mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
redis cache - add support for TLS/encryption in transit (#410)
* Add encryption in transit support for redis cache * Fix missed connection/uri switch * Add changelog * Update changelogs/fragments/410-redis_cache-add_tls_support.yaml Co-authored-by: Felix Fontein <felix@fontein.de> Co-authored-by: Felix Fontein <felix@fontein.de>
This commit is contained in:
parent
3a75f85bdd
commit
f81e562301
2 changed files with 14 additions and 4 deletions
|
@ -0,0 +1,2 @@
|
||||||
|
minor_changes:
|
||||||
|
- redis - add TLS support to redis cache plugin (https://github.com/ansible-collections/community.general/pull/410).
|
16
plugins/cache/redis.py
vendored
16
plugins/cache/redis.py
vendored
|
@ -16,6 +16,7 @@ DOCUMENTATION = '''
|
||||||
description:
|
description:
|
||||||
- A colon separated string of connection information for Redis.
|
- A colon separated string of connection information for Redis.
|
||||||
- The format is C(host:port:db:password), for example C(localhost:6379:0:changeme).
|
- The format is C(host:port:db:password), for example C(localhost:6379:0:changeme).
|
||||||
|
- To use encryption in transit, prefix the connection with C(tls://), as in C(tls://localhost:6379:0:changeme).
|
||||||
required: True
|
required: True
|
||||||
env:
|
env:
|
||||||
- name: ANSIBLE_CACHE_PLUGIN_CONNECTION
|
- name: ANSIBLE_CACHE_PLUGIN_CONNECTION
|
||||||
|
@ -68,24 +69,31 @@ class CacheModule(BaseCacheModule):
|
||||||
performance.
|
performance.
|
||||||
"""
|
"""
|
||||||
def __init__(self, *args, **kwargs):
|
def __init__(self, *args, **kwargs):
|
||||||
connection = []
|
uri = ''
|
||||||
|
|
||||||
try:
|
try:
|
||||||
super(CacheModule, self).__init__(*args, **kwargs)
|
super(CacheModule, self).__init__(*args, **kwargs)
|
||||||
if self.get_option('_uri'):
|
if self.get_option('_uri'):
|
||||||
connection = self.get_option('_uri').split(':')
|
uri = self.get_option('_uri')
|
||||||
self._timeout = float(self.get_option('_timeout'))
|
self._timeout = float(self.get_option('_timeout'))
|
||||||
self._prefix = self.get_option('_prefix')
|
self._prefix = self.get_option('_prefix')
|
||||||
except KeyError:
|
except KeyError:
|
||||||
display.deprecated('Rather than importing CacheModules directly, '
|
display.deprecated('Rather than importing CacheModules directly, '
|
||||||
'use ansible.plugins.loader.cache_loader', version='2.12')
|
'use ansible.plugins.loader.cache_loader', version='2.12')
|
||||||
if C.CACHE_PLUGIN_CONNECTION:
|
if C.CACHE_PLUGIN_CONNECTION:
|
||||||
connection = C.CACHE_PLUGIN_CONNECTION.split(':')
|
uri = C.CACHE_PLUGIN_CONNECTION
|
||||||
self._timeout = float(C.CACHE_PLUGIN_TIMEOUT)
|
self._timeout = float(C.CACHE_PLUGIN_TIMEOUT)
|
||||||
self._prefix = C.CACHE_PLUGIN_PREFIX
|
self._prefix = C.CACHE_PLUGIN_PREFIX
|
||||||
|
|
||||||
self._cache = {}
|
self._cache = {}
|
||||||
self._db = StrictRedis(*connection)
|
kw = {}
|
||||||
|
tlsprefix = 'tls://'
|
||||||
|
if uri.startswith(tlsprefix):
|
||||||
|
kw['ssl'] = True
|
||||||
|
uri = uri[len(tlsprefix):]
|
||||||
|
|
||||||
|
connection = uri.split(':')
|
||||||
|
self._db = StrictRedis(*connection, **kw)
|
||||||
self._keys_set = 'ansible_cache_keys'
|
self._keys_set = 'ansible_cache_keys'
|
||||||
|
|
||||||
def _make_key(self, key):
|
def _make_key(self, key):
|
||||||
|
|
Loading…
Reference in a new issue