Initial commit

.github/workflows/ci.yaml

@@ -0,0 +1,73 @@
+name: CI
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+  release:
+    types: [published]
+
+jobs:
+  # TODO lint
+
+  build-and-test:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+      - name: Setup Go
+        uses: actions/setup-go@v5
+        with:
+          go-version: '1.22.3'
+      - name: Install dependencies
+        run: go get .
+      - name: Build
+        run: go build -v
+      - name: Test with the Go CLI
+        run: go test ./src
+
+  # Build and push image
+  build-and-publish-image:
+    runs-on: ubuntu-latest
+    needs:
+      # TODO lint dep
+      - build-and-test
+
+    steps:
+      - uses: actions/checkout@v3
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+      - name: Tag the image
+        id: meta
+        uses: docker/metadata-action@v4
+        with:
+          images: |
+            bitovi/temporal-cloud-metrics-to-k8s
+          tags: |
+            type=raw,value=latest,enable=${{ github.ref_name == 'main' }}
+            type=semver,pattern={{version}},enable=${{ github.event_name == 'release' }}
+      - 
+        name: Login to Docker Hub
+        uses: docker/login-action@v2
+        if: github.event_name != 'pull_request'
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_PASSWORD }}
+      - 
+        name: Build Docker image
+        uses: docker/build-push-action@v4
+        with:
+          context: .
+          platforms: linux/amd64,linux/arm64
+          tags: ${{ steps.meta.outputs.tags }}
+      - 
+        name: Push Docker image
+        uses: docker/build-push-action@v4
+        if: ${{ (github.ref_name == 'main') || (github.event_name == 'release') }}
+        with:
+          context: .
+          platforms: linux/amd64,linux/arm64
+          tags: ${{ steps.meta.outputs.tags }}
+          push: true

.gitignore

@@ -0,0 +1 @@
+certs

Dockerfile

@@ -0,0 +1,13 @@
+FROM golang:1.22.3
+
+WORKDIR /app
+
+COPY go.mod go.sum ./
+
+RUN go mod download
+
+COPY src/*.go ./
+
+RUN CGO_ENABLED=0 GOOS=linux go build -o ./temporal-cloud-metrics-adapter
+
+CMD ["./temporal-cloud-metrics-adapter"]

LISCENCE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2024 Bitovi
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -0,0 +1,115 @@
+# Temporal Cloud Metrics to Kubernetes
+
+Bring Temporal Cloud Metrics into your Kubernetes cluster to inform autoscaling of your workers.
+
+## Configuration
+
+TOOD document config format
+
+## Installation
+
+__Prerequisites__
+
+1. A [Temporal Cloud account](https://temporal.io/)
+    - [An mTLS certificate provisioned](https://docs.temporal.io/cloud/certificates)
+    - [The metrics endpoint enabled](https://docs.temporal.io/production-deployment/cloud/metrics/general-setup)
+1. A [Kubernetes](https://kubernetes.io/) compliant cluster (also tested on [K3s](https://k3s.io/))
+1. The [kubectl](https://kubernetes.io/docs/reference/kubectl/) cli for Kubernetes
+
+__Step 1: Create Namespace__
+
+You'll need a Kubernetes namespace to deploy this to. If you already have a namespace you'd like to use, you can skip this step.
+
+```bash
+kubectl create namespace staging-workers
+```
+
+__Step 2: Copy mTLS Certificate__
+
+You'll need the client mTLS certificate for our Temporal Cloud namespace so that we can load it into our cluster for use in the metrics adapter and worker.
+
+1. Copy the certificate into `./certs/client.crt`
+1. Copy the key into `./certs/client.key`
+1. Create a secret to store the certificate in Kubernetes
+
+```bash
+kubectl create secret generic mtls-certs \
+  --from-file=client.crt=./certs/client.crt \
+  --from-file=client.key=./certs/client.key \
+  -n=$NAMESPACE
+```
+
+__Step 3: Update HPA Settings__
+
+Update `./manifests/010-hpa.yaml` to fit your needs
+
+```yaml
+apiVersion: autoscaling/v2
+kind: HorizontalPodAutoscaler
+metadata:
+  name: temporal-worker
+  namespace: staging-workers
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    # The worker deployment name
+    name: temporal-worker
+  minReplicas: 1
+  maxReplicas: 20
+  metrics:
+  - type: External
+    external:
+      metric:
+        name: temporal_cloud_sync_match_rate
+        selector:
+          matchLabels:
+            # Match a particular Temporal Cloud namespace
+            temporal_namespace: TEMPORAL_NAMESPACE
+      target:
+        type: Value
+        # Scale up when the target metric exceeds 50 milli value (0.05)
+        value: 50m
+  behavior:
+    scaleUp:
+      # The highest value in the last 10 seconds will be used to determine the need to scale up
+      stabilizationWindowSeconds: 10
+      selectPolicy: Max
+      policies:
+        # Scale up by 5 pods every 10 seconds whole the target threshold is exceeded
+        - type: Pods
+          value: 5
+          periodSeconds: 10
+    scaleDown:
+      # The highest value in the last 60 seconds will be used to determine the need to scale down
+      stabilizationWindowSeconds: 60
+      selectPolicy: Max
+      policies:
+        # Scale up by 5 pods every 10 seconds whole the target threshold is achieved
+        - type: Pods
+          value: 3
+          periodSeconds: 30
+```
+
+__Step 4: Deploy Adapter__
+
+You'll need to apply some manifest files to your cluster now.
+
+_Note: if you've opted to use an existing namespace, make sure to update the manifests accordingly before applying them._
+
+```bash
+kubectl apply -f ./manifests/adapter
+```
+
+Make sure the adapter is running before continuing to the next step. Simply run `get pods -n staging-workers`. You should see something like this in the output.
+
+```bash    
+NAME                                              READY   STATUS    RESTARTS   AGE
+temporal-cloud-metrics-adapter-668d85d468-fcrp9   1/1     Running   0          3s
+```
+
+__Step 5: Setup HPA__
+
+```bash
+kubectl apply -f ./manifests/010-hpa.yaml
+```

go.mod

@@ -0,0 +1,106 @@
+module temporal-cloud-metrics-to-k8s
+
+go 1.22.1
+
+require (
+	gopkg.in/yaml.v2 v2.4.0
+	k8s.io/apimachinery v0.30.1
+	k8s.io/component-base v0.30.1
+	k8s.io/metrics v0.30.1
+	sigs.k8s.io/custom-metrics-apiserver v1.30.0
+)
+
+require (
+	bou.ke/monkey v1.0.2 // indirect
+	github.com/NYTimes/gziphandler v1.1.1 // indirect
+	github.com/antlr/antlr4/runtime/Go/antlr/v4 v4.0.0-20230305170008-8188dc5388df // indirect
+	github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect
+	github.com/beorn7/perks v1.0.1 // indirect
+	github.com/blang/semver/v4 v4.0.0 // indirect
+	github.com/cenkalti/backoff/v4 v4.2.1 // indirect
+	github.com/cespare/xxhash/v2 v2.2.0 // indirect
+	github.com/coreos/go-semver v0.3.1 // indirect
+	github.com/coreos/go-systemd/v22 v22.5.0 // indirect
+	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/emicklei/go-restful/v3 v3.12.0 // indirect
+	github.com/evanphx/json-patch v5.7.0+incompatible // indirect
+	github.com/felixge/httpsnoop v1.0.4 // indirect
+	github.com/fsnotify/fsnotify v1.7.0 // indirect
+	github.com/go-logr/logr v1.4.1 // indirect
+	github.com/go-logr/stdr v1.2.2 // indirect
+	github.com/go-openapi/jsonpointer v0.20.2 // indirect
+	github.com/go-openapi/jsonreference v0.20.4 // indirect
+	github.com/go-openapi/swag v0.22.7 // indirect
+	github.com/gogo/protobuf v1.3.2 // indirect
+	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
+	github.com/golang/protobuf v1.5.4 // indirect
+	github.com/google/cel-go v0.17.8 // indirect
+	github.com/google/gnostic-models v0.6.8 // indirect
+	github.com/google/go-cmp v0.6.0 // indirect
+	github.com/google/gofuzz v1.2.0 // indirect
+	github.com/google/uuid v1.5.0 // indirect
+	github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0 // indirect
+	github.com/grpc-ecosystem/grpc-gateway/v2 v2.18.1 // indirect
+	github.com/imdario/mergo v0.3.16 // indirect
+	github.com/inconshreveable/mousetrap v1.1.0 // indirect
+	github.com/josharian/intern v1.0.0 // indirect
+	github.com/json-iterator/go v1.1.12 // indirect
+	github.com/mailru/easyjson v0.7.7 // indirect
+	github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 // indirect
+	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
+	github.com/modern-go/reflect2 v1.0.2 // indirect
+	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
+	github.com/pkg/errors v0.9.1 // indirect
+	github.com/pmezard/go-difflib v1.0.0 // indirect
+	github.com/prometheus/client_golang v1.18.0 // indirect
+	github.com/prometheus/client_model v0.5.0 // indirect
+	github.com/prometheus/common v0.45.0 // indirect
+	github.com/prometheus/procfs v0.12.0 // indirect
+	github.com/spf13/cobra v1.8.0 // indirect
+	github.com/spf13/pflag v1.0.5 // indirect
+	github.com/stoewer/go-strcase v1.3.0 // indirect
+	github.com/stretchr/testify v1.9.0 // indirect
+	go.etcd.io/etcd/api/v3 v3.5.11 // indirect
+	go.etcd.io/etcd/client/pkg/v3 v3.5.11 // indirect
+	go.etcd.io/etcd/client/v3 v3.5.11 // indirect
+	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.46.1 // indirect
+	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.46.1 // indirect
+	go.opentelemetry.io/otel v1.21.0 // indirect
+	go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.21.0 // indirect
+	go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.21.0 // indirect
+	go.opentelemetry.io/otel/metric v1.21.0 // indirect
+	go.opentelemetry.io/otel/sdk v1.21.0 // indirect
+	go.opentelemetry.io/otel/trace v1.21.0 // indirect
+	go.opentelemetry.io/proto/otlp v1.0.0 // indirect
+	go.uber.org/multierr v1.11.0 // indirect
+	go.uber.org/zap v1.26.0 // indirect
+	golang.org/x/crypto v0.22.0 // indirect
+	golang.org/x/exp v0.0.0-20231226003508-02704c960a9b // indirect
+	golang.org/x/net v0.24.0 // indirect
+	golang.org/x/oauth2 v0.15.0 // indirect
+	golang.org/x/sync v0.7.0 // indirect
+	golang.org/x/sys v0.19.0 // indirect
+	golang.org/x/term v0.19.0 // indirect
+	golang.org/x/text v0.14.0 // indirect
+	golang.org/x/time v0.5.0 // indirect
+	google.golang.org/appengine v1.6.8 // indirect
+	google.golang.org/genproto v0.0.0-20231212172506-995d672761c0 // indirect
+	google.golang.org/genproto/googleapis/api v0.0.0-20231212172506-995d672761c0 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20231212172506-995d672761c0 // indirect
+	google.golang.org/grpc v1.60.1 // indirect
+	google.golang.org/protobuf v1.33.0 // indirect
+	gopkg.in/inf.v0 v0.9.1 // indirect
+	gopkg.in/natefinch/lumberjack.v2 v2.2.1 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
+	k8s.io/api v0.30.1 // indirect
+	k8s.io/apiserver v0.30.0 // indirect
+	k8s.io/client-go v0.30.1 // indirect
+	k8s.io/klog/v2 v2.120.1 // indirect
+	k8s.io/kms v0.30.0 // indirect
+	k8s.io/kube-openapi v0.0.0-20240430033511-f0e62f92d13f // indirect
+	k8s.io/utils v0.0.0-20240423183400-0849a56e8f22 // indirect
+	sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.29.0 // indirect
+	sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
+	sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
+	sigs.k8s.io/yaml v1.4.0 // indirect
+)