3scale-operator icon indicating copy to clipboard operation
3scale-operator copied to clipboard
verified publisher icon 3scale

ApplicationAuth controller is not able to update userkey of Application when product.Spec.AuthUserKey() != nil

Open vinolipartec opened this issue 9 months ago • 5 comments

When

  1. we have a product with a custom authUserKey field:
apiVersion: capabilities.3scale.net/v1beta1
kind: Product
metadata:
  name: test-product
spec:
  deployment:
    apicastSelfManaged:
      authentication:
        userkey:
          authUserKey: x-api-token
  1. associated with an application:
apiVersion: capabilities.3scale.net/v1beta1
kind: Application
metadata:
  name: test-app
spec:
  productCR:
    name: test-product
  1. and we want to change the user_key using ApplicationAuth:
apiVersion: capabilities.3scale.net/v1beta1
kind: ApplicationAuth
metadata:
  name: test
spec:
  applicationCRName: test-app
  authSecretRef:
    name: test-secret

I expect

that the user_key of application "test-app" will be updated.

Instead

it's not updated.

Notes

  1. if authUserKey == user_key or is not set, update works
  2. the operator uses authUserKey value in the PUT request, it seems that operator has a different behavior from the 3scale cli

https://github.com/3scale/3scale-operator/blob/4e7d68b1cc2068d8f78e3506af35f6170c672f66/controllers/capabilities/applicationauth_controller.go#L251-L255

vinolipartec avatar Mar 20 '25 10:03 vinolipartec

Further information:

  • Red Hat Integration - 3scale 0.12.2 provided by Red Hat
  • update channel - threescale-2.15

ioggstream avatar Mar 20 '25 11:03 ioggstream

We are also running into the issue in 11884 when trying to set the app-id and it's a pretty big blocker. Are there timelines about when the fix might be merged and ready on openshift? Thank you.

dcheng1248 avatar Oct 17 '25 10:10 dcheng1248

@dcheng1248 The current plan is 2.17. Depending on the extent of the changes needed, we will decide whether or not to backport to 2.16

tkan145 avatar Oct 22 '25 02:10 tkan145

@tkan145 thank you for the information. Is inclusion of app-id/app-key also planned for 2.17? This is also covered in issue-1042.

If it is helpful, I'd be happy to do a PR for that. We quite need this for our workflow. Thanks a lot!

dcheng1248 avatar Oct 27 '25 16:10 dcheng1248

@dcheng1248 yes inclusion of app-id/app-key is also currently planed for 2.17.

Thanks for the offer, however we need to merge a few things before we can review #1042. I'll contact you for a review once the PR is up (soon).

tkan145 avatar Nov 05 '25 01:11 tkan145