feat(redis): update helm-release to v19.1.0

[tyriis-automation]

This PR contains the following updates:

Package	Update	Change	OpenSSF
redis (source)	minor	19.0.2 -> 19.1.0

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud

[tyriis-automation]

--- kubernetes/talos-flux/apps/database/redis/app Kustomization: flux-system/apps-redis HelmRelease: database/redis

+++ kubernetes/talos-flux/apps/database/redis/app Kustomization: flux-system/apps-redis HelmRelease: database/redis

@@ -12,13 +12,13 @@

     spec:
       chart: redis
       sourceRef:
         kind: HelmRepository
         name: bitnami-charts
         namespace: flux-system
-      version: 19.0.2
+      version: 19.1.0
   install:
     createNamespace: true
     remediation:
       retries: 5
   interval: 30m
   timeout: 15m

[tyriis-automation]

🦙 MegaLinter status: ✅ SUCCESS

Descriptor	Linter	Files	Fixed	Errors	Elapsed time
✅ EDITORCONFIG	editorconfig-checker	1		0	0.01s
✅ REPOSITORY	gitleaks	yes		no	2.2s
✅ YAML	prettier	1		0	0.57s
✅ YAML	yamllint	1		0	0.33s

See detailed report in MegaLinter reports
Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff

MegaLinter is graciously provided by OX Security

[tyriis-automation]

--- HelmRelease: database/redis ConfigMap: database/redis-scripts

+++ HelmRelease: database/redis ConfigMap: database/redis-scripts

@@ -48,19 +48,24 @@

     \ retry_while \"eval $sentinel_info_command\" 2 5\n}\n\n[[ -f $REDIS_PASSWORD_FILE\
     \ ]] && export REDIS_PASSWORD=\"$(< \"${REDIS_PASSWORD_FILE}\")\"\n[[ -f $REDIS_MASTER_PASSWORD_FILE\
     \ ]] && export REDIS_MASTER_PASSWORD=\"$(< \"${REDIS_MASTER_PASSWORD_FILE}\")\"\
     \n\n# check if there is a master\nmaster_in_persisted_conf=\"$(get_full_hostname\
     \ \"$HOSTNAME\")\"\nmaster_port_in_persisted_conf=\"$REDIS_MASTER_PORT_NUMBER\"\
     \nmaster_in_sentinel=\"$(get_sentinel_master_info)\"\nredisRetVal=$?\n\nif [[\
-    \ $redisRetVal -ne 0 ]]; then\n    if [[ \"$master_in_persisted_conf\" == \"$(get_full_hostname\
-    \ \"$HOSTNAME\")\" ]]; then\n        # Case 1: No active sentinel and in previous\
-    \ sentinel.conf we were the master --> MASTER\n        info \"Configuring the\
-    \ node as master\"\n        export REDIS_REPLICATION_MODE=\"master\"\n    else\n\
-    \        # Case 2: No active sentinel and in previous sentinel.conf we were not\
-    \ master --> REPLICA\n        info \"Configuring the node as replica\"\n     \
-    \   export REDIS_REPLICATION_MODE=\"replica\"\n        REDIS_MASTER_HOST=${master_in_persisted_conf}\n\
+    \ -f /opt/bitnami/redis-sentinel/etc/sentinel.conf ]]; then\n    master_in_persisted_conf=\"\
+    $(awk '/monitor/ {print $4}' /opt/bitnami/redis-sentinel/etc/sentinel.conf)\"\n\
+    \    master_port_in_persisted_conf=\"$(awk '/monitor/ {print $5}' /opt/bitnami/redis-sentinel/etc/sentinel.conf)\"\
+    \n    info \"Found previous master ${master_in_persisted_conf}:${master_port_in_persisted_conf}\
+    \ in /opt/bitnami/redis-sentinel/etc/sentinel.conf\"\n    debug \"$(cat /opt/bitnami/redis-sentinel/etc/sentinel.conf\
+    \ | grep monitor)\"\nfi\n\nif [[ $redisRetVal -ne 0 ]]; then\n    if [[ \"$master_in_persisted_conf\"\
+    \ == \"$(get_full_hostname \"$HOSTNAME\")\" ]]; then\n        # Case 1: No active\
+    \ sentinel and in previous sentinel.conf we were the master --> MASTER\n     \
+    \   info \"Configuring the node as master\"\n        export REDIS_REPLICATION_MODE=\"\
+    master\"\n    else\n        # Case 2: No active sentinel and in previous sentinel.conf\
+    \ we were not master --> REPLICA\n        info \"Configuring the node as replica\"\
+    \n        export REDIS_REPLICATION_MODE=\"replica\"\n        REDIS_MASTER_HOST=${master_in_persisted_conf}\n\
     \        REDIS_MASTER_PORT_NUMBER=${master_port_in_persisted_conf}\n    fi\nelse\n\
     \    # Fetches current master's host and port\n    REDIS_SENTINEL_INFO=($(get_sentinel_master_info))\n\
     \    info \"Current master: REDIS_SENTINEL_INFO=(${REDIS_SENTINEL_INFO[0]},${REDIS_SENTINEL_INFO[1]})\"\
     \n    REDIS_MASTER_HOST=${REDIS_SENTINEL_INFO[0]}\n    REDIS_MASTER_PORT_NUMBER=${REDIS_SENTINEL_INFO[1]}\n\
     \n    if [[ \"$REDIS_MASTER_HOST\" == \"$(get_full_hostname \"$HOSTNAME\")\" ]];\
     \ then\n        # Case 3: Active sentinel and master it is this node --> MASTER\n\
@@ -96,37 +101,44 @@

     \ not found\"\n            exit 1\n        fi\n        ((retry_count++))\n   \
     \ done\n}\n\nSERVPORT=$(get_port \"$HOSTNAME\" \"SENTINEL\")\nREDISPORT=$(get_port\
     \ \"$HOSTNAME\" \"REDIS\")\nSENTINEL_SERVICE_PORT=$(get_port \"redis\" \"SENTINEL\"\
     )\n\nsentinel_conf_set() {\n    local -r key=\"${1:?missing key}\"\n    local\
     \ value=\"${2:-}\"\n\n    # Sanitize inputs\n    value=\"${value//\\\\/\\\\\\\\\
     }\"\n    value=\"${value//&/\\\\&}\"\n    value=\"${value//\\?/\\\\?}\"\n    [[\
-    \ \"$value\" = \"\" ]] && value=\"\\\"$value\\\"\"\n\n    replace_in_file \"/opt/bitnami/redis-sentinel/etc/sentinel.conf\"\
+    \ \"$value\" = \"\" ]] && value=\"\\\"$value\\\"\"\n\n    replace_in_file \"/opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf\"\
     \ \"^#*\\s*${key} .*\" \"${key} ${value}\" false\n}\nsentinel_conf_add() {\n \
-    \   echo $'\\n'\"$@\" >> \"/opt/bitnami/redis-sentinel/etc/sentinel.conf\"\n}\n\
-    host_id() {\n    echo \"$1\" | openssl sha1 | awk '{print $2}'\n}\nget_sentinel_master_info()\
+    \   echo $'\\n'\"$@\" >> \"/opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf\"\
+    \n}\nhost_id() {\n    echo \"$1\" | openssl sha1 | awk '{print $2}'\n}\nget_sentinel_master_info()\
     \ {\n    if is_boolean_yes \"$REDIS_SENTINEL_TLS_ENABLED\"; then\n        sentinel_info_command=\"\
     timeout 10 redis-cli -h $REDIS_SERVICE -p $SENTINEL_SERVICE_PORT --tls --cert\
     \ ${REDIS_SENTINEL_TLS_CERT_FILE} --key ${REDIS_SENTINEL_TLS_KEY_FILE} --cacert\
     \ ${REDIS_SENTINEL_TLS_CA_FILE} sentinel get-master-addr-by-name redis-master\"\
     \n    else\n        sentinel_info_command=\"timeout 10 redis-cli -h $REDIS_SERVICE\
     \ -p $SENTINEL_SERVICE_PORT sentinel get-master-addr-by-name redis-master\"\n\
     \    fi\n    info \"about to run the command: $sentinel_info_command\"\n    retry_while\
     \ \"eval $sentinel_info_command\" 2 5\n}\n\n[[ -f $REDIS_PASSWORD_FILE ]] && export\
     \ REDIS_PASSWORD=\"$(< \"${REDIS_PASSWORD_FILE}\")\"\n\nmaster_in_persisted_conf=\"\
-    $(get_full_hostname \"$HOSTNAME\")\"\nif ! get_sentinel_master_info && [[ \"$master_in_persisted_conf\"\
-    \ == \"$(get_full_hostname \"$HOSTNAME\")\" ]]; then\n    # No master found, lets\
-    \ create a master node\n    export REDIS_REPLICATION_MODE=\"master\"\n\n    REDIS_MASTER_HOST=$(get_full_hostname\
-    \ \"$HOSTNAME\")\n    REDIS_MASTER_PORT_NUMBER=\"$REDISPORT\"\nelse\n    export\
-    \ REDIS_REPLICATION_MODE=\"replica\"\n\n    # Fetches current master's host and\
-    \ port\n    REDIS_SENTINEL_INFO=($(get_sentinel_master_info))\n    info \"printing\
-    \ REDIS_SENTINEL_INFO=(${REDIS_SENTINEL_INFO[0]},${REDIS_SENTINEL_INFO[1]})\"\n\
-    \    REDIS_MASTER_HOST=${REDIS_SENTINEL_INFO[0]}\n    REDIS_MASTER_PORT_NUMBER=${REDIS_SENTINEL_INFO[1]}\n\
-    fi\n\nif [[ -n \"$REDIS_EXTERNAL_MASTER_HOST\" ]]; then\n  REDIS_MASTER_HOST=\"\
+    $(get_full_hostname \"$HOSTNAME\")\"\n\nif [[ -f /opt/bitnami/redis-sentinel/etc/sentinel.conf\
+    \ ]]; then\n    master_in_persisted_conf=\"$(awk '/monitor/ {print $4}' /opt/bitnami/redis-sentinel/etc/sentinel.conf)\"\
+    \n    info \"Found previous master $master_in_persisted_conf in /opt/bitnami/redis-sentinel/etc/sentinel.conf\"\
+    \n    debug \"$(cat /opt/bitnami/redis-sentinel/etc/sentinel.conf | grep monitor)\"\
+    \nfi\nREDIS_SENTINEL_INFO=($(get_sentinel_master_info))\nif [ \"$?\" -eq \"0\"\
+    \ ]; then\n    # current master's host and port obtained from other Sentinel\n\
+    \    info \"printing REDIS_SENTINEL_INFO=(${REDIS_SENTINEL_INFO[0]},${REDIS_SENTINEL_INFO[1]})\"\
+    \n    REDIS_MASTER_HOST=${REDIS_SENTINEL_INFO[0]}\n    REDIS_MASTER_PORT_NUMBER=${REDIS_SENTINEL_INFO[1]}\n\
+    else\n    REDIS_MASTER_HOST=\"$master_in_persisted_conf\"\n    REDIS_MASTER_PORT_NUMBER=\"\
+    $REDISPORT\"\nfi\nif [[ \"$REDIS_MASTER_HOST\" == \"$(get_full_hostname \"$HOSTNAME\"\
+    )\" ]]; then\n    export REDIS_REPLICATION_MODE=\"master\"\nelse\n    export REDIS_REPLICATION_MODE=\"\
+    replica\"\nfi\n\nif [[ -n \"$REDIS_EXTERNAL_MASTER_HOST\" ]]; then\n  REDIS_MASTER_HOST=\"\
     $REDIS_EXTERNAL_MASTER_HOST\"\n  REDIS_MASTER_PORT_NUMBER=\"${REDIS_EXTERNAL_MASTER_PORT}\"\
-    \nfi\n\ncp /opt/bitnami/redis-sentinel/mounted-etc/sentinel.conf /opt/bitnami/redis-sentinel/etc/sentinel.conf\n\
-    printf \"\\nsentinel myid %s\" \"$(host_id \"$HOSTNAME\")\" >> /opt/bitnami/redis-sentinel/etc/sentinel.conf\n\
+    \nfi\n\n# To prevent incomplete configuration and as the redis container accesses\
+    \ /opt/bitnami/redis-sentinel/etc/sentinel.conf \n# as well, prepare the new config\
+    \ in `prepare-sentinel.conf` and move it atomically to the ultimate destination\
+    \ when it is complete.\ncp /opt/bitnami/redis-sentinel/mounted-etc/sentinel.conf\
+    \ /opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf\nprintf \"\\nsentinel\
+    \ myid %s\" \"$(host_id \"$HOSTNAME\")\" >> /opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf\n\
     \nif [[ -z \"$REDIS_MASTER_HOST\" ]] || [[ -z \"$REDIS_MASTER_PORT_NUMBER\" ]]\n\
     then\n    # Prevent incorrect configuration to be written to sentinel.conf\n \
     \   error \"Redis master host is configured incorrectly (host: $REDIS_MASTER_HOST,\
     \ port: $REDIS_MASTER_PORT_NUMBER)\"\n    exit 1\nfi\n\nsentinel_conf_set \"sentinel\
     \ monitor\" \"redis-master \"$REDIS_MASTER_HOST\" \"$REDIS_MASTER_PORT_NUMBER\"\
     \ 2\"\n\nadd_known_sentinel() {\n    hostname=\"$1\"\n    ip=\"$2\"\n\n    if\
@@ -137,17 +149,18 @@

     \    if [[ -n \"$ip\" && \"$(get_full_hostname \"$hostname\")\" != \"$REDIS_MASTER_HOST\"\
     \ ]]; then\n        sentinel_conf_add \"sentinel known-replica redis-master $(get_full_hostname\
     \ \"$hostname\") $(get_port \"$hostname\" \"REDIS\")\"\n    fi\n}\n\n# Add available\
     \ hosts on the network as known replicas & sentinels\nfor node in $(seq 0 $((3-1)));\
     \ do\n    hostname=\"redis-node-$node\"\n    ip=\"$(getent hosts \"$hostname.$HEADLESS_SERVICE\"\
     \ | awk '{ print $1 }')\"\n    add_known_sentinel \"$hostname\" \"$ip\"\n    add_known_replica\
-    \ \"$hostname\" \"$ip\"\ndone\n\necho \"\" >> /opt/bitnami/redis-sentinel/etc/sentinel.conf\n\
-    echo \"sentinel announce-hostnames yes\" >> /opt/bitnami/redis-sentinel/etc/sentinel.conf\n\
-    echo \"sentinel resolve-hostnames yes\" >> /opt/bitnami/redis-sentinel/etc/sentinel.conf\n\
-    echo \"sentinel announce-port $SERVPORT\" >> /opt/bitnami/redis-sentinel/etc/sentinel.conf\n\
-    echo \"sentinel announce-ip $(get_full_hostname \"$HOSTNAME\")\" >> /opt/bitnami/redis-sentinel/etc/sentinel.conf\n\
+    \ \"$hostname\" \"$ip\"\ndone\n\necho \"\" >> /opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf\n\
+    echo \"sentinel announce-hostnames yes\" >> /opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf\n\
[Diff truncated by flux-local]
--- HelmRelease: database/redis StatefulSet: database/redis-node

+++ HelmRelease: database/redis StatefulSet: database/redis-node

@@ -26,13 +26,13 @@

         app.kubernetes.io/managed-by: Helm
         app.kubernetes.io/name: redis
         app.kubernetes.io/component: node
       annotations:
         checksum/configmap: 44827545caa1794c0c6696c4406beb71e64dd804ef278fe070efe561c4bc71b7
         checksum/health: 07a9e9f1ff08347b0d2cd65e962feb94d6390f5b64a77ed1346867af2559df4a
-        checksum/scripts: e6caa1e8c7a59fd5830c43226c09ca414ace0f418a80e805fa665c801940cf4d
+        checksum/scripts: 4ae170ccc18f86bfe144137acab87458806975eadcca6c95d0960845b8a99977
         checksum/secret: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
         prometheus.io/port: '9121'
         prometheus.io/scrape: 'true'
     spec:
       automountServiceAccountToken: false
       securityContext:
@@ -148,12 +148,14 @@

             memory: 128Mi
         volumeMounts:
         - name: start-scripts
           mountPath: /opt/bitnami/scripts/start-scripts
         - name: health
           mountPath: /health
+        - name: sentinel-data
+          mountPath: /opt/bitnami/redis-sentinel/etc
         - name: redis-data
           mountPath: /data
         - name: config
           mountPath: /opt/bitnami/redis/mounted-etc
         - name: empty-dir
           mountPath: /opt/bitnami/redis/etc