redis: Support enabling password

This change add the new --password option, so that we can test scenarios with password authentication enabled in Redis and Redis sentinel.
jd · Feb 4, 2024 · 47777c0 · 47777c0
1 parent bcd836e
commit 47777c0
Show file tree

Hide file tree

Showing 2 changed files with 45 additions and 7 deletions.
diff --git a/pifpaf/drivers/redis.py b/pifpaf/drivers/redis.py
@@ -20,15 +20,17 @@ class RedisDriver(drivers.Driver):
 
     DEFAULT_PORT = 6379
     DEFAULT_PORT_SENTINEL = 6380
+    DEFAULT_PASSWORD = ''
 
     def __init__(self, port=DEFAULT_PORT,
                  sentinel=False, sentinel_port=DEFAULT_PORT_SENTINEL,
-                 **kwargs):
+                 password=DEFAULT_PASSWORD, **kwargs):
         """Create a new Redis server."""
         super(RedisDriver, self).__init__(**kwargs)
         self.port = port
         self.sentinel = sentinel
         self.sentinel_port = sentinel_port
+        self.password = password
 
     @classmethod
     def get_options(cls):
@@ -44,23 +46,34 @@ def get_options(cls):
              "type": int,
              "default": cls.DEFAULT_PORT_SENTINEL,
              "help": "port to use for Redis sentinel"},
+            {"param_decls": ["--password"],
+             "default": cls.DEFAULT_PASSWORD,
+             "help": "Redis and Redis sentinel password"},
         ]
 
     def _setUp(self):
         super(RedisDriver, self)._setUp()
+        redis_conf = """dir %s
+port %d
+""" % (self.tempdir, self.port)
+        if self.password:
+            redis_conf += "requirepass %s\n" % self.password
         c, _ = self._exec(
             ["redis-server", "-"],
-            stdin=("dir %s\nport %d\n"
-                   % (self.tempdir, self.port)).encode('ascii'),
+            stdin=(redis_conf).encode('ascii'),
             wait_for_line="eady to accept connections")
 
         if self.sentinel:
             cfg = os.path.join(self.tempdir, "redis-sentinel.conf")
-            with open(cfg, "w") as f:
-                f.write("""dir %s
+            sentinel_conf = """dir %s
 port %d
-sentinel monitor pifpaf localhost %d 1"""
-                        % (self.tempdir, self.sentinel_port, self.port))
+sentinel monitor pifpaf localhost %d 1
+""" % (self.tempdir, self.sentinel_port, self.port)
+            if self.password:
+                sentinel_conf += "sentinel auth-pass pifpaf %s\n" % self.password
+                sentinel_conf += "requirepass %s\n" % self.password
+            with open(cfg, "w") as f:
+                f.write(sentinel_conf)
 
             c, _ = self._exec(
                 ["redis-sentinel", cfg],

diff --git a/pifpaf/tests/test_drivers.py b/pifpaf/tests/test_drivers.py
@@ -273,6 +273,16 @@ def test_redis(self):
         self.assertEqual(str(port), os.getenv("PIFPAF_REDIS_PORT"))
         self._run("redis-cli -p %d llen pifpaf" % f.port)
 
+    @testtools.skipUnless(spawn.find_executable("redis-server"),
+                          "redis-server not found")
+    def test_redis_with_password(self):
+        port = 6384
+        f = self.useFixture(redis.RedisDriver(port=port, password='secrete'))
+        self.assertEqual("redis://localhost:%d" % port,
+                         os.getenv("PIFPAF_URL"))
+        self.assertEqual(str(port), os.getenv("PIFPAF_REDIS_PORT"))
+        self._run("redis-cli -p %d -a secrete llen pifpaf" % f.port)
+
     @testtools.skipUnless(spawn.find_executable("redis-sentinel"),
                           "redis-sentinel not found")
     def test_redis_sentinel(self):
@@ -283,6 +293,21 @@ def test_redis_sentinel(self):
         self.assertEqual(str(port), os.getenv("PIFPAF_REDIS_PORT"))
         self.assertEqual("6380", os.getenv("PIFPAF_REDIS_SENTINEL_PORT"))
         self._run("redis-cli -p %d sentinel master pifpaf" % f.sentinel_port)
+        self._run("redis-cli -p %d llen pifpaf" % f.port)
+
+    @testtools.skipUnless(spawn.find_executable("redis-sentinel"),
+                          "redis-sentinel not found")
+    def test_redis_sentinel_with_password(self):
+        port = 6385
+        f = self.useFixture(redis.RedisDriver(sentinel=True, port=port,
+                                              password='secrete'))
+        self.assertEqual("redis://localhost:%d" % port,
+                         os.getenv("PIFPAF_URL"))
+        self.assertEqual(str(port), os.getenv("PIFPAF_REDIS_PORT"))
+        self.assertEqual("6380", os.getenv("PIFPAF_REDIS_SENTINEL_PORT"))
+        self._run("redis-cli -p %d -a secrete sentinel master pifpaf" %
+                  f.sentinel_port)
+        self._run("redis-cli -p %d -a secrete llen pifpaf" % f.port)
 
     @testtools.skipUnless(spawn.find_executable(
         "zkServer.sh", path=":".join(zookeeper.ZooKeeperDriver.PATH)),