Add redis ssl (#540)

* Add tls parameter to redis config struct * Add enableTLS parameter to redis-scaler with this change if the user add in the redis-scaler configuration the following field: ``` enableTLS: true ``` it will let the redis-scaler to connect to SSL hosts (it will add the tls configuration to the client connection options, setting InsecureSkipVerify to true) * Remove debug print Co-authored-by: Max Gallo <[email protected]>
kedacore · Jan 28, 2020 · 6876da4 · 6876da4
1 parent bf18818
commit 6876da4
Showing 1 changed file with 25 additions and 6 deletions.
diff --git a/pkg/scalers/redis_scaler.go b/pkg/scalers/redis_scaler.go
@@ -2,6 +2,7 @@ package scalers
 
 import (
 	"context"
+	"crypto/tls"
 	"fmt"
 	"strconv"
 
@@ -30,6 +31,7 @@ type redisMetadata struct {
 	listName         string
 	address          string
 	password         string
+	enableTLS        bool
 }
 
 var redisLog = logf.Log.WithName("redis_scaler")
@@ -84,13 +86,23 @@ func parseRedisMetadata(metadata, resolvedEnv, authParams map[string]string) (*r
 		}
 	}
 
+	meta.enableTLS = false
+	if val, ok := metadata["enableTLS"]; ok {
+		tls, err := strconv.ParseBool(val)
+		if err != nil {
+			return nil, fmt.Errorf("enableTLS parsing error %s", err.Error())
+		}
+		meta.enableTLS = tls
+	}
+
 	return &meta, nil
 }
 
 // IsActive checks if there is any element in the Redis list
 func (s *redisScaler) IsActive(ctx context.Context) (bool, error) {
+
 	length, err := getRedisListLength(
-		ctx, s.metadata.address, s.metadata.password, s.metadata.listName)
+		ctx, s.metadata.address, s.metadata.password, s.metadata.listName, s.metadata.enableTLS)
 
 	if err != nil {
 		redisLog.Error(err, "error")
@@ -114,7 +126,7 @@ func (s *redisScaler) GetMetricSpecForScaling() []v2beta1.MetricSpec {
 
 // GetMetrics connects to Redis and finds the length of the list
 func (s *redisScaler) GetMetrics(ctx context.Context, metricName string, metricSelector labels.Selector) ([]external_metrics.ExternalMetricValue, error) {
-	listLen, err := getRedisListLength(ctx, s.metadata.address, s.metadata.password, s.metadata.listName)
+	listLen, err := getRedisListLength(ctx, s.metadata.address, s.metadata.password, s.metadata.listName, s.metadata.enableTLS)
 
 	if err != nil {
 		redisLog.Error(err, "error getting list length")
@@ -130,18 +142,25 @@ func (s *redisScaler) GetMetrics(ctx context.Context, metricName string, metricS
 	return append([]external_metrics.ExternalMetricValue{}, metric), nil
 }
 
-func getRedisListLength(ctx context.Context, address string, password string, listName string) (int64, error) {
-	client := redis.NewClient(&redis.Options{
+func getRedisListLength(ctx context.Context, address string, password string, listName string, enableTLS bool) (int64, error) {
+	options := &redis.Options{
 		Addr:     address,
 		Password: password,
 		DB:       0,
-	})
+	}
+
+	if enableTLS == true {
+		options.TLSConfig = &tls.Config{
+			InsecureSkipVerify: enableTLS,
+		}
+	}
+
+	client := redis.NewClient(options)
 
 	cmd := client.LLen(listName)
 
 	if cmd.Err() != nil {
 		return -1, cmd.Err()
 	}
-
 	return cmd.Result()
 }