redis cache - add support for TLS/encryption in transit

[briantist]

SUMMARY

• Add support for encryption in transit / TLS connections, via a tls:// prefix added onto the connection uri.
• Update documentation.

Current connection string looks like this: localhost:6379:0:changeme.
With this change, above still works, but if you need TLS now you can do: tls://localhost:6379:0:changeme.

ISSUE TYPE

• Feature Pull Request

COMPONENT NAME

redis.py

ADDITIONAL INFORMATION

The connection uri in this plugin is split on : and then each element is sent verbatim positionally to the Redis library's constructor, which works great for the host, port, db, password params as they are the first four.

classredis.Redis(host=u'localhost', port=6379, db=0, password=None, socket_timeout=None, socket_connect_timeout=None, socket_keepalive=None, socket_keepalive_options=None, connection_pool=None, unix_socket_path=None, encoding=u'utf-8', encoding_errors=u'strict', charset=None, errors=None, decode_responses=False, retry_on_timeout=False, ssl=False, ssl_keyfile=None, ssl_certfile=None, ssl_cert_reqs=u'required', ssl_ca_certs=None, ssl_check_hostname=False, max_connections=None, single_connection_client=False, health_check_interval=0, client_name=None, username=None)

But the ssl param is way down the list at number 17, so having to supply all those other values that are almost surely defaulted, doesn't really make sense.

I added support to use a prefix, but otherwise didn't change anything about the uri, so it still just works just the same as it did and existing connection strings won't be affected.

[felixfontein]

You need a changelog fragment (minor_changes:).

[ansibullbot]

The test ansible-test sanity --test pep8 [explain] failed with 2 errors:

plugins/cache/redis.py:92:11: E111: indentation is not a multiple of four
plugins/cache/redis.py:93:11: E111: indentation is not a multiple of four

click here for bot help

[felixfontein]

Besides that, LGTM.

[resmo]

shipit