Add config sentinel auth-pass to entrypoint-sentinel.sh

[hoanbc]

Add config "sentinel auth-pass" to entrypoint-sentinel.sh

[shubham-cmyk]

@hoanbc

I want to discuss this.

As per documentation. https://redis.io/docs/management/sentinel/

In order for Sentinels to connect to Redis server instances when they are configured with requirepass, the Sentinel configuration must include the sentinel auth-pass directive, in the format:

sentinel auth-pass <master-name> <password>

So it is used when the redis server is password protected and sentinel wants to connect to it.

But if you want to set password on the.

Sentinel only you have to pass : requirepass "your_password_here"

Since the same env variable is used here. i.e.( REDIS_PASSWORD )

            echo requirepass "${REDIS_PASSWORD}"
	    echo sentinel auth-pass "${MASTER_GROUP_NAME} ${REDIS_PASSWORD}"

That means the now sentinel and redis servers can't have different passwords.

I would like you to somehow. Change the variable REDIS_PASSWORD > SENTINEL_PASSWORD Over here to make that clear, but that could also require the change in the redis-operator code.

Here : https://github.com/OT-CONTAINER-KIT/redis-operator/blob/master/k8sutils/statefulset.go#L610

Check the role as done here : https://github.com/OT-CONTAINER-KIT/redis-operator/blob/master/k8sutils/statefulset.go#L568 and provide these 2 variables.

i.e. REDIS_PASSWORD & SENTINEL_PASSWORD

[shubham-cmyk]

@drivebyer Does this idea looks nice. :question:

[drivebyer]

@drivebyer Does this idea looks nice. ❓

LGTM, We should let user set different password between redis and sentinel.

These PR seem fix a bug when replication password enabled.

[hoanbc]

i agree, redis and sentinel should have different password for security compliance.