Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(redis) enable ssl #270

Merged
merged 4 commits into from
Apr 1, 2022
Merged

chore(redis) enable ssl #270

merged 4 commits into from
Apr 1, 2022

Conversation

ADD-SP
Copy link
Contributor

@ADD-SP ADD-SP commented Apr 1, 2022
edited
Loading

Kong CE will soon be testing the SSL connection between the plugin and Redis, and we should upgrade Pongo to allow developers to run tests locally.

Also, we should ensure that both repositories use the same root certificate to issue certificates for the Redis server.

Related PR: Kong/kong#8662, Kong/gojira#45

This was referenced Apr 1, 2022
Merged
Open
Tieske
Tieske requested changes Apr 1, 2022
View reviewed changes
Copy link
Member

@Tieske Tieske left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can we move the redis certs into a redis-subfolder; ./assets/redis ? similar to the expose and squid subfolders?

Also in the update, I think this line needs an update as well: https://github.com/Kong/kong-pongo/blob/master/assets/help/expose.txt#L15

@ADD-SP ADD-SP requested a review from Tieske April 1, 2022 06:45
Tieske
Tieske reviewed Apr 1, 2022
View reviewed changes
assets/docker-compose.yml Outdated Show resolved Hide resolved
@Tieske Tieske merged commit 21755cd into Kong:master Apr 1, 2022
@Tieske
Copy link
Member

Tieske commented Apr 1, 2022

Thx @ADD-SP 👍

ADD-SP added a commit to Kong/kong that referenced this pull request Apr 7, 2022
@ADD-SP
tests(plugins/rate-limiting) test ssl connection (#8617)
e1ace9d 
### Summary

This commit allows the SSL connection between the `rate-limiting` plugin and `Redis` to be tested.

### Full changelog

* Add relevant testing strategies to `spec/03-plugins/23-rate-limiting/05-integration_spec.lua`.
* Update `.github/workflows/build_and_test.yml` to enable SSL for Redis in CI
* Create folder `spec/fixtures/redis` and add the following files
     * `ca.key`: Private key for the root certificate
     * `ca.crt`: Root Certificate
     * `server.key`: Private key for Redis server certificate
     * `server.crt`: Redis server certificate
     * `docker-entrypoint.sh`: To override the default

These certificates should be added to [Kong-Pongo](https://github.com/Kong/kong-pongo) and [gojira](https://github.com/Kong/gojira) to make it easy for developers to run tests locally.

Related PR: Kong/gojira#45, Kong/kong-pongo#270
@ADD-SP ADD-SP mentioned this pull request Apr 11, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Tieske Tieske Tieske approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ADD-SP @Tieske