test(sentinel): add testcases for sentinel

.ci/docker-compose-cluster-tls.yml

@@ -19,7 +19,7 @@ services:
     volumes:
       - ../test/emqx_auth_redis_SUITE_data/certs:/tls
       - ./redis/:/data/conf
-    command: bash -c "/bin/bash /data/conf/redis.sh -t && while true; do echo 1; sleep 1; done"
+    command: bash -c "/bin/bash /data/conf/redis.sh --node cluster --tls-enabled && while true; do echo 1; sleep 1; done"
     networks:
       app_net:
         # Assign a public address. Erlang container cannot find cluster nodes by network-scoped alias (redis_cluster).

.ci/docker-compose-cluster.yml

@@ -18,7 +18,7 @@ services:
     container_name: redis-cluster
     volumes:
       - ./redis/:/data/conf
-    command: bash -c "/bin/bash /data/conf/redis.sh && while true; do echo 1; sleep 1; done"
+    command: bash -c "/bin/bash /data/conf/redis.sh --node cluster && while true; do echo 1; sleep 1; done"
     networks:
       app_net:
         # Assign a public address. Erlang container cannot find cluster nodes by network-scoped alias (redis_cluster).

.ci/docker-compose-sentinel.yml

@@ -0,0 +1,38 @@
+version: '2.4'
+# network configuration is limited in version 3
+# https://github.com/docker/compose/issues/4958
+
+services:
+  erlang:
+    image: erlang:22.3
+    volumes:
+      - ../:/emqx_auth_redis
+    networks:
+      - app_net
+    depends_on:
+      - redis_cluster
+    tty: true
+
+  redis_cluster:
+    image: redis:${REDIS_TAG}
+    container_name: redis-cluster
+    volumes:
+      - ./redis/:/data/conf
+    command: bash -c "/bin/bash /data/conf/redis.sh --node sentinel && while true; do echo 1; sleep 1; done"
+    networks:
+      app_net:
+        # Assign a public address. Erlang container cannot find cluster nodes by network-scoped alias (redis_cluster).
+        ipv4_address: 172.16.239.10
+        ipv6_address: 2001:3200:3200::20
+
+networks:
+  app_net:
+    driver: bridge
+    enable_ipv6: true
+    ipam:
+      driver: default
+      config:
+        - subnet: 172.16.239.0/24
+          gateway: 172.16.239.1
+        - subnet: 2001:3200:3200::/64
+          gateway: 2001:3200:3200::1

.ci/redis/redis-tls.conf

@@ -0,0 +1,5 @@
+daemonize yes
+bind 0.0.0.0 ::
+tls-cert-file /tls/redis.crt
+tls-key-file /tls/redis.key
+tls-ca-cert-file /tls/ca.crt

.ci/redis/redis.conf

@@ -1,3 +1,2 @@
-cluster-enabled      yes
-cluster-node-timeout 10000
-bind 0.0.0.0 :: 
+daemonize yes
+bind 0.0.0.0 ::

.ci/redis/redis.sh

@@ -1,14 +1,26 @@
 #!/bin/bash
 
-tls=false;
-while getopts t OPT
+node=single
+tls=false
+while [[ $# -gt 0 ]]
 do
-    case $OPT in
-        t)  tls=true
-            ;;
-        \?) exit
-            ;;
-    esac
+key="$1"
+
+case $key in
+    -n|--node)
+    node="$2"
+    shift # past argument
+    shift # past value
+    ;;
+    -t|--tls-enabled)
+    tls="$2"
+    shift # past argument
+    shift # past value
+    ;;
+    *)
+    shift # past argument
+    ;;
+esac
 done
 
 rm -f \
@@ -19,28 +31,27 @@ rm -f \
     /data/conf/nodes.7001.conf \
     /data/conf/nodes.7002.conf ;
 
-if  $tls ; then
-  redis-server /data/conf/redis.conf --port 7000 --cluster-config-file /data/conf/nodes.7000.conf --daemonize yes \
-                                     --tls-port 8000 \
-                                     --tls-cert-file /tls/redis.crt \
-                                     --tls-key-file /tls/redis.key \
-                                     --tls-ca-cert-file /tls/ca.crt
-  redis-server /data/conf/redis.conf --port 7001 --cluster-config-file /data/conf/nodes.7001.conf --daemonize yes \
-                                     --tls-port 8001 \
-                                     --tls-cert-file /tls/redis.crt \
-                                     --tls-key-file /tls/redis.key \
-                                     --tls-ca-cert-file /tls/ca.crt
-  redis-server /data/conf/redis.conf --port 7002 --cluster-config-file /data/conf/nodes.7002.conf --daemonize yes \
-                                     --tls-port 8002 \
-                                     --tls-cert-file /tls/redis.crt \
-                                     --tls-key-file /tls/redis.key \
-                                     --tls-ca-cert-file /tls/ca.crt
-else
-  redis-server /data/conf/redis.conf --port 7000 --cluster-config-file /data/conf/nodes.7000.conf --daemonize yes ;
-  redis-server /data/conf/redis.conf --port 7001 --cluster-config-file /data/conf/nodes.7001.conf --daemonize yes ;
-  redis-server /data/conf/redis.conf --port 7002 --cluster-config-file /data/conf/nodes.7002.conf --daemonize yes ;
+if [ ${node} = "cluster" ] ; then
+  if $tls ; then
+    redis-server /data/conf/redis-tls.conf --port 7000 --cluster-config-file /data/conf/nodes.7000.conf \
+                                           --tls-port 8000 --cluster-enabled yes ;
+    redis-server /data/conf/redis-tls.conf --port 7001 --cluster-config-file /data/conf/nodes.7001.conf \
+                                           --tls-port 8001 --cluster-enabled yes;
+    redis-server /data/conf/redis-tls.conf --port 7002 --cluster-config-file /data/conf/nodes.7002.conf \
+                                           --tls-port 8002 --cluster-enabled yes;
+  else
+    redis-server /data/conf/redis.conf --port 7000 --cluster-config-file /data/conf/nodes.7000.conf --cluster-enabled yes;
+    redis-server /data/conf/redis.conf --port 7001 --cluster-config-file /data/conf/nodes.7001.conf --cluster-enabled yes;
+    redis-server /data/conf/redis.conf --port 7002 --cluster-config-file /data/conf/nodes.7002.conf --cluster-enabled yes;
+  fi
+elif [ ${node} = "sentinel" ] ; then
+    redis-server /data/conf/redis.conf --port 7000 --cluster-config-file /data/conf/nodes.7000.conf \
+                                       --cluster-enabled no;
+    redis-server /data/conf/redis.conf --port 7001 --cluster-config-file /data/conf/nodes.7001.conf \
+                                       --cluster-enabled no --slaveof 172.16.239.10 7000;
+    redis-server /data/conf/redis.conf --port 7002 --cluster-config-file /data/conf/nodes.7002.conf \
+                                       --cluster-enabled no --slaveof 172.16.239.10 7000;
 fi
-
 REDIS_LOAD_FLG=true;
 
 while $REDIS_LOAD_FLG;
@@ -64,7 +75,12 @@ do
     else
         continue;
     fi
-    yes "yes" | redis-cli --cluster create 172.16.239.10:7000 172.16.239.10:7001 172.16.239.10:7002;
+    if [ ${node} = "cluster" ] ; then
+      yes "yes" | redis-cli --cluster create 172.16.239.10:7000 172.16.239.10:7001 172.16.239.10:7002;
+    elif [ ${node} = "sentinel" ] ; then
+      cp /data/conf/sentinel.conf /_sentinel.conf
+      redis-server /_sentinel.conf --sentinel;
+    fi
     REDIS_LOAD_FLG=false;
 done
 

.ci/redis/sentinel.conf

@@ -0,0 +1,3 @@
+port 26379
+dir /tmp
+sentinel monitor mymaster 172.16.239.10 7000 1

.github/workflows/run_test_cases.yaml

@@ -20,6 +20,7 @@ jobs:
                node_type:
                    - single
                    - cluster
+                   - sentinel
 
         steps:
             - name: install docker-compose
@@ -111,8 +112,30 @@ jobs:
                 echo 'auth.redis.cafile = /emqx_auth_redis/test/emqx_auth_redis_SUITE_data/certs/ca.crt' >> ./etc/emqx_auth_redis.conf
                 echo 'auth.redis.certfile = /emqx_auth_redis/test/emqx_auth_redis_SUITE_data/certs/redis.crt' >> ./etc/emqx_auth_redis.conf
                 echo 'auth.redis.keyfile = /emqx_auth_redis/test/emqx_auth_redis_SUITE_data/certs/redis.key' >> ./etc/emqx_auth_redis.conf
+            - name: setup
+              if: matrix.connect_type == 'tcp' && matrix.network_type == 'ipv4' && matrix.node_type == 'sentinel'
+              env:
+                REDIS_TAG: ${{ matrix.redis_tag}}
+              run: |
+                set -e -u -x
+                docker-compose -f ./.ci/docker-compose-sentinel.yml -p tests up -d
+                sed -i '/auth.redis.type/c auth.redis.type = sentinel' ./etc/emqx_auth_redis.conf
+                sed -i '/auth.redis.server/c auth.redis.server = 172.16.239.10:26379' ./etc/emqx_auth_redis.conf
+                echo '\n' >> ./etc/emqx_auth_redis.conf
+                echo 'auth.redis.sentinel = mymaster' >> ./etc/emqx_auth_redis.conf
+            - name: setup
+              if: matrix.connect_type == 'tcp' && matrix.network_type == 'ipv6' && matrix.node_type == 'sentinel'
+              env:
+                REDIS_TAG: ${{ matrix.redis_tag}}
+              run: |
+                set -e -u -x
+                docker-compose -f ./.ci/docker-compose-sentinel.yml -p tests up -d
+                sed -i '/auth.redis.type/c auth.redis.type = sentinel' ./etc/emqx_auth_redis.conf
+                sed -i '/auth.redis.server/c auth.redis.server = 2001:3200:3200::20:26379' ./etc/emqx_auth_redis.conf
+                echo '\n' >> ./etc/emqx_auth_redis.conf
+                echo 'auth.redis.sentinel = mymaster' >> ./etc/emqx_auth_redis.conf
             - name: run test cases
-              if: matrix.connect_type == 'tcp' || (matrix.connect_type == 'tls' &&  matrix.redis_tag == '6.0.9')
+              if: matrix.connect_type == 'tcp' || (matrix.connect_type == 'tls' &&  matrix.redis_tag == '6.0.9' && matrix.node_type != 'sentinel')
               run: |
                 docker exec -i tests_erlang_1 sh -c "make -C /emqx_auth_redis xref"
                 docker exec -i tests_erlang_1 sh -c "make -C /emqx_auth_redis eunit"

test/emqx_auth_redis_SUITE.erl

@@ -182,9 +182,9 @@ reload(Config) when is_list(Config) ->
 q(Cmd) ->
     {ok, Server} = application:get_env(?APP, server),
     case proplists:get_value(type, Server) of
-        single ->
-            {ok, Connection} = ?POOL(?APP),
-            eredis:q(Connection, Cmd);
         cluster ->
-            eredis_cluster:q(emqx_auth_redis, Cmd)
+            eredis_cluster:q(emqx_auth_redis, Cmd);
+        _ ->
+            {ok, Connection} = ?POOL(?APP),
+            eredis:q(Connection, Cmd)
     end.