Add support for passing custom headers to VPA requests

kubernetes · Oct 26, 2023 · ad49ebd · ad49ebd
1 parent 4d8e654
commit ad49ebd
Show file tree

Hide file tree

Showing 2 changed files with 27 additions and 9 deletions.
diff --git a/vertical-pod-autoscaler/pkg/recommender/input/history/history_provider.go b/vertical-pod-autoscaler/pkg/recommender/input/history/history_provider.go
@@ -40,8 +40,17 @@ type PrometheusBasicAuthTransport struct {
 }
 
 // RoundTrip function injects the username and password in the request's basic auth header
-func (t *PrometheusBasicAuthTransport) RoundTrip(req *http.Request) (*http.Response, error) {
-	req.SetBasicAuth(t.Username, t.Password)
+func (c *PrometheusHistoryProviderConfig) RoundTrip(req *http.Request) (*http.Response, error) {
+	if c.PrometheusBasicAuthTransport.Username != "" && c.PrometheusBasicAuthTransport.Password != "" {
+		req.SetBasicAuth(c.PrometheusBasicAuthTransport.Username, c.PrometheusBasicAuthTransport.Password)
+	}
+
+	if c.Headers != nil {
+		for k, v := range c.Headers {
+			req.Header.Set(k, v)
+		}
+	}
+
 	return http.DefaultTransport.RoundTrip(req)
 }
 
@@ -57,6 +66,7 @@ type PrometheusHistoryProviderConfig struct {
 	CadvisorMetricsJobName                           string
 	Namespace                                        string
 	PrometheusBasicAuthTransport
+	Headers map[string]string
 }
 
 // PodHistory represents history of usage and labels for a given pod.
@@ -94,12 +104,8 @@ func NewPrometheusHistoryProvider(config PrometheusHistoryProviderConfig) (Histo
 		Address: config.Address,
 	}
 
-	if config.Username != "" && config.Password != "" {
-		transport := &PrometheusBasicAuthTransport{
-			Username: config.Username,
-			Password: config.Password,
-		}
-		promConfig.RoundTripper = transport
+	if (config.Username != "" && config.Password != "") || config.Headers != nil {
+		promConfig.RoundTripper = &config
 	}
 
 	promClient, err := promapi.NewClient(promConfig)

diff --git a/vertical-pod-autoscaler/pkg/recommender/main.go b/vertical-pod-autoscaler/pkg/recommender/main.go
@@ -19,9 +19,11 @@ package main
 import (
 	"context"
 	"flag"
-	resourceclient "k8s.io/metrics/pkg/client/clientset/versioned/typed/metrics/v1beta1"
+	"os"
 	"time"
 
+	resourceclient "k8s.io/metrics/pkg/client/clientset/versioned/typed/metrics/v1beta1"
+
 	apiv1 "k8s.io/api/core/v1"
 	"k8s.io/client-go/informers"
 	kube_client "k8s.io/client-go/kubernetes"
@@ -72,6 +74,10 @@ var (
 	username            = flag.String("username", "", "The username used in the prometheus server basic auth")
 	password            = flag.String("password", "", "The password used in the prometheus server basic auth")
 	memorySaver         = flag.Bool("memory-saver", false, `If true, only track pods which have an associated VPA`)
+	authHeader          = flag.Bool("auth-header", false, `If True will use header authentication, If true aslo authHeaderName and authHeaderValueName must be supplied`)
+	authHeaderName      = flag.String("auth-header-name", "", `Header name to use for header based Auth`)
+	authHeaderValueName = flag.String("auth-header-value-name", "", `Env variable name holding the auth header value e.g the value of the bearer token etc..`)
+
 	// external metrics provider config
 	useExternalMetrics   = flag.Bool("use-external-metrics", false, "ALPHA.  Use an external metrics provider instead of metrics_server.")
 	externalCpuMetric    = flag.String("external-metrics-cpu-metric", "", "ALPHA.  Metric to use with external metrics provider for CPU usage.")
@@ -203,6 +209,12 @@ func main() {
 				Password: *password,
 			},
 		}
+		if *authHeader {
+			authValue := os.Getenv(*authHeaderValueName)
+			config.Headers = map[string]string{
+				*authHeaderName: authValue,
+			}
+		}
 		provider, err := history.NewPrometheusHistoryProvider(config)
 		if err != nil {
 			klog.Fatalf("Could not initialize history provider: %v", err)