From 57a46b79ce14ca74a9cd33cf9952d1478a81af8d Mon Sep 17 00:00:00 2001
From: Patrik Holmqvist <pahol@sunet.se>
Date: Wed, 5 Feb 2025 13:08:51 +0100
Subject: [PATCH] Make redis or in memory configurable, SC-2670

---
 .../puppet/modules/eid/manifests/connector.pp |  2 ++
 .../connector/application-test.yml.erb        | 23 ++++++++++++-------
 2 files changed, 17 insertions(+), 8 deletions(-)

diff --git a/global/overlay/etc/puppet/modules/eid/manifests/connector.pp b/global/overlay/etc/puppet/modules/eid/manifests/connector.pp
index d11d0317..e33fe1dd 100644
--- a/global/overlay/etc/puppet/modules/eid/manifests/connector.pp
+++ b/global/overlay/etc/puppet/modules/eid/manifests/connector.pp
@@ -1,11 +1,13 @@
 # This puppet manifest is used to configure Sweden Connect proxy servers
 
 # @param environment          The environment that the server belongs to. (referenced in compose file)
+# @param session_backend      Choose if it should run with a "redis" cluster (session synk) or without session synk
 # @param version              Version of the docker image to use. (referenced in compose file)
 # @param server_fqdn          The FQDN of the server. (referenced in compose file)
 # @param connector_directory  The directory where all connector related config and files are stored. (referenced in compose file)
 class eid::connector (
   Enum['test', 'qa', 'prod'] $environment,
+  Enum['redis', 'memory']    $session_backend = 'redis',
   String                     $version = '',
   #String                     $connector_hostname = '',
   String                     $server_fqdn = $facts['networking']['fqdn'],
diff --git a/global/overlay/etc/puppet/modules/eid/templates/connector/application-test.yml.erb b/global/overlay/etc/puppet/modules/eid/templates/connector/application-test.yml.erb
index 88d5521d..d696b6fd 100644
--- a/global/overlay/etc/puppet/modules/eid/templates/connector/application-test.yml.erb
+++ b/global/overlay/etc/puppet/modules/eid/templates/connector/application-test.yml.erb
@@ -3,10 +3,6 @@
 #
 ---
 spring:
-  session:
-    timeout: 15m
-    redis:
-      namespace: spring:session:connector
   ssl:
     bundle:
       pem:
@@ -15,11 +11,16 @@ spring:
             certificate: file:${CONNECTOR_DIRECTORY}/credentials/tomcat/tomcat-cert.pem
             private-key: file:${CONNECTOR_DIRECTORY}/credentials/tomcat/tomcat-key.pem
         sunet-tls-trust:
+          truststore:
+            certificate: file:/etc/ssl/certs/infra.crt
+<% if @session_backend == redis -%>
           keystore:
             certificate: file:/etc/ssl/certs/<%= @server_fqdn %>_infra.crt
             private-key: file:/etc/ssl/private/<%= @server_fqdn %>_infra.key
-          truststore:
-            certificate: file:/etc/ssl/certs/infra.crt
+  session:
+    timeout: 15m
+    redis:
+      namespace: spring:session:connector
   data:
     redis:
       cluster:
@@ -33,6 +34,7 @@ spring:
         bundle: sunet-tls-trust
       ssl-ext:
         enable-hostname-verification: false
+<% end -%>
 
 server:
   port: 8443
@@ -49,7 +51,12 @@ management:
     port: 8444
   health:
     redis:
+<% if @session_backend == redis -%>
       enabled: true
+<% end %>
+<% if @session_backend == memory -%>
+      enabled: false
+<% end %>
 
 credential:
   bundles:
@@ -140,9 +147,9 @@ saml:
     entity-id: https://test.connector.eidas.swedenconnect.se/eidas
     base-url: ${connector.base-url}
     session:
-      module: redis
+      module: <%= @session_backend %>
     replay:
-      type: redis
+      type: <%= @session_backend %>
       context: "connector-replay-cache"
     metadata-providers:
       - location: https://test.md.swedenconnect.se/role/sp.xml