Licensing

Caution

⚠ Provisional - pending finalization. The licensing model below reflects the current design and the behavior implemented in 0.1.x, but the license-issuance tooling and the exact expiry/degrade behavior are being finalized in a later release. The trial/renewal mechanics and the precise set of features gated on expiry may change before general availability. This section will be promoted to stable once that work lands.

5.1 How licensing works

The license is an offline, ed25519-signed file. stepscale signs a small JSON payload; the operator verifies it in-cluster against a baked-in public key. There is no phone-home, so licensing works fully air-gapped.

The license payload contains: customer, plan (trial / team / enterprise), issued_at, expires_at, max_clusters (omitted = unlimited), and a list of features.

The operator resolves one of three states each tick:

State	Meaning	Effect
Licensed	Valid signature, not expired.	Approved recommendations are applied; proactive schedules run.
Grace	Expired, but within the grace window.	Still applies; logs/Events warn that the license has expired and how many grace days remain.
Unlicensed	No license, bad signature, no public key, or past grace.	Analysis-only: the operator keeps watching and producing recommendations, but does not apply them (approved recommendations are marked blocked).

A valid public key (license.publicKey) is required to apply anything - without it the operator is always analysis-only, regardless of the license file.

5.2 Installing the license

Provide the license as Helm values (the chart creates the Secret):

helm upgrade <release> oci://ghcr.io/stepscale/charts/stepscale-autoscaler \
  --version <version> --namespace <namespace> --reuse-values \
  --set license.publicKey=<stepscale-public-key> \
  --set license.payload="$(cat license.json)" \
  --set license.signature="$(cat license.sig)"

Or reference a Secret you create yourself, holding the keys license (payload) and signature:

kubectl create secret generic <your-license-secret> -n <namespace> \
  --from-file=license=license.json \
  --from-file=signature=license.sig

helm upgrade <release> oci://ghcr.io/stepscale/charts/stepscale-autoscaler \
  --version <version> --namespace <namespace> --reuse-values \
  --set license.publicKey=<stepscale-public-key> \
  --set license.existingSecret=<your-license-secret>

Confirm the resolved state in the operator logs:

kubectl logs -n <namespace> deploy/<release>-stepscale-autoscaler | grep -i license

5.3 Plans

Plan	Shape
Trial	Full features, time-boxed (14-30 days). The conversion wedge, not a permanent free tier.
Team	Annual subscription, priced per cluster. The standard commercial tier.
Enterprise	Custom: SSO/SAML, data-residency, support SLA, volume terms.

There is no permanent free headline tier. (An optional rules-only Community edition may be offered separately.)

5.4 Expiry and renewal (provisional)

• Grace, then graceful degrade. On expiry the operator continues to apply during the grace window (license.gracePeriodDays, default 14), with warnings, then degrades to analysis-only. An expired license never bricks the cluster - the read-only watch keeps running and the rollback safety net continues to function on changes the operator itself made.
• Renewal (air-gapped). Renewal is by swapping in a new signed license file: update the Secret (or re-run the helm upgrade … --set license.payload/signature from §5.2). No restart of your workloads is involved.
• Renewal (connected, optional). Connected customers may opt into an auto-renewing short-lived license; this is never required and is part of the work being finalized.

Note

The exact details of trial issuance, the renewal CLI, and which features are suspended at each stage will be confirmed when the license-issuance tooling lands. Until then, treat §5.1’s state table as the authoritative description of current behavior.