dapr
/
components-contrib
mirror of https://github.com/dapr/components-contrib.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add TLS connection option to Redis pub sub (#96) 

* add tls option to redis pub sub

* make default skip verify

* fix tls assignment

* remove gosec check

* retry nosec
This commit is contained in:
Yaron Schneider 2019-11-04 11:00:57 -08:00 committed by GitHub
parent 4bbfb82e98
commit 34e1757740
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 25 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
pubsub/redis/metadata.go
View File

@ -9,4 +9,5 @@ type metadata struct {
host string host string
password string password string
consumerID string consumerID string
enableTLS bool
} }

25
pubsub/redis/redis.go
View File

@ -6,8 +6,10 @@
package redis package redis
import ( import (
"crypto/tls"
"errors" "errors"
"fmt" "fmt"
"strconv"
"time" "time"
log "github.com/Sirupsen/logrus" log "github.com/Sirupsen/logrus"
@ -20,6 +22,7 @@ const (
host = "redisHost" host = "redisHost"
password = "redisPassword" password = "redisPassword"
consumerID = "consumerID" consumerID = "consumerID"
enableTLS = "enableTLS"
) )
type redisStreams struct { type redisStreams struct {
@ -44,6 +47,14 @@ func parseRedisMetadata(meta pubsub.Metadata) (metadata, error) {
m.password = val m.password = val
} }
if val, ok := meta.Properties[enableTLS]; ok && val != "" {
tls, err := strconv.ParseBool(val)
if err != nil {
return m, fmt.Errorf("redis streams error: can't parse enableTLS field: %s", err)
}
m.enableTLS = tls
}
if val, ok := meta.Properties[consumerID]; ok && val != "" { if val, ok := meta.Properties[consumerID]; ok && val != "" {
m.consumerID = val m.consumerID = val
} else { } else {
@ -58,16 +69,24 @@ func (r *redisStreams) Init(metadata pubsub.Metadata) error {
if err != nil { if err != nil {
return err return err
} }
r.metadata = m r.metadata = m
client := redis.NewClient(&redis.Options{ options := &redis.Options{
Addr: m.host, Addr: m.host,
Password: m.password, Password: m.password,
DB: 0, DB: 0,
MaxRetries: 3, MaxRetries: 3,
MaxRetryBackoff: time.Second * 2, MaxRetryBackoff: time.Second * 2,
}) }
/* #nosec */
if r.metadata.enableTLS {
options.TLSConfig = &tls.Config{
InsecureSkipVerify: r.metadata.enableTLS,
}
}
client := redis.NewClient(options)
_, err = client.Ping().Result() _, err = client.Ping().Result()
if err != nil { if err != nil {

2
pubsub/redis/redis_test.go
View File

@ -21,6 +21,7 @@ func getFakeProperties() map[string]string {
consumerID: "fakeConsumer", consumerID: "fakeConsumer",
host: "fake.redis.com", host: "fake.redis.com",
password: "fakePassword", password: "fakePassword",
enableTLS: "true",
} }
} }
@ -40,6 +41,7 @@ func TestParseRedisMetadata(t *testing.T) {
assert.Equal(t, fakeProperties[host], m.host) assert.Equal(t, fakeProperties[host], m.host)
assert.Equal(t, fakeProperties[password], m.password) assert.Equal(t, fakeProperties[password], m.password)
assert.Equal(t, fakeProperties[consumerID], m.consumerID) assert.Equal(t, fakeProperties[consumerID], m.consumerID)
assert.Equal(t, true, m.enableTLS)
}) })
t.Run("host is not given", func(t *testing.T) { t.Run("host is not given", func(t *testing.T) {