No way to configure Redis (to disable SSL verification)

[markedmondson]

There is no way to configure Redis within Shipit (or PubStubHub), namely, change ssl_params on the initializer. Our problem specifically came from Heroku upgrading us to Redis 6.0. 6.0 requires TLS but Heroku doesn't support it (as routing it internal) so rejects the certificate, the workaround is to disable SSL verification.

See: https://help.heroku.com/HC0F8CUS/heroku-key-value-store-connection-issues and https://devcenter.heroku.com/articles/connecting-heroku-redis#external-connections

We ended up with these unfortunate monkey patches. I'll try and get a contribution together.

require 'shipit'
require 'active_support'

module ShipitExtension
  def redis
    @redis_ext ||= Redis.new(
      url: redis_url.to_s.presence,
      logger: Rails.logger,
      reconnect_attempts: 3,
      reconnect_delay: 0.5,
      reconnect_delay_max: 1,
      ssl_params: { verify_mode: OpenSSL::SSL::VERIFY_NONE }
    )
  end
end

ActiveSupport::Reloader.to_prepare { Shipit.prepend ShipitExtension }

require 'pubsubstub'

module PubsubstubExtension
  def new_redis
    Redis.new(
      url: redis_url,
      reconnect_attempts: 3,
      ssl_params: { verify_mode: OpenSSL::SSL::VERIFY_NONE }
    )
  end
end

Pubsubstub.singleton_class.prepend PubsubstubExtension
Pubsubstub.instance_variable_set('@redis', nil)

[casperisfine]

Yeah, we should define Shipit.redis= so that you can configure the client as much as you want.

[casperisfine]

PR welcome.

[markedmondson]

Done - what about Pubsubstub? I guess we're stuck with the monkey patch there, is it okay to entrench that within the gem too?

[casperisfine]

Yeah, you can send a similar PR to pubsubstub, I'll merge it.

[markedmondson]

byroot/pubsubstub#1