feat: Provide scaler for Amazon managed service for Prometheus

[sguruvar]

Provide a description of what has been changed

Checklist

• When introducing a new scaler, I agree with the scaling governance policy
• [X ] I have verified that my change is according to the deprecations & breaking changes policy
• [ X] Tests have been added
• Changelog has been updated and is aligned with our changelog requirements
• A PR is opened to update our Helm chart (repo) (if applicable, ie. when deployment manifests are modified)
• A PR is opened to update the documentation on (repo) (if applicable)
• Commits are signed with Developer Certificate of Origin (DCO - learn more)

Fixes #2214 (comment)

Relates to #

[github-actions]

Thank you for your contribution! 🙏 We will review your PR as soon as possible.

While you are waiting, make sure to:

• Add an entry in our changelog in alphabetical order and link related issue
• Update the documentation, if needed
• Add unit & e2e tests for your changes
• GitHub checks are passing
• Is the DCO check failing? Here is how you can fix DCO issues

Learn more about:

• Our contribution guide

[tomkerkhove]

Can you add some e2e tests please

[sguruvar]

Can you add some e2e tests please

hi @tomkerkhove : Added e2e tests here https://github.com/sguruvar/keda/blob/main/tests/scalers/aws/aws_managed_prometheus/aws_managed_prometheus_test.go.. I believe this is part of the PR. Please let me know for any changes/issues. Thanks

[JorTurFer]

Nice improvement! some comments inline

[sguruvar]

Incorporated review comments.

[JorTurFer]

can't you just do something like:

Suggested change

	cs, err := awsCfg.Credentials.Retrieve(context.Background())
	if err != nil {
	return nil, err
	}
	creds := credentials.NewStaticCredentials(cs.AccessKeyID, cs.SecretAccessKey, "")
	signer := v4.NewSigner(creds)
	signer := v4.NewSigner(awsCfg.Credentials)

I'm afraid in case of podIdentity what will happen with cs.AccessKeyID, cs.SecretAccessKey

[sguruvar]

NewSigner doesnt take awsCfg.credentials.. this works with the pod identity e2e testing for aws_managed_prometheus

[JorTurFer]

We have to use https://pkg.go.dev/github.com/aws/aws-sdk-go-v2/service/amp as it's part of skd-v2.

You can init there client with NewFromConfig and it uses aws.Config, which is the output of https://github.com/kedacore/keda/blob/main/pkg/scalers/aws/aws_common.go#L53

[JorTurFer]

/run-e2e aws_managed_prometheus
Update: You can check the progress here

[JorTurFer]

please, execute also:

go mod tidy
go mod vendor

and push the changes too.
We use vendor folder, so you need to update the deps as they look inconsistent

[sguruvar]

please, execute also:

go mod tidy
go mod vendor

and push the changes too. We use vendor folder, so you need to update the deps as they look inconsistent

Pushed

[sguruvar]

please, execute also:

go mod tidy
go mod vendor

and push the changes too. We use vendor folder, so you need to update the deps as they look inconsistent

Pusehd

[sguruvar]

Appreciate any updates on the merge.. thanks

[JorTurFer]

Please rebase your PR. We've added a new authentication way. All the conflicts are related with deps (go.mod and go.sum + vendor).

There is also an small change to be done in the authentication part. We've updated this method that has to be used because it supports all the podIdentities out-of-the-box and also it manages credentials caching/sharing to reduce the amount of tokens for the same roleArn.

[JorTurFer]

We have migrated to github.com/aws/aws-sdk-go-v2, please don't use github.com/aws/aws-sdk-go

[semgrep-app]

Semgrep found 1 hash-sum-without-write finding:

• pkg/scalers/aws_sigv4.go: L46-47

odd hash.Sum call flow

_{Ignore this finding from hash-sum-without-write.}

[semgrep-app]

Semgrep found 1 hash-sum-without-write finding:

• pkg/scalers/aws_sigv4.go: L40-41

odd hash.Sum call flow

_{Ignore this finding from hash-sum-without-write.}