feat(admin): make /configs/validate available in all modes#13220
Open
nic-6443 wants to merge 10 commits intoapache:masterfrom
Open
feat(admin): make /configs/validate available in all modes#13220nic-6443 wants to merge 10 commits intoapache:masterfrom
nic-6443 wants to merge 10 commits intoapache:masterfrom
Conversation
Extract batch configuration validation logic from standalone.lua into a new shared module (admin/config_validate.lua) and register the POST /apisix/admin/configs/validate endpoint for etcd mode as well. Previously this endpoint was only available in standalone (yaml) mode. Clients using etcd mode (e.g., ADC, Ingress Controller) had no way to perform batch validation that includes plugin check_schema() advanced checks (cross-field constraints, regex compilation, expression parsing, recursive sub-plugin validation, etc.). Changes: - New module: apisix/admin/config_validate.lua Owns validate_configuration(), check_conf(), check_duplicate(), and the validate() HTTP handler. Shared by both standalone and etcd modes. - standalone.lua: delegates to config_validate module, removing ~140 lines of duplicated logic while keeping standalone-specific code (get/update/head, patch_schema, config sync). - init.lua: registers POST /apisix/admin/configs/validate in the etcd mode route table, placed before the wildcard route for correct matching priority.
dosubot
bot
added
size:XL
There was a problem hiding this comment.
Pull request overview
Enables POST /apisix/admin/configs/validate in etcd mode (in addition to standalone/YAML mode) by extracting the shared batch-validation logic into a reusable module and wiring the route in the etcd-mode Admin API router.
Changes:
- Add
apisix/admin/config_validate.luato host shared declarative-config validation logic (schema + plugincheck_schema()checks, duplicate detection, collect-all errors). - Refactor
apisix/admin/standalone.luato delegate validation to the new module. - Register
POST /apisix/admin/configs/validateinapisix/admin/init.luaso it works in etcd mode; add a new test suite.
Reviewed changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated 6 comments.
| File | Description |
|---|---|
apisix/admin/config_validate.lua |
New shared module implementing request parsing + batch validation across resource types. |
apisix/admin/standalone.lua |
Removes duplicated validation code and calls into config_validate. |
apisix/admin/init.lua |
Adds the validate endpoint route to etcd-mode router (before wildcard). |
t/admin/config-validate.t |
Adds coverage for the validate endpoint success/error scenarios. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
dosubot
bot
added
size:XXL
- Wrap check_conf in pcall to prevent checker crashes from returning 500 - Change invalid request body log level from error to warn - Fix cors test assertion to match actual error message - Simplify mixed resource test to avoid fragile assumptions
…use tostring for err_msg
TEST 12 and 16 receive 500 HTML instead of expected 400 JSON. Added defensive pcall around json.decode in tests plus warn-level debug logging to capture the actual response when status != 400. Also added JSON-serializable guard in validate() handler.
The upstream schema 'type' field has no enum constraint (just string with default 'roundrobin'), so 'invalid_type' passes validation. Use 'chash' type with missing key to trigger a real validation error.
- Return {} on success instead of empty body
- Add resource_id field to error objects
- Remove redundant 'invalid X at index N' prefix from error messages
(index is already a separate field in the error object)
- Update test assertions accordingly
Remove 'invalid X at index N, err: ' prefix from expected error messages in both PUT /configs and POST /configs/validate tests.
nic-6443
requested review from
AlinsRan,
Baoyuantop,
bzp2010,
membphis,
moonming and
shreemaan-abhishek
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
The
POST /apisix/admin/configs/validateendpoint currently only works in standalone (YAML) mode. This PR makes it available in etcd mode as well, so clients can perform batch configuration validation that includes plugincheck_schema()advanced checks regardless of the deployment mode.Changes
New module:
apisix/admin/config_validate.luaExtracts the shared validation logic (validate_configuration, check_conf, check_duplicate, validate handler) from standalone.lua into a reusable module.
Modified:
apisix/admin/standalone.luaDelegates to the new config_validate module, removing ~140 lines of duplicated code while keeping standalone-specific logic (get/update/head, patch_schema, config sync).
Modified:
apisix/admin/init.luaRegisters
POST /apisix/admin/configs/validatein the etcd mode route table, placed before the wildcard route for correct matching priority.Response Format
Success (200):
{}Failure (400):
{ "error_msg": "Configuration validation failed", "errors": [ { "resource_type": "routes", "resource_id": "route-1", "index": 0, "error": "failed to check the configuration of plugin cors err: ..." } ] }Each error object includes
resource_type,resource_id,index(0-based), anderror(raw validator message).Why
Clients using etcd mode (e.g., ADC
adc lint, Ingress Controller, CI pipelines) had no way to perform server-side batch validation that includes advanced plugin checks (cross-field constraints, regex compilation, expression parsing, recursive sub-plugin validation, etc.). The static JSON Schema from the schema API does not cover these checks, leading to situations where local lint passes but server-side sync fails.This endpoint accepts the same declarative config format as standalone mode and returns all validation errors at once (collect-all mode), making it suitable for lint-style workflows.