[bitnami/harbor] Username for External Redis is hardcoded

[jowko]

Which chart: bitnami/harbor

Describe the bug There is no way to configure External Redis username since it is hardcoded as redis. When I configured password to my Redis instance, I cannot connect because of the error: WRONGPASS invalid username-password pair

Expected behavior It would be nice to have an option to configure username too. See such phrases in templates file: redis://redis: - the second is username. Historically Redis didn't supported different users, so username didn't mattered. But from version 6.0.0 it can also verify passed username: https://redis.io/commands/auth

Additional context The same issue is in official Harbor Helm Chart: https://github.com/goharbor/harbor-helm/issues/1062 Since there is no TLS support: https://github.com/bitnami/charts/issues/7691, I created stunnel container which handled TLS communication. Harbor connected to stunnel sidecar container and then the stunnel passed the request to External Redis instance.

[miguelaeh]

Hi @jowko , thank you very much for reporting this. It seems the username is not supported in our charts. Probably we will also need to re-check the containers logic in case ACLs are configured. I will create an internal task with this information.

[jowko]

Hi @miguelaeh We tried to find a workaround for the problem with username and TLS connection #7691 for external Redis instance. We managed to create a side container with stunnel and we created a redis user with username redis as it is currently hardcoded. Harbor connects to stunnel and such request is passed to our external Redis instance. But Harbor fails to authenticate with it: 2021-10-12T12:35:45Z [ERROR] [/lib/cache/cache.go:110]: failed to ping redis://redis:xxxxx@localhost:6830/0, retry after 10s : WRONGPASS invalid username-password pair

I though that our connection may be misconfigured, so I run a deployment which had redis and stunnel containers. I connected to redis instance and in bash I used redis-cli to connect to our external Redis through stunnel and I succeded: redis-cli -u redis://redis:<password>@localhost:6830/0 So I think that there is some additional problem in Harbor related to connecting to such secured instances which should be investigated too. I'm attaching the deployment (of course without credentials or address to our Redis) which I used in tests and managed to connect to Redis using redis-cli. redis-deployment-test.zip

As external Redis, we use IBM Cloud Databases for Redis, version: 6.

[miguelaeh]

thank you @jowko , We will update this thread once we have news.

[carrodher]

Thanks for reporting this issue. Unfortunately and due to other priorities and the bandwidth we have, the task to add this feature is not part of our mid-term roadmap. Would you like to contribute by creating a PR to solve the issue? The Bitnami team will be happy to review it and provide feedback. Here you can find the contributing guidelines.

[github-actions[bot]]

This Issue has been automatically marked as "stale" because it has not had recent activity (for 15 days). It will be closed if no further activity occurs. Thanks for the feedback.

[jowko]

Issue is still valid.

[github-actions[bot]]

This Issue has been automatically marked as "stale" because it has not had recent activity (for 15 days). It will be closed if no further activity occurs. Thanks for the feedback.

[jowko]

Issue is still valid.

[carrodher]

Hi @jowko, please note that due to other priorities and the bandwidth we have, the task to add this feature is not part of our mid-term roadmap.

Would you like to contribute by creating a PR to solve the issue? The Bitnami team will be happy to review it and provide feedback. Here you can find the contributing guidelines

If nobody from the community is going to work on this feature, I think the issue could be safely closed.

[github-actions[bot]]

This Issue has been automatically marked as "stale" because it has not had recent activity (for 15 days). It will be closed if no further activity occurs. Thanks for the feedback.

[github-actions[bot]]

Due to the lack of activity in the last 5 days since it was marked as "stale", we proceed to close this Issue. Do not hesitate to reopen it later if necessary.