From d12d475eed4d3b41fc3fffbc0e873a323abce4f9 Mon Sep 17 00:00:00 2001 From: Ben Q Date: Thu, 16 Dec 2021 09:22:51 -0500 Subject: [PATCH 1/4] Added SSL params to Redis tracker --- rasa/core/tracker_store.py | 12 +++++++++++- tests/core/test_tracker_stores.py | 17 +++++++++++++++++ 2 files changed, 28 insertions(+), 1 deletion(-) diff --git a/rasa/core/tracker_store.py b/rasa/core/tracker_store.py index c2f927bc53c9..e2402855744b 100644 --- a/rasa/core/tracker_store.py +++ b/rasa/core/tracker_store.py @@ -311,12 +311,22 @@ def __init__( record_exp: Optional[float] = None, key_prefix: Optional[Text] = None, use_ssl: bool = False, + ssl_keyfile: Optional[Text] = None, + ssl_certfile: Optional[Text] = None, + ssl_ca_certs: Optional[Text] = None, **kwargs: Dict[Text, Any], ) -> None: import redis self.red = redis.StrictRedis( - host=host, port=port, db=db, password=password, ssl=use_ssl + host=host, + port=port, + db=db, + password=password, + ssl=use_ssl, + ssl_keyfile=ssl_keyfile, + ssl_certfile=ssl_certfile, + ssl_ca_certs=ssl_ca_certs, ) self.record_exp = record_exp diff --git a/tests/core/test_tracker_stores.py b/tests/core/test_tracker_stores.py index 2905a81f813b..6cd009ce6faa 100644 --- a/tests/core/test_tracker_stores.py +++ b/tests/core/test_tracker_stores.py @@ -193,6 +193,23 @@ def test_redis_tracker_store_valid_key_prefix(domain: Domain): ) +def test_redis_tracker_store_ssl(domain: Domain): + tracker_store = RedisTrackerStore( + domain=domain, + host="localhost", + port=6379, + db=0, + password="password", + record_exp=3000, + use_ssl=True, + ssl_keyfile="keyfile.key", + ssl_certfile="certfile.crt", + ssl_ca_certs="my-bundle.ca-bundle", + ) + + assert isinstance(tracker_store, RedisTrackerStore) + + def test_exception_tracker_store_from_endpoint_config( domain: Domain, monkeypatch: MonkeyPatch, endpoints_path: Text ): From 14fa3bb4681ced22ff03fe74163a89dd42e4cccf Mon Sep 17 00:00:00 2001 From: Ben Q Date: Thu, 16 Dec 2021 09:25:31 -0500 Subject: [PATCH 2/4] Added changelog --- changelog/10545.feature.md | 1 + 1 file changed, 1 insertion(+) create mode 100644 changelog/10545.feature.md diff --git a/changelog/10545.feature.md b/changelog/10545.feature.md new file mode 100644 index 000000000000..169c59418b6b --- /dev/null +++ b/changelog/10545.feature.md @@ -0,0 +1 @@ +Added optional `ssl_keyfile`, `ssl_certfile`, and `ssl_ca_certs` parameters to the Redis tracker store. \ No newline at end of file From c3dc2aea884e9cd633407fe447e11b90991d5602 Mon Sep 17 00:00:00 2001 From: Ben Q Date: Thu, 3 Feb 2022 13:16:18 -0500 Subject: [PATCH 3/4] Added endpoint.yml loading test --- data/test_endpoints/example_endpoints.yml | 4 ++++ tests/core/test_tracker_stores.py | 25 ++++++++--------------- 2 files changed, 12 insertions(+), 17 deletions(-) diff --git a/data/test_endpoints/example_endpoints.yml b/data/test_endpoints/example_endpoints.yml index 049d6cd32b89..fccc4f9c4594 100644 --- a/data/test_endpoints/example_endpoints.yml +++ b/data/test_endpoints/example_endpoints.yml @@ -16,6 +16,10 @@ tracker_store: password: password key_prefix: conversation record_exp: 30000 + use_ssl: True + ssl_keyfile: "keyfile.key" + ssl_certfile: "certfile.crt" + ssl_ca_certs: "my-bundle.ca-bundle" # example of mongoDB external tracker store config #tracker_store: #type: mongod diff --git a/tests/core/test_tracker_stores.py b/tests/core/test_tracker_stores.py index dd0b0124abbe..3adee243bf28 100644 --- a/tests/core/test_tracker_stores.py +++ b/tests/core/test_tracker_stores.py @@ -137,6 +137,10 @@ def test_tracker_store_endpoint_config_loading(endpoints_path: Text): "db": 0, "password": "password", "timeout": 30000, + "use_ssl": True, + "ssl_keyfile": "keyfile.key", + "ssl_certfile": "certfile.crt", + "ssl_ca_certs": "my-bundle.ca-bundle", } ) @@ -152,6 +156,10 @@ def test_create_tracker_store_from_endpoint_config( db=0, password="password", record_exp=3000, + use_ssl=True, + ssl_keyfile="keyfile.key", + ssl_certfile="certfile.crt", + ssl_ca_certs="my-bundle.ca-bundle", ) assert isinstance(tracker_store, type(TrackerStore.create(store, domain))) @@ -193,23 +201,6 @@ def test_redis_tracker_store_valid_key_prefix(domain: Domain): ) -def test_redis_tracker_store_ssl(domain: Domain): - tracker_store = RedisTrackerStore( - domain=domain, - host="localhost", - port=6379, - db=0, - password="password", - record_exp=3000, - use_ssl=True, - ssl_keyfile="keyfile.key", - ssl_certfile="certfile.crt", - ssl_ca_certs="my-bundle.ca-bundle", - ) - - assert isinstance(tracker_store, RedisTrackerStore) - - def test_exception_tracker_store_from_endpoint_config( domain: Domain, monkeypatch: MonkeyPatch, endpoints_path: Text ): From 40b9de3e3d9e153f51c5ea7d9caaf9e2ec901478 Mon Sep 17 00:00:00 2001 From: Ben Q Date: Thu, 3 Feb 2022 22:58:14 -0500 Subject: [PATCH 4/4] Updated lock store docs to include SSL params --- docs/docs/lock-stores.mdx | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/docs/docs/lock-stores.mdx b/docs/docs/lock-stores.mdx index 4faa59fc0230..8ae9a27d3b43 100644 --- a/docs/docs/lock-stores.mdx +++ b/docs/docs/lock-stores.mdx @@ -85,5 +85,11 @@ address the same node when sending messages for a given conversation ID. * `use_ssl` (default: `False`): Whether or not the communication is encrypted + * `ssl_keyfile` (default: `None`): Path to an ssl private key + + * `ssl_certfile` (default: `None`): Path to an ssl certificate + + * `ssl_ca_certs` (default: `None`): The path to a file of concatenated CA certificates in PEM format + * `socket_timeout` (default: `10`): Time in seconds after which an error is raised if Redis doesn't answer