We used to spin up a temporary MySQL container, pass a plain password into it, and extract the generated caching_sha2_password hash to commit into our automation code (e.g., Puppet/Ansible). That workflow is brittle, slow, and leaks secrets into shell history.
New API and web tool #
I’ve replaced that process with a simple API that returns a valid MySQL caching_sha2_password hash for a given input. There’s also a minimal single‑page UI to generate hashes quickly without touching MySQL.
Use these instead of manually running MySQL locally.