feature[v2]: adding documentation regarding authentication in metric scalers #260
Conversation
aman-bansal
requested review from
ahmelsayed,
jeffhollan,
tomkerkhove and
zroubalik
as code owners
|
I'll review it ASAP but can you update the trigger spec as well please? |
Hey didn't get this part? Did it miss something in the documentation? |
|
I've missed the implementation side of things but presume we do not only support authentication parameters but define it in https://github.com/kedacore/keda-docs/pull/260/files#diff-2079ef1d5bc7dbe2c2470f43d8749c87R19-R24 as well by using |
|
Just as an example @aman-bansal: apiVersion: v1
kind: Secret
metadata:
name: keda-metric-api-secret
namespace: default
data:
authMode: "apiKeyAuth"
apiKey: "APIKEY"
method: "query"
keyParamName: "QUERY_KEY"
---
apiVersion: keda.sh/v1alpha1
kind: TriggerAuthentication
metadata:
name: keda-metric-api-creds
namespace: default
spec:
secretTargetRef:
- parameter: authMode
name: keda-metric-api-secret
key: authMode
- parameter: apiKey
name: keda-metric-api-secret
key: apiKey
- parameter: method
name: keda-metric-api-secret
key: method
- parameter: keyParamName
name: keda-metric-api-secret
key: keyParamName
---
apiVersion: keda.sh/v1alpha1
kind: ScaledObject
metadata:
name: http-scaledobject
namespace: keda
labels:
deploymentName: dummy
spec:
maxReplicaCount: 12
scaleTargetRef:
name: dummy
triggers:
- type: metrics-api
metadata:
targetValue: "7"
url: "http://api:3232/components/stats"
valueLocation: 'components.worker.tasks'
authenticationRef:
name: keda-metric-api-credsBut I'd expect to be able to define it like this: apiVersion: keda.sh/v1alpha1
kind: ScaledObject
metadata:
name: http-scaledobject
namespace: keda
labels:
deploymentName: dummy
spec:
maxReplicaCount: 12
scaleTargetRef:
name: dummy
triggers:
- type: metrics-api
metadata:
targetValue: "7"
url: "http://api:3232/components/stats"
valueLocation: 'components.worker.tasks'
authMode: apiKeyAuth
method: query
keyParamName: QUERY_KEY
authenticationRef:
name: keda-metric-api-creds |
|
Guys I am on leave for two weeks. Will be back next week. Will continue with this after that :) |
|
@aman-bansal could you please update and rebase this PR? thanks! |
Okay, so what I understand from this is only critical security params like username or password should be passed via auth params. Other parameters should use basic metadata map. @tomkerkhove is my understanding correct? |
…scalers Signed-off-by: aman-bansal <[email protected]>
Signed-off-by: aman-bansal <[email protected]>
aman-bansal
force-pushed
the
docs/auth_metric_scaler
branch
from
a4d93fc
to
c0c214f
Compare
Yes, TriggerAuthentication is only for secrets |
|
@tomkerkhove I have updated the docs. Now, these changes require an update of the scaler itself. Here is the PR for that kedacore/keda#1258 |
Signed-off-by: aman-bansal <[email protected]>
aman-bansal
force-pushed
the
docs/auth_metric_scaler
branch
from
6b17eb6
to
85487f2
Compare
The PR is merged, I'll keep this PR for Tom's review. Thanks @aman-bansal ! |
This is related to kedacore/keda#1137 . Authentication methods for metric scaler api has been added. Currently supported authModes are API key-based authentication, Basic Authentication and TLS authentication.
Relates to kedacore/keda#1082
Relates to kedacore/keda#1083
Relates to kedacore/keda#1084
Signed-off-by: aman-bansal [email protected]