Skip to content

Add CredentialsProvider field to UniversalOptions #2927

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Add CredentialsProvider field to UniversalOptions #2927

wants to merge 3 commits into from
+44 −33

Conversation

dcherubini
Copy link

In #2097 go-redis started to support passing a CredentialsProvider callback to get the username and password when initializing a connection, instead of having to provide them when creating the client. This is very useful in scenarios where you have these credentials stored in a separate service (e.g., AWS Secret Manager or Azure Key Vault) and you want to rotate those credentials periodically.

However, this option was not added in all clients and was not being passed down from the universal client to the concrete clients either. This PR aims to normalize that.

(Note that the CredentialsProviders field was already added to ClusterOptions in #2791, which is why they are not being touched in this change)

@ndyakov
Copy link
Member

ndyakov commented Mar 24, 2025

Hello @dcherubini, We are introducing a new StreamingCredentialsProvider in #3320 and currently there is the CredentialsProviderContext (it's not a great name, I know). Would you mind updating the options in such a way to address those two as well? I was planing to do it myself, but wanted to keep you contribution and work with you on this PR instead of opening a new one.

@ndyakov
Copy link
Member

ndyakov commented Jun 5, 2025

@dcherubini the StreamingCredentialsProvider is added. Would you like to update this PR to add all credentials providers:

go-redis/options.go

Lines 68 to 84 in 86d418f

// CredentialsProvider allows the username and password to be updated
// before reconnecting. It should return the current username and password.
CredentialsProvider func() (username string, password string)
// CredentialsProviderContext is an enhanced parameter of CredentialsProvider,
// done to maintain API compatibility. In the future,
// there might be a merge between CredentialsProviderContext and CredentialsProvider.
// There will be a conflict between them; if CredentialsProviderContext exists, we will ignore CredentialsProvider.
CredentialsProviderContext func(ctx context.Context) (username string, password string, err error)
// StreamingCredentialsProvider is used to retrieve the credentials
// for the connection from an external source. Those credentials may change
// during the connection lifetime. This is useful for managed identity
// scenarios where the credentials are retrieved from an external source.
//
// Currently, this is a placeholder for the future implementation.
StreamingCredentialsProvider auth.StreamingCredentialsProvider

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
feature incomplete
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@dcherubini @ndyakov @ofekshenawa