Skip to content

feat: Add cooldownPeriod and pollingInterval checks for ScaledObject#7271

Merged
wozniakjan merged 16 commits into
kedacore:mainfrom
rickbrouwer:events
May 29, 2026
Merged

feat: Add cooldownPeriod and pollingInterval checks for ScaledObject#7271
wozniakjan merged 16 commits into
kedacore:mainfrom
rickbrouwer:events

Conversation

@rickbrouwer

@rickbrouwer rickbrouwer commented Nov 28, 2025

Copy link
Copy Markdown
Member

I often see in supplied scaledObjects in issues, Slack, and at our company that some people deliberately set a pollingInterval and/or a cooldownPeriod, even though they have a minReplicaCount higher than 0. These values ​​have no function to set with a minReplicaCount other than 0 (except when idleReplicaCount = 0 or useCachedMetrics = true).

I think it would be good to provide more information about this, besides the fact that it's already in the documentation.

I've added an event to the webhook that is purely informative (with an eventreason.KEDAScalersInfo) that indicates that something has been set that isn't necessary. Perhaps this will raise awareness of the concepts of pollingInterval and cooldownPeriod.

I haven't created an issue. However, if you have any doubts about receiving such informational events, please don't hesitate to let this know. This PR should only be used if we all genuinely find it useful.

At the moment I have made 2 checks, also based on the feedback:

  1. "PollingInterval is only relevant when minReplicaCount = 0 or idleReplicaCount = 0 or useCachedMetrics is enabled"

  2. "CooldownPeriod is only relevant when minReplicaCount = 0 or idleReplicaCount = 0"

Printscreen Argo CD:

image

Printscreen Headlamp:

image

Checklist

@keda-automation keda-automation requested review from a team November 28, 2025 18:11
@github-actions

Copy link
Copy Markdown

Thank you for your contribution! 🙏

Please understand that we will do our best to review your PR and give you feedback as soon as possible, but please bear with us if it takes a little longer as expected.

While you are waiting, make sure to:

  • Add an entry in our changelog in alphabetical order and link related issue
  • Update the documentation, if needed
  • Add unit & e2e tests for your changes
  • GitHub checks are passing
  • Is the DCO check failing? Here is how you can fix DCO issues

Once the initial tests are successful, a KEDA member will ensure that the e2e tests are run. Once the e2e tests have been successfully completed, the PR may be merged at a later date. Please be patient.

Learn more about our contribution guide.

@snyk-io

snyk-io Bot commented Nov 28, 2025

Copy link
Copy Markdown

Snyk checks have passed. No issues have been found so far.

Status Scan Engine Critical High Medium Low Total (0)
Open Source Security 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

Added a check for unnecessary cooldownPeriod and pollingInterval configurations when minReplicaCount is not 0, emitting informational events if they are configured.

Signed-off-by: Rick Brouwer <[email protected]>
@rickbrouwer rickbrouwer force-pushed the events branch 2 times, most recently from 36ecf13 to 3867444 Compare November 29, 2025 08:52
@rickbrouwer rickbrouwer marked this pull request as ready for review November 29, 2025 09:03
@rickbrouwer

rickbrouwer commented Nov 29, 2025

Copy link
Copy Markdown
Member Author

/run-e2e internal
Update: You can check the progress here

@JorTurFer JorTurFer left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I like this idea! I've kept some comments inline because there are use cases not considered, I'd add conditions like:

  • if CooldownPeriod != nil -> Check cases where it makes sense and if not, warning
  • if PollingInterval != nil -> Check cases where it makes sense and if not, warning

not always they apply to scale to zero or they use minReplicas

Comment thread controllers/keda/scaledobject_controller.go Outdated
Comment thread controllers/keda/scaledobject_controller.go Outdated
@rickbrouwer rickbrouwer added the waiting-author-response All PR's or Issues where we are waiting for a response from the author label Dec 10, 2025
@keda-automation keda-automation requested a review from a team December 10, 2025 17:00
@rickbrouwer rickbrouwer force-pushed the events branch 2 times, most recently from 3fb468d to 737e0ad Compare December 10, 2025 19:22
Signed-off-by: Rick Brouwer <[email protected]>

@zroubalik zroubalik left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I like this, but I am little bit concerned, that we will start flooding users with events. The reconcile loop runs quite often. Maybe add it to the webhook and display just once?

@keda-automation keda-automation requested a review from a team December 13, 2025 12:32
@rickbrouwer rickbrouwer force-pushed the events branch 3 times, most recently from eeec662 to bc4c8a4 Compare December 13, 2025 13:24
@rickbrouwer rickbrouwer marked this pull request as draft December 13, 2025 13:28
@rickbrouwer

Copy link
Copy Markdown
Member Author

I like this, but I am little bit concerned, that we will start flooding users with events. The reconcile loop runs quite often. Maybe add it to the webhook and display just once?

You're right, that's a much better place. I did have to make some adjustments to the webhooks to allow them to also generate events. I personally think it's important that these informative (warning) events are visible in tools like Argo CD. I've added some screenshot examples to the description.

@rickbrouwer rickbrouwer marked this pull request as ready for review December 13, 2025 16:21
@rickbrouwer rickbrouwer removed the waiting-author-response All PR's or Issues where we are waiting for a response from the author label Dec 13, 2025
Signed-off-by: Rick Brouwer <[email protected]>

@zroubalik zroubalik left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@rickbrouwer sorry I missed this one, do you want to rebase and we can include it in 2.20?

@rickbrouwer

rickbrouwer commented May 27, 2026

Copy link
Copy Markdown
Member Author

yeah, sure. Is it ok to change the warning for this to an information message? My goal is to better inform users (and not to scare them off too much with warnings), but what do you think?

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR aims to add informational admission warnings (and corresponding Kubernetes events) when a ScaledObject sets pollingInterval and/or cooldownPeriod in configurations where the PR believes those fields are unnecessary, to improve user awareness.

Changes:

  • Add new webhook validation warnings (and emitted Events) for pollingInterval / cooldownPeriod configuration patterns.
  • Refactor webhook validation plumbing to aggregate admission.Warnings across multiple validators.
  • Add webhook tests covering the new warning scenarios and update the changelog.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 6 comments.

File Description
CHANGELOG.md Adds an entry describing the new ScaledObject informational checks.
apis/keda/v1alpha1/scaledobject_webhook.go Introduces warning/event emission and refactors validation functions to return admission.Warnings.
apis/keda/v1alpha1/scaledobject_webhook_test.go Adds tests validating when warnings should/should not be emitted.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread apis/keda/v1alpha1/scaledobject_webhook.go
Comment thread apis/keda/v1alpha1/scaledobject_webhook.go
Comment thread apis/keda/v1alpha1/scaledobject_webhook.go
Comment thread apis/keda/v1alpha1/scaledobject_webhook.go
Comment thread apis/keda/v1alpha1/scaledobject_webhook_test.go Outdated
Comment thread apis/keda/v1alpha1/scaledobject_webhook.go
@zroubalik

Copy link
Copy Markdown
Member

yeah, sure. Is it ok to change the warning for this to an information message? My goal is to better inform users (and not to scare them off too much with warnings), but what do you think?

yeah, agree

@rickbrouwer rickbrouwer added waiting-author-response All PR's or Issues where we are waiting for a response from the author nice-to-have:keda-v2.20 Not strictly necessary, but nice if you can bring it along and removed waiting-for-response All PR's or Issues where the author has asked a question and is waiting for an answer labels May 27, 2026
@rickbrouwer

Copy link
Copy Markdown
Member Author

GitHub is having some issues, so I'll just have to see when my commit ever arrives.

Signed-off-by: Rick Brouwer <[email protected]>
@rickbrouwer

rickbrouwer commented May 27, 2026

Copy link
Copy Markdown
Member Author

/run-e2e internal
Update: You can check the progress here

passed tests: 35
Execution of tests/internals/trigger_authentication_validation/trigger_authentication_validation_test.go, has passed after "one" attempts
Execution of tests/internals/scaled_job_validation/scaled_job_validation_test.go, has passed after "one" attempts
Execution of tests/internals/status_update/status_update_test.go, has passed after "one" attempts
Execution of tests/internals/force_activation/force_activation_test.go, has passed after "one" attempts
Execution of tests/internals/restore_original/restore_original_test.go, has passed after "one" attempts
Execution of tests/internals/scaled_object_validation/scaled_object_validation_test.go, has passed after "one" attempts
Execution of tests/internals/subresource_scale/subresource_scale_test.go, has passed after "one" attempts
Execution of tests/internals/file_based_auth/file_based_auth_test.go, has passed after "one" attempts
Execution of tests/internals/eventemitter/azureeventgridtopic/azureeventgridtopic_test.go, has passed after "two" attempts
Execution of tests/internals/scaling_strategies/eager_scaling_strategy/eager_scaling_strategy_test.go, has passed after "one" attempts
Execution of tests/internals/value_metric_type/value_metric_type_test.go, has passed after "one" attempts
Execution of tests/internals/custom_hpa_name/custom_hpa_name_test.go, has passed after "one" attempts
Execution of tests/internals/pause_scale_out/pause_scale_out_test.go, has passed after "one" attempts
Execution of tests/internals/events/events_test.go, has passed after "one" attempts
Execution of tests/internals/update_ta/update_ta_test.go, has passed after "one" attempts
Execution of tests/internals/global_custom_ca/global_custom_ca_test.go, has passed after "one" attempts
Execution of tests/internals/min_replica_sj/min_replica_sj_test.go, has passed after "one" attempts
Execution of tests/internals/scaled_job_conditions/scaled_job_conditions_test.go, has passed after "one" attempts
Execution of tests/internals/idle_replicas/idle_replicas_test.go, has passed after "one" attempts
Execution of tests/internals/trigger_update_so/trigger_update_so_test.go, has passed after "one" attempts
Execution of tests/internals/replicaset_scale/replicaset_scale_test.go, has passed after "one" attempts
Execution of tests/internals/pause_scale_in/pause_scale_in_test.go, has passed after "two" attempts
Execution of tests/internals/initial_delay_cooldownperiod/initial_delay_cooldownperiod_test.go, has passed after "one" attempts
Execution of tests/internals/pause_scaledobject/pause_scaledobject_test.go, has passed after "one" attempts
Execution of tests/internals/cache_metrics/cache_metrics_test.go, has passed after "one" attempts
Execution of tests/internals/cloudevent_source/cloudevent_source_test.go, has passed after "one" attempts
Execution of tests/internals/pause_scale_in_restore/pause_scale_in_restore_test.go, has passed after "one" attempts
Execution of tests/internals/replica_update_so/replica_update_so_test.go, has passed after "one" attempts
Execution of tests/internals/pause_scaledjob/pause_scaledjob_test.go, has passed after "one" attempts
Execution of tests/internals/scaling_strategies/accurate_scaling_strategy/accurate_scaling_strategy_test.go, has passed after "one" attempts
Execution of tests/internals/polling_cooldown_so/polling_cooldown_so_test.go, has passed after "one" attempts
Execution of tests/internals/scaling_modifiers/scaling_modifiers_test.go, has passed after "one" attempts
Execution of tests/internals/pause_scaledobject_explicitly/pause_scaledobject_explicitly_test.go, has passed after "one" attempts
Execution of tests/internals/fallback/deployments/fallback_test.go, has passed after "one" attempts
Execution of tests/internals/fallback/rollouts/fallback_test.go, has passed after "one" attempts
failed tests: 0

@rickbrouwer rickbrouwer added waiting-for-e2e and removed waiting-author-response All PR's or Issues where we are waiting for a response from the author waiting-for-e2e labels May 27, 2026
@wozniakjan

wozniakjan commented May 29, 2026

Copy link
Copy Markdown
Member

/run-e2e internal
Update: You can check the progress here

@wozniakjan

wozniakjan commented May 29, 2026

Copy link
Copy Markdown
Member

/run-e2e internal
Update: You can check the progress here

passed tests: 36
Execution of tests/internals/trigger_authentication_validation/trigger_authentication_validation_test.go, has passed after "one" attempts
Execution of tests/internals/min_replica_sj/min_replica_sj_test.go, has passed after "one" attempts
Execution of tests/internals/idle_replicas/idle_replicas_test.go, has passed after "one" attempts
Execution of tests/internals/restore_original/restore_original_test.go, has passed after "one" attempts
Execution of tests/internals/file_based_auth/file_based_auth_test.go, has passed after "one" attempts
Execution of tests/internals/scaled_job_validation/scaled_job_validation_test.go, has passed after "one" attempts
Execution of tests/internals/scaled_object_validation/scaled_object_validation_test.go, has passed after "one" attempts
Execution of tests/internals/subresource_scale/subresource_scale_test.go, has passed after "one" attempts
Execution of tests/internals/scaling_strategies/eager_scaling_strategy/eager_scaling_strategy_test.go, has passed after "one" attempts
Execution of tests/internals/custom_hpa_name/custom_hpa_name_test.go, has passed after "one" attempts
Execution of tests/internals/pause_scale_out/pause_scale_out_test.go, has passed after "one" attempts
Execution of tests/internals/value_metric_type/value_metric_type_test.go, has passed after "one" attempts
Execution of tests/internals/scaled_job_conditions/scaled_job_conditions_test.go, has passed after "one" attempts
Execution of tests/internals/pause_scaledobject/pause_scaledobject_test.go, has passed after "one" attempts
Execution of tests/internals/status_update/status_update_test.go, has passed after "one" attempts
Execution of tests/internals/events/events_test.go, has passed after "one" attempts
Execution of tests/internals/global_custom_ca/global_custom_ca_test.go, has passed after "one" attempts
Execution of tests/internals/replicaset_scale/replicaset_scale_test.go, has passed after "one" attempts
Execution of tests/internals/trigger_update_so/trigger_update_so_test.go, has passed after "one" attempts
Execution of tests/internals/eventemitter/azureeventgridtopic/azureeventgridtopic_test.go, has passed after "two" attempts
Execution of tests/internals/pause_scale_in/pause_scale_in_test.go, has passed after "two" attempts
Execution of tests/internals/initial_delay_cooldownperiod/initial_delay_cooldownperiod_test.go, has passed after "one" attempts
Execution of tests/internals/cache_metrics/cache_metrics_test.go, has passed after "one" attempts
Execution of tests/internals/pause_scale_in_restore/pause_scale_in_restore_test.go, has passed after "one" attempts
Execution of tests/internals/update_ta/update_ta_test.go, has passed after "one" attempts
Execution of tests/internals/replica_update_so/replica_update_so_test.go, has passed after "one" attempts
Execution of tests/internals/force_activation/force_activation_test.go, has passed after "two" attempts
Execution of tests/internals/fallback/fallback_scaling_modifiers_test.go, has passed after "one" attempts
Execution of tests/internals/cloudevent_source/cloudevent_source_test.go, has passed after "one" attempts
Execution of tests/internals/pause_scaledjob/pause_scaledjob_test.go, has passed after "one" attempts
Execution of tests/internals/scaling_strategies/accurate_scaling_strategy/accurate_scaling_strategy_test.go, has passed after "one" attempts
Execution of tests/internals/scaling_modifiers/scaling_modifiers_test.go, has passed after "one" attempts
Execution of tests/internals/polling_cooldown_so/polling_cooldown_so_test.go, has passed after "one" attempts
Execution of tests/internals/pause_scaledobject_explicitly/pause_scaledobject_explicitly_test.go, has passed after "one" attempts
Execution of tests/internals/fallback/rollouts/fallback_test.go, has passed after "one" attempts
Execution of tests/internals/fallback/deployments/fallback_test.go, has passed after "one" attempts
failed tests: 0

@wozniakjan wozniakjan enabled auto-merge (squash) May 29, 2026 11:47
@wozniakjan wozniakjan merged commit cf52571 into kedacore:main May 29, 2026
23 checks passed
@rickbrouwer rickbrouwer deleted the events branch May 29, 2026 11:53
eleboucher pushed a commit to eleboucher/homelab that referenced this pull request Jun 1, 2026
…eda (2.19.0 ➔ 2.20.0) (#779)

This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [ghcr.io/home-operations/charts-mirror/keda](https://github.com/kedacore/keda) | minor | `2.19.0` → `2.20.0` |

---

### Release Notes

<details>
<summary>kedacore/keda (ghcr.io/home-operations/charts-mirror/keda)</summary>

### [`v2.20.0`](https://github.com/kedacore/keda/blob/HEAD/CHANGELOG.md#v2200)

[Compare Source](kedacore/keda@v2.19.0...v2.20.0)

##### New

- **General**: Add `scalingModifiers` fallback behavior ([#&#8203;7366](kedacore/keda#7366))
- **General**: Introduce Elastic Forecast Scaler ([#&#8203;7494](kedacore/keda#7494))
- **General**: Introduce new OpenSearch Scaler ([#&#8203;7456](kedacore/keda#7456))

##### Improvements

- **General**: Add cooldownPeriod and pollingInterval checks for ScaledObject ([#&#8203;7271](kedacore/keda#7271))
- **General**: Add CRD-level validation markers (Minimum, MinLength, MinItems, Enum) for ScaledObject, ScaledJob, ScaleTriggers, and TriggerAuthentication API types ([#&#8203;7533](kedacore/keda#7533))
- **General**: Add `--leader-election-id` flag to allow configuring the leader election Lease name ([#&#8203;7564](kedacore/keda#7564))
- **General**: Add scaler HTTP request metrics (`keda_scaler_http_requests_total`, `keda_scaler_http_request_duration_seconds`) for outbound HTTP requests made during scaler metric collection ([#&#8203;6600](kedacore/keda#6600))
- **General**: Allow more control of TLS versions & ciphers via `KEDA_HTTP_TLS_CIPHER_LIST`, `KEDA_SERVICE_TLS_CIPHER_LIST` and `KEDA_SERVICE_MIN_TLS_VERSION` env vars ([#&#8203;7617](kedacore/keda#7617))
- **General**: Cap each scalers-cache reader at a per-reader budget derived from `globalHTTPTimeout` so `ScalersCache.Close` cannot block indefinitely ([#&#8203;7574](kedacore/keda#7574))
- **General**: Make APIService cert injections optional ([#&#8203;7559](kedacore/keda#7559))
- **General**: Remove unconditional `json.MarshalIndent` calls from admission webhook validation hot paths; replace spec-comparison `MarshalIndent`-and-string-compare in `isRemovingFinalizer` variants with `reflect.DeepEqual`. Prevents webhook OOM under sustained admission load at large scale (observed at \~60k ScaledObjects) ([#&#8203;7670](kedacore/keda#7670))
- **AWS Scalers**: Add support for AWS External ID in TriggerAuthentication podIdentity for all AWS scalers (SQS, Kinesis, DynamoDB, CloudWatch, etc.) to enable cross-account access scenarios ([#&#8203;6921](kedacore/keda#6921))
- **Elasticsearch Scaler**: Add HTTP status check for Elasticsearch errors ([#&#8203;7480](kedacore/keda#7480))
- **Github Runner Scaler**: Handle rate limit errors by respecting X-RateLimit-Reset and Retry-After headers and returning cached queue length ([#&#8203;7683](kedacore/keda#7683))
- **Kubernetes Workload Scaler**: Add `groupByNode` parameter ([#&#8203;7628](kedacore/keda#7628))
- **Metrics API Scaler**: Add custom HTTP client timeout ([#&#8203;7549](kedacore/keda#7549))
- **MSSQL Scaler**: Add Azure Workload Identity support for Azure SQL authentication ([#&#8203;6104](kedacore/keda#6104))
- **Prometheus Scaler**: Emit metric tracking empty responses from Prometheus ([#&#8203;7062](kedacore/keda#7062))
- **RabbitMQ Scaler**: Add support for OAuth2 authentication for RabbitMQ over HTTP ([#&#8203;7379](kedacore/keda#7379))
- **Temporal Scaler**: Add support for scaling based on Worker Deployment Version backlog via new `workerDeploymentName` and `workerDeploymentBuildId` fields. Deprecate `buildId`, `selectAllActive`, and `selectUnversioned` because those parameters are used for Rules-Based Worker Versioning, which was a short-lived experimental feature that has been deprecated in the Temporal server since December 2024 and will stop being supported soon. Users of Rules-Based Worker Versioning should use Worker Deployments instead. ([#&#8203;7672](kedacore/keda#7672))

##### Fixes

- **General**: Check updated status for Fallback condition instead of ScaledObject ([#&#8203;7488](kedacore/keda#7488))
- **General**: Fail fast in `GetMetrics` when the gRPC connection is in Shutdown state instead of waiting for context timeout ([#&#8203;7251](kedacore/keda#7251))
- **General**: Fix int64 overflow in milli-quantity conversion for very large metric values ([#&#8203;7441](kedacore/keda#7441))
- **General**: Fix `keda_scaler_active` not being emitted for CPU and memory triggers ([#&#8203;4945](kedacore/keda#4945))
- **General**: Fix misleading namespace in error log when secret access is restricted ([#&#8203;7739](kedacore/keda#7739))
- **General**: Fix race in scalers cache rebuild that caused transient scaler errors ([#&#8203;7574](kedacore/keda#7574))
- **General**: Fix ScaledJob emitting wrong CloudEvent type (`ScaledObjectReadyType` instead of `ScaledJobReadyType`) when transitioning to ready state ([#&#8203;7792](kedacore/keda#7792))
- **General**: Fix ScaledObject admission webhook to return validation error from `verifyReplicaCount`, preventing invalid ScaledObjects from being created ([#&#8203;5954](kedacore/keda#5954))
- **General**: Fix ScaledObject Ready condition not reflecting HPA status ([#&#8203;7649](kedacore/keda#7649))
- **General**: Handle paused scaling directly in reconciler ([#&#8203;7663](kedacore/keda#7663))
- **General**: Honor `stderrthreshold` when `logtostderr` is enabled by updating klog to v2.140.0 ([#&#8203;7568](kedacore/keda#7568))
- **General**: Limit projected service account token reads during Vault authentication ([#&#8203;7783](kedacore/keda#7783))
- **General**: Reject ScaledObject creation and update when the name exceeds 63 characters ([#&#8203;6998](kedacore/keda#6998))
- **AWS Scalers**: Fix TCP connection leak by closing HTTP idle connections on scaler `Close()` for SQS, Kinesis, DynamoDB, DynamoDB Streams, and CloudWatch scalers ([#&#8203;7756](kedacore/keda#7756))
- **Azure Data Explorer Scaler**: Remove clientSecretFromEnv support ([#&#8203;7554](kedacore/keda#7554))
- **Azure Event Hub Scaler**: Reject non-positive `unprocessedEventThreshold` to prevent integer division by zero when computing lag ([#&#8203;7732](kedacore/keda#7732))
- **Azure Pipelines Scaler**: Exclude already-assigned jobs from queue length ([#&#8203;7747](kedacore/keda#7747))
- **Cron Scaler**: Fix metric name generation so cron expressions with comma-separated values no longer produce invalid metric names ([#&#8203;7448](kedacore/keda#7448))
- **External Scaler**: gRPC Pool uses TLS context in the key ([#&#8203;7687](kedacore/keda#7687))
- **Forgejo Scaler**: Limit HTTP error response logging ([#&#8203;7469](kedacore/keda#7469))
- **Forgejo Scaler**: Return correct activity to enable scale-to-zero ([#&#8203;7527](kedacore/keda#7527))
- **GCP Cloud Tasks Scaler**: Implement escapeFilterValue for metric filtering ([#&#8203;7482](kedacore/keda#7482))
- **GCP Scaler**: Validate Pub/Sub resource name in BuildMQLQuery ([#&#8203;7468](kedacore/keda#7468))
- **GCP Storage Scaler**: Metadata is not printed in the log ([#&#8203;7688](kedacore/keda#7688))
- **Github Runner Scaler**: Bound etag and per-repo caches to prevent unbounded memory growth when `enableEtags` is on ([#&#8203;7685](kedacore/keda#7685))
- **Github Runner Scaler**: Improve URL construction and error handling ([#&#8203;7495](kedacore/keda#7495))
- **Github Runner Scaler**: Limit HTTP error response logging ([#&#8203;7469](kedacore/keda#7469))
- **InfluxDB Scaler**: Make `authToken` optional to support unauthenticated InfluxDB instances ([#&#8203;7616](kedacore/keda#7616))
- **Loki Scaler**: Limit HTTP error response logging ([#&#8203;7469](kedacore/keda#7469))
- **Loki Scaler**: `serverAddress` now appends `/loki/api/v1/query` to the end of existing path instead of overriding ([#&#8203;7648](kedacore/keda#7648))
- **Metrics API Scaler**: Fix `aggregateFromKubeServiceEndpoints` using empty label selector that matched all EndpointSlices in the namespace instead of only the target service's ([#&#8203;7641](kedacore/keda#7641))
- **Metrics API Scaler**: Fix division by zero in average aggregation when all kube service endpoints fail ([#&#8203;7742](kedacore/keda#7742))
- **Metrics API Scaler**: Prevent response value reflection in scaler errors ([#&#8203;7693](kedacore/keda#7693))
- **NATS JetStream Scaler**: Return an error from `getMaxMsgLag` when the configured consumer is missing instead of falling back to the stream's last sequence, preventing incorrect scale-up to `maxReplicaCount` ([#&#8203;7657](kedacore/keda#7657))
- **NATS JetStream Scaler**: URL-encode user input in monitoring URL construction ([#&#8203;7483](kedacore/keda#7483))
- **PostgreSQL Scaler**: Quote whitespace-containing connection parameters in generated connection strings ([#&#8203;7784](kedacore/keda#7784))
- **PredictKube Scaler**: Bump `dysnix/predictkube-libs` to `v0.1.0` (drops the predictkube path to the archived/EOL `go-grpc-prometheus` and to the deprecated `golang/protobuf`) and use a portable Prometheus-API instant query for the health check so the scaler works against VictoriaMetrics, Thanos and other Prometheus-API-compatible backends ([#&#8203;7745](kedacore/keda#7745))
- **Prometheus Scaler**: Handle NaN results in the same manner as Inf ([#&#8203;7475](kedacore/keda#7475))
- **Prometheus Scaler**: Limit HTTP error response logging ([#&#8203;7469](kedacore/keda#7469))
- **Pulsar Scaler**: Drop bearer/basic auth headers on redirects to a different host or on https->http downgrades to prevent credential leakage ([#&#8203;7686](kedacore/keda#7686))
- **RabbitMQ Scaler**: Fix AMQP connection leak by recovering channels on the existing connection and closing connections properly ([#&#8203;6266](kedacore/keda#6266))
- **RabbitMQ Scaler**: Use SASL EXTERNAL for RabbitMQ AMQP TLS without credentials ([#&#8203;6840](kedacore/keda#6840))
- **Redis Scaler**: Use literal command names in Lua script to fix compatibility with Alibaba Cloud Redis Cluster ([#&#8203;7758](kedacore/keda#7758))
- **Solace Scaler**: Fix URL escaping for Message VPN and Queue names ([#&#8203;7481](kedacore/keda#7481))
- **Solr Scaler**: Use net/url to safely encode query parameters ([#&#8203;7467](kedacore/keda#7467))
- **Splunk Observability Scaler**: Add MTS stream handling with context timeout ([#&#8203;7799](kedacore/keda#7799))

##### Deprecations

You can find all deprecations in [this overview](https://github.com/kedacore/keda/issues?q=is%3Aissue+is%3Aopen+sort%3Aupdated-desc+label%3Abreaking-change) and [join the discussion here](https://github.com/kedacore/keda/discussions/categories/deprecations).

##### Breaking Changes

- **GCP PubSub Scaler**: The `subscriptionSize` setting is DEPRECATED and is removed in v2.20 - Use `mode` and `value` instead ([#&#8203;7720](kedacore/keda#7720))
- **Huawei Cloudeye Scaler**: The `minMetricValue` setting is DEPRECATED and is removed - Use `activationTargetMetricValue` instead ([#&#8203;7436](kedacore/keda#7436))
- **IBM MQ Scaler**: The `tls` setting code is removed ([#&#8203;6094](kedacore/keda#6094))
- **InfluxDB Scaler**: The `authToken` setting from `triggerMetadata` is DEPRECATED and is removed in v2.20 - Use `authToken` from `resolvedEnv` or `authParams` instead ([#&#8203;7722](kedacore/keda#7722))

##### Other

- **General**: Migrate event recording RBAC from core `events` to `events.k8s.io` ([#&#8203;7781](kedacore/keda#7781))
- **General**: Migrate metrics service gRPC response away from Kubernetes API protobuf types for Kubernetes 0.35 ([#&#8203;7781](kedacore/keda#7781))
- **General**: Remove dead code from authentication package and drop unused `authModes` field from ArangoDB, Loki, Prometheus and PredictKube scalers ([#&#8203;7726](kedacore/keda#7726))
- **General**: Use informer cache for ReplicaSet lookups in GetCurrentReplicas to reduce API server load ([#&#8203;7466](kedacore/keda#7466))
- **External Scaler**: Fix race condition in `TestWaitForState` causing flaky test under `-race` detector ([#&#8203;7542](kedacore/keda#7542))
- **GCP Scaler**: Replace `credentialsFromJSON` with `credentialsFromJSONWithType` ([#&#8203;7523](kedacore/keda#7523))
- **Kafka Scaler**: Refactor Kafka Scaler ([#&#8203;7528](kedacore/keda#7528))

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMDEuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEwMS4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL21pbm9yIl19-->

Reviewed-on: https://git.erwanleboucher.dev/eleboucher/homelab/pulls/779
Sammyrules7 pushed a commit to Sammyrules7/Servers that referenced this pull request Jun 3, 2026
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [authentik](https://goauthentik.io) ([source](https://github.com/goauthentik/helm)) | minor | `2026.2.x` → `2026.5.x` |
| [fluxcd/flux2](https://github.com/fluxcd/flux2) | patch | `v2.8.5` → `v2.8.8` |
| [ghcr.io/fluxcd/helm-controller](https://github.com/fluxcd/helm-controller) | patch | `v1.5.3` → `v1.5.5` |
| [ghcr.io/fluxcd/kustomize-controller](https://github.com/fluxcd/kustomize-controller) | patch | `v1.8.3` → `v1.8.5` |
| [ghcr.io/fluxcd/notification-controller](https://github.com/fluxcd/notification-controller) | patch | `v1.8.3` → `v1.8.4` |
| [ghcr.io/fluxcd/source-controller](https://github.com/fluxcd/source-controller) | patch | `v1.8.2` → `v1.8.5` |
| [keda](https://github.com/kedacore/keda) | minor | `2.19.0` → `2.20.0` |
| [renovate/renovate](https://renovatebot.com) ([source](https://github.com/renovatebot/renovate)) | patch | [`43.209.1` → `43.209.2`](https://octochangelog.com/compare?repo=renovatebot%2Frenovate&from=43.209.1&to=43.209.2) |
| [victoria-metrics-k8s-stack](https://github.com/VictoriaMetrics/helm-charts) | minor | `0.76.x` → `0.81.x` |

---

### Release Notes

<details>
<summary>goauthentik/helm (authentik)</summary>

### [`v2026.5.2`](https://github.com/goauthentik/helm/releases/tag/authentik-2026.5.2)

[Compare Source](goauthentik/helm@authentik-2026.5.0...authentik-2026.5.2)

authentik is an open-source Identity Provider focused on flexibility and versatility

#### What's Changed

- charts/authentik: bump to 2026.5.2 by [@&#8203;authentik-automation](https://github.com/authentik-automation)\[bot] in [#&#8203;476](goauthentik/helm#476)

**Full Changelog**: <goauthentik/helm@authentik-2026.5.0...authentik-2026.5.2>

### [`v2026.5.0`](https://github.com/goauthentik/helm/releases/tag/authentik-2026.5.0)

[Compare Source](goauthentik/helm@authentik-2026.2.3...authentik-2026.5.0)

authentik is an open-source Identity Provider focused on flexibility and versatility

See <https://docs.goauthentik.io/releases/2026.5/>

#### What's Changed

- charts/authentik: bump postgresql subchart from 16.7.27 to 18.6.5 by [@&#8203;renovate](https://github.com/renovate)\[bot] in [#&#8203;410](goauthentik/helm#410)
- charts/authentik: remove hardcoded AUTHENTIK\_LISTEN variables by [@&#8203;rissson](https://github.com/rissson) in [#&#8203;468](goauthentik/helm#468)
- charts/authentik: update docker.io/library/postgres Docker tag to v17.10 by [@&#8203;renovate](https://github.com/renovate)\[bot] in [#&#8203;470](goauthentik/helm#470)
- charts/authentik: bump postgresql subchart to v18.6.7 by [@&#8203;renovate](https://github.com/renovate)\[bot] in [#&#8203;469](goauthentik/helm#469)
- charts/authentik: bump to 2026.5.0 by [@&#8203;authentik-automation](https://github.com/authentik-automation)\[bot] in [#&#8203;471](goauthentik/helm#471)

**Full Changelog**: <goauthentik/helm@authentik-2026.2.3...authentik-2026.5.0>

</details>

<details>
<summary>fluxcd/flux2 (fluxcd/flux2)</summary>

### [`v2.8.8`](https://github.com/fluxcd/flux2/releases/tag/v2.8.8)

[Compare Source](fluxcd/flux2@v2.8.7...v2.8.8)

#### Highlights

Flux v2.8.8 is a patch release that includes CVE fixes via go-git v5.19.1 (source-controller, image-automation-controller), reliability fixes in helm-controller and source-controller, the move of Helm back to upstream v4.2.0, support for GCP sovereign cloud artifact registries, and dependency updates. Users are encouraged to upgrade for the best experience.

ℹ️ Please follow the [Upgrade Procedure for Flux v2.7+](fluxcd/flux2#5572) for a smooth upgrade from Flux v2.6 to the latest version.

Fixes:

- Add a configurable HTTP timeout for artifact fetching, preventing fetches that could block indefinitely and stall reconciliations (helm-controller)
- Fix unbounded memory growth caused by a Kubernetes client transport retry wrapper accumulating on every reconcile (helm-controller)
- Stop force-applying non-CRD objects placed under a chart's `crds/` directory (helm-controller)
- Fix the Helm test action failing to find releases with names longer than 53 characters (helm-controller)
- Improve path handling in the source reconcilers (source-controller)
- Support Helm semver build-metadata encoding in OCIRepository tags (source-controller)

Improvements:

- Update go-git to v5.19.1 which fixes [CVE-2026-45571](GHSA-crhj-59gh-8x96) and [CVE-2026-45570](GHSA-m7cr-m3pv-hgrp) (source-controller, image-automation-controller)
- Move Helm back to upstream v4.2.0 (source-controller, helm-controller)
- Add support for GCP sovereign cloud artifact registries (source-controller, image-reflector-controller)
- Upgrade Kubernetes to 1.36.1 (source-controller, helm-controller)
- Update fluxcd/pkg dependencies

#### Components changelog

- helm-controller [v1.5.5](https://github.com/fluxcd/helm-controller/blob/v1.5.5/CHANGELOG.md)
- image-automation-controller [v1.1.4](https://github.com/fluxcd/image-automation-controller/blob/v1.1.4/CHANGELOG.md)
- image-reflector-controller [v1.1.2](https://github.com/fluxcd/image-reflector-controller/blob/v1.1.2/CHANGELOG.md)
- source-controller [v1.8.5](https://github.com/fluxcd/source-controller/blob/v1.8.5/CHANGELOG.md)

#### CLI changelog

- Update toolkit components by [@&#8203;fluxcdbot](https://github.com/fluxcdbot) in [#&#8203;5904](fluxcd/flux2#5904)

**Full Changelog**: <fluxcd/flux2@v2.8.7...v2.8.8>

### [`v2.8.7`](https://github.com/fluxcd/flux2/releases/tag/v2.8.7)

[Compare Source](fluxcd/flux2@v2.8.6...v2.8.7)

#### Highlights

Flux v2.8.7 is a patch release that includes a bug fix in kustomize-controller, a CVE fix in source-controller and image-automation-controller via go-git v5.19.0, and dependency updates. Users are encouraged to upgrade for the best experience.

ℹ️ Please follow the [Upgrade Procedure for Flux v2.7+](fluxcd/flux2#5572) for a smooth upgrade from Flux v2.6 to the latest version.

Fixes:

- Fix management of objects annotated with `kustomize.toolkit.fluxcd.io/ssa: IfNotPresent` where non-namespaced resources were being deleted and recreated on each reconciliation (kustomize-controller)

Improvements:

- Update go-git to v5.19.0 which fixes [CVE-2026-45022](GHSA-389r-gv7p-r3rp) (source-controller, image-automation-controller)
- Update fluxcd/pkg dependencies (source-controller, kustomize-controller, image-automation-controller)

#### Components changelog

- helm-controller [v1.5.4](https://github.com/fluxcd/helm-controller/blob/v1.5.4/CHANGELOG.md)
- image-automation-controller [v1.1.3](https://github.com/fluxcd/image-automation-controller/blob/v1.1.3/CHANGELOG.md)
- kustomize-controller [v1.8.5](https://github.com/fluxcd/kustomize-controller/blob/v1.8.5/CHANGELOG.md)
- notification-controller [v1.8.4](https://github.com/fluxcd/notification-controller/blob/v1.8.4/CHANGELOG.md)
- source-controller [v1.8.4](https://github.com/fluxcd/source-controller/blob/v1.8.4/CHANGELOG.md)

#### CLI changelog

- Update toolkit components by [@&#8203;fluxcdbot](https://github.com/fluxcdbot) in [#&#8203;5891](fluxcd/flux2#5891)

**Full Changelog**: <fluxcd/flux2@v2.8.6...v2.8.7>

### [`v2.8.6`](https://github.com/fluxcd/flux2/releases/tag/v2.8.6)

[Compare Source](fluxcd/flux2@v2.8.5...v2.8.6)

#### Highlights

Flux v2.8.6 is a patch release that includes bug fixes and improvements across helm-controller, image-automation-controller, kustomize-controller, notification-controller, and source-controller. Users are encouraged to upgrade for the best experience.

ℹ️ Please follow the [Upgrade Procedure for Flux v2.7+](fluxcd/flux2#5572) for a smooth upgrade from Flux v2.6 to the latest version.

Fixes:

- Fix a post-renderer conflict between overlapping hooks and templates (helm-controller)
- Ignore force replace when server-side apply is enabled (helm-controller)
- Fix a regression where generic providers would not forward commit status events (notification-controller)
- Require the `audience` field on the GCR Receiver secret for tighter verification — will become mandatory in Flux v2.9 (notification-controller)

Improvements:

- Introduce the `MigrateAPIVersion` feature gate for migrating the API version of resources in managed field entries (kustomize-controller)
- Update go-git to v5.18.0 bringing performance improvements for Git operations (source-controller, image-automation-controller)

#### Components changelog

- helm-controller [v1.5.4](https://github.com/fluxcd/helm-controller/blob/v1.5.4/CHANGELOG.md)
- image-automation-controller [v1.1.2](https://github.com/fluxcd/image-automation-controller/blob/v1.1.2/CHANGELOG.md)
- kustomize-controller [v1.8.4](https://github.com/fluxcd/kustomize-controller/blob/v1.8.4/CHANGELOG.md)
- notification-controller [v1.8.4](https://github.com/fluxcd/notification-controller/blob/v1.8.4/CHANGELOG.md)
- source-controller [v1.8.3](https://github.com/fluxcd/source-controller/blob/v1.8.3/CHANGELOG.md)

#### CLI changelog

- Update toolkit components by [@&#8203;fluxcdbot](https://github.com/fluxcdbot) in [#&#8203;5857](fluxcd/flux2#5857)

**Full Changelog**: <fluxcd/flux2@v2.8.5...v2.8.6>

</details>

<details>
<summary>fluxcd/helm-controller (ghcr.io/fluxcd/helm-controller)</summary>

### [`v1.5.5`](https://github.com/fluxcd/helm-controller/releases/tag/v1.5.5)

[Compare Source](fluxcd/helm-controller@v1.5.4...v1.5.5)

#### Changelog

[v1.5.5 changelog](https://github.com/fluxcd/helm-controller/blob/v1.5.5/CHANGELOG.md)

#### Container images

- `docker.io/fluxcd/helm-controller:v1.5.5`
- `ghcr.io/fluxcd/helm-controller:v1.5.5`

Supported architectures: `linux/amd64`, `linux/arm64` and `linux/arm/v7`.

The container images are built on GitHub hosted runners and are signed with cosign and GitHub OIDC.
To verify the images and their provenance (SLSA level 3), please see the [security documentation](https://fluxcd.io/flux/security/).

### [`v1.5.4`](https://github.com/fluxcd/helm-controller/releases/tag/v1.5.4)

[Compare Source](fluxcd/helm-controller@v1.5.3...v1.5.4)

#### Changelog

[v1.5.4 changelog](https://github.com/fluxcd/helm-controller/blob/v1.5.4/CHANGELOG.md)

#### Container images

- `docker.io/fluxcd/helm-controller:v1.5.4`
- `ghcr.io/fluxcd/helm-controller:v1.5.4`

Supported architectures: `linux/amd64`, `linux/arm64` and `linux/arm/v7`.

The container images are built on GitHub hosted runners and are signed with cosign and GitHub OIDC.
To verify the images and their provenance (SLSA level 3), please see the [security documentation](https://fluxcd.io/flux/security/).

</details>

<details>
<summary>fluxcd/kustomize-controller (ghcr.io/fluxcd/kustomize-controller)</summary>

### [`v1.8.5`](https://github.com/fluxcd/kustomize-controller/releases/tag/v1.8.5)

[Compare Source](fluxcd/kustomize-controller@v1.8.4...v1.8.5)

#### Changelog

[v1.8.5 changelog](https://github.com/fluxcd/kustomize-controller/blob/v1.8.5/CHANGELOG.md)

#### Container images

- `docker.io/fluxcd/kustomize-controller:v1.8.5`
- `ghcr.io/fluxcd/kustomize-controller:v1.8.5`

Supported architectures: `linux/amd64`, `linux/arm64` and `linux/arm/v7`.

The container images are built on GitHub hosted runners and are signed with cosign and GitHub OIDC.
To verify the images and their provenance (SLSA level 3), please see the [security documentation](https://fluxcd.io/flux/security/).

### [`v1.8.4`](https://github.com/fluxcd/kustomize-controller/releases/tag/v1.8.4)

[Compare Source](fluxcd/kustomize-controller@v1.8.3...v1.8.4)

#### Changelog

[v1.8.4 changelog](https://github.com/fluxcd/kustomize-controller/blob/v1.8.4/CHANGELOG.md)

#### Container images

- `docker.io/fluxcd/kustomize-controller:v1.8.4`
- `ghcr.io/fluxcd/kustomize-controller:v1.8.4`

Supported architectures: `linux/amd64`, `linux/arm64` and `linux/arm/v7`.

The container images are built on GitHub hosted runners and are signed with cosign and GitHub OIDC.
To verify the images and their provenance (SLSA level 3), please see the [security documentation](https://fluxcd.io/flux/security/).

</details>

<details>
<summary>fluxcd/notification-controller (ghcr.io/fluxcd/notification-controller)</summary>

### [`v1.8.4`](https://github.com/fluxcd/notification-controller/releases/tag/v1.8.4)

[Compare Source](fluxcd/notification-controller@v1.8.3...v1.8.4)

#### Changelog

[v1.8.4 changelog](https://github.com/fluxcd/notification-controller/blob/v1.8.4/CHANGELOG.md)

#### Container images

- `docker.io/fluxcd/notification-controller:v1.8.4`
- `ghcr.io/fluxcd/notification-controller:v1.8.4`

Supported architectures: `linux/amd64`, `linux/arm64` and `linux/arm/v7`.

The container images are built on GitHub hosted runners and are signed with cosign and GitHub OIDC.
To verify the images and their provenance (SLSA level 3), please see the [security documentation](https://fluxcd.io/flux/security/).

</details>

<details>
<summary>fluxcd/source-controller (ghcr.io/fluxcd/source-controller)</summary>

### [`v1.8.5`](https://github.com/fluxcd/source-controller/releases/tag/v1.8.5)

[Compare Source](fluxcd/source-controller@v1.8.4...v1.8.5)

#### Changelog

[v1.8.5 changelog](https://github.com/fluxcd/source-controller/blob/v1.8.5/CHANGELOG.md)

#### Container images

- `docker.io/fluxcd/source-controller:v1.8.5`
- `ghcr.io/fluxcd/source-controller:v1.8.5`

Supported architectures: `linux/amd64`, `linux/arm64` and `linux/arm/v7`.

The container images are built on GitHub hosted runners and are signed with cosign and GitHub OIDC.
To verify the images and their provenance (SLSA level 3), please see the [security documentation](https://fluxcd.io/flux/security/).

### [`v1.8.4`](https://github.com/fluxcd/source-controller/releases/tag/v1.8.4)

[Compare Source](fluxcd/source-controller@v1.8.3...v1.8.4)

#### Changelog

[v1.8.4 changelog](https://github.com/fluxcd/source-controller/blob/v1.8.4/CHANGELOG.md)

#### Container images

- `docker.io/fluxcd/source-controller:v1.8.4`
- `ghcr.io/fluxcd/source-controller:v1.8.4`

Supported architectures: `linux/amd64`, `linux/arm64` and `linux/arm/v7`.

The container images are built on GitHub hosted runners and are signed with cosign and GitHub OIDC.
To verify the images and their provenance (SLSA level 3), please see the [security documentation](https://fluxcd.io/flux/security/).

### [`v1.8.3`](https://github.com/fluxcd/source-controller/releases/tag/v1.8.3)

[Compare Source](fluxcd/source-controller@v1.8.2...v1.8.3)

#### Changelog

[v1.8.3 changelog](https://github.com/fluxcd/source-controller/blob/v1.8.3/CHANGELOG.md)

#### Container images

- `docker.io/fluxcd/source-controller:v1.8.3`
- `ghcr.io/fluxcd/source-controller:v1.8.3`

Supported architectures: `linux/amd64`, `linux/arm64` and `linux/arm/v7`.

The container images are built on GitHub hosted runners and are signed with cosign and GitHub OIDC.
To verify the images and their provenance (SLSA level 3), please see the [security documentation](https://fluxcd.io/flux/security/).

</details>

<details>
<summary>kedacore/keda (keda)</summary>

### [`v2.20.0`](https://github.com/kedacore/keda/blob/HEAD/CHANGELOG.md#v2200)

[Compare Source](kedacore/keda@v2.19.0...v2.20.0)

##### New

- **General**: Add `scalingModifiers` fallback behavior ([#&#8203;7366](kedacore/keda#7366))
- **General**: Introduce Elastic Forecast Scaler ([#&#8203;7494](kedacore/keda#7494))
- **General**: Introduce new OpenSearch Scaler ([#&#8203;7456](kedacore/keda#7456))

##### Improvements

- **General**: Add cooldownPeriod and pollingInterval checks for ScaledObject ([#&#8203;7271](kedacore/keda#7271))
- **General**: Add CRD-level validation markers (Minimum, MinLength, MinItems, Enum) for ScaledObject, ScaledJob, ScaleTriggers, and TriggerAuthentication API types ([#&#8203;7533](kedacore/keda#7533))
- **General**: Add `--leader-election-id` flag to allow configuring the leader election Lease name ([#&#8203;7564](kedacore/keda#7564))
- **General**: Add scaler HTTP request metrics (`keda_scaler_http_requests_total`, `keda_scaler_http_request_duration_seconds`) for outbound HTTP requests made during scaler metric collection ([#&#8203;6600](kedacore/keda#6600))
- **General**: Allow more control of TLS versions & ciphers via `KEDA_HTTP_TLS_CIPHER_LIST`, `KEDA_SERVICE_TLS_CIPHER_LIST` and `KEDA_SERVICE_MIN_TLS_VERSION` env vars ([#&#8203;7617](kedacore/keda#7617))
- **General**: Cap each scalers-cache reader at a per-reader budget derived from `globalHTTPTimeout` so `ScalersCache.Close` cannot block indefinitely ([#&#8203;7574](kedacore/keda#7574))
- **General**: Make APIService cert injections optional ([#&#8203;7559](kedacore/keda#7559))
- **General**: Remove unconditional `json.MarshalIndent` calls from admission webhook validation hot paths; replace spec-comparison `MarshalIndent`-and-string-compare in `isRemovingFinalizer` variants with `reflect.DeepEqual`. Prevents webhook OOM under sustained admission load at large scale (observed at \~60k ScaledObjects) ([#&#8203;7670](kedacore/keda#7670))
- **AWS Scalers**: Add support for AWS External ID in TriggerAuthentication podIdentity for all AWS scalers (SQS, Kinesis, DynamoDB, CloudWatch, etc.) to enable cross-account access scenarios ([#&#8203;6921](kedacore/keda#6921))
- **Elasticsearch Scaler**: Add HTTP status check for Elasticsearch errors ([#&#8203;7480](kedacore/keda#7480))
- **Github Runner Scaler**: Handle rate limit errors by respecting X-RateLimit-Reset and Retry-After headers and returning cached queue length ([#&#8203;7683](kedacore/keda#7683))
- **Kubernetes Workload Scaler**: Add `groupByNode` parameter ([#&#8203;7628](kedacore/keda#7628))
- **Metrics API Scaler**: Add custom HTTP client timeout ([#&#8203;7549](kedacore/keda#7549))
- **MSSQL Scaler**: Add Azure Workload Identity support for Azure SQL authentication ([#&#8203;6104](kedacore/keda#6104))
- **Prometheus Scaler**: Emit metric tracking empty responses from Prometheus ([#&#8203;7062](kedacore/keda#7062))
- **RabbitMQ Scaler**: Add support for OAuth2 authentication for RabbitMQ over HTTP ([#&#8203;7379](kedacore/keda#7379))
- **Temporal Scaler**: Add support for scaling based on Worker Deployment Version backlog via new `workerDeploymentName` and `workerDeploymentBuildId` fields. Deprecate `buildId`, `selectAllActive`, and `selectUnversioned` because those parameters are used for Rules-Based Worker Versioning, which was a short-lived experimental feature that has been deprecated in the Temporal server since December 2024 and will stop being supported soon. Users of Rules-Based Worker Versioning should use Worker Deployments instead. ([#&#8203;7672](kedacore/keda#7672))

##### Fixes

- **General**: Check updated status for Fallback condition instead of ScaledObject ([#&#8203;7488](kedacore/keda#7488))
- **General**: Fail fast in `GetMetrics` when the gRPC connection is in Shutdown state instead of waiting for context timeout ([#&#8203;7251](kedacore/keda#7251))
- **General**: Fix int64 overflow in milli-quantity conversion for very large metric values ([#&#8203;7441](kedacore/keda#7441))
- **General**: Fix `keda_scaler_active` not being emitted for CPU and memory triggers ([#&#8203;4945](kedacore/keda#4945))
- **General**: Fix misleading namespace in error log when secret access is restricted ([#&#8203;7739](kedacore/keda#7739))
- **General**: Fix race in scalers cache rebuild that caused transient scaler errors ([#&#8203;7574](kedacore/keda#7574))
- **General**: Fix ScaledJob emitting wrong CloudEvent type (`ScaledObjectReadyType` instead of `ScaledJobReadyType`) when transitioning to ready state ([#&#8203;7792](kedacore/keda#7792))
- **General**: Fix ScaledObject admission webhook to return validation error from `verifyReplicaCount`, preventing invalid ScaledObjects from being created ([#&#8203;5954](kedacore/keda#5954))
- **General**: Fix ScaledObject Ready condition not reflecting HPA status ([#&#8203;7649](kedacore/keda#7649))
- **General**: Handle paused scaling directly in reconciler ([#&#8203;7663](kedacore/keda#7663))
- **General**: Honor `stderrthreshold` when `logtostderr` is enabled by updating klog to v2.140.0 ([#&#8203;7568](kedacore/keda#7568))
- **General**: Limit projected service account token reads during Vault authentication ([#&#8203;7783](kedacore/keda#7783))
- **General**: Reject ScaledObject creation and update when the name exceeds 63 characters ([#&#8203;6998](kedacore/keda#6998))
- **AWS Scalers**: Fix TCP connection leak by closing HTTP idle connections on scaler `Close()` for SQS, Kinesis, DynamoDB, DynamoDB Streams, and CloudWatch scalers ([#&#8203;7756](kedacore/keda#7756))
- **Azure Data Explorer Scaler**: Remove clientSecretFromEnv support ([#&#8203;7554](kedacore/keda#7554))
- **Azure Event Hub Scaler**: Reject non-positive `unprocessedEventThreshold` to prevent integer division by zero when computing lag ([#&#8203;7732](kedacore/keda#7732))
- **Azure Pipelines Scaler**: Exclude already-assigned jobs from queue length ([#&#8203;7747](kedacore/keda#7747))
- **Cron Scaler**: Fix metric name generation so cron expressions with comma-separated values no longer produce invalid metric names ([#&#8203;7448](kedacore/keda#7448))
- **External Scaler**: gRPC Pool uses TLS context in the key ([#&#8203;7687](kedacore/keda#7687))
- **Forgejo Scaler**: Limit HTTP error response logging ([#&#8203;7469](kedacore/keda#7469))
- **Forgejo Scaler**: Return correct activity to enable scale-to-zero ([#&#8203;7527](kedacore/keda#7527))
- **GCP Cloud Tasks Scaler**: Implement escapeFilterValue for metric filtering ([#&#8203;7482](kedacore/keda#7482))
- **GCP Scaler**: Validate Pub/Sub resource name in BuildMQLQuery ([#&#8203;7468](kedacore/keda#7468))
- **GCP Storage Scaler**: Metadata is not printed in the log ([#&#8203;7688](kedacore/keda#7688))
- **Github Runner Scaler**: Bound etag and per-repo caches to prevent unbounded memory growth when `enableEtags` is on ([#&#8203;7685](kedacore/keda#7685))
- **Github Runner Scaler**: Improve URL construction and error handling ([#&#8203;7495](kedacore/keda#7495))
- **Github Runner Scaler**: Limit HTTP error response logging ([#&#8203;7469](kedacore/keda#7469))
- **InfluxDB Scaler**: Make `authToken` optional to support unauthenticated InfluxDB instances ([#&#8203;7616](kedacore/keda#7616))
- **Loki Scaler**: Limit HTTP error response logging ([#&#8203;7469](kedacore/keda#7469))
- **Loki Scaler**: `serverAddress` now appends `/loki/api/v1/query` to the end of existing path instead of overriding ([#&#8203;7648](kedacore/keda#7648))
- **Metrics API Scaler**: Fix `aggregateFromKubeServiceEndpoints` using empty label selector that matched all EndpointSlices in the namespace instead of only the target service's ([#&#8203;7641](kedacore/keda#7641))
- **Metrics API Scaler**: Fix division by zero in average aggregation when all kube service endpoints fail ([#&#8203;7742](kedacore/keda#7742))
- **Metrics API Scaler**: Prevent response value reflection in scaler errors ([#&#8203;7693](kedacore/keda#7693))
- **NATS JetStream Scaler**: Return an error from `getMaxMsgLag` when the configured consumer is missing instead of falling back to the stream's last sequence, preventing incorrect scale-up to `maxReplicaCount` ([#&#8203;7657](kedacore/keda#7657))
- **NATS JetStream Scaler**: URL-encode user input in monitoring URL construction ([#&#8203;7483](kedacore/keda#7483))
- **PostgreSQL Scaler**: Quote whitespace-containing connection parameters in generated connection strings ([#&#8203;7784](kedacore/keda#7784))
- **PredictKube Scaler**: Bump `dysnix/predictkube-libs` to `v0.1.0` (drops the predictkube path to the archived/EOL `go-grpc-prometheus` and to the deprecated `golang/protobuf`) and use a portable Prometheus-API instant query for the health check so the scaler works against VictoriaMetrics, Thanos and other Prometheus-API-compatible backends ([#&#8203;7745](kedacore/keda#7745))
- **Prometheus Scaler**: Handle NaN results in the same manner as Inf ([#&#8203;7475](kedacore/keda#7475))
- **Prometheus Scaler**: Limit HTTP error response logging ([#&#8203;7469](kedacore/keda#7469))
- **Pulsar Scaler**: Drop bearer/basic auth headers on redirects to a different host or on https->http downgrades to prevent credential leakage ([#&#8203;7686](kedacore/keda#7686))
- **RabbitMQ Scaler**: Fix AMQP connection leak by recovering channels on the existing connection and closing connections properly ([#&#8203;6266](kedacore/keda#6266))
- **RabbitMQ Scaler**: Use SASL EXTERNAL for RabbitMQ AMQP TLS without credentials ([#&#8203;6840](kedacore/keda#6840))
- **Redis Scaler**: Use literal command names in Lua script to fix compatibility with Alibaba Cloud Redis Cluster ([#&#8203;7758](kedacore/keda#7758))
- **Solace Scaler**: Fix URL escaping for Message VPN and Queue names ([#&#8203;7481](kedacore/keda#7481))
- **Solr Scaler**: Use net/url to safely encode query parameters ([#&#8203;7467](kedacore/keda#7467))
- **Splunk Observability Scaler**: Add MTS stream handling with context timeout ([#&#8203;7799](kedacore/keda#7799))

##### Deprecations

You can find all deprecations in [this overview](https://github.com/kedacore/keda/issues?q=is%3Aissue+is%3Aopen+sort%3Aupdated-desc+label%3Abreaking-change) and [join the discussion here](https://github.com/kedacore/keda/discussions/categories/deprecations).

##### Breaking Changes

- **GCP PubSub Scaler**: The `subscriptionSize` setting is DEPRECATED and is removed in v2.20 - Use `mode` and `value` instead ([#&#8203;7720](kedacore/keda#7720))
- **Huawei Cloudeye Scaler**: The `minMetricValue` setting is DEPRECATED and is removed - Use `activationTargetMetricValue` instead ([#&#8203;7436](kedacore/keda#7436))
- **IBM MQ Scaler**: The `tls` setting code is removed ([#&#8203;6094](kedacore/keda#6094))
- **InfluxDB Scaler**: The `authToken` setting from `triggerMetadata` is DEPRECATED and is removed in v2.20 - Use `authToken` from `resolvedEnv` or `authParams` instead ([#&#8203;7722](kedacore/keda#7722))

##### Other

- **General**: Migrate event recording RBAC from core `events` to `events.k8s.io` ([#&#8203;7781](kedacore/keda#7781))
- **General**: Migrate metrics service gRPC response away from Kubernetes API protobuf types for Kubernetes 0.35 ([#&#8203;7781](kedacore/keda#7781))
- **General**: Remove dead code from authentication package and drop unused `authModes` field from ArangoDB, Loki, Prometheus and PredictKube scalers ([#&#8203;7726](kedacore/keda#7726))
- **General**: Use informer cache for ReplicaSet lookups in GetCurrentReplicas to reduce API server load ([#&#8203;7466](kedacore/keda#7466))
- **External Scaler**: Fix race condition in `TestWaitForState` causing flaky test under `-race` detector ([#&#8203;7542](kedacore/keda#7542))
- **GCP Scaler**: Replace `credentialsFromJSON` with `credentialsFromJSONWithType` ([#&#8203;7523](kedacore/keda#7523))
- **Kafka Scaler**: Refactor Kafka Scaler ([#&#8203;7528](kedacore/keda#7528))

</details>

<details>
<summary>renovatebot/renovate (renovate/renovate)</summary>

### [`v43.209.2`](https://github.com/renovatebot/renovate/releases/tag/43.209.2)

[Compare Source](renovatebot/renovate@43.209.1...43.209.2)

##### Bug Fixes

- **deps:** update ghcr.io/renovatebot/base-image docker tag to v13.55.6 (main) ([#&#8203;43751](renovatebot/renovate#43751)) ([160e9f9](renovatebot/renovate@160e9f9))

</details>

<details>
<summary>VictoriaMetrics/helm-charts (victoria-metrics-k8s-stack)</summary>

### [`v0.81.0`](https://github.com/VictoriaMetrics/helm-charts/releases/tag/victoria-metrics-k8s-stack-0.81.0)

[Compare Source](VictoriaMetrics/helm-charts@victoria-metrics-k8s-stack-0.80.0...victoria-metrics-k8s-stack-0.81.0)

### Release notes for version 0.81.0

**Release date:** 28 May 2026

![Helm: v3](https://img.shields.io/badge/Helm-v3.14%2B-informational?color=informational\&logo=helm\&link=https%3A%2F%2Fgithub.com%2Fhelm%2Fhelm%2Freleases%2Ftag%2Fv3.14.0) ![AppVersion: v1.144.0](https://img.shields.io/badge/v1.144.0-success?logo=VictoriaMetrics\&labelColor=gray\&link=https%3A%2F%2Fdocs.victoriametrics.com%2Fvictoriametrics%2Fchangelog%2F%23v11440)

**Update note 1**: `defaultRules.create` is renamed to `defaultRules.enabled`; per-group `create` is renamed to `enabled`. Old `create` key is still respected as a fallback if `enabled` is not set.

**Update note 2**: `defaultRules.additionalGroupByLabels` is renamed to `defaultRules.extraGroupByLabels`. Old `additionalGroupByLabels` is still respected as a fallback if `extraGroupByLabels` is not set.

- rename `defaultRules.create` and per-group `create` to `enabled`, with fallback to `create` for backward compatibility.
- add per-group extraGroupByLabels, that replace defaultRules.extraGroupByLabels (if absent defaults to defaultRules.additionalGroupByLabels). See [#&#8203;2832](VictoriaMetrics/helm-charts#2832).

### [`v0.80.0`](https://github.com/VictoriaMetrics/helm-charts/releases/tag/victoria-metrics-k8s-stack-0.80.0)

[Compare Source](VictoriaMetrics/helm-charts@victoria-metrics-k8s-stack-0.79.1...victoria-metrics-k8s-stack-0.80.0)

### Release notes for version 0.80.0

**Release date:** 25 May 2026

![Helm: v3](https://img.shields.io/badge/Helm-v3.14%2B-informational?color=informational\&logo=helm\&link=https%3A%2F%2Fgithub.com%2Fhelm%2Fhelm%2Freleases%2Ftag%2Fv3.14.0) ![AppVersion: v1.144.0](https://img.shields.io/badge/v1.144.0-success?logo=VictoriaMetrics\&labelColor=gray\&link=https%3A%2F%2Fdocs.victoriametrics.com%2Fvictoriametrics%2Fchangelog%2F%23v11440)

- bump version of VM components to [v1.144.0](https://github.com/VictoriaMetrics/VictoriaMetrics/releases/tag/v1.144.0)

### [`v0.79.1`](https://github.com/VictoriaMetrics/helm-charts/releases/tag/victoria-metrics-k8s-stack-0.79.1)

[Compare Source](VictoriaMetrics/helm-charts@victoria-metrics-k8s-stack-0.79.0...victoria-metrics-k8s-stack-0.79.1)

### Release notes for version 0.79.1

**Release date:** 20 May 2026

![Helm: v3](https://img.shields.io/badge/Helm-v3.14%2B-informational?color=informational\&logo=helm\&link=https%3A%2F%2Fgithub.com%2Fhelm%2Fhelm%2Freleases%2Ftag%2Fv3.14.0) ![AppVersion: v1.143.0](https://img.shields.io/badge/v1.143.0-success?logo=VictoriaMetrics\&labelColor=gray\&link=https%3A%2F%2Fdocs.victoriametrics.com%2Fvictoriametrics%2Fchangelog%2F%23v11430)

- support Grafana HTTPRoute when resolving grafanaAddr
- bump operator dependency chart to version 0.63.1

### [`v0.79.0`](https://github.com/VictoriaMetrics/helm-charts/releases/tag/victoria-metrics-k8s-stack-0.79.0)

[Compare Source](VictoriaMetrics/helm-charts@victoria-metrics-k8s-stack-0.78.0...victoria-metrics-k8s-stack-0.79.0)

### Release notes for version 0.79.0

**Release date:** 18 May 2026

![Helm: v3](https://img.shields.io/badge/Helm-v3.14%2B-informational?color=informational\&logo=helm\&link=https%3A%2F%2Fgithub.com%2Fhelm%2Fhelm%2Freleases%2Ftag%2Fv3.14.0) ![AppVersion: v1.143.0](https://img.shields.io/badge/v1.143.0-success?logo=VictoriaMetrics\&labelColor=gray\&link=https%3A%2F%2Fdocs.victoriametrics.com%2Fvictoriametrics%2Fchangelog%2F%23v11430)

- bump victoria-metrics-operator dependency chart to version 0.63.0
- bump grafana dependency chart to version 12.3.3
- bump node-exporter dependency chart to version 4.55.0

### [`v0.78.0`](https://github.com/VictoriaMetrics/helm-charts/releases/tag/victoria-metrics-k8s-stack-0.78.0)

[Compare Source](VictoriaMetrics/helm-charts@victoria-metrics-k8s-stack-0.77.0...victoria-metrics-k8s-stack-0.78.0)

### Release notes for version 0.78.0

**Release date:** 11 May 2026

![Helm: v3](https://img.shields.io/badge/Helm-v3.14%2B-informational?color=informational\&logo=helm\&link=https%3A%2F%2Fgithub.com%2Fhelm%2Fhelm%2Freleases%2Ftag%2Fv3.14.0) ![AppVersion: v1.143.0](https://img.shields.io/badge/v1.143.0-success?logo=VictoriaMetrics\&labelColor=gray\&link=https%3A%2F%2Fdocs.victoriametrics.com%2Fvictoriametrics%2Fchangelog%2F%23v11430)

- bump version of VM components to [v1.143.0](https://github.com/VictoriaMetrics/VictoriaMetrics/releases/tag/v1.143.0)
- fix Alertmanager templates path to match VM Operator mount. See [#&#8203;2883](VictoriaMetrics/helm-charts#2883).

### [`v0.77.0`](https://github.com/VictoriaMetrics/helm-charts/releases/tag/victoria-metrics-k8s-stack-0.77.0)

[Compare Source](VictoriaMetrics/helm-charts@victoria-metrics-k8s-stack-0.76.0...victoria-metrics-k8s-stack-0.77.0)

### Release notes for version 0.77.0

**Release date:** 03 May 2026

![Helm: v3](https://img.shields.io/badge/Helm-v3.14%2B-informational?color=informational\&logo=helm\&link=https%3A%2F%2Fgithub.com%2Fhelm%2Fhelm%2Freleases%2Ftag%2Fv3.14.0) ![AppVersion: v1.142.0](https://img.shields.io/badge/v1.142.0-success?logo=VictoriaMetrics\&labelColor=gray\&link=https%3A%2F%2Fdocs.victoriametrics.com%2Fvictoriametrics%2Fchangelog%2F%23v11420)

- set default securityContext for Alertmanager, when persistence is enabled to prevent from permissions issues. See [#&#8203;2846](VictoriaMetrics/helm-charts#2846).
- default operator `admissionWebhooks.policy` to `Ignore` so the stack can be installed and upgraded in a single pass without races against the operator's webhook server. Override to `Fail` for strict validation. See [#&#8203;2874](VictoriaMetrics/helm-charts#2874).

</details>

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Mend Renovate](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yMDkuMSIsInVwZGF0ZWRJblZlciI6IjQzLjIwOS4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->

Reviewed-on: https://forgejo.maio-tech.com/Sammy/Servers/pulls/2
shcherbak pushed a commit to shcherbak/keda that referenced this pull request Jun 3, 2026
…edacore#7271)

* feat: Add cooldownPeriod and pollingInterval checks for ScaledObject

Added a check for unnecessary cooldownPeriod and pollingInterval configurations when minReplicaCount is not 0, emitting informational events if they are configured.

Signed-off-by: Rick Brouwer <[email protected]>

* Update scaledobject_controller_test.go

Signed-off-by: Rick Brouwer <[email protected]>

* changes after feedback

Signed-off-by: Rick Brouwer <[email protected]>

* update to webhook

Signed-off-by: Rick Brouwer <[email protected]>

* update

Signed-off-by: Rick Brouwer <[email protected]>

---------

Signed-off-by: Rick Brouwer <[email protected]>
Signed-off-by: Jan Wozniak <[email protected]>
Co-authored-by: Jorge Turrado Ferrero <[email protected]>
Co-authored-by: Jan Wozniak <[email protected]>
Signed-off-by: Yurii Shcherbak <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

nice-to-have:keda-v2.20 Not strictly necessary, but nice if you can bring it along

Projects

None yet

Development

Successfully merging this pull request may close these issues.

5 participants