Proposal

Looking for way to pass both the x-apikey header and a tls certificate/key to the Metrics-Api scaler.

Use-Case

We are attempting to create a scaler for an api that requires both the x-apikey header for authenticating to the api and mutual tls authentication where a client certificate and key need to be passed to the api. At the moment the metrics-api scaler supports either/or. So the following code seems to work to a point but fails tls auth:

apiVersion: keda.sh/v1alpha1
kind: ScaledObject
metadata:
name: scanner-ss-scaledobject
namespace: tenable-enclave-security
labels:
deploymentName: scanner-ss
spec:
minReplicaCount: 0
maxReplicaCount: 5
scaleTargetRef:
kind: StatefulSet
name: scanner-ss
triggers:
- type: metrics-api
metadata:
targetValue: "1"
url: "https://tes.tenable-enclave-security.svc.cluster.local/rest/scanResult"
valueLocation: 'response.manageable.#(running==true)#|# '
authMode: "apiKey"
method: "header"
keyParamName: "X-API-KEY"
unsafeSsl: "true"
authenticationRef:
name: keda-metric-api-creds

With this configuration we receive the following error indicating that tls cert needs to be passed:

ERROR scale_handler error getting metric for trigger {"scaledObject.Namespace": "tenable-enclave-security", "scaledObject.Name": "scanner-ss-scaledobject", "trigger": "metricsAPIScaler", "error": "error requesting metrics endpoint: Get "https://tes.tenable-enclave-security.svc.cluster.local/rest/scanResult\": remote error: tls: certificate required"

Is this a feature you are interested in implementing yourself?

No

Anything else?

No response