Add Doc changes for enableTls and saslAuthType for Kafka Scaler ScaledObject

content/docs/2.10/scalers/apache-kafka.md

@@ -73,6 +73,7 @@ partition will be scaled to zero. See the [discussion](https://github.com/kedaco
 ### Authentication Parameters
 
  You can use `TriggerAuthentication` CRD to configure the authenticate by providing `sasl`, `username` and `password`, in case your Kafka cluster has SASL authentication turned on. If you are using SASL/OAuthbearer you will need to provide `oauthTokenEndpointUri` and `scopes` as required by your OAuth2 provider. If TLS is required you should set `tls` to `enable`. If required for your Kafka configuration, you may also provide a `ca`, `cert`, `key` and `keyPassword`. `cert` and `key` must be specified together.
+ Another alternative is to specify `tls` and `sasl` in ScaledObject instead of TriggerAuthentication.
 
 **Credential based authentication:**
 
@@ -81,8 +82,8 @@ partition will be scaled to zero. See the [discussion](https://github.com/kedaco
 - `sasl` - Kafka SASL auth mode. (Values: `plaintext`, `scram_sha256`, `scram_sha512`, `oauthbearer` or `none`, Default: `none`, Optional)
 - `username` - Username used for sasl authentication. (Optional)
 - `password` - Password used for sasl authentication. (Optional)
-- `oauthTokenEndpointUri` - The OAuth Access Token URI used for oauthbreaker token requests. (Optional unless sasl mode set to oauthbearer)
-- `scopes` - A comma separated lists of OAuth scopes used in the oauthbreaker token requests. (Optional)
+- `oauthTokenEndpointUri` - The OAuth Access Token URI used for oauthbearer token requests. (Optional unless sasl mode set to oauthbearer)
+- `scopes` - A comma separated lists of OAuth scopes used in the oauthbearer token requests. (Optional)
 
 **TLS:**
 
@@ -101,7 +102,7 @@ When a new Kafka consumer is created, it must determine its consumer group initi
 
 ### Example
 
-Your kafka cluster no SASL/TLS auth:
+#### Your kafka cluster has no SASL/TLS auth:
 
 ```yaml
 apiVersion: keda.sh/v1alpha1
@@ -124,7 +125,9 @@ spec:
       offsetResetPolicy: latest
 ```
 
-Your kafka cluster turn on SASL/TLS auth:
+#### Your kafka cluster turns on SASL/TLS auth:
+
+##### Method 1: `tls` and `sasl` are in TriggerAuthentication
 
 ```yaml
 apiVersion: v1
@@ -192,7 +195,71 @@ spec:
       name: keda-trigger-auth-kafka-credential
 ```
 
-Your kafka cluster turn on SASL OAuthbearer/TLS auth:
+##### Method 2: `tls` and `sasl` are in ScaledObject
+
+```yaml
+apiVersion: v1
+kind: Secret
+metadata:
+  name: keda-kafka-secrets
+  namespace: default
+data:
+  username: "admin"
+  password: "admin"
+  ca: <your ca>
+  cert: <your cert>
+  key: <your key>
+---
+apiVersion: keda.sh/v1alpha1
+kind: TriggerAuthentication
+metadata:
+  name: keda-trigger-auth-kafka-credential
+  namespace: default
+spec:
+  secretTargetRef:
+  - parameter: username
+    name: keda-kafka-secrets
+    key: username
+  - parameter: password
+    name: keda-kafka-secrets
+    key: password
+  - parameter: ca
+    name: keda-kafka-secrets
+    key: ca
+  - parameter: cert
+    name: keda-kafka-secrets
+    key: cert
+  - parameter: key
+    name: keda-kafka-secrets
+    key: key
+---
+apiVersion: keda.sh/v1alpha1
+kind: ScaledObject
+metadata:
+  name: kafka-scaledobject
+  namespace: default
+spec:
+  scaleTargetRef:
+    name: azure-functions-deployment
+  pollingInterval: 30
+  triggers:
+  - type: kafka
+    metadata:
+      bootstrapServers: localhost:9092
+      consumerGroup: my-group       # Make sure that this consumer group name is the same one as the one that is consuming topics
+      topic: test-topic
+      tls: enable
+      sasl: plaintext
+      # Optional
+      lagThreshold: "50"
+      offsetResetPolicy: latest
+    authenticationRef:
+      name: keda-trigger-auth-kafka-credential
+```
+
+#### Your kafka cluster turns on SASL OAuthbearer/TLS auth:
+
+##### Method 1: `tls` and `sasl` are in TriggerAuthentication
 
 ```yaml
 apiVersion: v1
@@ -267,3 +334,73 @@ spec:
     authenticationRef:
       name: keda-trigger-auth-kafka-credential
 ```
+
+##### Method 2: `tls` and `sasl` are in ScaledObject
+
+```yaml
+apiVersion: v1
+kind: Secret
+metadata:
+  name: keda-kafka-secrets
+  namespace: default
+data:
+  username: "admin"
+  password: "admin"
+  oauthTokenEndpointUri: "https://tokenendpoint.com/token"
+  scopes: "default"
+  ca: <your ca>
+  cert: <your cert>
+  key: <your key>
+---
+apiVersion: keda.sh/v1alpha1
+kind: TriggerAuthentication
+metadata:
+  name: keda-trigger-auth-kafka-credential
+  namespace: default
+spec:
+  secretTargetRef:
+  - parameter: username
+    name: keda-kafka-secrets
+    key: username
+  - parameter: password
+    name: keda-kafka-secrets
+    key: password
+  - parameter: oauthTokenEndpointUri
+    name: keda-kafka-secrets
+    key: oauthTokenEndpointUri
+  - parameter: scopes
+    name: keda-kafka-secrets
+    key: scopes
+  - parameter: ca
+    name: keda-kafka-secrets
+    key: ca
+  - parameter: cert
+    name: keda-kafka-secrets
+    key: cert
+  - parameter: key
+    name: keda-kafka-secrets
+    key: key
+---
+apiVersion: keda.sh/v1alpha1
+kind: ScaledObject
+metadata:
+  name: kafka-scaledobject
+  namespace: default
+spec:
+  scaleTargetRef:
+    name: azure-functions-deployment
+  pollingInterval: 30
+  triggers:
+  - type: kafka
+    metadata:
+      bootstrapServers: localhost:9092
+      consumerGroup: my-group       # Make sure that this consumer group name is the same one as the one that is consuming topics
+      topic: test-topic
+      tls: enable
+      sasl: oauthbearer
+      # Optional
+      lagThreshold: "50"
+      offsetResetPolicy: latest
+    authenticationRef:
+      name: keda-trigger-auth-kafka-credential
+```