feat(redis-ha-proxy): Configure Redis Ha Proxy TLS settings#1218
feat(redis-ha-proxy): Configure Redis Ha Proxy TLS settings#1218akhilnittala wants to merge 1 commit into
Conversation
Signed-off-by: akhil nittala <nakhil@redhat.com>
|
Skipping CI for Draft Pull Request. |
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
📝 WalkthroughSummary by CodeRabbit
WalkthroughThe HAProxy Redis template adds conditional TLS protocol and cipher configuration. TLS-enabled Sentinel health checks and Redis master backend connections now explicitly use SSL with required certificate verification. ChangesRedis TLS configuration
Estimated code review effort: 3 (Moderate) | ~15–30 minutes 🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@build/redis/haproxy.cfg.tpl`:
- Around line 11-23: Update the TLS configuration conditional in the HAProxy
template so TLS 1.2 cipher directives use .tlsCiphers while TLS 1.3 cipher-suite
directives use a separate TLS 1.3-formatted value such as .tlsCipherSuites.
Ensure the same cipher string is never rendered for both ssl-default-*-ciphers
and ssl-default-*-ciphersuites, and adjust the surrounding configuration data to
provide the new field.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Repository YAML (base), Organization UI (inherited)
Review profile: CHILL
Plan: Enterprise
Run ID: 57a48a69-e973-4104-981e-e257f8f3e114
📒 Files selected for processing (1)
build/redis/haproxy.cfg.tpl
🔗 Linked repositories identified
CodeRabbit considers these linked repositories for cross-repo context during reviews:
argoproj-labs/argocd-operator(manual)
What type of PR is this?
/kind enhancement
What does this PR do / why we need it:
Configure TLS settings for redis ha proxy.
Have you updated the necessary documentation?
Which issue(s) this PR fixes:
Fixes #?
https://redhat.atlassian.net/browse/GITOPS-10289
Test acceptance criteria:
How to test changes / Special notes to the reviewer: