Merge pull request #10545 from RasaHQ/redis-ssl-tracker

Added SSL Cert Parameters to Redis Tracker Store
RasaHQ · Feb 4, 2022 · c07efa3 · c07efa3
2 parents b5a9ddc + 3c7d929
commit c07efa3
Show file tree

Hide file tree

Showing 5 changed files with 30 additions and 1 deletion.
diff --git a/changelog/10545.feature.md b/changelog/10545.feature.md
@@ -0,0 +1 @@
+Added optional `ssl_keyfile`, `ssl_certfile`, and `ssl_ca_certs` parameters to the Redis tracker store.
diff --git a/data/test_endpoints/example_endpoints.yml b/data/test_endpoints/example_endpoints.yml
@@ -16,6 +16,10 @@ tracker_store:
   password: password
   key_prefix: conversation
   record_exp: 30000
+  use_ssl: True
+  ssl_keyfile: "keyfile.key"
+  ssl_certfile: "certfile.crt"
+  ssl_ca_certs: "my-bundle.ca-bundle"
 # example of mongoDB external tracker store config
 #tracker_store:
   #type: mongod

diff --git a/docs/docs/lock-stores.mdx b/docs/docs/lock-stores.mdx
@@ -85,5 +85,11 @@ address the same node when sending messages for a given conversation ID.
 
   * `use_ssl` (default: `False`): Whether or not the communication is encrypted
 
+  * `ssl_keyfile` (default: `None`): Path to an ssl private key
+
+  * `ssl_certfile` (default: `None`): Path to an ssl certificate
+
+  * `ssl_ca_certs` (default: `None`): The path to a file of concatenated CA certificates in PEM format
+
   * `socket_timeout` (default: `10`): Time in seconds after which an
      error is raised if Redis doesn't answer
diff --git a/rasa/core/tracker_store.py b/rasa/core/tracker_store.py
@@ -311,12 +311,22 @@ def __init__(
         record_exp: Optional[float] = None,
         key_prefix: Optional[Text] = None,
         use_ssl: bool = False,
+        ssl_keyfile: Optional[Text] = None,
+        ssl_certfile: Optional[Text] = None,
+        ssl_ca_certs: Optional[Text] = None,
         **kwargs: Dict[Text, Any],
     ) -> None:
         import redis
 
         self.red = redis.StrictRedis(
-            host=host, port=port, db=db, password=password, ssl=use_ssl
+            host=host,
+            port=port,
+            db=db,
+            password=password,
+            ssl=use_ssl,
+            ssl_keyfile=ssl_keyfile,
+            ssl_certfile=ssl_certfile,
+            ssl_ca_certs=ssl_ca_certs,
         )
         self.record_exp = record_exp
 

diff --git a/tests/core/test_tracker_stores.py b/tests/core/test_tracker_stores.py
@@ -137,6 +137,10 @@ def test_tracker_store_endpoint_config_loading(endpoints_path: Text):
             "db": 0,
             "password": "password",
             "timeout": 30000,
+            "use_ssl": True,
+            "ssl_keyfile": "keyfile.key",
+            "ssl_certfile": "certfile.crt",
+            "ssl_ca_certs": "my-bundle.ca-bundle",
         }
     )
 
@@ -152,6 +156,10 @@ def test_create_tracker_store_from_endpoint_config(
         db=0,
         password="password",
         record_exp=3000,
+        use_ssl=True,
+        ssl_keyfile="keyfile.key",
+        ssl_certfile="certfile.crt",
+        ssl_ca_certs="my-bundle.ca-bundle",
     )
 
     assert isinstance(tracker_store, type(TrackerStore.create(store, domain)))
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		Added optional `ssl_keyfile`, `ssl_certfile`, and `ssl_ca_certs` parameters to the Redis tracker store.