REDIS_PASSWORD[_FILE] env and empy password warning

[Peter-Sh]

Experimental proof of concept support for setting password via env

Description

This is proof of concept implementation of env vars for setting password and showing a warning if empty password is detected.

• Provide an ability to set password using REDIS_PASSWORD or REDIS_PASSWORD_FILE variables.
  While it's possible to set password using command line args or configuration files, setting it using env vars is a common and well-known pattern.
• Use --include with temporary config snippet if possible to avoid displaying password in process list
  Fallback to --requirepass if tmp is not writeable or when starting sentinel (it doesn't support include arg)
• Try to detect whether password is already set (use some "heuristic" to detect whether there are already some security related configuration) and show a big warning banner about empty password (which no one would notice as redis and modules output a lot of startup info into terminal)

Open questions

• Allowing to set only password an no other config parameters via env is a bit misleading
• Make redis-cli (and other clients) to use passwords from env or file
• Everything that is marked TODO in debian/docker-entrypoint.sh (a lot of important stuff and edge cases)
• Update documentation describing env vars and ways to set password for older versions (using --include)
• Banner is scrolled out of the screen because a lot of startup logs from redis and modules
• Set password env variables priority or fail when both are set
• Add tests

Related issues

#355
#46
#268

[tianon]

Wouldn't it be a lot more secure (and a lot more reliable) to add this functionality directly into Redis Server itself? 🤔 👀

[Peter-Sh]

Wouldn't it be a lot more secure (and a lot more reliable) to add this functionality directly into Redis Server itself? 🤔 👀

It’s hard to believe, but this was exactly the point I raised in an internal discussion. The PR clearly demonstrates how difficult (if not impossible) it is to reliably configure redis externally using environment variables. Native server support would also allow us to eliminate the need for source code patching.

Thank you, @tianon you’ve added another strong argument I can reference.