From fc3657a81a8189f6e5581e3e29a60c7aa83cd732 Mon Sep 17 00:00:00 2001
From: Anup Chatterjee <anup.chat@gmail.com>
Date: Sat, 25 Nov 2023 07:31:35 +0200
Subject: [PATCH] Adding Redis db index to not have default db index of 0
 always and username for ACL. (#3847)

Co-authored-by: Anup Chatterjee <chatterjeean@vmware.com>
---
 .../redis/config/RedisProperties.java         | 20 ++++++++++++++++++
 .../config/RedisSentinelConfiguration.java    | 21 +++++++++++++++++--
 .../config/RedisStandaloneConfiguration.java  | 19 +++++++++++++----
 3 files changed, 54 insertions(+), 6 deletions(-)

diff --git a/redis-persistence/src/main/java/com/netflix/conductor/redis/config/RedisProperties.java b/redis-persistence/src/main/java/com/netflix/conductor/redis/config/RedisProperties.java
index 2c0b3eadb2..905fd65aa6 100644
--- a/redis-persistence/src/main/java/com/netflix/conductor/redis/config/RedisProperties.java
+++ b/redis-persistence/src/main/java/com/netflix/conductor/redis/config/RedisProperties.java
@@ -108,6 +108,10 @@ public RedisProperties(ConductorProperties conductorProperties) {
 
     private int numTestsPerEvictionRun = 3;
 
+    private int database = 0;
+
+    private String username = null;
+
     public int getNumTestsPerEvictionRun() {
         return numTestsPerEvictionRun;
     }
@@ -283,4 +287,20 @@ public RetryPolicyFactory getConnectionRetryPolicy() {
             return () -> new RetryNTimes(maxRetryAttempts, false);
         }
     }
+
+    public int getDatabase() {
+        return database;
+    }
+
+    public void setDatabase(int database) {
+        this.database = database;
+    }
+
+    public String getUsername() {
+        return username;
+    }
+
+    public void setUsername(String username) {
+        this.username = username;
+    }
 }
diff --git a/redis-persistence/src/main/java/com/netflix/conductor/redis/config/RedisSentinelConfiguration.java b/redis-persistence/src/main/java/com/netflix/conductor/redis/config/RedisSentinelConfiguration.java
index 89fa5b8cc9..aa35f5e676 100644
--- a/redis-persistence/src/main/java/com/netflix/conductor/redis/config/RedisSentinelConfiguration.java
+++ b/redis-persistence/src/main/java/com/netflix/conductor/redis/config/RedisSentinelConfiguration.java
@@ -63,7 +63,7 @@ protected JedisCommands createJedisCommands(
         }
         // We use the password of the first sentinel host as password and sentinelPassword
         String password = getPassword(hostSupplier.getHosts());
-        if (password != null) {
+        if (properties.getUsername() != null && password != null) {
             return new JedisSentinel(
                     new JedisSentinelPool(
                             properties.getClusterName(),
@@ -71,8 +71,25 @@ protected JedisCommands createJedisCommands(
                             genericObjectPoolConfig,
                             Protocol.DEFAULT_TIMEOUT,
                             Protocol.DEFAULT_TIMEOUT,
+                            properties.getUsername(),
                             password,
-                            Protocol.DEFAULT_DATABASE,
+                            properties.getDatabase(),
+                            null,
+                            Protocol.DEFAULT_TIMEOUT,
+                            Protocol.DEFAULT_TIMEOUT,
+                            properties.getUsername(),
+                            password,
+                            null));
+        } else if (password != null) {
+            return new JedisSentinel(
+                    new JedisSentinelPool(
+                            properties.getClusterName(),
+                            sentinels,
+                            genericObjectPoolConfig,
+                            Protocol.DEFAULT_TIMEOUT,
+                            Protocol.DEFAULT_TIMEOUT,
+                            password,
+                            properties.getDatabase(),
                             null,
                             Protocol.DEFAULT_TIMEOUT,
                             Protocol.DEFAULT_TIMEOUT,
diff --git a/redis-persistence/src/main/java/com/netflix/conductor/redis/config/RedisStandaloneConfiguration.java b/redis-persistence/src/main/java/com/netflix/conductor/redis/config/RedisStandaloneConfiguration.java
index 8882e54036..5d07cc34fe 100644
--- a/redis-persistence/src/main/java/com/netflix/conductor/redis/config/RedisStandaloneConfiguration.java
+++ b/redis-persistence/src/main/java/com/netflix/conductor/redis/config/RedisStandaloneConfiguration.java
@@ -45,18 +45,29 @@ protected JedisCommands createJedisCommands(
         config.setMaxTotal(properties.getMaxConnectionsPerHost());
         log.info("Starting conductor server using redis_standalone.");
         Host host = hostSupplier.getHosts().get(0);
-        return new JedisStandalone(getJedisPool(config, host));
+        return new JedisStandalone(getJedisPool(config, host, properties));
     }
 
-    private JedisPool getJedisPool(JedisPoolConfig config, Host host) {
-        if (host.getPassword() != null) {
+    private JedisPool getJedisPool(JedisPoolConfig config, Host host, RedisProperties properties) {
+        if (properties.getUsername() != null && host.getPassword() != null) {
             log.info("Connecting to Redis Standalone with AUTH");
             return new JedisPool(
                     config,
                     host.getHostName(),
                     host.getPort(),
                     Protocol.DEFAULT_TIMEOUT,
-                    host.getPassword());
+                    properties.getUsername(),
+                    host.getPassword(),
+                    properties.getDatabase());
+        } else if (host.getPassword() != null) {
+            log.info("Connecting to Redis Standalone with AUTH");
+            return new JedisPool(
+                    config,
+                    host.getHostName(),
+                    host.getPort(),
+                    Protocol.DEFAULT_TIMEOUT,
+                    host.getPassword(),
+                    properties.getDatabase());
         } else {
             return new JedisPool(config, host.getHostName(), host.getPort());
         }