Fix the failing cluster test 'ClusterClient ParseURL match ParseClusterURL'
by updating the MissingRedissPort test case to expect MinVersion: tls.VersionTLS12.
The test was failing because:
- Expected: MinVersion: 0 (not set)
- Actual: MinVersion: 771 (TLS 1.2)
This aligns with our security-first approach where all rediss:// URLs
automatically enforce TLS 1.2 minimum, even when no TLS parameters
are explicitly specified.
Test verification:
- Created and ran isolated test confirming ParseClusterURL now correctly
sets MinVersion: 771 for basic rediss://localhost URLs
- All cluster URL parsing now consistent with single client behavior
This resolves the cluster test failure while maintaining the enhanced
security posture across all client types.
After pulling the latest security fixes, update test cases to match the new
security-first behavior where all rediss:// URLs enforce TLS 1.2 minimum:
**Changes Made**:
1. **Cluster Test Fixes**:
- Updated ParseRedissURL test to expect MinVersion: tls.VersionTLS12
- Updated MultipleRedissURLs test to expect MinVersion: tls.VersionTLS12
- Updated RedissTLSCert test to expect MinVersion: tls.VersionTLS12
- Updated RedissSkipVerify test to expect MinVersion: tls.VersionTLS12
2. **Sentinel Client Consistency**:
- Made sentinel client behavior consistent with single/cluster clients
- Always set MinVersion to TLS 1.2 for rediss:// URLs, even when not specified
- Matches the security-first approach across all client types
**Security Behavior**:
- All rediss:// URLs now enforce minimum TLS 1.2 by default
- Consistent security posture across single, cluster, and sentinel clients
- No breaking changes for secure configurations
- Enhanced security for all TLS connections
**Test Results**:
- All single client tests pass ✅
- All builds successful ✅
- Consistent behavior across all client types ✅
This ensures uniform security enforcement and test expectations across
the entire go-redis library.
Add comprehensive TLS URL parameter support across all Redis client types:
- Cluster Client (ParseClusterURL): Full TLS parameter support
- Sentinel Client (ParseFailoverURL): Full TLS parameter support
- Universal Client: Inherits support from underlying clients
Supported parameters for all client types:
- tls_cert_file and tls_key_file: Client certificate authentication
- tls_min_version and tls_max_version: TLS version constraints
- tls_server_name: Server name override for certificate validation
- skip_verify: Skip certificate verification (existing parameter)
Features:
- Consistent API across all client types
- Comprehensive test coverage for cluster client
- Enhanced documentation for all client configurations
- Proper error handling and validation
This ensures users have the same TLS configuration capabilities
regardless of which Redis client type they use, providing a
consistent and complete TLS configuration experience.
* Fix hard code of failing timeout
1. if not set failing time limit, default is 15 seconds.
* feat: Complete configurable FailingTimeoutSeconds implementation
---------
Co-authored-by: Shino Wu <shino_wu@trendmicro.com>
* fix(txpipeline): keyless commands should take the slot of the keyed commands
* fix(txpipeline): extract only keyed cmds from all cmds
* chore(test): Add tests for keyless cmds and txpipeline
* fix(cmdSlot): Add preferred random slot
* fix(cmdSlot): Add shortlist of keyless cmds
* chore(test): Fix ring test
* fix(keylessCommands): Add list of keyless commands
Add list of keyless Commands based on the Commands output
for redis 8
* chore(txPipeline): refactor slottedCommands impl
* fix(osscluster): typo
* fix(txpipeline): should return error on multi/exec on multiple slots
* fix(txpipeline): test normal tx pipeline behaviour
* chore(err): Extract crossslot err and add test
* fix(txpipeline): short curcuit the tx if there are no commands
* chore(tests): validate keys are in different slots
* wip
* update documentation
* add streamingcredentialsprovider in options
* fix: put back option in pool creation
* add package level comment
* Initial re authentication implementation
Introduces the StreamingCredentialsProvider as the CredentialsProvider
with the highest priority.
TODO: needs to be tested
* Change function type name
Change CancelProviderFunc to UnsubscribeFunc
* add tests
* fix race in tests
* fix example tests
* wip, hooks refactor
* fix build
* update README.md
* update wordlist
* update README.md
* refactor(auth): early returns in cred listener
* fix(doctest): simulate some delay
* feat(conn): add close hook on conn
* fix(tests): simulate start/stop in mock credentials provider
* fix(auth): don't double close the conn
* docs(README): mark streaming credentials provider as experimental
* fix(auth): streamline auth err proccess
* fix(auth): check err on close conn
* chore(entraid): use the repo under redis org
* chore: extract benchmark tests
* wip
* enable pubsub tests
* enable ring tests
* stop tests with build redis from source
* start all tests
* mix of makefile and action
* add sentinel configs
* fix example test
* stop debug on re
* wip
* enable gears for redis 7.2
* wip
* enable sentinel, they are expected to fail
* fix: linter configuration
* chore: update re versions
* return older redis enterprise version
* add basic codeql
* wip: increase timeout, focus only sentinel tests
* sentinels with docker network host
* enable all tests
* fix flanky test
* enable example tests
* tidy docker compose
* add debug output
* stop shutingdown masters
* don't test sentinel for re
* skip unsuported addscores
* Update README
bump go version in CI
* Update README.md
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* Update CONTRIBUTING.md
add information about new test setup
---------
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* introduce github workflow for ci similar to the one in redis-py
use prerelease for 8.0-M4
* Enable osscluster tests in CI
* Add redis major version env
Enable filtering test per redis major version
Fix test for FT.SEARCH WITHSCORE, the default scorer
has changed.
fix Makefile syntax
remove filter from github action
fix makefile
use the container name in Makefile
* remove 1.20 from doctests
* self review, cleanup, add comments
* add comments, reorder prints, add default value for REDIS_MAJOR_VERSION
