Merge pull request #684 from Amsterdam/feature/redis-entra-auth

Feature/redis entra auth and startup probe
Amsterdam · Jun 19, 2024 · 5da6068 · 5da6068
2 parents fabd58c + 93fa1b9
commit 5da6068
Show file tree

Hide file tree

Showing 4 changed files with 28 additions and 2 deletions.
diff --git a/app/apps/health/views.py b/app/apps/health/views.py
@@ -1,5 +1,6 @@
 from apps.health.utils import assert_health_generic, get_health_response
 from django.conf import settings
+from django.http import HttpResponse
 
 SUCCESS_DICTIONARY_DEFAULT = {"message": "Connectivity OK"}
 
@@ -9,3 +10,7 @@ def assert_default_health():
         assert_health_generic(database_name=settings.DEFAULT_DATABASE_NAME)
 
     return get_health_response(assert_default_health, SUCCESS_DICTIONARY_DEFAULT)
+
+
+def is_healthy(request):
+    return HttpResponse("Ok", content_type="text/plain", status=200)
diff --git a/app/settings/azure_settings.py b/app/settings/azure_settings.py
@@ -62,6 +62,21 @@ def __str__(self):
         scopes = ["https://ossrdbms-aad.database.windows.net/.default"]
         return DynamicString(self.credential, scopes)
 
+    @property
+    def redis_password(self) -> object:
+        # return access_token.token
+        class DynamicString:
+            def __init__(self, credential, scopes) -> None:
+                self.credential = credential
+                self.scopes = scopes
+
+            def __str__(self):
+                access_token = self.credential.get_token(*self.scopes)
+                return access_token.token
+
+        scopes = ["https://redis.azure.com/.default"]
+        return DynamicString(self.credential, scopes)
+
 
 class Azure:
     def __init__(self) -> None:

diff --git a/app/settings/settings.py b/app/settings/settings.py
@@ -431,8 +431,13 @@ def filter_traces(envelope):
 
 REDIS_HOST = os.getenv("REDIS_HOST")
 REDIS_PORT = os.getenv("REDIS_PORT")
+REDIS_USERNAME = ""
 REDIS_PASSWORD = os.getenv("REDIS_PASSWORD")
-REDIS_URL = f"rediss://:{REDIS_PASSWORD}@{REDIS_HOST}:{REDIS_PORT}"
+if "windows.net" in REDIS_HOST:
+    REDIS_USERNAME = os.getenv("REDIS_USERNAME")
+    REDIS_PASSWORD = azure.auth.redis_password
+
+REDIS_URL = f"rediss://{REDIS_USERNAME}:{REDIS_PASSWORD}@{REDIS_HOST}:{REDIS_PORT}"
 HEALTHCHECK_CELERY_PING_TIMEOUT = 5
 
 CELERY_BROKER_URL = REDIS_URL

diff --git a/app/settings/urls.py b/app/settings/urls.py
@@ -1,6 +1,6 @@
 from apps.addresses import router as addresses_router
 from apps.cases import router as case_router
-from apps.health.views import health_default
+from apps.health.views import health_default, is_healthy
 from apps.itinerary import router as itinerary_router
 from apps.planner import router as planner_router
 from apps.planner.views import dumpdata as planner_dumpdata
@@ -50,6 +50,7 @@ def get(self, request, *args, **kwargs):
     # Health check urls
     path("looplijsten/health", health_default, name="health-default"),
     path("health/", include("health_check.urls")),
+    path("startup", is_healthy),
     # The API for requesting data
     path("api/v1/", include((v1_urls, "app"), namespace="v1")),
     url(regex=r"^$", view=MyView.as_view(), name="index"),