danhunsaker
commented
2 years ago The current code was written long before managed Redis was even a thing, so yes, it strips the username as Redis didn't have any use for it at the time. It literally just submits the password, because Redis itself didn't have a way to specify a user. The fact it hasn't kept pace with changes like these is part of why a refactor is planned to disconnect the hard reliance on Credis so folks can use whatever (compatible) library they want for the latest features.
Planned isn't implemented, though, so alas, we're stuck with Credis for now. I'll happily merge a PR that can pass the username as well, even if it has to retarget to a more recent Credis until we get that refactor done.
Redis 6 introduced userpass authentication with ACLs, which is used with managed Redis services offered by e.g. DigitalOcean. Though, I cannot authenticate workers because the username is not used for authentication:
https://github.com/resque/php-resque/blob/78a8b4a17482c3aa9581be35f42c58a690d24c62/lib/Resque/Redis.php#L127
Expected Behavior
phpredis supports a variety of data structures to authenticate with a username and password, so I expected the username from my DSN connection string would be used:
https://github.com/resque/php-resque/blob/78a8b4a17482c3aa9581be35f42c58a690d24c62/lib/Resque/Redis.php#L126
Current Behavior
https://github.com/resque/php-resque/blob/78a8b4a17482c3aa9581be35f42c58a690d24c62/lib/Resque/Redis.php#L136-L138
Possible Solution
I put together the necessary patches for colinmollenhour/credis to test a very crude implementation, which I have on a fork here (please don't mind the whitespace 😅):
https://github.com/resque/php-resque/compare/develop...kodumbeats:tls_connections
Context
Trying to hook up Appwrite to a Managed Redis database cluster provided by DigitalOcean but cannot due to this limitation.