Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add TLS support for Redis Client implementation #1998

Merged
merged 8 commits into from
Feb 15, 2024

Conversation

mihkelparna1
Copy link
Contributor

@mihkelparna1 mihkelparna1 commented Feb 6, 2024

Summary

Adds support for using TLS when establishing a Redis Client. This becomes a mandatory step when using systems like Elasticache that enforce client TLS when set up to run in a Multi-AZ way.

Release Note

Documentation

@mihkelparna1 mihkelparna1 requested a review from a team as a code owner February 6, 2024 11:35
pkg/api/api.go Outdated Show resolved Hide resolved
Copy link

codecov bot commented Feb 6, 2024

Codecov Report

Attention: 15 lines in your changes are missing coverage. Please review.

Comparison is base (488eb97) 66.46% compared to head (3b7485d) 48.86%.
Report is 18 commits behind head on main.

Files Patch % Lines
pkg/api/api.go 0.00% 11 Missing ⚠️
pkg/indexstorage/redis/redis.go 0.00% 4 Missing ⚠️
Additional details and impacted files
@@             Coverage Diff             @@
##             main    #1998       +/-   ##
===========================================
- Coverage   66.46%   48.86%   -17.60%     
===========================================
  Files          92       80       -12     
  Lines        9258     6626     -2632     
===========================================
- Hits         6153     3238     -2915     
- Misses       2359     2982      +623     
+ Partials      746      406      -340     
Flag Coverage Δ
e2etests ?
unittests 48.86% <0.00%> (+1.18%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@mihkelparna1 mihkelparna1 force-pushed the RedisTLSSupport branch 3 times, most recently from 8611688 to a0c712d Compare February 13, 2024 08:28
@bobcallaway
Copy link
Member

I think this should be ready to merge once the last comment is addressed - thanks for all the help on this :)

bobcallaway
bobcallaway previously approved these changes Feb 13, 2024
Copy link
Contributor

@haydentherapper haydentherapper left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This also needs to be set in

// by converting all characters into a lowercase value before looking up in Redis
, which is for the search index. The change you made here is just for the checkpoints we write to redis.

Signed-off-by: Mihkel Pärna <mihkel.parna@transferwise.com>
…allow skipping TLS verification

Signed-off-by: Mihkel Pärna <mihkel.parna@transferwise.com>
…endpoint

Signed-off-by: Mihkel Pärna <mihkel.parna@transferwise.com>
Signed-off-by: Mihkel Pärna <mihkel.parna@transferwise.com>
… implementations based on 'enable-tls' flag

Signed-off-by: Mihkel Pärna <mihkel.parna@transferwise.com>
…conform to go best practices.

Signed-off-by: Mihkel Pärna <mihkel.parna@transferwise.com>
Signed-off-by: Mihkel Pärna <mihkel.parna@transferwise.com>
Signed-off-by: Mihkel Pärna <mihkel.parna@transferwise.com>
@mihkelparna1
Copy link
Contributor Author

This also needs to be set in

// by converting all characters into a lowercase value before looking up in Redis

, which is for the search index. The change you made here is just for the checkpoints we write to redis.

Something along the lines of this -> 3b7485d ?

Copy link
Contributor

@haydentherapper haydentherapper left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

@haydentherapper haydentherapper merged commit 07b1a9f into sigstore:main Feb 15, 2024
14 checks passed
@github-actions github-actions bot added this to the v1.2.2 milestone Feb 15, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Missing TLS support for Redis Client
3 participants