Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Non-public cloud support for Azure Key Vault. #2827

Merged
merged 3 commits into from
Mar 29, 2022
Merged

Non-public cloud support for Azure Key Vault. #2827

merged 3 commits into from
Mar 29, 2022

Conversation

v-shenoy
Copy link
Contributor

@v-shenoy v-shenoy commented Mar 26, 2022
edited
Loading

Signed-off-by: Vighnesh Shenoy vshenoy@microsoft.com

Azure Key Vault now supports non-public clouds via the cloud parameter.

Sample TriggerAuthentication definition with keyvault.

apiVersion: keda.sh/v1alpha1
kind: TriggerAuthentication
metadata:
  name: triggerauth-name
  namespace: default
spec:
  azureKeyVault:
    vaultUri: <vault-uri>
    credentials:  
      clientId: <active-directory-client-id>
      clientSecret:
        valueFrom:
          secretKeyRef:
            name: <secret-containing-client-password>
            key: <key-within-secret>
      tenantId: <active-directory-tenant-id>
    cloud: # Optional
      type: private # Required
      keyVaultResourceURL: <key-vault-resource-url-for-cloud> # Required when type = private
      activeDirectoryEndpoint: <active-directory-endpoint-for-cloud> # Required when type = private
    secrets: 
    - parameter: <param-name-for-scaled-object>
      name: <secret-name-in-key-vault>

Documentation PR - kedacore/keda-docs#732

Checklist

  • Commits are signed with Developer Certificate of Origin (DCO - learn more)
  • Tests have been added
  • A PR is opened to update our Helm chart (repo) (if applicable, ie. when deployment manifests are modified)
  • A PR is opened to update the documentation on (repo) (if applicable)
  • Changelog has been updated and is aligned with our changelog requirements

Relates to #2733

@v-shenoy
Non-public cloud support for Azure Key Vault.
505a17c 
Signed-off-by: Vighnesh Shenoy <vshenoy@microsoft.com>
@v-shenoy v-shenoy requested a review from a team as a code owner March 26, 2022 11:32
@tomkerkhove
Copy link
Member

Might be good to align the cloud information with scalers maybe?

What about this?

-cloudInfo: # Optional
+cloud:
  type: private # Required
-  keyVaultResourceURL: <key-vault-resource-url-for-cloud> # Required when type = private
+  keyVaultResourceUri: <key-vault-resource-url-for-cloud> # Required when type = private
-  activeDirectoryEndpoint: <active-directory-endpoint-for-cloud> # Required when type = private
+  activeDirectoryUri: <active-directory-endpoint-for-cloud> # Required when type = private

@tomkerkhove
Copy link
Member

Can you open a PR for our docs and link it in this PR please? This is why I tend to use "relates to" instead of "fixes" as we always need a link without closing on this PR.

@v-shenoy
Copy link
Contributor Author

Can you open a PR for our docs and link it in this PR please? This is why I tend to use "relates to" instead of "fixes" as we always need a link without closing on this PR.

Was away for some time, am writing the docs as we speak. I don't get the second part of your comment, can you elaborate a bit?

@v-shenoy
Copy link
Contributor Author

Doc PR - kedacore/keda-docs#732

@v-shenoy
Rename parameter for Azure Key Vault in TriggerAuthentication definit…
854af1a 
…ion.

Signed-off-by: Vighnesh Shenoy <vshenoy@microsoft.com>
@v-shenoy
Copy link
Contributor Author

v-shenoy commented Mar 26, 2022
edited
Loading

Changed cloudInfo to cloud

Didn't change the keyVaultResourceURL and activeDirectoryEndpoint as the names align with the changes done for EventHub and Application Insights.

@tomkerkhove

@tomkerkhove
Copy link
Member

Fine by me!

@tomkerkhove
Copy link
Member

Can you open a PR for our docs and link it in this PR please? This is why I tend to use "relates to" instead of "fixes" as we always need a link without closing on this PR.

Was away for some time, am writing the docs as we speak. I don't get the second part of your comment, can you elaborate a bit?

Neermind the second part!

zroubalik
zroubalik reviewed Mar 28, 2022
View reviewed changes
@v-shenoy
Merge changelog entries.
7b1c4e7 
Signed-off-by: Vighnesh Shenoy <vshenoy@microsoft.com>
zroubalik
zroubalik approved these changes Mar 28, 2022
View reviewed changes
Copy link
Member

@zroubalik zroubalik left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@zroubalik zroubalik requested a review from JorTurFer March 29, 2022 07:13
JorTurFer
JorTurFer approved these changes Mar 29, 2022
View reviewed changes
Copy link
Member

@JorTurFer JorTurFer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@JorTurFer
Copy link
Member

Thanks for this improvement! ❤️

@JorTurFer JorTurFer merged commit 4a36fb0 into kedacore:main Mar 29, 2022
@v-shenoy v-shenoy deleted the npc-key-vault branch March 29, 2022 21:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zroubalik zroubalik zroubalik approved these changes

@JatinSanghvi JatinSanghvi JatinSanghvi approved these changes

@JorTurFer JorTurFer JorTurFer approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@v-shenoy @tomkerkhove @JorTurFer @zroubalik @JatinSanghvi