Skip to content

fix: Redis password empty string treated as None#22

Open
sistemabritto wants to merge 1 commit into
evolution-foundation:mainfrom
sistemabritto:fix/redis-password-empty-string
Open

fix: Redis password empty string treated as None#22
sistemabritto wants to merge 1 commit into
evolution-foundation:mainfrom
sistemabritto:fix/redis-password-empty-string

Conversation

@sistemabritto

@sistemabritto sistemabritto commented Jul 10, 2026

Copy link
Copy Markdown

Problema

Quando REDIS_PASSWORD esta vazio (comum em Docker Compose community sem senha), os.getenv retorna '' em vez de None. O redis-py envia AUTH com string vazia, que o Redis rejeita:

AUTH called without any password configured for the default user. Are you sure your configuration is correct?

Fix

  1. get_redis_config() em redis.py: normaliza string vazia/whitespace para None
  2. MCPToolCache.init em mcp_cache.py: protecao defensiva similar

Co-Authored-By: sistemabritto admin@workflowapi.com.br

Summary by Sourcery

Bug Fixes:

  • Prevent Redis authentication errors when REDIS_PASSWORD or configured Redis passwords are set to an empty string instead of being omitted.

When REDIS_PASSWORD is set to an empty string in docker-compose
(common in community setups without Redis AUTH), os.getenv returns
'' instead of None. redis-py sends AUTH even for empty string,
causing Redis to reject with:
  AUTH <password> called without any password configured for the
  default user. Are you sure your configuration is correct?

Fix in two places:
1. get_redis_config() now normalizes empty/whitespace-only password
   to None before returning the config dict.
2. MCPToolCache.__init__ adds a defensive check that also normalizes
   the password, in case get_redis_config is bypassed in the future.
@sourcery-ai

sourcery-ai Bot commented Jul 10, 2026

Copy link
Copy Markdown
Reviewer's guide (collapsed on small PRs)

Reviewer's Guide

This PR ensures that an empty Redis password (common in Docker setups without authentication) is normalized to None both when reading configuration and when constructing the Redis client, preventing redis-py from sending an invalid AUTH command.

Sequence diagram for Redis password normalization and client initialization

sequenceDiagram
    actor Env
    participant get_redis_config
    participant MCPToolCache
    participant redis_client as redis_Redis
    participant RedisServer

    Env->>get_redis_config: os.getenv REDIS_PASSWORD
    get_redis_config->>get_redis_config: normalize empty string to None
    get_redis_config-->>MCPToolCache: redis_config(password=None)

    MCPToolCache->>MCPToolCache: normalize empty password to None
    MCPToolCache->>redis_client: Redis(host, port, db, password=None, ssl)

    alt [password is None]
        redis_client->>RedisServer: CONNECT without AUTH
    else [password not None]
        redis_client->>RedisServer: AUTH password
    end
Loading

File-Level Changes

Change Details Files
Normalize empty/whitespace REDIS_PASSWORD values to None at configuration load time.
  • Read REDIS_PASSWORD into a local variable before building the config dict.
  • Add a check that converts empty or whitespace-only REDIS_PASSWORD values from the environment to None.
  • Use the normalized redis_password value in the returned Redis configuration instead of reading directly from the environment.
src/config/redis.py
Add defensive normalization of empty Redis passwords when instantiating the cache Redis client.
  • Retrieve the password from the Redis configuration and normalize empty or whitespace-only values to None.
  • Pass the normalized password into redis.Redis(...) instead of the raw configuration value.
src/services/adk/mcp_cache.py

Tips and commands

Interacting with Sourcery

  • Trigger a new review: Comment @sourcery-ai review on the pull request.
  • Continue discussions: Reply directly to Sourcery's review comments.
  • Generate a GitHub issue from a review comment: Ask Sourcery to create an
    issue from a review comment by replying to it. You can also reply to a
    review comment with @sourcery-ai issue to create an issue from it.
  • Generate a pull request title: Write @sourcery-ai anywhere in the pull
    request title to generate a title at any time. You can also comment
    @sourcery-ai title on the pull request to (re-)generate the title at any time.
  • Generate a pull request summary: Write @sourcery-ai summary anywhere in
    the pull request body to generate a PR summary at any time exactly where you
    want it. You can also comment @sourcery-ai summary on the pull request to
    (re-)generate the summary at any time.
  • Generate reviewer's guide: Comment @sourcery-ai guide on the pull
    request to (re-)generate the reviewer's guide at any time.
  • Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
    pull request to resolve all Sourcery comments. Useful if you've already
    addressed all the comments and don't want to see them anymore.
  • Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
    request to dismiss all existing Sourcery reviews. Especially useful if you
    want to start fresh with a new review - don't forget to comment
    @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

  • Enable or disable review features such as the Sourcery-generated pull request
    summary, the reviewer's guide, and others.
  • Change the review language.
  • Add, remove or edit custom review instructions.
  • Adjust other review settings.

Getting Help

@sourcery-ai sourcery-ai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey - I've left some high level feedback:

  • The empty-string password normalization is implemented both in get_redis_config and MCPToolCache.__init__; consider centralizing this logic in the config layer to avoid duplication and potential divergence.
  • If redis_config['password'] can only be None or a string, the extra str(...) wrapping in MCPToolCache.__init__ is unnecessary and could be simplified to keep the handling clearer.
Prompt for AI Agents
Please address the comments from this code review:

## Overall Comments
- The empty-string password normalization is implemented both in `get_redis_config` and `MCPToolCache.__init__`; consider centralizing this logic in the config layer to avoid duplication and potential divergence.
- If `redis_config['password']` can only be `None` or a string, the extra `str(...)` wrapping in `MCPToolCache.__init__` is unnecessary and could be simplified to keep the handling clearer.

Sourcery is free for open source - if you like our reviews please consider sharing them ✨
Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant