Skip to content

Commit

Permalink
feat(scaler): Add TLS support for Artemis scaler
Browse files Browse the repository at this point in the history 
Initial implementation for TLS support in Artemis Scaler.
Issue: kedacore#6448

Signed-off-by: Chirag Bhatia <[email protected]>
  • Loading branch information
@chiragbhatia8
chiragbhatia8 committed Jan 9, 2025
1 parent 85d4dca commit b40d166
Show file tree
Hide file tree
Showing 2 changed files with 71 additions and 5 deletions.
49 changes: 44 additions & 5 deletions pkg/scalers/artemis_scaler.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,12 @@ type artemisMetadata struct {
QueueLength int64 `keda:"name=queueLength, order=triggerMetadata, optional, default=10"`
ActivationQueueLength int64 `keda:"name=activationQueueLength, order=triggerMetadata, optional, default=10"`
CorsHeader string `keda:"name=corsHeader, order=triggerMetadata, optional"`
UnsafeSsl bool `keda:"name=unsafeSsl, order=triggerMetadata, optional, default=false"`
TLS bool `keda:"name=tls, order=triggerMetadata, optional, default=false"`
CA string `keda:"name=ca, order=triggerMetadata, optional"`
Cert string `keda:"name=cert, order=triggerMetadata, optional"`
Key string `keda:"name=key, order=triggerMetadata, optional"`
KeyPassword string `keda:"name=keyPassword, order=triggerMetadata, optional"`
}

//revive:enable:var-naming
Expand Down Expand Up @@ -77,15 +83,24 @@ func (a *artemisMetadata) Validate() error {
if a.CorsHeader == "" {
a.CorsHeader = fmt.Sprintf(defaultCorsHeader, a.ManagementEndpoint)
}

if (a.Cert == "") != (a.Key == "") {
return fmt.Errorf("both cert and key must be provided when using TLS")
}

if a.TLS && a.CA == "" {
return fmt.Errorf("CA certificate must be provided when using TLS")
}

if a.TLS && a.UnsafeSsl {
return fmt.Errorf("'tls' and 'unsafeSsl' cannot both be specified")
}

return nil
}

// NewArtemisQueueScaler creates a new artemis queue Scaler
func NewArtemisQueueScaler(config *scalersconfig.ScalerConfig) (Scaler, error) {
// do we need to guarantee this timeout for a specific
// reason? if not, we can have buildScaler pass in
// the global client
httpClient := kedautil.CreateHTTPClient(config.GlobalHTTPTimeout, false)

metricType, err := GetMetricTargetType(config)
if err != nil {
Expand All @@ -96,6 +111,24 @@ func NewArtemisQueueScaler(config *scalersconfig.ScalerConfig) (Scaler, error) {
if err != nil {
return nil, fmt.Errorf("error parsing artemis metadata: %w", err)
}
// do we need to guarantee this timeout for a specific
// reason? if not, we can have buildScaler pass in
// the global client
httpClient := kedautil.CreateHTTPClient(config.GlobalHTTPTimeout, artemisMetadata.UnsafeSsl)

if artemisMetadata.TLS {
tlsConfig, err := kedautil.NewTLSConfigWithPassword(
artemisMetadata.Cert,
artemisMetadata.Key,
artemisMetadata.KeyPassword,
artemisMetadata.CA,
artemisMetadata.UnsafeSsl,
)
if err != nil {
return nil, fmt.Errorf("failed to configure TLS: %w", err)
}
httpClient.Transport = kedautil.CreateHTTPTransportWithTLSConfig(tlsConfig)
}

return &artemisScaler{
metricType: metricType,
Expand Down Expand Up @@ -149,7 +182,13 @@ func getAPIParameters(meta artemisMetadata) (artemisMetadata, error) {
}

func (s *artemisScaler) getMonitoringEndpoint() string {
replacer := strings.NewReplacer("<<managementEndpoint>>", s.metadata.ManagementEndpoint,
scheme := "http"

if s.metadata.TLS {
scheme = "https"
}
replacer := strings.NewReplacer(
"<<managementEndpoint>>", fmt.Sprintf("%s://%s", scheme, s.metadata.ManagementEndpoint),
"<<queueName>>", s.metadata.QueueName,
"<<brokerName>>", s.metadata.BrokerName,
"<<brokerAddress>>", s.metadata.BrokerAddress)
Expand Down
27 changes: 27 additions & 0 deletions pkg/scalers/artemis_scaler_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -163,3 +163,30 @@ func TestArtemisGetMetricSpecForScaling(t *testing.T) {
}
}
}

func TestArtemisTLSConfiguration(t *testing.T) {
metadata := map[string]string{
"managementEndpoint": "localhost:8161",
"queueName": "queue1",
"brokerName": "broker-activemq",
"brokerAddress": "test",
"ca": "/path/to/ca.pem",
"cert": "/path/to/cert.pem",
"key": "/path/to/key.pem",
}

resolvedEnv := map[string]string{
"username": "admin",
"password": "admin",
}

_, err := parseArtemisMetadata(&scalersconfig.ScalerConfig{
ResolvedEnv: resolvedEnv,
TriggerMetadata: metadata,
AuthParams: artemisAuthParams, // Ensure valid AuthParams are provided
})

if err != nil {
t.Errorf("Expected success but got error: %v", err)
}
}

0 comments on commit b40d166

Please sign in to comment.