Skip to content

Commit

Permalink
Provide support for Azure Key Vault in TriggerAuthentication. (kedaco…
Browse files Browse the repository at this point in the history 
…re#2727)

Signed-off-by: Vighnesh Shenoy <[email protected]>
Signed-off-by: Ram Cohen <[email protected]>
  • Loading branch information
@v-shenoy @RamCohen
v-shenoy authored and RamCohen committed Mar 23, 2022
1 parent 3fcb7a7 commit 118880e
Show file tree
Hide file tree
Showing 9 changed files with 537 additions and 0 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@
- **General:** Introduce new Azure Data Explorer Scaler ([#1488](https://github.com/kedacore/keda/issues/1488))
- **General:** Introduce new GCP Storage Scaler ([#2628](https://github.com/kedacore/keda/issues/2628))
- **General:** Introduce ARM-based container image for KEDA ([#2263](https://github.com/kedacore/keda/issues/2263) & [#2262](https://github.com/kedacore/keda/issues/2262))
- **General:** Provide support for authentication via Azure Key Vault ([#900](https://github.com/kedacore/keda/issues/900))

### Improvements

Expand Down
36 changes: 36 additions & 0 deletions apis/keda/v1alpha1/triggerauthentication_types.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -75,6 +75,9 @@ type TriggerAuthenticationSpec struct {

// +optional
HashiCorpVault *HashiCorpVault `json:"hashiCorpVault,omitempty"`

// +optional
AzureKeyVault *AzureKeyVault `json:"azureKeyVault,omitempty"`
}

// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
Expand Down Expand Up @@ -175,6 +178,39 @@ type VaultSecret struct {
Key string `json:"key"`
}

// AzureKeyVault is used to authenticate using Azure Key Vault
type AzureKeyVault struct {
VaultURI string `json:"vaultUri"`
Credentials *AzureKeyVaultCredentials `json:"credentials"`
Secrets []AzureKeyVaultSecret `json:"secrets"`
}

type AzureKeyVaultCredentials struct {
ClientID string `json:"clientId"`
ClientSecret *AzureKeyVaultClientSecret `json:"clientSecret"`
TenantID string `json:"tenantId"`
}

type AzureKeyVaultClientSecret struct {
ValueFrom ValueFromSecret `json:"valueFrom"`
}

type ValueFromSecret struct {
SecretKeyRef SecretKeyRef `json:"secretKeyRef"`
}

type SecretKeyRef struct {
Name string `json:"name"`
Key string `json:"key"`
}

type AzureKeyVaultSecret struct {
Parameter string `json:"parameter"`
Name string `json:"name"`
// +optional
Version string `json:"version,omitempty"`
}

func init() {
SchemeBuilder.Register(&ClusterTriggerAuthentication{}, &ClusterTriggerAuthenticationList{})
SchemeBuilder.Register(&TriggerAuthentication{}, &TriggerAuthenticationList{})
Expand Down
112 changes: 112 additions & 0 deletions apis/keda/v1alpha1/zz_generated.deepcopy.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

56 changes: 56 additions & 0 deletions config/crd/bases/keda.sh_clustertriggerauthentications.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,62 @@ spec:
spec:
description: TriggerAuthenticationSpec defines the various ways to authenticate
properties:
azureKeyVault:
description: AzureKeyVault is used to authenticate using Azure Key
Vault
properties:
credentials:
properties:
clientId:
type: string
clientSecret:
properties:
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
required:
- secretKeyRef
type: object
required:
- valueFrom
type: object
tenantId:
type: string
required:
- clientId
- clientSecret
- tenantId
type: object
secrets:
items:
properties:
name:
type: string
parameter:
type: string
version:
type: string
required:
- name
- parameter
type: object
type: array
vaultUri:
type: string
required:
- credentials
- secrets
- vaultUri
type: object
env:
items:
description: AuthEnvironment is used to authenticate using environment
Expand Down
56 changes: 56 additions & 0 deletions config/crd/bases/keda.sh_triggerauthentications.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,62 @@ spec:
spec:
description: TriggerAuthenticationSpec defines the various ways to authenticate
properties:
azureKeyVault:
description: AzureKeyVault is used to authenticate using Azure Key
Vault
properties:
credentials:
properties:
clientId:
type: string
clientSecret:
properties:
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
required:
- secretKeyRef
type: object
required:
- valueFrom
type: object
tenantId:
type: string
required:
- clientId
- clientSecret
- tenantId
type: object
secrets:
items:
properties:
name:
type: string
parameter:
type: string
version:
type: string
required:
- name
- parameter
type: object
type: array
vaultUri:
type: string
required:
- credentials
- secrets
- vaultUri
type: object
env:
items:
description: AuthEnvironment is used to authenticate using environment
Expand Down
Loading

0 comments on commit 118880e

Please sign in to comment.