Skip to content

Commit

Permalink
Declarative scaler config (kedacore#5676)
Browse files Browse the repository at this point in the history
Signed-off-by: Jan Wozniak <[email protected]>
  • Loading branch information
wozniakjan authored May 13, 2024
1 parent 6112b0a commit 613919b
Show file tree
Hide file tree
Showing 6 changed files with 1,133 additions and 149 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,7 @@ To learn more about active deprecations, we recommend checking [GitHub Discussio
### New

- TODO ([#XXX](https://github.com/kedacore/keda/issues/XXX))
- **General**: Declarative parsing of scaler config ([#5037](https://github.com/kedacore/keda/issues/5037))

#### Experimental

Expand Down
128 changes: 128 additions & 0 deletions pkg/scalers/authentication/authentication_types.go
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
package authentication

import (
"fmt"
"net/url"
"time"
)
Expand Down Expand Up @@ -31,6 +32,8 @@ const (
FastHTTP // FastHTTP Fast http client.
)

// AuthMeta is the metadata for the authentication types
// Deprecated: use Config instead
type AuthMeta struct {
// bearer auth
EnableBearerAuth bool
Expand Down Expand Up @@ -61,6 +64,131 @@ type AuthMeta struct {
CustomAuthValue string
}

// BasicAuth is a basic authentication type
type BasicAuth struct {
Username string `keda:"name=username, order=authParams"`
Password string `keda:"name=password, order=authParams"`
}

// CertAuth is a client certificate authentication type
type CertAuth struct {
Cert string `keda:"name=cert, order=authParams"`
Key string `keda:"name=key, order=authParams"`
CA string `keda:"name=ca, order=authParams"`
}

// OAuth is an oAuth2 authentication type
type OAuth struct {
OauthTokenURI string `keda:"name=oauthTokenURI, order=authParams"`
Scopes []string `keda:"name=scopes, order=authParams"`
ClientID string `keda:"name=clientID, order=authParams"`
ClientSecret string `keda:"name=clientSecret, order=authParams"`
EndpointParams url.Values `keda:"name=endpointParams, order=authParams"`
}

// CustomAuth is a custom header authentication type
type CustomAuth struct {
CustomAuthHeader string `keda:"name=customAuthHeader, order=authParams"`
CustomAuthValue string `keda:"name=customAuthValue, order=authParams"`
}

// Config is the configuration for the authentication types
type Config struct {
Modes []Type `keda:"name=authModes, order=triggerMetadata, enum=apiKey;basic;tls;bearer;custom;oauth, exclusiveSet=bearer;basic;oauth, optional"`

BearerToken string `keda:"name=bearerToken, order=authParams, optional"`
BasicAuth `keda:"optional"`
CertAuth `keda:"optional"`
OAuth `keda:"optional"`
CustomAuth `keda:"optional"`
}

// Disabled returns true if no auth modes are enabled
func (c *Config) Disabled() bool {
return c == nil || len(c.Modes) == 0
}

// Enabled returns true if given auth mode is enabled
func (c *Config) Enabled(mode Type) bool {
for _, m := range c.Modes {
if m == mode {
return true
}
}
return false
}

// helpers for checking enabled auth modes
func (c *Config) EnabledTLS() bool { return c.Enabled(TLSAuthType) }
func (c *Config) EnabledBasicAuth() bool { return c.Enabled(BasicAuthType) }
func (c *Config) EnabledBearerAuth() bool { return c.Enabled(BearerAuthType) }
func (c *Config) EnabledOAuth() bool { return c.Enabled(OAuthType) }
func (c *Config) EnabledCustomAuth() bool { return c.Enabled(CustomAuthType) }

// GetBearerToken returns the bearer token with the Bearer prefix
func (c *Config) GetBearerToken() string {
return fmt.Sprintf("Bearer %s", c.BearerToken)
}

// Validate validates the Config and returns an error if it is invalid
func (c *Config) Validate() error {
if c.Disabled() {
return nil
}
if c.EnabledBearerAuth() && c.BearerToken == "" {
return fmt.Errorf("bearer token is required when bearer auth is enabled")
}
if c.EnabledBasicAuth() && c.Username == "" {
return fmt.Errorf("username is required when basic auth is enabled")
}
if c.EnabledTLS() && (c.Cert == "" || c.Key == "") {
return fmt.Errorf("cert and key are required when tls auth is enabled")
}
if c.EnabledOAuth() && (c.OauthTokenURI == "" || c.ClientID == "" || c.ClientSecret == "") {
return fmt.Errorf("oauthTokenURI, clientID and clientSecret are required when oauth is enabled")
}
if c.EnabledCustomAuth() && (c.CustomAuthHeader == "" || c.CustomAuthValue == "") {
return fmt.Errorf("customAuthHeader and customAuthValue are required when custom auth is enabled")
}
return nil
}

// ToAuthMeta converts the Config to deprecated AuthMeta
func (c *Config) ToAuthMeta() *AuthMeta {
if c.Disabled() {
return nil
}
return &AuthMeta{
// bearer auth
EnableBearerAuth: c.EnabledBearerAuth(),
BearerToken: c.BearerToken,

// basic auth
EnableBasicAuth: c.EnabledBasicAuth(),
Username: c.Username,
Password: c.Password,

// client certification
EnableTLS: c.EnabledTLS(),
Cert: c.Cert,
Key: c.Key,
CA: c.CA,

// oAuth2
EnableOAuth: c.EnabledOAuth(),
OauthTokenURI: c.OauthTokenURI,
Scopes: c.Scopes,
ClientID: c.ClientID,
ClientSecret: c.ClientSecret,
EndpointParams: c.EndpointParams,

// custom auth header
EnableCustomAuth: c.EnabledCustomAuth(),
CustomAuthHeader: c.CustomAuthHeader,
CustomAuthValue: c.CustomAuthValue,
}
}

type HTTPTransport struct {
MaxIdleConnDuration time.Duration
ReadTimeout time.Duration
Expand Down
Loading

0 comments on commit 613919b

Please sign in to comment.