Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add GCP identity authentication when using Pubsub Scaler #2225

Merged
merged 4 commits into from
Nov 3, 2021
Merged

Add GCP identity authentication when using Pubsub Scaler #2225

merged 4 commits into from
Nov 3, 2021

Conversation

jmalvarezf-lmes
Copy link
Contributor

Hi,

This tries to partially fix this issue: #2048. Basically the fix consist on using the gcp identity framework so that when you do a request to stackdriver to get the number of undelivered messages, you use the service account associated to the machine (GCE), instead of using a service account in a secret. That allows to use this very useful scaler without creating a service account and a secret and you can use a Cluster Trigger Authentication widely to use the underlying service account. I couldn't create tests, as this relies on being executed on GCP. But I've tested it in our environment and it works.

Hope it is useful for you.

I wait for you to check this, and if it is useful, and you agree, I will change the docs to adapt to this new method.

Regards,

Jose Maria.

Try to correct go-critics
3f2f52f 
Signed-off-by: Jose Maria Alvarez <[email protected]>
zroubalik
zroubalik reviewed Nov 3, 2021
View reviewed changes
Copy link
Member

@zroubalik zroubalik left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looking good! Please update Changelog and modify docs for 2.5. Thanks!

@jmalvarezf-lmes jmalvarezf-lmes mentioned this pull request Nov 3, 2021
Merged
@jmalvarezf-lmes
Copy link
Contributor Author

@zroubalik please check if everything is fine. Thank you!

@tomkerkhove tomkerkhove added this to the v2.5.0 milestone Nov 3, 2021
zroubalik
zroubalik approved these changes Nov 3, 2021
View reviewed changes
Copy link
Member

@zroubalik zroubalik left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks for the contribution @jmalvarezf-lmes!

@zroubalik zroubalik changed the title Add modifications on gcp pubsub scaler to use underlying compute engi… Add GCP identity authentication when using Pubsub Scaler Nov 3, 2021
@zroubalik zroubalik merged commit 744fa09 into kedacore:main Nov 3, 2021
@jmalvarezf-lmes
Copy link
Contributor Author

You are welcome!

@hermanbanken
Copy link
Contributor

Nice, thanks!

@hermanbanken hermanbanken mentioned this pull request Nov 11, 2021
Merged
1 task
@hermanbanken
Copy link
Contributor

hermanbanken commented Nov 11, 2021
edited
Loading

Did I understand correctly how to use it (see docs I attempted to create)?

@jmalvarezf-lmes
Copy link
Contributor Author

@hermanbanken yes, that is the idea. We have it running like this in our environment. We do not use workload identity, but the functionality is exactly the same.

@hermanbanken
Copy link
Contributor

I completely missed kedacore/keda-docs#565... 😅

@zroubalik
Copy link
Member

@hermanbanken lol 😄 but would be nice if you can add your improvements

@hermanbanken hermanbanken mentioned this pull request Jan 2, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zroubalik zroubalik zroubalik approved these changes

@ahmelsayed ahmelsayed Awaiting requested review from ahmelsayed

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v2.5.0
Development

Successfully merging this pull request may close these issues.
4 participants
@jmalvarezf-lmes @hermanbanken @zroubalik @tomkerkhove