Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

redis tls #273

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

redis tls #273

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
4453232
redis tls
gbarc-dt Oct 28, 2024
f101bc5
fix, ship:docker
gbarc-dt Nov 29, 2024
d229158
Merge branch 'master' into ga-tbt151-redistls
gbarc-dt Dec 10, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion Gemfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,6 @@ gem 'sinatra-param'
gem 'stackprof'
gem 'travis-config', github: 'travis-ci/travis-config'
gem 'travis-exceptions', github: 'travis-ci/travis-exceptions'
gem 'travis-lock', github: 'travis-ci/travis-lock'
gem 'travis-lock', github: 'travis-ci/travis-lock', branch: 'ga-tbt151-redistls'
gem 'travis-logger', github: 'travis-ci/travis-logger'
gem 'travis-metrics', github: 'travis-ci/travis-metrics'
3 changes: 2 additions & 1 deletion Gemfile.lock
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,8 @@ GIT

GIT
remote: https://github.com/travis-ci/travis-lock.git
revision: aeee7b5d11e3d44f19d0a113c2e54ec54756f20f
revision: 535bbe651e1d407c58b1f1c7f521dd1d7a08691c
branch: ga-tbt151-redistls
specs:
travis-lock (0.2.0)

Expand Down
17 changes: 16 additions & 1 deletion lib/travis/logs.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,22 @@ def database_connection
end

def redis
@redis ||= Travis::Logs::RedisPool.new(redis_config)
cfg = redis_config
cfg = cfg.merge(ssl_params: redis_ssl_params) if redis_config[:ssl]
@redis ||= Travis::Logs::RedisPool.new(cfg)
end

def redis_ssl_params
@redis_ssl_params ||= begin
return nil unless redis_config[:ssl]

value = {}
value[:ca_path] = ENV['REDIS_SSL_CA_PATH'] if ENV['REDIS_SSL_CA_PATH']
value[:cert] = OpenSSL::X509::Certificate.new(File.read(ENV['REDIS_SSL_CERT_FILE'])) if ENV['REDIS_SSL_CERT_FILE']
value[:key] = OpenSSL::PKEY::RSA.new(File.read(ENV['REDIS_SSL_KEY_FILE'])) if ENV['REDIS_SSL_KEY_FILE']
value[:verify_mode] = OpenSSL::SSL::VERIFY_NONE if config.ssl_verify == false
value
end
end

def redis_config
Expand Down
9 changes: 8 additions & 1 deletion lib/travis/logs/lock.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,14 @@ def exclusive(&block)

private def normalized_locking_options(options: nil)
options ||= base_lock_config
options[:url] ||= redis_url if options[:strategy] == :redis
if options[:strategy] == :redis
options[:url] ||= redis_url
options[:ssl] ||= Travis.config.redis.ssl || false
options[:ca_path] ||= ENV['REDIS_SSL_CA_PATH'] if ENV['REDIS_SSL_CA_PATH']
options[:cert] ||= OpenSSL::X509::Certificate.new(File.read(ENV['REDIS_SSL_CERT_FILE'])) if ENV['REDIS_SSL_CERT_FILE']
options[:key] ||= OpenSSL::PKEY::RSA.new(File.read(ENV['REDIS_SSL_KEY_FILE'])) if ENV['REDIS_SSL_KEY_FILE']
options[:verify_mode] ||= OpenSSL::SSL::VERIFY_NONE if Travis.config.ssl_verify == false
end
options
end

Expand Down
17 changes: 16 additions & 1 deletion lib/travis/logs/sidekiq.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,9 @@ def setup
)
::Sidekiq.configure_server do |config|
config.redis = {
url: Travis.config.redis.url
url: Travis.config.redis.url,
ssl: Travis.config.redis.ssl || false,
ssl_params: redis_ssl_params(Travis.config)
}
config.logger = sidekiq_logger
config.server_middleware do |chain|
Expand All @@ -40,6 +42,19 @@ def setup
end
end

def redis_ssl_params(config)
@redis_ssl_params ||= begin
return nil unless config.redis.ssl

value = {}
value[:ca_path] = ENV['REDIS_SSL_CA_PATH'] if ENV['REDIS_SSL_CA_PATH']
value[:cert] = OpenSSL::X509::Certificate.new(File.read(ENV['REDIS_SSL_CERT_FILE'])) if ENV['REDIS_SSL_CERT_FILE']
value[:key] = OpenSSL::PKEY::RSA.new(File.read(ENV['REDIS_SSL_KEY_FILE'])) if ENV['REDIS_SSL_KEY_FILE']
value[:verify_mode] = OpenSSL::SSL::VERIFY_NONE if config.ssl_verify == false
value
end
end

private def sidekiq_logger
return ::Logger.new($stdout) if Travis.config.log_level.to_s == 'debug'

Expand Down
2 changes: 1 addition & 1 deletion spec/unit/travis/logs/lock_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@
[
{ unofficial: :config, such: :rogue, strategy: :redis },
{ unofficial: :config, such: :rogue, strategy: :redis,
url: 'redis://very.memory.example.com' }
url: 'redis://very.memory.example.com', ssl: false }
]
].each do |options, normalized_options|
it "normalizes locking options #{options.inspect}" do
Expand Down