From 3352561e8f5680dbba21b1c25bc62378a5ea80ba Mon Sep 17 00:00:00 2001
From: William Horton <william.horton@grandrounds.com>
Date: Fri, 24 Jun 2022 18:11:06 -0400
Subject: [PATCH 1/2] Add simple TLS support in RedisOnlineStore

Per the go-redis docs: 'To enable TLS/SSL, you need to provide an empty tls.Config.'
https://redis.uptrace.dev/guide/go-redis.html#using-tls

This will allow users to append ',ssl=True' to their connection string
in order to enable TLS/SSL support in the Redis client

Signed-off-by: William Horton <william.horton@grandrounds.com>
---
 .../feast/onlinestore/redisonlinestore.go       | 17 ++++++++++++-----
 1 file changed, 12 insertions(+), 5 deletions(-)

diff --git a/go/internal/feast/onlinestore/redisonlinestore.go b/go/internal/feast/onlinestore/redisonlinestore.go
index df04856cbf..26f34cf896 100644
--- a/go/internal/feast/onlinestore/redisonlinestore.go
+++ b/go/internal/feast/onlinestore/redisonlinestore.go
@@ -2,6 +2,7 @@ package onlinestore
 
 import (
 	"context"
+	"crypto/tls"
 	"encoding/binary"
 	"errors"
 	"fmt"
@@ -43,6 +44,7 @@ func NewRedisOnlineStore(project string, onlineStoreConfig map[string]interface{
 
 	var address []string
 	var password string
+	var tlsConfig *tls.Config
 	var db int // Default to 0
 
 	// Parse redis_type and write it into conf.t
@@ -69,8 +71,12 @@ func NewRedisOnlineStore(project string, onlineStoreConfig map[string]interface{
 				if kv[0] == "password" {
 					password = kv[1]
 				} else if kv[0] == "ssl" {
-					// TODO (woop): Add support for TLS/SSL
-					// ssl = kv[1] == "true"
+					result, err := strconv.ParseBool(kv[1])
+					if err != nil {
+						return nil, err
+					} else if result {
+						tlsConfig = &tls.Config{}
+					}
 				} else if kv[0] == "db" {
 					db, err = strconv.Atoi(kv[1])
 					if err != nil {
@@ -87,9 +93,10 @@ func NewRedisOnlineStore(project string, onlineStoreConfig map[string]interface{
 
 	if t == redisNode {
 		store.client = redis.NewClient(&redis.Options{
-			Addr:     address[0],
-			Password: password, // No password set
-			DB:       db,
+			Addr:      address[0],
+			Password:  password, // No password set
+			DB:        db,
+			TLSConfig: tlsConfig,
 		})
 	} else {
 		return nil, errors.New("only single node Redis is supported at this time")

From 666b4bdeaea14239fd71c346e66b134701f1ff0f Mon Sep 17 00:00:00 2001
From: William Horton <william.horton@grandrounds.com>
Date: Wed, 29 Jun 2022 13:50:35 -0400
Subject: [PATCH 2/2] Add tests of Redis config from connection string

Signed-off-by: William Horton <william.horton@grandrounds.com>
---
 .../onlinestore/redisonlinestore_test.go      | 53 +++++++++++++++++++
 1 file changed, 53 insertions(+)
 create mode 100644 go/internal/feast/onlinestore/redisonlinestore_test.go

diff --git a/go/internal/feast/onlinestore/redisonlinestore_test.go b/go/internal/feast/onlinestore/redisonlinestore_test.go
new file mode 100644
index 0000000000..43cdbe06a2
--- /dev/null
+++ b/go/internal/feast/onlinestore/redisonlinestore_test.go
@@ -0,0 +1,53 @@
+package onlinestore
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestNewRedisOnlineStore(t *testing.T) {
+	var config = map[string]interface{}{
+		"connection_string": "redis://localhost:6379",
+	}
+	store, err := NewRedisOnlineStore("test", config)
+	assert.Nil(t, err)
+	var opts = store.client.Options()
+	assert.Equal(t, opts.Addr, "redis://localhost:6379")
+	assert.Equal(t, opts.Password, "")
+	assert.Equal(t, opts.DB, 0)
+	assert.Nil(t, opts.TLSConfig)
+}
+
+func TestNewRedisOnlineStoreWithPassword(t *testing.T) {
+	var config = map[string]interface{}{
+		"connection_string": "redis://localhost:6379,password=secret",
+	}
+	store, err := NewRedisOnlineStore("test", config)
+	assert.Nil(t, err)
+	var opts = store.client.Options()
+	assert.Equal(t, opts.Addr, "redis://localhost:6379")
+	assert.Equal(t, opts.Password, "secret")
+}
+
+func TestNewRedisOnlineStoreWithDB(t *testing.T) {
+	var config = map[string]interface{}{
+		"connection_string": "redis://localhost:6379,db=1",
+	}
+	store, err := NewRedisOnlineStore("test", config)
+	assert.Nil(t, err)
+	var opts = store.client.Options()
+	assert.Equal(t, opts.Addr, "redis://localhost:6379")
+	assert.Equal(t, opts.DB, 1)
+}
+
+func TestNewRedisOnlineStoreWithSsl(t *testing.T) {
+	var config = map[string]interface{}{
+		"connection_string": "redis://localhost:6379,ssl=true",
+	}
+	store, err := NewRedisOnlineStore("test", config)
+	assert.Nil(t, err)
+	var opts = store.client.Options()
+	assert.Equal(t, opts.Addr, "redis://localhost:6379")
+	assert.NotNil(t, opts.TLSConfig)
+}