Merge pull request #131 from vshn/fixredisprober

Redis prober handles TLS correctly
vshn · Feb 13, 2024 · e242edf · e242edf
2 parents a64a561 + fe84d8d
commit e242edf
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 9 deletions.
diff --git a/pkg/sliexporter/vshnredis_controller/vshnredis_controller.go b/pkg/sliexporter/vshnredis_controller/vshnredis_controller.go
@@ -136,8 +136,14 @@ func (r VSHNRedisReconciler) getRedisProber(ctx context.Context, inst *vshnv1.XV
 
 	tlsEnabled := inst.Spec.Parameters.TLS.TLSEnabled
 
-	tlsConfig := tls.Config{}
+	redisOptions := redis.Options{
+		Addr:     string(credentials.Data["REDIS_HOST"]) + ":" + string(credentials.Data["REDIS_PORT"]),
+		Username: string(credentials.Data["REDIS_USERNAME"]),
+		Password: string(credentials.Data["REDIS_PASSWORD"]),
+	}
+
 	if tlsEnabled {
+		tlsConfig := tls.Config{}
 		certPair, err := tls.X509KeyPair(credentials.Data["tls.crt"], credentials.Data["tls.key"])
 		if err != nil {
 			return nil, err
@@ -148,14 +154,10 @@ func (r VSHNRedisReconciler) getRedisProber(ctx context.Context, inst *vshnv1.XV
 		}
 
 		tlsConfig.RootCAs.AppendCertsFromPEM(credentials.Data["ca.crt"])
+		redisOptions.TLSConfig = &tlsConfig
 	}
 
-	prober, err = r.RedisDialer(vshnRedisServiceKey, inst.Name, inst.ObjectMeta.Labels[claimNamespaceLabel], org, string(sla), false, redis.Options{
-		Addr:      string(credentials.Data["REDIS_HOST"]) + ":" + string(credentials.Data["REDIS_PORT"]),
-		Username:  string(credentials.Data["REDIS_USERNAME"]),
-		Password:  string(credentials.Data["REDIS_PASSWORD"]),
-		TLSConfig: &tlsConfig,
-	})
+	prober, err = r.RedisDialer(vshnRedisServiceKey, inst.Name, inst.ObjectMeta.Labels[claimNamespaceLabel], org, string(sla), false, redisOptions)
 	if err != nil {
 		return nil, err
 	}

diff --git a/pkg/sliexporter/vshnredis_controller/vshnredis_controller_test.go b/pkg/sliexporter/vshnredis_controller/vshnredis_controller_test.go
@@ -453,8 +453,7 @@ func TestVSHNRedis_NoTls(t *testing.T) {
 	)
 	r.RedisDialer = func(service, name, namespace, organization, sla string, ha bool, opts redis.Options) (*probes.VSHNRedis, error) {
 
-		assert.Equal(t, []tls.Certificate(nil), opts.TLSConfig.Certificates)
-		assert.Equal(t, []tls.Certificate(nil), opts.TLSConfig.Certificates)
+		assert.Nil(t, opts.TLSConfig, "TLS config MUST be nil")
 
 		return fakeRedisDialer(service, name, namespace, organization, "besteffort", false, redis.Options{
 			Addr:     string(cred.Data["REDIS_HOST"]) + ":" + string(cred.Data["REDIS_PORT"]),