Declarative scaler config (#5676)

Signed-off-by: Jan Wozniak <[email protected]>
kedacore · May 13, 2024 · 613919b · 613919b
1 parent 6112b0a
commit 613919b
Show file tree

Hide file tree

Showing 6 changed files with 1,133 additions and 149 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -59,6 +59,7 @@ To learn more about active deprecations, we recommend checking [GitHub Discussio
 ### New
 
 - TODO ([#XXX](https://github.com/kedacore/keda/issues/XXX))
+- **General**: Declarative parsing of scaler config ([#5037](https://github.com/kedacore/keda/issues/5037))
 
 #### Experimental
 

diff --git a/pkg/scalers/authentication/authentication_types.go b/pkg/scalers/authentication/authentication_types.go
@@ -1,6 +1,7 @@
 package authentication
 
 import (
+	"fmt"
 	"net/url"
 	"time"
 )
@@ -31,6 +32,8 @@ const (
 	FastHTTP                      // FastHTTP Fast http client.
 )
 
+// AuthMeta is the metadata for the authentication types
+// Deprecated: use Config instead
 type AuthMeta struct {
 	// bearer auth
 	EnableBearerAuth bool
@@ -61,6 +64,131 @@ type AuthMeta struct {
 	CustomAuthValue  string
 }
 
+// BasicAuth is a basic authentication type
+type BasicAuth struct {
+	Username string `keda:"name=username, order=authParams"`
+	Password string `keda:"name=password, order=authParams"`
+}
+
+// CertAuth is a client certificate authentication type
+type CertAuth struct {
+	Cert string `keda:"name=cert, order=authParams"`
+	Key  string `keda:"name=key, order=authParams"`
+	CA   string `keda:"name=ca, order=authParams"`
+}
+
+// OAuth is an oAuth2 authentication type
+type OAuth struct {
+	OauthTokenURI  string     `keda:"name=oauthTokenURI,  order=authParams"`
+	Scopes         []string   `keda:"name=scopes,         order=authParams"`
+	ClientID       string     `keda:"name=clientID,       order=authParams"`
+	ClientSecret   string     `keda:"name=clientSecret,   order=authParams"`
+	EndpointParams url.Values `keda:"name=endpointParams, order=authParams"`
+}
+
+// CustomAuth is a custom header authentication type
+type CustomAuth struct {
+	CustomAuthHeader string `keda:"name=customAuthHeader, order=authParams"`
+	CustomAuthValue  string `keda:"name=customAuthValue,  order=authParams"`
+}
+
+// Config is the configuration for the authentication types
+type Config struct {
+	Modes []Type `keda:"name=authModes, order=triggerMetadata, enum=apiKey;basic;tls;bearer;custom;oauth, exclusiveSet=bearer;basic;oauth, optional"`
+
+	BearerToken string `keda:"name=bearerToken, order=authParams, optional"`
+	BasicAuth   `keda:"optional"`
+	CertAuth    `keda:"optional"`
+	OAuth       `keda:"optional"`
+	CustomAuth  `keda:"optional"`
+}
+
+// Disabled returns true if no auth modes are enabled
+func (c *Config) Disabled() bool {
+	return c == nil || len(c.Modes) == 0
+}
+
+// Enabled returns true if given auth mode is enabled
+func (c *Config) Enabled(mode Type) bool {
+	for _, m := range c.Modes {
+		if m == mode {
+			return true
+		}
+	}
+	return false
+}
+
+// helpers for checking enabled auth modes
+func (c *Config) EnabledTLS() bool        { return c.Enabled(TLSAuthType) }
+func (c *Config) EnabledBasicAuth() bool  { return c.Enabled(BasicAuthType) }
+func (c *Config) EnabledBearerAuth() bool { return c.Enabled(BearerAuthType) }
+func (c *Config) EnabledOAuth() bool      { return c.Enabled(OAuthType) }
+func (c *Config) EnabledCustomAuth() bool { return c.Enabled(CustomAuthType) }
+
+// GetBearerToken returns the bearer token with the Bearer prefix
+func (c *Config) GetBearerToken() string {
+	return fmt.Sprintf("Bearer %s", c.BearerToken)
+}
+
+// Validate validates the Config and returns an error if it is invalid
+func (c *Config) Validate() error {
+	if c.Disabled() {
+		return nil
+	}
+	if c.EnabledBearerAuth() && c.BearerToken == "" {
+		return fmt.Errorf("bearer token is required when bearer auth is enabled")
+	}
+	if c.EnabledBasicAuth() && c.Username == "" {
+		return fmt.Errorf("username is required when basic auth is enabled")
+	}
+	if c.EnabledTLS() && (c.Cert == "" || c.Key == "") {
+		return fmt.Errorf("cert and key are required when tls auth is enabled")
+	}
+	if c.EnabledOAuth() && (c.OauthTokenURI == "" || c.ClientID == "" || c.ClientSecret == "") {
+		return fmt.Errorf("oauthTokenURI, clientID and clientSecret are required when oauth is enabled")
+	}
+	if c.EnabledCustomAuth() && (c.CustomAuthHeader == "" || c.CustomAuthValue == "") {
+		return fmt.Errorf("customAuthHeader and customAuthValue are required when custom auth is enabled")
+	}
+	return nil
+}
+
+// ToAuthMeta converts the Config to deprecated AuthMeta
+func (c *Config) ToAuthMeta() *AuthMeta {
+	if c.Disabled() {
+		return nil
+	}
+	return &AuthMeta{
+		// bearer auth
+		EnableBearerAuth: c.EnabledBearerAuth(),
+		BearerToken:      c.BearerToken,
+
+		// basic auth
+		EnableBasicAuth: c.EnabledBasicAuth(),
+		Username:        c.Username,
+		Password:        c.Password,
+
+		// client certification
+		EnableTLS: c.EnabledTLS(),
+		Cert:      c.Cert,
+		Key:       c.Key,
+		CA:        c.CA,
+
+		// oAuth2
+		EnableOAuth:    c.EnabledOAuth(),
+		OauthTokenURI:  c.OauthTokenURI,
+		Scopes:         c.Scopes,
+		ClientID:       c.ClientID,
+		ClientSecret:   c.ClientSecret,
+		EndpointParams: c.EndpointParams,
+
+		// custom auth header
+		EnableCustomAuth: c.EnabledCustomAuth(),
+		CustomAuthHeader: c.CustomAuthHeader,
+		CustomAuthValue:  c.CustomAuthValue,
+	}
+}
+
 type HTTPTransport struct {
 	MaxIdleConnDuration time.Duration
 	ReadTimeout         time.Duration