From 9b18eaa03a57294db18588f8362a2edecd9ba383 Mon Sep 17 00:00:00 2001 From: Andi-Bogdan Postelnicu Date: Wed, 1 Mar 2023 19:13:42 +0200 Subject: [PATCH] Do not verify the ssl cert when connecting securely to redis. --- backend/code_coverage_backend/gcp.py | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/backend/code_coverage_backend/gcp.py b/backend/code_coverage_backend/gcp.py index 8f274cb1d..c077408ad 100644 --- a/backend/code_coverage_backend/gcp.py +++ b/backend/code_coverage_backend/gcp.py @@ -58,7 +58,14 @@ class GCPCache(object): def __init__(self, reports_dir=None): # Open redis connection - self.redis = redis.from_url(taskcluster.secrets["REDIS_URL"]) + redis_url = taskcluster.secrets["REDIS_URL"] + # Are we dealing with a redis ssl/tls connection? + if redis_url.startswith("rediss:"): + # The cert is self signed so do not check it + self.redis = redis.from_url(redis_url, ssl_cert_reqs="none") + else: + # No we are not, we are connecting transparently + self.redis = redis.from_url(redis_url) assert self.redis.ping(), "Redis server does not ping back" # Open gcp connection to bucket