Merge branch 'main' into eventhub-podidentity-storage

Signed-off-by: Andres Petralli <[email protected]>

.devcontainer/Dockerfile

@@ -20,7 +20,7 @@ ENV GO111MODULE=auto
 
 # Configure apt, install packages and tools
 RUN apt-get update \
-    && apt-get -y install --no-install-recommends apt-utils dialog 2>&1 \
+    && apt-get -y install --no-install-recommends apt-utils dialog unzip 2>&1 \
     #
     # Verify git, process tools, lsb-release (common in install instructions for CLIs) installed
     && apt-get -y install git iproute2 procps lsb-release \
@@ -54,6 +54,12 @@ RUN apt-get update \
         # github.com/derekparker/delve/cmd/dlv 2>&1 \ # This pkg deps use generics, we cannot use it till we use go 1.18
     && go install honnef.co/go/tools/cmd/staticcheck@latest \
     && go install golang.org/x/tools/gopls@latest \
+    # Protocol Buffer Compiler
+    && if [ $(dpkg --print-architecture) == "amd64" ]; then PROTOC_ARCH="x86_64"; else PROTOC_ARCH="aarch_64" ; fi \
+    && curl -LO "https://github.com/protocolbuffers/protobuf/releases/download/v3.20.1/protoc-3.20.1-linux-$PROTOC_ARCH.zip" \
+    && unzip "protoc-3.20.1-linux-$PROTOC_ARCH.zip" -d $HOME/.local \
+    && mv $HOME/.local/bin/protoc /usr/local/bin/protoc \
+    && mv $HOME/.local/include/ /usr/local/bin/include/ \
     # Install golangci-lint
     && curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.46.2 \
     #

.github/ISSUE_TEMPLATE/3_bug_report.yml

@@ -57,6 +57,7 @@ body:
     label: KEDA Version
     description: What version of KEDA that are you running?
     options:
+    - "2.8.1"
     - "2.8.0"
     - "2.7.1"
     - "2.7.0"
@@ -78,15 +79,13 @@ body:
     label: Kubernetes Version
     description: What version of Kubernetes that are you running?
     options:
+    - "1.25"
+    - "1.24"
     - "1.23"
     - "1.22"
     - "1.21"
     - "1.20"
-    - "1.19"
-    - "1.18"
-    - "1.17"
-    - "1.16"
-    - "< 1.16"
+    - "< 1.20"
     - "Other"
   validations:
     required: false

.github/ISSUE_TEMPLATE/4_release_tracker.md

@@ -8,7 +8,7 @@ assignees: tomkerkhove,zroubalik,jorturfer
 
 This issue template is used to track the rollout of a new KEDA version.
 
-For the full release process, we recommend reading [this document](https://github.com/kedacore/keda/blob/main/RELEASE-PROCESS.MD).
+For the full release process, we recommend reading [this document](https://github.com/kedacore/keda/blob/main/RELEASE-PROCESS.md).
 
 ## Progress
 

.github/PULL_REQUEST_TEMPLATE.md

@@ -8,6 +8,7 @@ _Provide a description of what has been changed_
 
 ### Checklist
 
+- [ ] When introducing a new scaler, I agree with the [scaling governance policy](https://github.com/kedacore/governance/blob/main/SCALERS.md)
 - [ ] Commits are signed with Developer Certificate of Origin (DCO - [learn more](https://github.com/kedacore/keda/blob/main/CONTRIBUTING.md#developer-certificate-of-origin-signing-your-work))
 - [ ] Tests have been added
 - [ ] A PR is opened to update our Helm chart ([repo](https://github.com/kedacore/charts)) *(if applicable, ie. when deployment manifests are modified)*

.github/workflows/main-build.yml

@@ -29,13 +29,13 @@ jobs:
           echo ::set-output name=build_cache::$(go env GOCACHE)
 
       - name: Go modules cache
-        uses: actions/[email protected].7
+        uses: actions/[email protected].8
         with:
           path: ${{ steps.go-paths.outputs.mod_cache }}
           key: ${{ runner.os }}-go-mod-${{ hashFiles('**/go.sum') }}
 
       - name: Go build cache
-        uses: actions/[email protected].7
+        uses: actions/[email protected].8
         with:
           path: ${{ steps.go-paths.outputs.build_cache }}
           key: ${{ runner.os }}-go-build-cache-${{ hashFiles('**/go.sum') }}
@@ -76,183 +76,51 @@ jobs:
 
   validate:
     needs: build
-    name: validate
-    runs-on: ubuntu-latest
-    # build-tools is built from ../../tools/build-tools.Dockerfile
-    container: ghcr.io/kedacore/build-tools:1.17.13
-    concurrency: e2e-tests
-    steps:
-      - name: Check out code
-        uses: actions/checkout@v3
-        with:
-          fetch-depth: 1
-
-      - name: Register workspace path
-        run: git config --global --add safe.directory "$GITHUB_WORKSPACE"
-
-      - name: Run end to end tests
-        env:
-          AWS_ACCESS_KEY: ${{ secrets.AWS_ACCESS_KEY }}
-          AWS_REGION: ${{ secrets.AWS_REGION }}
-          AWS_SECRET_KEY: ${{ secrets.AWS_SECRET_KEY }}
-          AZURE_APP_INSIGHTS_APP_ID: ${{ secrets.AZURE_APP_INSIGHTS_APP_ID }}
-          AZURE_APP_INSIGHTS_CONNECTION_STRING: ${{ secrets.AZURE_APP_INSIGHTS_CONNECTION_STRING }}
-          AZURE_APP_INSIGHTS_INSTRUMENTATION_KEY: ${{ secrets.AZURE_APP_INSIGHTS_INSTRUMENTATION_KEY }}
-          AZURE_DATA_EXPLORER_DB: ${{ secrets.AZURE_DATA_EXPLORER_DB }}
-          AZURE_DATA_EXPLORER_ENDPOINT: ${{ secrets.AZURE_DATA_EXPLORER_ENDPOINT }}
-          AZURE_DEVOPS_BUILD_DEFINITION_ID: ${{ secrets.AZURE_DEVOPS_BUILD_DEFINITION_ID }}
-          AZURE_DEVOPS_ORGANIZATION_URL: ${{ secrets.AZURE_DEVOPS_ORGANIZATION_URL }}
-          AZURE_DEVOPS_PAT: ${{ secrets.AZURE_DEVOPS_PAT }}
-          AZURE_DEVOPS_POOL_NAME: ${{ secrets.AZURE_DEVOPS_POOL_NAME }}
-          AZURE_DEVOPS_PROJECT: ${{ secrets.AZURE_DEVOPS_PROJECT }}
-          AZURE_KEYVAULT_URI:  ${{ secrets.AZURE_KEYVAULT_URI }}
-          AZURE_LOG_ANALYTICS_WORKSPACE_ID: ${{ secrets.AZURE_LOG_ANALYTICS_WORKSPACE_ID }}
-          AZURE_RESOURCE_GROUP: ${{ secrets.AZURE_RESOURCE_GROUP }}
-          AZURE_RUN_WORKLOAD_IDENTITY_TESTS: true
-          AZURE_SERVICE_BUS_CONNECTION_STRING:  ${{ secrets.AZURE_SERVICE_BUS_CONNECTION_STRING }}
-          AZURE_SERVICE_BUS_ALTERNATIVE_CONNECTION_STRING:  ${{ secrets.AZURE_SERVICE_BUS_ALTERNATIVE_CONNECTION_STRING }}
-          AZURE_SP_APP_ID: ${{ secrets.AZURE_SP_APP_ID }}
-          AZURE_SP_OBJECT_ID: ${{ secrets.AZURE_SP_OBJECT_ID }}
-          AZURE_SP_KEY: ${{ secrets.AZURE_SP_KEY }}
-          AZURE_SP_ALTERNATIVE_APP_ID: ${{ secrets.AZURE_SP_ALTERNATIVE_APP_ID }}
-          AZURE_SP_ALTERNATIVE_OBJECT_ID: ${{ secrets.AZURE_SP_ALTERNATIVE_OBJECT_ID }}
-          AZURE_SP_ALTERNATIVE_KEY: ${{ secrets.AZURE_SP_ALTERNATIVE_KEY }}
-          AZURE_SP_TENANT: ${{ secrets.AZURE_SP_TENANT }}
-          AZURE_STORAGE_CONNECTION_STRING: ${{ secrets.AZURE_STORAGE_CONNECTION_STRING }}
-          AZURE_SUBSCRIPTION: ${{ secrets.AZURE_SUBSCRIPTION }}
-          DATADOG_API_KEY: ${{ secrets.DATADOG_API_KEY}}
-          DATADOG_APP_KEY: ${{ secrets.DATADOG_APP_KEY}}
-          DATADOG_SITE: ${{ secrets.DATADOG_SITE}}
-          GCP_SP_KEY: ${{ secrets.GCP_SP_KEY }}
-          NEWRELIC_ACCOUNT_ID: ${{ secrets.NEWRELIC_ACCOUNT_ID}}
-          NEWRELIC_API_KEY: ${{ secrets.NEWRELIC_API_KEY}}
-          NEWRELIC_LICENSE: ${{ secrets.NEWRELIC_LICENSE}}
-          OIDC_ISSUER_URL: ${{ secrets.OIDC_ISSUER_URLNIGHTLY }}
-          OPENSTACK_AUTH_URL: ${{ secrets.OPENSTACK_AUTH_URL }}
-          OPENSTACK_PASSWORD: ${{ secrets.OPENSTACK_PASSWORD }}
-          OPENSTACK_PROJECT_ID: ${{ secrets.OPENSTACK_PROJECT_ID }}
-          OPENSTACK_USER_ID: ${{ secrets.OPENSTACK_USER_ID }}
-          PREDICTKUBE_API_KEY: ${{ secrets.PREDICTKUBE_API_KEY }}
-        run: make e2e-test
-
-      - name: Delete all e2e related namespaces
-        if: ${{ always() }}
-        run: make e2e-test-clean
-        env:
-          AZURE_RESOURCE_GROUP: ${{ secrets.AZURE_RESOURCE_GROUP }}
-          AZURE_SP_APP_ID: ${{ secrets.AZURE_SP_APP_ID }}
-          AZURE_SP_KEY: ${{ secrets.AZURE_SP_KEY }}
-          AZURE_SP_TENANT: ${{ secrets.AZURE_SP_TENANT }}
-          AZURE_SUBSCRIPTION: ${{ secrets.AZURE_SUBSCRIPTION }}
+    uses: kedacore/keda/.github/workflows/template-main-e2e-test.yml@main
+    secrets: inherit
 
   validate-arm64:
     needs: build
-    name: validate-arm64
-    runs-on: ARM64
-    concurrency: arm-smoke-tests
-    steps:
-      - name: Setup Go
-        uses: actions/setup-go@v3
-        with:
-          go-version: 1.17
-
-      - name: Install prerequisites
-        run: |
-          apt update
-          apt install curl make ca-certificates gcc libc-dev -y
-        env:
-          DEBIAN_FRONTEND: noninteractive
-
-      - name: Check out code
-        uses: actions/checkout@v3
-        with:
-          fetch-depth: 1
-
-      - name: Create k8s v1.23 Kind Cluster
-        uses: helm/kind-action@main
-        with:
-          node_image: kindest/node:v1.23.0@sha256:49824ab1727c04e56a21a5d8372a402fcd32ea51ac96a2706a12af38934f81ac
-          cluster_name: smoke-tests-cluster
+    uses: kedacore/keda/.github/workflows/template-arm64-smoke-tests.yml@main
 
-      - name: Run smoke test
-        run: make arm-smoke-test
+  validate-k8s-versions:
+    needs: build
+    uses: kedacore/keda/.github/workflows/template-versions-smoke-tests.yml@main
 
   trivy-scan:
-    name: Trivy scan code
     needs: build
-    runs-on: ubuntu-latest
-
-    steps:
-    - uses: actions/checkout@v3
-
-    - name: Run Trivy vulnerability scanner in repo mode
-      uses: aquasecurity/[email protected]
-      with:
-        scan-type: 'fs'
-        ignore-unfixed: false
-        format: 'sarif'
-        output: 'code.sarif'
-        exit-code: 1
-        skip-dirs: tests # Remove this once the ts files are removed
-
-    - name: Upload Trivy scan results to GitHub Security tab
-      uses: github/codeql-action/upload-sarif@v2
-      if: always()
-      with:
-        sarif_file: 'code.sarif'
+    uses: kedacore/keda/.github/workflows/template-trivy-scan.yml@main
+    with:
+      runs-on: 'ubuntu-latest'
+      scan-type: 'fs'
+      format: 'sarif'
+      exit-code: 0
+      publish: true
 
   trivy-scan-metrics-server:
-    name: Trivy scan metrics server image - ${{ matrix.name }}
     needs: build
-    runs-on: ${{ matrix.runner }}
     strategy:
-       matrix:
-        include:
-        - runner: ARM64
-          name: arm64
-        - runner: ubuntu-latest
-          name: amd64
-
-    steps:
-      - uses: actions/checkout@v3
-
-      - name: Run Trivy on metrics-server
-        uses: aquasecurity/[email protected]
-        with:
-          scan-type: 'image'
-          image-ref: ghcr.io/kedacore/keda-metrics-apiserver:main
-          format: 'sarif'
-          output: 'metrics-server.sarif'
-
-      - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v2
-        with:
-          sarif_file: 'metrics-server.sarif'
+      matrix:
+        runner: [ARM64, ubuntu-latest]
+    uses: kedacore/keda/.github/workflows/template-trivy-scan.yml@main
+    with:
+      runs-on: ${{ matrix.runner }}
+      scan-type: 'image'
+      image-ref: ghcr.io/kedacore/keda-metrics-apiserver:main
+      format: 'sarif'
+      exit-code: 0
+      publish: true
 
   trivy-scan-keda:
-    name: Trivy scan keda image - ${{ matrix.name }}
     needs: build
-    runs-on: ${{ matrix.runner }}
     strategy:
-       matrix:
-        include:
-        - runner: ARM64
-          name: arm64
-        - runner: ubuntu-latest
-          name: amd64
-
-    steps:
-      - uses: actions/checkout@v3
-
-      - name: Run Trivy on operator
-        uses: aquasecurity/[email protected]
-        with:
-          scan-type: 'image'
-          image-ref: ghcr.io/kedacore/keda:main
-          format: 'sarif'
-          output: 'keda.sarif'
-
-      - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v2
-        with:
-          sarif_file: 'keda.sarif'
+      matrix:
+        runner: [ARM64, ubuntu-latest]
+    uses: kedacore/keda/.github/workflows/template-trivy-scan.yml@main
+    with:
+      runs-on: ${{ matrix.runner }}
+      scan-type: 'image'
+      image-ref: ghcr.io/kedacore/keda:main
+      format: 'sarif'
+      exit-code: 0
+      publish: true