-
Notifications
You must be signed in to change notification settings - Fork 439
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feature[v2]: adding documentation regarding authentication in metric scalers #260
feature[v2]: adding documentation regarding authentication in metric scalers #260
Conversation
I'll review it ASAP but can you update the trigger spec as well please? |
Hey didn't get this part? Did it miss something in the documentation? |
I've missed the implementation side of things but presume we do not only support authentication parameters but define it in https://github.com/kedacore/keda-docs/pull/260/files#diff-2079ef1d5bc7dbe2c2470f43d8749c87R19-R24 as well by using |
Just as an example @aman-bansal: apiVersion: v1
kind: Secret
metadata:
name: keda-metric-api-secret
namespace: default
data:
authMode: "apiKeyAuth"
apiKey: "APIKEY"
method: "query"
keyParamName: "QUERY_KEY"
---
apiVersion: keda.sh/v1alpha1
kind: TriggerAuthentication
metadata:
name: keda-metric-api-creds
namespace: default
spec:
secretTargetRef:
- parameter: authMode
name: keda-metric-api-secret
key: authMode
- parameter: apiKey
name: keda-metric-api-secret
key: apiKey
- parameter: method
name: keda-metric-api-secret
key: method
- parameter: keyParamName
name: keda-metric-api-secret
key: keyParamName
---
apiVersion: keda.sh/v1alpha1
kind: ScaledObject
metadata:
name: http-scaledobject
namespace: keda
labels:
deploymentName: dummy
spec:
maxReplicaCount: 12
scaleTargetRef:
name: dummy
triggers:
- type: metrics-api
metadata:
targetValue: "7"
url: "http://api:3232/components/stats"
valueLocation: 'components.worker.tasks'
authenticationRef:
name: keda-metric-api-creds But I'd expect to be able to define it like this: apiVersion: keda.sh/v1alpha1
kind: ScaledObject
metadata:
name: http-scaledobject
namespace: keda
labels:
deploymentName: dummy
spec:
maxReplicaCount: 12
scaleTargetRef:
name: dummy
triggers:
- type: metrics-api
metadata:
targetValue: "7"
url: "http://api:3232/components/stats"
valueLocation: 'components.worker.tasks'
authMode: apiKeyAuth
method: query
keyParamName: QUERY_KEY
authenticationRef:
name: keda-metric-api-creds |
Guys I am on leave for two weeks. Will be back next week. Will continue with this after that :) |
@aman-bansal could you please update and rebase this PR? thanks! |
Okay, so what I understand from this is only critical security params like username or password should be passed via auth params. Other parameters should use basic metadata map. @tomkerkhove is my understanding correct? |
…scalers Signed-off-by: aman-bansal <[email protected]>
Signed-off-by: aman-bansal <[email protected]>
a4d93fc
to
c0c214f
Compare
Yes, TriggerAuthentication is only for secrets |
@tomkerkhove I have updated the docs. Now, these changes require an update of the scaler itself. Here is the PR for that kedacore/keda#1258 |
Signed-off-by: aman-bansal <[email protected]>
6b17eb6
to
85487f2
Compare
The PR is merged, I'll keep this PR for Tom's review. Thanks @aman-bansal ! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, thanks!
This is related to kedacore/keda#1137 . Authentication methods for metric scaler api has been added. Currently supported authModes are API key-based authentication, Basic Authentication and TLS authentication.
Relates to kedacore/keda#1082
Relates to kedacore/keda#1083
Relates to kedacore/keda#1084
Signed-off-by: aman-bansal [email protected]