Allow using hosted Redis instances by default

schneems · schneems · commit 1f4e449307dc · 2024-11-19T16:46:59.000-06:00
Hosted Redis servers use self signed certificates (because they do not own the domain they're running on such as `compute-1.amazonaws.com`) therefore a full SSL connection verification will fail. The fix for that behavior is to disable verification so a self signed certificate can be used [docs from a hosted Redis/Key-value store provider](https://devcenter.heroku.com/articles/connecting-heroku-redis#connecting-in-ruby). This PR makes the default behavior to allow connecting to self signed Redis servers. This failing SSL connection behavior was originally reported in Shopify#292, however that issue focuses on raising visibility of such failures. This is an alternative to Shopify#293 that does not introduce a new configuration flag.
diff --git a/ruby/lib/ci/queue/redis/base.rb b/ruby/lib/ci/queue/redis/base.rb
@@ -39,6 +39,7 @@ def initialize(redis_url, config)
               # it makes sense to retry for a while before giving up.
               reconnect_attempts: reconnect_attempts,
               middlewares: custom_middlewares,
+              ssl_params: { verify_mode: OpenSSL::SSL::VERIFY_NONE },
               custom: custom_config,
             )
           else

Original file line number	Diff line number	Diff line change
`@@ -39,6 +39,7 @@ def initialize(redis_url, config)`
`39`	`39`	`# it makes sense to retry for a while before giving up.`
`40`	`40`	`reconnect_attempts: reconnect_attempts,`
`41`	`41`	`middlewares: custom_middlewares,`
	`42`	`+ ssl_params: { verify_mode: OpenSSL::SSL::VERIFY_NONE },`
`42`	`43`	`custom: custom_config,`
`43`	`44`	`)`
`44`	`45`	`else`