feat: allow specifying Redis Sentinel auth (#3905)

Signed-off-by: Dani Maarouf <dmaarouf@cisco.com>
Co-authored-by: Yaron Schneider <schneider.yaron@live.com>

bindings/redis/metadata.yaml

@@ -42,6 +42,30 @@ authenticationProfiles:
           secret reference
         example: "KeFg23!"
         default: ""
+      - name: sentinelUsername
+        type: string
+        required: false
+        description: |
+          Username for Redis Sentinel. Applicable only when "failover" is true, and
+          Redis Sentinel has authentication enabled. Defaults to empty.
+        example: "my-sentinel-username"
+        default: ""
+        url:
+          title: "Redis Sentinel authentication documentation"
+          url: "https://redis.io/docs/latest/operate/oss_and_stack/management/sentinel/#configuring-sentinel-instances-with-authentication"
+      - name: sentinelPassword
+        type: string
+        required: false
+        sensitive: true
+        description: |
+          Password for Redis Sentinel. Applicable only when "failover" is true, and
+          Redis Sentinel has authentication enabled. Use secretKeyRef for
+          secret reference. Defaults to empty.
+        example: "KeFg23!"
+        default: ""
+        url:
+          title: "Redis Sentinel authentication documentation"
+          url: "https://redis.io/docs/latest/operate/oss_and_stack/management/sentinel/#configuring-sentinel-instances-with-authentication"
 metadata:
   - name: redisHost
     required: true

common/component/redis/redis_test.go

@@ -25,6 +25,8 @@ const (
 	host                  = "redisHost"
 	password              = "redisPassword"
 	username              = "redisUsername"
+	sentinelUsername      = "sentinelUsername"
+	sentinelPassword      = "sentinelPassword"
 	db                    = "redisDB"
 	redisType             = "redisType"
 	redisMaxRetries       = "redisMaxRetries"
@@ -51,6 +53,8 @@ func getFakeProperties() map[string]string {
 		host:                  "fake.redis.com",
 		password:              "fakePassword",
 		username:              "fakeUsername",
+		sentinelUsername:      "fakeSentinelUsername",
+		sentinelPassword:      "fakeSentinelPassword",
 		redisType:             "node",
 		enableTLS:             "true",
 		clientCert:            "fakeCert",
@@ -86,6 +90,8 @@ func TestParseRedisMetadata(t *testing.T) {
 		assert.Equal(t, fakeProperties[host], m.Host)
 		assert.Equal(t, fakeProperties[password], m.Password)
 		assert.Equal(t, fakeProperties[username], m.Username)
+		assert.Equal(t, fakeProperties[sentinelUsername], m.SentinelUsername)
+		assert.Equal(t, fakeProperties[sentinelPassword], m.SentinelPassword)
 		assert.Equal(t, fakeProperties[redisType], m.RedisType)
 		assert.True(t, m.EnableTLS)
 		assert.Equal(t, fakeProperties[clientCert], m.ClientCert)

common/component/redis/settings.go

@@ -29,6 +29,10 @@ type Settings struct {
 	Password string `mapstructure:"redisPassword"`
 	// The Redis username
 	Username string `mapstructure:"redisUsername"`
+	// The Redis Sentinel password
+	SentinelPassword string `mapstructure:"sentinelPassword"`
+	// The Redis Sentinel username
+	SentinelUsername string `mapstructure:"sentinelUsername"`
 	// Database to be selected after connecting to the server.
 	DB int `mapstructure:"redisDB"`
 	// The redis type node or cluster

common/component/redis/v8client.go

@@ -330,6 +330,8 @@ func newV8FailoverClient(s *Settings) (RedisClient, error) {
 		DB:                 s.DB,
 		MasterName:         s.SentinelMasterName,
 		SentinelAddrs:      []string{s.Host},
+		SentinelUsername:   s.SentinelUsername,
+		SentinelPassword:   s.SentinelPassword,
 		Password:           s.Password,
 		Username:           s.Username,
 		MaxRetries:         s.RedisMaxRetries,

common/component/redis/v9client.go

@@ -330,6 +330,8 @@ func newV9FailoverClient(s *Settings) (RedisClient, error) {
 		DB:                    s.DB,
 		MasterName:            s.SentinelMasterName,
 		SentinelAddrs:         []string{s.Host},
+		SentinelUsername:      s.SentinelUsername,
+		SentinelPassword:      s.SentinelPassword,
 		Password:              s.Password,
 		Username:              s.Username,
 		MaxRetries:            s.RedisMaxRetries,

configuration/redis/metadata.yaml

@@ -30,6 +30,30 @@ authenticationProfiles:
           secret reference
         example:  "KeFg23!"
         default: ""
+      - name: sentinelUsername
+        type: string
+        required: false
+        description: |
+          Username for Redis Sentinel. Applicable only when "failover" is true, and
+          Redis Sentinel has authentication enabled. Defaults to empty.
+        example: "my-sentinel-username"
+        default: ""
+        url:
+          title: "Redis Sentinel authentication documentation"
+          url: "https://redis.io/docs/latest/operate/oss_and_stack/management/sentinel/#configuring-sentinel-instances-with-authentication"
+      - name: sentinelPassword
+        type: string
+        required: false
+        sensitive: true
+        description: |
+          Password for Redis Sentinel. Applicable only when "failover" is true, and
+          Redis Sentinel has authentication enabled. Use secretKeyRef for
+          secret reference. Defaults to empty.
+        example: "KeFg23!"
+        default: ""
+        url:
+          title: "Redis Sentinel authentication documentation"
+          url: "https://redis.io/docs/latest/operate/oss_and_stack/management/sentinel/#configuring-sentinel-instances-with-authentication"
 metadata:
   - name: redisHost
     required: true

configuration/redis/redis_test.go

@@ -244,6 +244,8 @@ func Test_parseRedisMetadata(t *testing.T) {
 	testProperties := make(map[string]string)
 	testProperties["redisHost"] = "testHost"
 	testProperties["redisPassword"] = "testPassword"
+	testProperties["sentinelUsername"] = "testSentinelUsername"
+	testProperties["sentinelPassword"] = "testSentinelPassword"
 	testProperties["enableTLS"] = "true"
 	testProperties["redisMaxRetries"] = "10"
 	testProperties["redisMaxRetryInterval"] = "100ms"
@@ -254,6 +256,8 @@ func Test_parseRedisMetadata(t *testing.T) {
 	testSettings := redisComponent.Settings{
 		Host:                  "testHost",
 		Password:              "testPassword",
+		SentinelUsername:      "testSentinelUsername",
+		SentinelPassword:      "testSentinelPassword",
 		EnableTLS:             true,
 		RedisMaxRetries:       10,
 		RedisMaxRetryInterval: redisComponent.Duration(100 * time.Millisecond),
@@ -268,6 +272,8 @@ func Test_parseRedisMetadata(t *testing.T) {
 	defaultSettings := redisComponent.Settings{
 		Host:                  "testHost",
 		Password:              "",
+		SentinelUsername:      "",
+		SentinelPassword:      "",
 		EnableTLS:             false,
 		RedisMaxRetries:       3,
 		RedisMaxRetryInterval: redisComponent.Duration(time.Second * 2),
@@ -311,6 +317,8 @@ func Test_parseRedisMetadata(t *testing.T) {
 			}
 			assert.Equal(t, tt.want.Host, got.Host)
 			assert.Equal(t, tt.want.Password, got.Password)
+			assert.Equal(t, tt.want.SentinelUsername, got.SentinelUsername)
+			assert.Equal(t, tt.want.SentinelPassword, got.SentinelPassword)
 			assert.Equal(t, tt.want.EnableTLS, got.EnableTLS)
 			assert.Equal(t, tt.want.RedisMaxRetries, got.RedisMaxRetries)
 			assert.Equal(t, tt.want.RedisMaxRetryInterval, got.RedisMaxRetryInterval)

pubsub/redis/metadata.yaml

@@ -31,6 +31,30 @@ authenticationProfiles:
           secret reference
         example:  "KeFg23!"
         default: ""
+      - name: sentinelUsername
+        type: string
+        required: false
+        description: |
+          Username for Redis Sentinel. Applicable only when "failover" is true, and
+          Redis Sentinel has authentication enabled. Defaults to empty.
+        example: "my-sentinel-username"
+        default: ""
+        url:
+          title: "Redis Sentinel authentication documentation"
+          url: "https://redis.io/docs/latest/operate/oss_and_stack/management/sentinel/#configuring-sentinel-instances-with-authentication"
+      - name: sentinelPassword
+        type: string
+        required: false
+        sensitive: true
+        description: |
+          Password for Redis Sentinel. Applicable only when "failover" is true, and
+          Redis Sentinel has authentication enabled. Use secretKeyRef for
+          secret reference. Defaults to empty.
+        example: "KeFg23!"
+        default: ""
+        url:
+          title: "Redis Sentinel authentication documentation"
+          url: "https://redis.io/docs/latest/operate/oss_and_stack/management/sentinel/#configuring-sentinel-instances-with-authentication"
 metadata:
   - name: redisHost
     required: true

state/redis/metadata.yaml

@@ -36,6 +36,30 @@ authenticationProfiles:
           secret reference
         example:  "KeFg23!"
         default: ""
+      - name: sentinelUsername
+        type: string
+        required: false
+        description: |
+          Username for Redis Sentinel. Applicable only when "failover" is true, and
+          Redis Sentinel has authentication enabled. Defaults to empty.
+        example: "my-sentinel-username"
+        default: ""
+        url:
+          title: "Redis Sentinel authentication documentation"
+          url: "https://redis.io/docs/latest/operate/oss_and_stack/management/sentinel/#configuring-sentinel-instances-with-authentication"
+      - name: sentinelPassword
+        type: string
+        required: false
+        sensitive: true
+        description: |
+          Password for Redis Sentinel. Applicable only when "failover" is true, and
+          Redis Sentinel has authentication enabled. Use secretKeyRef for
+          secret reference. Defaults to empty.
+        example: "KeFg23!"
+        default: ""
+        url:
+          title: "Redis Sentinel authentication documentation"
+          url: "https://redis.io/docs/latest/operate/oss_and_stack/management/sentinel/#configuring-sentinel-instances-with-authentication"
 metadata:
   - name: redisHost
     required: true