From 9b18eaa03a57294db18588f8362a2edecd9ba383 Mon Sep 17 00:00:00 2001
From: Andi-Bogdan Postelnicu <abpostelnicu@me.com>
Date: Wed, 1 Mar 2023 19:13:42 +0200
Subject: [PATCH] Do not verify the ssl cert when connecting securely to redis.

---
 backend/code_coverage_backend/gcp.py | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/backend/code_coverage_backend/gcp.py b/backend/code_coverage_backend/gcp.py
index 8f274cb1d..c077408ad 100644
--- a/backend/code_coverage_backend/gcp.py
+++ b/backend/code_coverage_backend/gcp.py
@@ -58,7 +58,14 @@ class GCPCache(object):
 
     def __init__(self, reports_dir=None):
         # Open redis connection
-        self.redis = redis.from_url(taskcluster.secrets["REDIS_URL"])
+        redis_url = taskcluster.secrets["REDIS_URL"]
+        # Are we dealing with a redis ssl/tls connection?
+        if redis_url.startswith("rediss:"):
+            # The cert is self signed so do not check it
+            self.redis = redis.from_url(redis_url, ssl_cert_reqs="none")
+        else:
+            # No we are not, we are connecting transparently
+            self.redis = redis.from_url(redis_url)
         assert self.redis.ping(), "Redis server does not ping back"
 
         # Open gcp connection to bucket