Add support for Redis usernames in Workhorse and KAS config
What does this MR do?
Previously if the default username were disabled on Redis and a custom Redis ACL user were used, Workhorse and KAS would fail to connect with a WRONGPASS error.
This commits adds the username to the URL if it is available.
Related issues
Relates to #5681 (closed)
Testing
I created a separate Redis deployment:
redis-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: redis
spec:
replicas: 1
selector:
matchLabels:
app: redis
template:
metadata:
labels:
app: redis
spec:
containers:
- name: redis
image: redis:latest
ports:
- containerPort: 6379
env:
- name: REDIS_PASSWORD
value: "<password from gitlab-redis-secret secret>"
command:
- sh
- -c
- |
echo "user default off >${REDIS_PASSWORD} ~* +@all allchannels" > /tmp/redis.conf
echo "user redis-user on >${REDIS_PASSWORD} ~* +@all" >> /tmp/redis.conf
redis-server /tmp/redis.conf
---
apiVersion: v1
kind: Service
metadata:
name: redis
spec:
ports:
- port: 6379
targetPort: 6379
selector:
app: redis
Then I ran:
kubectl apply -f redis-deployment.yaml
My values.yaml
:
global:
redis:
auth:
enabled: true
user: redis-user
connectTimeout: 3
host: redis.default.svc.cluster.local
redis:
install: false
Check that:
-
sidekiq
,webservice
, andkas
pods start up. - In the
webservice
pod, thegitlab-workhorse
container contains the username in/srv/gitlab/config/workhorse-config.toml
inURL
.
Author checklist
For general guidance, please follow our Contributing guide.
Required
For anything in this list which will not be completed, please provide a reason in the MR discussion.
-
Merge Request Title and Description are up to date, accurate, and descriptive. -
MR targeting the appropriate branch. -
MR has a green pipeline. -
Documentation created/updated. -
Tests added/updated, and test plan for scenarios not covered by automated tests. -
Equivalent MR/issue for omnibus-gitlab opened.
Reviewers checklist
-
MR has a green pipeline on https://gitlab.com/gitlab-org/charts/gitlab. -
Consider downstream impact to the Operator, as per evaluating impact from changes to GitLab Chart.
Edited by Clemens Beck