Console config schema appears out of sync with the underlying ziti config schema

[johnalotoski]

The current console schema for service configuration json does not appear to be in sync with what the underlying ziti software accepts as valid configuration, and this causes unexpected service breakage upon use of the ziti console JSON service config editor.

Example: a host.v1 config created by cli:

ziti edge create config config-name host.v1 '{
  "allowedAddresses":["..."],
  "allowedPortRanges":[{"high":65535,"low":0}],
  "allowedProtocols":["tcp","udp"],
  "forwardAddress":true,
  "forwardPort":true,
  "forwardProtocol":true,
  "listenOptions":{"identity":"$tunneler_id.name"}
}'

The service works as desired after setting it up with the above, with this command being just one part of the total config, of course.

Now, a console user goes into the console, edits the service config, makes a change, for example, to the allowedAddresses, saves the json config and exits.

This change breaks the service, because the console json config never shows the "listenOptions":{"identity":"$tunneler_id.name"} upon loading, and upon the user saving it, the console change removes that listenOptions from the config, even though that is likely never what the user intended.

At the moment, it seems that unless the user wants to examine both the CLI and console JSON together to ensure there are no differences before doing any edits, doing any console service config edits comes with a significant risk of service breakage.

[JeremyTellier]

I am assuming it was because at one point that was in beta, but we were manually removing that property in ZAC. I have since added it to allow changes in ZAC Version 2.5.7 commit #20f49df

[johnalotoski]

Thanks!