Open kenjenkins opened 3 months ago
ZPain8464
commented
3 months ago @kenjenkins thanks for submitting this. I wasn't aware this was an Enterprise-only setting. I'll add this to ready.
The resolution steps make sense, but I have a question: Wouldn't most Enterprise users define these routes in the Console itself? I understand that there could be a use case where a user would define these routes in a YAML file, too. But again, wouldn't they import their routes to the Console?
kenjenkins
commented
3 months ago Wouldn't most Enterprise users define these routes in the Console itself?
If I understand correctly, this setting is a way to define a matching order for routes defined in the Enterprise Console, in case you have multiple routes with regex path matching that might overlap.
A contrived example might be one route matching /foo/.* and another route matching /.*/bar. If you make a request for /foo/bar, which route should it match?
For an open-source Pomerium configuration, it matches whichever route appears first in the config file.
But for Enterprise Console, we don't have a defined ordering between routes. The "Regex Priority Order" setting lets Enterprise users define which route should take precedence in the case of overlaps like this. I think higher number priority takes precedence, but we should double check.
Page: https://www.pomerium.com/docs/reference/routes/regex-priority-Order
What's incorrect or missing
This reference page shows a 'Core' example under 'How to Configure'. However, this setting applies only to routes defined in the Enterprise Console.
What's the resolution?
Let's clarify that this setting is only for the Enterprise Console, and that routes defined in a YAML config file are matched in the order they are listed.
Let's also clarify which way the priority goes — does higher priority go to the higher numerical value or the lower numerical value?