Redis is a required part of our infra

[djeebus]

No description provided.

[cursor]

PR Summary

Medium Risk
This removes the previous Redis-optional paths, so misconfiguration or temporary Redis outages will now hard-fail service startup and could impact availability. It also changes peer registry and sandbox event delivery to always use Redis, increasing blast radius of Redis connectivity issues.

Overview
Makes Redis mandatory for client-proxy and the orchestrator by removing the in-memory/disabled fallbacks and always wiring Redis-backed sandbox cataloging, peer discovery, and sandbox event delivery; NewRedisClient now returns ErrRedisUnconfigured when no Redis address is provided, and both services fail fast if Redis cannot be created.

^{Reviewed by Cursor Bugbot for commit 6496f19. Bugbot is set up for automated code reviews on this repo. Configure here.}

[claude]

LGTM — straightforward enforcement of Redis as a required dependency.

Extended reasoning...

Overview

Single-file change to run.go that removes the ErrRedisDisabled carve-out and all redisClient \!= nil guards, making Redis unconditionally required at startup. The companion commit (21aa127) already establishes this as an intentional infrastructure decision.

Security risks

None. The change removes optional code paths rather than introducing new ones; it tightens startup requirements rather than relaxing any security boundary.

Level of scrutiny

Low. This is a small, mechanical removal of fallback/optional logic with clear and explicit intent. No new logic is introduced — only guards are deleted. The fatal-on-error path already existed for other error types.

Other factors

One nit was flagged (inline comment): when ErrRedisDisabled is returned, the log message 'Could not connect to Redis' may mislead operators into debugging connectivity rather than checking for a missing env var. This is a diagnostic quality issue only — the behavior (fatal exit) is correct and intended. The structured zap.Error(err) field will include 'redis is disabled' for operators who look, mitigating the impact.

[levb]

1/5 (basically what Claude said ^^) Right now the error message a developer would see is "redis is disabled" wrapped inside "Could not connect to Redis", which is a bit misleading - they didn't fail to connect, they failed to configure. A dedicated config validation at startup ("REDIS_URL or REDIS_CLUSTER_URL must be set") would be clearer.

Are local runs affected by this change?

[levb]

LGTM, contingent on tests passing (still running)