Azure Scalers: Use our own chained TokenCredential with MSI, WI and CLI #4029
Labels
feature-request
All issues for new features that have not been committed to
needs-discussion
stale-bot-ignore
All issues that should not be automatically closed by our stale bot
Comments
JorTurFer
added
needs-discussion
feature-request
JorTurFer
added
the
stale-bot-ignore
3 tasks
|
This can't be done because we have to support split chains because end users could have both auths working together in the same cluster with different roles. |
github-project-automation
bot
moved this from To Do
to Ready To Ship
in Roadmap - KEDA Core
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Proposal
We use azure-sdk-for-go in several scaler (and eventually we will migrate others when they are available) and the new identity sdk introduces already defined TokenCredential for several authetication flows. Currently, we have a single option on each case but we could have a chained TokenCredential which tries with all the already configured flows, having a unified code for both pod identities and also for local development.
Now we don't have any way to troubleshoot/debug a scaler that uses azure pod identities as we can't get the token, but if we unify them in a single chained TokenCredential, we could debug it locally, having the same behaviour that we could expect in the cluster, making the experience so much better.
This improvement has some requisites before being doable:
The text was updated successfully, but these errors were encountered: