feat: admin api no longer populates default values when writing #12603
Conversation
dosubot
bot
added
size:L
| -- metadata | ||
| if schema_type == core.schema.TYPE_METADATA then | ||
| local conf = body.node and body.node.value | ||
| decrypt_func(conf.name, conf, schema_type) |
There was a problem hiding this comment.
There is an amazing problem here:
In error-log-logger.lua, the following code exists:
apisix/apisix/plugins/error-log-logger.lua
Line 130 in 36b2b83
This is a property not marked in the document.
The intention of its design cannot be seen from the original PR #2592.
At the same time, it is also the only one that contains encrypt_fields in metadata_schema.
apisix/apisix/plugins/error-log-logger.lua
Line 149 in 36b2b83
This causes this logic in the actual decrypt_params to take effect only for error-log-logger.lua when schema_type == core.schema.TYPE_METADATA.
However, due to the cancellation of the default value padding, this logic no longer takes effect.
Anyway, I think this is wrong. And it needs to be repaired in subsequent PRs.
The reasons are as follows:
- There should not be a hidden property in the schema that is used for plugin-unrelated logic.
- fix: plugin metadata add id value for etcd checker #11452 implements a standardized
id, which can be consistent with other resources.
| default = { | ||
| length = 16, | ||
| char_set = "abcdefghijklmnopqrstuvwxyzABCDEFGHIGKLMNOPQRSTUVWXYZ0123456789" | ||
| } |
There was a problem hiding this comment.
The tests revealed that this is the only way to properly populate default values when range_id doesn't exist.
The original one should be because it's filled again after writing default={}.
|
|
||
|
|
||
|
|
||
| === TEST 15: not unwanted data, PUT with use_real_request_uri_unsafe |
There was a problem hiding this comment.
Add tests, when including property use_real_request_uri_unsafe, it will be filled normally.
| === TEST 15: PUT with limit-count policy=local |
There was a problem hiding this comment.
Add tests, when including property policy, it will be filled normally.
There was a problem hiding this comment.
Because I found that most of the tests covered non-required fields, I didn't add similar tests later.
SkyeYoung
requested review from
AlinsRan,
Baoyuantop,
bzp2010,
membphis and
moonming
| res = require("toolkit.json").decode(res) | ||
| assert(res.value.plugins["jwt-auth"].exp == 86400) | ||
| local core = require("apisix.core") |
There was a problem hiding this comment.
Because the original method can no longer detect whether the exp variable exists, it's changed to direct validation through the schema, according to the internal logic.
| properties = {}, | ||
| } | ||
| end | ||
| inject_metadata_schema(plugin_object) |
There was a problem hiding this comment.
Although it is not introduced by your PR, it is strange to actively inject an empty schema and use ordinary schema or metadata_schema according to certain conditions for configuration verification for some non-plugin metadata.
If a plugin does not indicate that it supports plugin metadata configuration by actively declaring metadata_schema, it should not be configured in this way. Specifically, if this happens, it may be more appropriate to reject this configuration directly. For example, key-auth does not have the meaning of plugin metadata configuration.
There was a problem hiding this comment.
Let's wait for what others think.
There was a problem hiding this comment.
agree with @bzp2010 , it's strange to inject a empty metadata schema for plugins that don't need plugin metadata, look like we need a refactor for this, I think we can deal with it in another PR.
| local conf_for_check = tbl_deepcopy(conf) | ||
| local ok, err = self.checker(id, conf_for_check, need_id, self.schema, {secret_type = typ}) |
There was a problem hiding this comment.
I'm wondering if it's necessary to keep a switch enabled by a specific querystring to retain the old behavior?
For example, when fillin_default=true, still fill in the default value? This may have some meaning for debugging, otherwise we have to rely only on the correctness of the document. Historical experience tells me that this is usually difficult.
There was a problem hiding this comment.
This is actually a question I've thought about. Let's wait for other people's comments.
There was a problem hiding this comment.
I can't think of any issues that require specifying fillin_default=true to troubleshoot, but adding this option doesn't really have any drawbacks either, making it difficult to decide.
There was a problem hiding this comment.
In terms of debugging purposes only, this PR should not be blocked, and the default value can be confirmed through the version of apisix.
|
|
||
|
|
||
| local function encrypt_conf(id, conf) | ||
| plugins_encrypt_conf(conf.plugins) |
There was a problem hiding this comment.
pls confirm it never failed
for me, I prefer return plugins_encrypt_conf(conf.plugins)
There was a problem hiding this comment.
It looks like they are the same?
There was a problem hiding this comment.
Regarding the calling method, it references the original local schema_plugin = require(“apisix.admin.plugins”).check_schema. And in the current scenario, no issues have been detected.
There was a problem hiding this comment.
In the current implementation, it will never fail:
5 participants
Description
This PR removes the logic of populating default values before writing in the admin API.
This solves the following problems:
confusion, which is clearly not best practice.
controller depends on.
Since when using GET to retrieve data from the admin API, it will be read directly from etcd, the changes introduced by this PR are compatible with the old version.
Which issue(s) this PR fixes:
Fixes #
Checklist