Fix redis and hiredis-client version requirements

[dependabot]

Bumps redis from 4.8.1 to 5.0.6.

Changelog

Sourced from redis's changelog.

5.0.6

• Wait for an extra config.read_timeout in blocking commands rather than an arbitrary 100ms. See #1175.
• Treat ReadOnlyError as ConnectionError. See #1168.

5.0.5

• Fix automatic disconnection when the process was forked. See #1157.

5.0.4

• Cast ttl argument to integer in expire, setex and a few others.

5.0.3

• Add OutOfMemoryError as a subclass of CommandError

5.0.2

• Fix Redis#close to properly reset the fork protection check.

5.0.1

• Added a fake Redis::Connections.drivers method to be compatible with older sidekiq versions.

5.0.0

• Default client timeout decreased from 5 seconds to 1 second.
• Eagerly and strictly cast Integer and Float parameters.
• Allow to call subscribe, unsubscribe, psubscribe and punsubscribe from a subscribed client. See #1131.
• Use MD5 for hashing server nodes in Redis::Distributed. This should improve keys distribution among servers. See #1089.
• Changed sadd and srem to now always return an Integer.
• Added sadd? and srem? which always return a Boolean.
• Added support for IDLE paramter in xpending.
• Cluster support has been moved to a redis-clustering companion gem.
• select no longer record the current database. If the client has to reconnect after select was used, it will reconnect to the original database.
• Better support Float timeout in blocking commands. See #977.
• Redis.new will now raise an error if provided unknown options.
• Removed positional timeout in blocking commands (BLPOP, etc). Timeout now must be passed as an option: r.blpop("key", timeout: 2.5)
• Removed logger option.
• Removed reconnect_delay_max and reconnect_delay, you can pass precise sleep durations to reconnect_attempts instead.
• Require Ruby 2.5+.
• Removed the deprecated queue and commit methods. Use pipelined instead.
• Removed the deprecated Redis::Future#==.
• Removed the deprecated pipelined and multi signature. Commands now MUST be called on the block argument, not the original redis instance.
• Removed Redis.current. You shouldn't assume there is a single global Redis connection, use a connection pool instead, and libaries using Redis should accept a Redis instance (or connection pool) as a config. E.g. MyLibrary.redis = Redis.new(...).
• Removed the synchrony driver.
• Removed Redis.exists_returns_integer, it's now always enabled.

Commits

• 6dbbc94 Release 5.0.6
• 9c49947 Merge pull request #1175 from casperisfine/blocking-call-timeout
• d3efeeb Add wait on blocking commands for an extra config.read_timeout
• f78beb1 Merge pull request #1176 from casperisfine/ruby-3.2
• daf7e02 Use Ruby 2.6 to run rubocop
• 031911a Add Ruby 3.2 to CI
• 5a9fb00 Merge pull request #1170 from wcmonty/wm/add_minid_option_to_xtrim
• e76e1cb Add MINID and LIMIT options to xtrim
• 3c42db6 Treat ReadOnlyError as a ConnectionError
• a8e00cb Merge pull request #1167 from wmontgomery-splunk/wm/add_nomkstream_to_xadd
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

> **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[dacook]

Same problem on my machine too.

rake aborted!
LoadError: cannot load such file -- redis/connection/hiredis

As per the hiredis-rb docs, we have configured our redis gem to load via hiredis:
https://github.com/openfoodfoundation/openfoodnetwork/blob/dependabot/bundler/redis-5.0.6/Gemfile#L99

gem 'redis', '>= 4.0', require: ['redis', 'redis/connection/hiredis']

But for some reason, it can no longer find it there. Strange, because we haven't updated hiredis-rb at all.
In fact, they haven't released an update for some years now. It looks like there are recent changes, so I tried installing from the master branch:

gem 'hiredis', github: "/redis/hiredis-rb", branch: "master"

But it Failed to build gem native extension. :(

I don't know what to do next. Anybody else?

[sigmundpetersen]

redis/redis-rb#1178

[jibees]

Seems like upgrading to >= 5 is a bad idea if I understand correctly: https://stackoverflow.com/a/74152719/240200

So, I've updated the PR to upgrade redis until < 5

[dacook]

Great work team 💪
I've triggered a deploy to ensure it succeeds: https://semaphoreci.com/openfoodfoundation/openfoodnetwork-2/servers/au-staging/deploys/588

@mkllnk , can you think of anything else that should be manually tested for a Redis upgrade? I can't.

PS I just noticed while reloading that the bundler version has been bumped, which may not be intentional. It's such a minor update that I think it's ok to include here though.

[dacook]

Unfortunately deployment failed ❌
https://semaphoreci.com/openfoodfoundation/openfoodnetwork-2/servers/au-staging/deploys/588

fatal: [staging.openfoodnetwork.org.au]: FAILED! => {"changed": true, "cmd": ["bash", "-lc", "bundle exec rake ofn:data:remove_transient_data RAILS_ENV=staging"], "delta": "0:00:09.751470", "end": "2023-02-28 22:30:36.839829", "msg": "non-zero return code", "rc": 1, "start": "2023-02-28 22:30:27.088359", "stderr": "rake aborted!\nCannot load driver \"hiredis\": cannot load such file -- hiredis/connection\n/home/openfoodnetwork/.gem/ruby/3.0.0/gems/redis-4.8.1/lib/redis/client.rb:539:inrescue in rescue in _parse_driver'\n/home/openfoodnetwork/.gem/ruby/3.0.0/gems/redis-4.8.1/lib/redis/client.rb:536:in rescue in _parse_driver'\n/home/openfoodnetwork/.gem/ruby/3.0.0/gems/redis-4.8.1/lib/redis/client.rb:533:in _parse_driver'\n/home/openfoodnetwork/.gem/ruby/3.0.0/gems/redis-4.8.1/lib/redis/client.rb:502:in _parse_options'\n/home/openfoodnetwork/.gem/ruby/3.0.0/gems/redis-4.8.1/lib/redis/client.rb:92:in initialize'\n/home/openfoodnetwork/.gem/ruby/3.0.0/gems/redis-4.8.1/lib/redis.rb:87:in new'\n/home/openfoodnetwork/.gem/ruby/3.0.0/gems/redis-4.8.1/lib/redis.rb:87:in initialize'\n/home/openfoodnetwork/.gem/ruby/3.0.0/gems/activesupport-6.1.7.2/lib/active_support/cache/redis_cache_store.rb:138:in new'\n/home/openfoodnetwork/.gem/ruby/3.0.0/gems/activesupport-6.1.7.2/lib/active_support/cache/redis_cache_store.rb:138:in build_redis_client'\n/home/openfoodnetwork/.gem/ruby/3.0.0/gems/activesupport-6.1.7.2/lib/active_support/cache/redis_cache_store.rb:126:in build_redis'\n/home/openfoodnetwork/.gem/ruby/3.0.0/gems/activesupport-6.1.7.2/lib/active_support/cache/redis_cache_store.rb:192:in redis'\n/home/openfoodnetwork/.gem/ruby/3.0.0/gems/activesupport-6.1.7.2/lib/active_support/cache/redis_cache_store.rb:404:in block in write_entry'\n/home/openfoodnetwork/.gem/ruby/3.0.0/gems/activesupport-6.1.7.2/lib/active_support/cache/redis_cache_store.rb:478:in failsafe'\n/home/openfoodnetwork/.gem/ruby/3.0.0/gems/activesupport-6.1.7.2/lib/active_support/cache/redis_cache_store.rb:396:in write_entry'\n/home/openfoodnetwork/.gem/ruby/3.0.0/gems/activesupport-6.1.7.2/lib/active_support/cache/strategy/local_cache.rb:165:in write_entry'\n/home/openfoodnetwork/.gem/ruby/3.0.0/gems/activesupport-6.1.7.2/lib/active_support/cache/redis_cache_store.rb:83:in write_entry' ... ", "Tasks: TOP => ofn:data:remove_transient_data => environment", "(See full trace by running task with --trace)"], "stdout": "RAILS_ENV=staging environment is not defined in config/webpacker.yml, falling back to production environment", "stdout_lines": ["RAILS_ENV=staging environment is not defined in config/webpacker.yml, falling back to production environment"]}

[jibees]

Maybe for redis < 5, we still need hiredis (and not hiredis-client)?

[dacook]

Ok, so we can't upgrade to Redis 5 until we upgrade to Rails 7.0.4. So I've marked this as blocked by that issue and added a label.

We are already on the latest for v4.x. We could update the gemfile and let Dependabot alert us about new v4.x versions. But because it sounds like we're close on Rails 7, I think we can just leave this for now.

[jibees]

But because it sounds like we're close on Rails 7, I think we can just leave this for now.

I agree! thanks 👍

[rioug]

@dependabot rebase

[dependabot]

Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry!

If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

[dacook]

Yay!

Just noting that this is also upgrading our version of Bundler from 2.4.3 to 2.4.5. Which I think is fine.
https://github.com/rubygems/rubygems/blob/master/bundler/CHANGELOG.md#245-january-21-2023

[dacook]

As far as I can see Dependabot doesn't support managing this yet. I'm curious why you have a later version actually?

I'm not sure if we have any particular policy, but I guess this normally only gets updated as a result of updating Ruby.

Maybe we should update more frequently. I can see there's one vulnerability mentioned on the changelog, which is fixed in 2.4.11

[mkllnk]

Cool, I think that this should be deployed on all staging servers to check that it works.

[mkllnk]

Hm, we are on Rails 7.0.5 already...

[mkllnk]

I'm wondering what to test. Maybe let's test bulk invoice printing because it uses cable_ready.

[mkllnk]

Or vouchers.

[drummer83]

Thank you team, and thanks @mkllnk for providing some test instructions.

I have tested both, bulk invoice printing and vouchers (backoffice and checkout) and everything seems to work normal.

Merging! 🚀

[Matt-Yorkley]

Just noting that there was a Bugnag error when this branch was deployed:

https://app.bugsnag.com/yaycode/openfoodnetwork-uk/errors/648ae242d005e000071e956b?event_id=648ae24200be763ca81e0000&i=sk&m=nw

[filipefurtad0]

Thanks @Matt-Yorkley ,
Something to keep in mind when testing master, or the upcoming release 👍

[filipefurtad0]

It seems this PR introduced flakyness affecting several specs on the build, opened an issue here.

[mkllnk]

there was a Bugnag error when this branch was deployed

That error is still there. Just happened again. It seems to happen every few hours and then four times in a row. I wonder if we should revert until we know what's going on. I'm drafting a release today, so I'll look into it for a bit but if I can't see an immediate solution I may revert this.

[mkllnk]

I'll revert this. we have several errors which seem to relate to redis and caching:

• ERR Protocol error: too big inline request (Redis::CommandError) redis/redis-rb#1185
• https://github.com/openfoodfoundation/openfoodnetwork/actions/runs/5284538145/jobs/9562077749
• https://github.com/openfoodfoundation/openfoodnetwork/actions/runs/5284538145/jobs/9562079308