[Bug]: Bad ApiKey policy causing crashloopback.

[benshalev849]

Version

3.7.0

What Kubernetes platforms are you running on?

Openshift

Steps to reproduce

We have been experimenting with the apiKey policy, when creating it wrong it causes an exception on the Nginx code and it to infinetly crash loop back.
The only fix to this is to completely delete the bad api key policy and roll out the pods, this is a major flaw and bug that can cause entire systems to go down.
This happens when the policy is defined wrong in a namespace that the nginx watches.

Steps to reproduce:

1. Create an Nginx IC and make it watch your wanted namespace
2. Create the following yaml:

apiVersion: k8s.nginx.org/v1
kind: Policy
metadata:
  name: test-crash
  namespace: <connected_namespace>
spec:
  apiKey:
    clientSecret: <some name does not matter>

Since there is no Supplied in (Which is not required in order to create the policy) this will cause the nginx to entirely crash and stop working causing downtime to all apps connected and a crashloopbackoff to those pods.

[github-actions]

Hi @benshalev849 thanks for reporting!

Be sure to check out the docs and the Contributing Guidelines while you wait for a human to take a look at this 🙂

Cheers!

[jjngx]

@benshalev849 the issue is fixed in NIC v3.7.1

[benshalev849]

@jjngx
We will test it and go back to this issue, did not find issues for this so thought it was un discovered, thank you :)

[pdabelf5]

@benshalev849 we have modified the docs for the APIKey Policy to make it clear that suppliedIn is a required field. Apologies for the confusion.

[shaun-nx]

@benshalev849 let us know if you get time to test this against v3.7.1 or later.

[shaun-nx]

@benshalev849 are you still experiencing this issue on v3.7.1?