search

Kong / deck

decK: Configuration management and drift detection for Kong
https://docs.konghq.com/deck/overview
Apache License 2.0
434 stars 128 forks source link

`service` field under a plugin should be ignored for nested routes #1353

Open healthy-pod opened 1 month ago

healthy-pod commented 1 month ago

If the value of service.routes[*].plugins[*].service is set to the same service in which the route is nested, applying the configuration returns an entity already exists error.

For example, consider the following configuration:

---
_format_version: "3.0"
services:
- name: koko-private
  host: koko-cp-ws.koko.svc.cluster.local
  port: 3200
  protocol: http
  routes:
  - name: koko-private-cp
    hosts:
    - 'us.kgateway.svc.konghq.${{ env "DECK_DOMAIN_TLD" }}'
    - 'eu.kgateway.svc.konghq.${{ env "DECK_DOMAIN_TLD" }}'
    snis:
    - 'us.kgateway.svc.konghq.${{ env "DECK_DOMAIN_TLD" }}'
    - 'eu.kgateway.svc.konghq.${{ env "DECK_DOMAIN_TLD" }}'
    paths:
    - ~/cp/(.*)/v1/outlet
    strip_path: false
    plugins:
    - name: request-transformer
      service: koko-private
      config:
        add:
          querystring:
          - cluster.prefix:$(uri_captures[1])
        replace:
          uri: "/v1/outlet"

Applying it succeeds first time, but fails second time with an entity already exists error. Deleting the plugin manually from the service then re-applying works, but still fails on the next apply with the same issue.

Options:

  1. Completely ignore service field in plugins under a route which is explicitly defined under a service
  2. Validate that the service field for the plugin matches the service name under which the route is nested, otherwise return a validation error
mheap commented 1 month ago

My expectation of behaviour would be:

  1. Error if a foreign key is set in a nested config (even if it matches). Fail fast.

Can you help us understand how you landed on this configuration?

healthy-pod commented 1 month ago

Can you help us understand how you landed on this configuration?

[noob kong user here] while working on the config above I wanted to add a request-transformer plugin to a route nested within a service definition so I went to https://docs.konghq.com/hub/kong-inc/request-transformer/how-to/basic-example/ and copied the declarative example under Enable on a service which starts with:

- name: request-transformer
  service: SERVICE_NAME|ID