Keda 2.15.1 - workload identity integration

[vickithedeveloper]

Report

I am using a simple trigger authentication yaml and scaled object yaml to scale my application. While it works perfectly when using connection strings for storage account and EventHub, but when trying to migrate it to workload identity I am getting following error during application deployment (in AKS) -
"Cannot create resource when custom resource definition is in Terminating State"
On checking the error logs of Keda operator I could see the following error --

1. "error": "unable to get event hub metadata: no storage connection string given"}

Note - I have migrated from Keda 2.13.1 to 2.15.1

TriggerAuthentication in my code.

apiVersion: keda.sh/v1alpha1
kind: TriggerAuthentication
metadata:
  name: nameOfTriggerAuth
  namespace: default
spec:
  podIdentity:
    provider: azure-workload

ScaledObject Definition -

apiVersion: keda.sh/v1alpha1
kind: ScaledObject
metadata:
    name: azure-eventhub-scaledobject
    namespace: default
spec:
    scaleTargetRef:
        name: azureeventhub-function
    triggers:
    - type: azure-eventhub
      metadata:
          eventHubNamespace: AzureEventHubNameSpace
          eventHubName: NameOfTheEventHub
          storageAccountName: nameOFStorageAccount
          checkpointStrategy: blobMetadata
          consumerGroup: $Default
          blobContainer: azure-webjobs-eventhub

Expected Behavior

HPA and Scaled objects are expected to be created successfully.

Actual Behavior

Because of errors in the description HPA and scaled objects are not getting created.

Steps to Reproduce the Problem

1. Install Keda 2.15.1
2. Deploy the application using the trigger authentication and scaled object code in the description.

Logs from KEDA operator

"error": "unable to get event hub metadata: no storage connection string given"}

KEDA Version

2.15.1

Kubernetes Version

1.29

Platform

Microsoft Azure

Scaler Details

Azure Event hub

Anything else?

No response

[JorTurFer]

Hello
I think that you have a typo in your ScaledObject, the line with the TriggerAuthentication reference is missing:

apiVersion: keda.sh/v1alpha1
kind: ScaledObject
metadata:
    name: azure-eventhub-scaledobject
    namespace: default
spec:
    scaleTargetRef:
        name: azureeventhub-function
    triggers:
    - type: azure-eventhub      
      metadata:
          eventHubNamespace: AzureEventHubNameSpace
          eventHubName: NameOfTheEventHub
          storageAccountName: nameOFStorageAccount
          checkpointStrategy: blobMetadata
          consumerGroup: $Default
          blobContainer: azure-webjobs-eventhub
      authenticationRef:
          name: nameOfTriggerAuth

Can you confirm if you have this lines?

      authenticationRef:
          name: nameOfTriggerAuth

[vickithedeveloper]

@JorTurFer the authenticationRef is present in my code. When typing here it got omitted accidently.

I did the following steps and now the error "Cannot create resource when custom resource definition is in Terminating State" is resolved.

1. helm uninstall Keda
2. removed all Keda scaled objects.
3. kubectl patch crd/TriggerAuthentication.keda.sh -p '{"metadata":{"finalizers":[]}}' --type=merge
4. kubectl patch crd/scaledObject.keda.sh -p '{"metadata":{"finalizers":[]}}' --type=merge
5. re installed Keda
6. redeployed the application code.

After the above steps the issue with TriggerAuthentication got resolved.

Final Note - with 2.13.1 azure workload identity is not working (time out issues) but with 2.15.1, the same code is working seamlessly.