* update e2e test, change script
* update script and tests
* fixed bdbid parsing
* disabled majority of tests, swapped event order
* change the config tag
* revert test order
* fix typo
* reenable all e2e tests
* change the clonfig flag key for all e2e tests
* improve logging for debug purposes of tests
* longer deadline for FI in CI
* increase waiting for notifications
* extend tests
* dont fail on flaky third client
* fi new params
* fix test build
* more time for migrating
* first wait for FI action, then assert notification
* fix test build
* fix tests
* fix tests
* change output
* global print logs for tests
* better output
* fix error format
* maybe the notification is already received
* second and third client fix
* print output if failed
* better second and third client checks
* output action data if notification is not received
* stop command runner
* database create / delete actions
* database create / delete actions used in tests
* fix import
* remove example
* remove unused var
* use different port than the one in env
* wait for action to get the response
* fix output
* fix create db config
* fix create db config
* use new database for client
* fix create db config
* db per scenario
* less logs, correct check
* Add CTRF to the scenario tests (#3545)
* add some json ctrf improvements
* fix -v
* attempt to separate the output
---------
Co-authored-by: Nedyalko Dyakov <1547186+ndyakov@users.noreply.github.com>
---------
Co-authored-by: Nedyalko Dyakov <nedyalko.dyakov@gmail.com>
Co-authored-by: kiryazovi-redis <ivaylo.kiryazov@redis.com>
Co-authored-by: Nedyalko Dyakov <1547186+ndyakov@users.noreply.github.com>
This commit adds extensive test coverage for the IncrByFloat Redis command,
covering various edge cases and scenarios that were not previously tested.
Test cases added:
- Negative increment values
- Zero increment (should return current value)
- High precision floating point operations
- Non-existent key behavior (should start from 0)
- Integer values stored as strings
- Scientific notation (both positive and negative)
- Error handling for non-numeric values
- Very large numbers (near float64 limits)
- Very small numbers (near zero precision)
These tests ensure robust behavior of the IncrByFloat command across
different numeric formats and edge conditions, improving the overall
reliability and test coverage of the go-redis library.
The tests use Gomega's BeNumerically matcher for floating point
comparisons to handle precision issues appropriately.
* Bumps test image to 8.2.1-pre
Signed-off-by: Elena Kolevska <elena@kolevska.com>
* Missed the “benchmark” job
Signed-off-by: Elena Kolevska <elena@kolevska.com>
---------
Signed-off-by: Elena Kolevska <elena@kolevska.com>
Fix the remaining cluster test failure by updating the RedissUsernamePassword
test case to expect MinVersion: tls.VersionTLS12.
The test was failing because:
- Expected: TLSConfig with MinVersion: 0 (not set)
- Actual: TLSConfig with MinVersion: 771 (TLS 1.2)
This completes the alignment of all cluster test cases with our security-first
approach where all rediss:// URLs automatically enforce TLS 1.2 minimum.
All cluster test cases now consistently expect MinVersion: tls.VersionTLS12
for rediss:// URLs, matching the behavior of single client tests.
Fix the failing cluster test 'ClusterClient ParseURL match ParseClusterURL'
by updating the MissingRedissPort test case to expect MinVersion: tls.VersionTLS12.
The test was failing because:
- Expected: MinVersion: 0 (not set)
- Actual: MinVersion: 771 (TLS 1.2)
This aligns with our security-first approach where all rediss:// URLs
automatically enforce TLS 1.2 minimum, even when no TLS parameters
are explicitly specified.
Test verification:
- Created and ran isolated test confirming ParseClusterURL now correctly
sets MinVersion: 771 for basic rediss://localhost URLs
- All cluster URL parsing now consistent with single client behavior
This resolves the cluster test failure while maintaining the enhanced
security posture across all client types.
After pulling the latest security fixes, update test cases to match the new
security-first behavior where all rediss:// URLs enforce TLS 1.2 minimum:
**Changes Made**:
1. **Cluster Test Fixes**:
- Updated ParseRedissURL test to expect MinVersion: tls.VersionTLS12
- Updated MultipleRedissURLs test to expect MinVersion: tls.VersionTLS12
- Updated RedissTLSCert test to expect MinVersion: tls.VersionTLS12
- Updated RedissSkipVerify test to expect MinVersion: tls.VersionTLS12
2. **Sentinel Client Consistency**:
- Made sentinel client behavior consistent with single/cluster clients
- Always set MinVersion to TLS 1.2 for rediss:// URLs, even when not specified
- Matches the security-first approach across all client types
**Security Behavior**:
- All rediss:// URLs now enforce minimum TLS 1.2 by default
- Consistent security posture across single, cluster, and sentinel clients
- No breaking changes for secure configurations
- Enhanced security for all TLS connections
**Test Results**:
- All single client tests pass ✅
- All builds successful ✅
- Consistent behavior across all client types ✅
This ensures uniform security enforcement and test expectations across
the entire go-redis library.
Address the final 3 CodeQL security alerts for 'Insecure TLS configuration':
**Root Cause**:
CodeQL detected that setting or
would result in , which is insecure
(TLS version 0).
**Security Fix**:
- When or is specified, don't set
the TLS version at all - let Go use its secure defaults
- Only set explicit TLS versions when they are >= TLS 1.2 (secure)
- Applied fix consistently across all client types
**Files Fixed**:
- options.go (lines 609, 620) - Single client
- osscluster.go (lines 336, 350) - Cluster client
- sentinel.go (lines 446, 460) - Sentinel client
**Security Behavior**:
- → Don't set MinVersion (Go default: secure)
- → Error: insecure, minimum TLS 1.2 required
- → Set explicit secure version
- Same logic applies to
**Test Coverage**:
- Added test case for behavior
- Verified all security validation tests pass
- Confirmed no regression in functionality
This resolves all remaining CodeQL security alerts while maintaining
secure defaults and clear error messages for insecure configurations.
