feat(collectors): Add TLS parameters to the redis collector (#870)

feat(collectors): Add mTLS parameters to the redis collector

For a redis collector spec targeting a redis server configured to accept
(m)TLS connections we need to pass in the necessary TLS parameters in order
to successfully connect to the server. Both preflight and support bundle
specs use this collector.

This change allows us to pass in the necessary TLS parameters via inlined
TLS configuration or via a secret reference.

Fixes #746

Author: banjoh

config/crds/troubleshoot.sh_collectors.yaml

@@ -367,6 +367,27 @@ spec:
                           items:
                             type: string
                           type: array
+                        tls:
+                          properties:
+                            cacert:
+                              type: string
+                            clientCert:
+                              type: string
+                            clientKey:
+                              type: string
+                            secret:
+                              properties:
+                                name:
+                                  type: string
+                                namespace:
+                                  type: string
+                              required:
+                              - name
+                              - namespace
+                              type: object
+                            skipVerify:
+                              type: boolean
+                          type: object
                         uri:
                           type: string
                       required:
@@ -382,6 +403,27 @@ spec:
                           items:
                             type: string
                           type: array
+                        tls:
+                          properties:
+                            cacert:
+                              type: string
+                            clientCert:
+                              type: string
+                            clientKey:
+                              type: string
+                            secret:
+                              properties:
+                                name:
+                                  type: string
+                                namespace:
+                                  type: string
+                              required:
+                              - name
+                              - namespace
+                              type: object
+                            skipVerify:
+                              type: boolean
+                          type: object
                         uri:
                           type: string
                       required:
@@ -397,6 +439,27 @@ spec:
                           items:
                             type: string
                           type: array
+                        tls:
+                          properties:
+                            cacert:
+                              type: string
+                            clientCert:
+                              type: string
+                            clientKey:
+                              type: string
+                            secret:
+                              properties:
+                                name:
+                                  type: string
+                                namespace:
+                                  type: string
+                              required:
+                              - name
+                              - namespace
+                              type: object
+                            skipVerify:
+                              type: boolean
+                          type: object
                         uri:
                           type: string
                       required:

config/crds/troubleshoot.sh_preflights.yaml

@@ -1692,6 +1692,27 @@ spec:
                           items:
                             type: string
                           type: array
+                        tls:
+                          properties:
+                            cacert:
+                              type: string
+                            clientCert:
+                              type: string
+                            clientKey:
+                              type: string
+                            secret:
+                              properties:
+                                name:
+                                  type: string
+                                namespace:
+                                  type: string
+                              required:
+                              - name
+                              - namespace
+                              type: object
+                            skipVerify:
+                              type: boolean
+                          type: object
                         uri:
                           type: string
                       required:
@@ -1707,6 +1728,27 @@ spec:
                           items:
                             type: string
                           type: array
+                        tls:
+                          properties:
+                            cacert:
+                              type: string
+                            clientCert:
+                              type: string
+                            clientKey:
+                              type: string
+                            secret:
+                              properties:
+                                name:
+                                  type: string
+                                namespace:
+                                  type: string
+                              required:
+                              - name
+                              - namespace
+                              type: object
+                            skipVerify:
+                              type: boolean
+                          type: object
                         uri:
                           type: string
                       required:
@@ -1722,6 +1764,27 @@ spec:
                           items:
                             type: string
                           type: array
+                        tls:
+                          properties:
+                            cacert:
+                              type: string
+                            clientCert:
+                              type: string
+                            clientKey:
+                              type: string
+                            secret:
+                              properties:
+                                name:
+                                  type: string
+                                namespace:
+                                  type: string
+                              required:
+                              - name
+                              - namespace
+                              type: object
+                            skipVerify:
+                              type: boolean
+                          type: object
                         uri:
                           type: string
                       required:

config/crds/troubleshoot.sh_supportbundles.yaml

@@ -1723,6 +1723,27 @@ spec:
                           items:
                             type: string
                           type: array
+                        tls:
+                          properties:
+                            cacert:
+                              type: string
+                            clientCert:
+                              type: string
+                            clientKey:
+                              type: string
+                            secret:
+                              properties:
+                                name:
+                                  type: string
+                                namespace:
+                                  type: string
+                              required:
+                              - name
+                              - namespace
+                              type: object
+                            skipVerify:
+                              type: boolean
+                          type: object
                         uri:
                           type: string
                       required:
@@ -1738,6 +1759,27 @@ spec:
                           items:
                             type: string
                           type: array
+                        tls:
+                          properties:
+                            cacert:
+                              type: string
+                            clientCert:
+                              type: string
+                            clientKey:
+                              type: string
+                            secret:
+                              properties:
+                                name:
+                                  type: string
+                                namespace:
+                                  type: string
+                              required:
+                              - name
+                              - namespace
+                              type: object
+                            skipVerify:
+                              type: boolean
+                          type: object
                         uri:
                           type: string
                       required:
@@ -1753,6 +1795,27 @@ spec:
                           items:
                             type: string
                           type: array
+                        tls:
+                          properties:
+                            cacert:
+                              type: string
+                            clientCert:
+                              type: string
+                            clientKey:
+                              type: string
+                            secret:
+                              properties:
+                                name:
+                                  type: string
+                                namespace:
+                                  type: string
+                              required:
+                              - name
+                              - namespace
+                              type: object
+                            skipVerify:
+                              type: boolean
+                          type: object
                         uri:
                           type: string
                       required:

examples/preflight/redis.yaml

@@ -6,18 +6,19 @@ spec:
   collectors:
     - redis:
         collectorName: my-redis
-        uri: rediss://default:password@hostname:6379
+        uri: rediss://default:replicated@server:6380
+        tls:
+          skipVerify: true
   analyzers:
     - redis:
         checkName: Must be redis 5.x or later
         collectorName: my-redis
         outcomes:
           - fail:
               when: "connected == false"
-              message: Cannot connect to postgres server
+              message: Cannot connect to redis server
           - fail:
               when: "version < 5.0.0"
               message: The redis server must be at least version 5
           - pass:
               message: The redis connection checks out
-  

examples/support-bundle/mysql-collector.yaml renamed to examples/support-bundle/db-collector.yaml

@@ -1,7 +1,7 @@
 apiVersion: troubleshoot.sh/v1beta2
 kind: SupportBundle
 metadata:
-  name: mysql
+  name: dbs-collector
 spec:
   collectors:
     - mysql:
@@ -15,3 +15,6 @@ spec:
           - innodb_large_prefix
           - innodb_strict_mode
           - log_bin_trust_function_creators
+    - redis:
+        collectorName: my-redis
+        uri: rediss://default:replicated@server:6380

pkg/apis/troubleshoot/v1beta2/collector_shared.go

@@ -168,8 +168,22 @@ type Put struct {
 
 type Database struct {
 	CollectorMeta `json:",inline" yaml:",inline"`
-	URI           string   `json:"uri" yaml:"uri"`
-	Parameters    []string `json:"parameters,omitempty"`
+	URI           string     `json:"uri" yaml:"uri"`
+	Parameters    []string   `json:"parameters,omitempty"`
+	TLS           *TLSParams `json:"tls,omitempty" yaml:"tls,omitempty"`
+}
+
+type TLSParams struct {
+	SkipVerify bool       `json:"skipVerify,omitempty" yaml:"skipVerify,omitempty"`
+	Secret     *TLSSecret `json:"secret,omitempty" yaml:"secret,omitempty"`
+	CACert     string     `json:"cacert,omitempty" yaml:"cacert,omitempty"`
+	ClientCert string     `json:"clientCert,omitempty" yaml:"clientCert,omitempty"`
+	ClientKey  string     `json:"clientKey,omitempty" yaml:"clientKey,omitempty"`
+}
+
+type TLSSecret struct {
+	Name      string `json:"name" yaml:"name"`
+	Namespace string `json:"namespace" yaml:"namespace"`
 }
 
 type Collectd struct {