every len(passwordLen) iteration

[pooknull]

253b6d3

[gkech]

I also think these can be precalculated in general

e.g.

      firstCharSymbols = excludeChars(passSymbols, "*:;")
      otherSymbols = excludeChars(passSymbols, ":;")

[pooknull]

fc935b3

[JNKPercona]

Test Name	Result	Time
auto-tuning-8-0	passed	00:18:08
backup-storage-tls-8-0	passed	00:22:39
cross-site-8-0	passed	00:35:44
custom-users-8-0	passed	00:12:46
demand-backup-cloud-8-0	passed	00:56:23
demand-backup-encrypted-with-tls-8-0	passed	00:45:16
demand-backup-8-0	passed	00:41:32
demand-backup-flow-control-8-0	passed	00:10:26
demand-backup-parallel-8-0	passed	00:09:10
demand-backup-without-passwords-8-0	passed	00:15:12
haproxy-5-7	passed	00:14:18
haproxy-8-0	passed	00:14:04
init-deploy-5-7	passed	00:16:27
init-deploy-8-0	passed	00:16:38
limits-8-0	passed	00:12:06
monitoring-2-0-8-0	passed	00:22:32
monitoring-pmm3-8-0	passed	00:17:57
one-pod-5-7	passed	00:13:46
one-pod-8-0	passed	00:13:02
pitr-8-0	passed	00:43:50
pitr-gap-errors-8-0	passed	00:54:26
proxy-protocol-8-0	passed	00:09:36
proxysql-sidecar-res-limits-8-0	passed	00:08:13
proxysql-scheduler-8-0	passed	00:15:39
pvc-resize-5-7	passed	00:15:27
pvc-resize-8-0	passed	00:15:35
recreate-8-0	passed	00:16:53
restore-to-encrypted-cluster-8-0	passed	00:24:49
scaling-proxysql-8-0	passed	00:08:03
scaling-8-0	passed	00:10:41
scheduled-backup-5-7	passed	01:04:56
scheduled-backup-8-0	passed	01:01:43
security-context-8-0	passed	00:25:35
smart-update1-8-0	passed	00:36:03
smart-update2-8-0	passed	00:37:39
storage-8-0	passed	00:10:35
tls-issue-cert-manager-ref-8-0	passed	00:08:39
tls-issue-cert-manager-8-0	passed	00:11:22
tls-issue-self-8-0	passed	00:12:57
upgrade-consistency-8-0	passed	00:10:52
upgrade-haproxy-5-7	passed	00:23:53
upgrade-haproxy-8-0	passed	00:26:15
upgrade-proxysql-5-7	passed	00:15:40
upgrade-proxysql-8-0	passed	00:16:40
users-5-7	passed	00:25:46
users-8-0	passed	00:24:34
validation-hook-8-0	passed	00:01:35

Summary	Value
Tests Run	47/47
Job Duration	02:49:25
Total Test Time	17:26:22

commit: f48cc30
image: perconalab/percona-xtradb-cluster-operator:PR-2124-f48cc30b