From cd2f25071c0d60d56bc6500ddcb547c9a97bcfa9 Mon Sep 17 00:00:00 2001
From: decobot <capy@deco.cx>
Date: Fri, 17 Apr 2026 20:11:43 -0300
Subject: [PATCH] fix(valkey): pass SentinelPassword to FailoverClient

The FailoverClient needs SentinelPassword to authenticate with
Sentinel when auth is enabled (sentinel: true in Bitnami chart).
Without it, the client fails with NOAUTH when discovering the master.

Uses the same AdminPassword since the Bitnami chart configures
Sentinel with the master password when sentinel auth is enabled.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 internal/valkey/client.go | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/internal/valkey/client.go b/internal/valkey/client.go
index 1472e16..58bb377 100644
--- a/internal/valkey/client.go
+++ b/internal/valkey/client.go
@@ -85,9 +85,10 @@ func NewDirectClient(addr, password string) Client {
 // master and all replicas.
 func NewSentinelClient(cfg Config) Client {
 	master := redis.NewFailoverClient(&redis.FailoverOptions{
-		MasterName:    cfg.MasterName,
-		SentinelAddrs: cfg.SentinelAddrs,
-		Password:      cfg.AdminPassword,
+		MasterName:       cfg.MasterName,
+		SentinelAddrs:    cfg.SentinelAddrs,
+		Password:         cfg.AdminPassword,
+		SentinelPassword: cfg.AdminPassword,
 	})
 	return &sentinelClient{master: master, cfg: cfg}
 }