A tool for Kong to allow declarative configuration.
Simply define your list of api's and consumers in json and then run kongfig to ensure that your Kong is configured correctly.
We recommend installing Kongfig globally
npm install -g kongfig
Use our Puppet-Kongfig module to install and configure Kongfig
puppet module install mybuilder-kongfig
Read more on Kong's docs - 5-minute Quickstart
Create a config.json or config.yml file and describe your api.
---
apis:
-
name: "mockbin"
attributes:
upstream_url: "http://mockbin.com/"
request_host: "mockbin.com"
{
"apis": [
{
"name": "mockbin",
"attributes": {
"upstream_url": "http://mockbin.com/",
"request_host": "mockbin.com"
}
}
]
}
Apply this configuration using:
kongfig --path ./config.json --host localhost:8001
You should see a similar command output when applying the config:
...
POST 201 http://localhost:8001/apis
{ upstream_url: 'http://mockbin.com/',
request_host: 'mockbin.com',
name: 'mockbin' }
Response status Created:
{ upstream_url: 'http://mockbin.com/',
id: '94219b08-e70e-44a4-c4cd-bf3c9bc31ca1',
name: 'mockbin',
created_at: 1445247516000,
request_host: 'mockbin.com' }
curl -i -X GET \
--url http://localhost:8000/ \
--header 'Host: mockbin.com'
Prerequisite: Ensure any plugin you want to use has been enabled within Kong's configuration - Enabling Plugins
Update the config.json file that describes your api.
{
"apis": [
{
"name": "mockbin",
"attributes": {
"upstream_url": "http://mockbin.com/",
"request_host": "mockbin.com"
},
"plugins": [
{
"name": "key-auth"
}
]
}
]
}
Apply this configuration using:
kongfig --path ./config.json --host localhost:8001
You should see the following within the command output when applying the config:
...
POST 201 http://localhost:8001/apis/mockbin/plugins
{ name: 'key-auth' }
Response status Created:
{ api_id: '94219b08-e70e-44a4-c4cd-bf3c9bc31ca1',
id: '2e34fd09-dce2-4f5d-cf55-99bc68e19843',
created_at: 1445248597000,
enabled: true,
name: 'key-auth',
config: { key_names: [ 'apikey' ], hide_credentials: false } }
Issue the following cURL request to verify that the key-auth plugin was enabled for your API:
curl -i -X GET \
--url http://localhost:8000/ \
--header 'Host: mockbin.com'
The response should be 403 Forbidden.
We currently have support for managing a limited set of consumers i.e. internal applications and services.
If you have a finite set of your own applications that need access to your API's (i.e. a mobile app, micro-services deployed by Puppet), then the following approach will work well for you.
Currently limited to the first page of consumers (that is 100) returned by the Kong API
Declare your consumer in your config.json file
{
"apis": [
"..."
],
"consumers": [
{
"username": "iphone-app"
}
]
}
kongfig --path ./config.json --host localhost:8001
You should see the following within the command output when applying the config:
POST 201 http://localhost:8001/consumers
{ username: 'iphone-app' }
Response status Created:
{ username: 'iphone-app',
created_at: 1445251342000,
id: '3f18c498-10fe-4937-c910-3b6cb7cc7b49' }
Declare your consumer credentials in your config.json file
{
"consumers": [
{
"username": "iphone-app",
"credentials": [
{
"name": "key-auth",
"attributes": {
"key": "very-secret-key"
}
}
]
}
]
}
You should see the following within the command output when applying the config:
...
POST 201 http://localhost:8001/consumers/iphone-app/key-auth
{ key: 'very-secret-key' }
Response status Created:
{ created_at: 1445251445000,
consumer_id: '3f18c498-10fe-4937-c910-3b6cb7cc7b49',
key: 'very-secret-key',
id: 'feb787a9-fc44-47b3-c743-7575ef6a65a5' }
curl -i -X GET \
--url http://localhost:8000 \
--header "Host: mockbin.com" \
--header "apikey: very-secret-key"
You can alternatively specify the desired host in the configuration file itself, like so:
{
"host": "localhost:8001",
"apis": [
"..."
]
}
You are able to ensure that previous declarations have been removed, like so:
{
"apis": [
{
"name": "mockbin",
"ensure": "removed"
}
]
}
Created by MyBuilder - Check out our blog for more information and our other open-source projects.
FAQs
A tool for Kong to allow declarative configuration.
The npm package kongfig receives a total of 54 weekly downloads. As such, kongfig popularity was classified as not popular.
We found that kongfig demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Company News
Socket is joining TC54 to help develop standards for software supply chain security, contributing to the evolution of SBOMs, CycloneDX, and Package URL specifications.
Security News
PyPI now allows maintainers to archive projects, improving security and helping users make informed decisions about their dependencies.
Research
Security News
Malicious npm package postcss-optimizer delivers BeaverTail malware, targeting developer systems; similarities to past campaigns suggest a North Korean connection.