[Feature Request] externalRedis TLS option missing in gitops-helm-byoa Helm chart
under review
B
Balanced Caribou
repoURL: 'https://harness.github.io/gitops-helm-byoa/'
targetRevision: 1.3.12
chart: gitops-helm-byoa
The gitops-helm-byoa Helm chart does not support TLS when connecting to an external Redis instance. This forces users running TLS-enabled Redis clusters (e.g., AWS ElastiCache with transit_encryption_enabled = true) to deploy a workaround proxy in their cluster.
Current Behavior
The externalRedis block in the chart only exposes:
externalRedis:
host: ""
port: 6379
password: ""
existingSecret: ""
There is no tls, useTLS, or insecureSkipVerify field. Pointing redisHaProxySvc or externalRedis.host directly at a TLS-enabled Redis endpoint results in an i/o timeout — the agent sends a plaintext handshake while the server expects a TLS ClientHello.
Expected Behavior
The chart should expose TLS options under externalRedis, for example:
externalRedis:
host: ""
port: 6379
existingSecret: ""
tls:
enabled: false
insecureSkipVerify: false
caSecret: ""
Log In
Shylaja Sundararajan
updated the status to
under review