kayx23 opened a new issue, #2757: URL: https://github.com/apache/apisix-ingress-controller/issues/2757
## Summary Please triage whether `ApisixConsumer` should support attaching consumer-scoped plugins beyond authentication. ## Current behavior `ApisixConsumer` currently models consumer auth through `authParameter`, but does not provide a general `plugins` field for configuring additional consumer-scoped plugins. From the current code: - `ApisixConsumerSpec` only contains `authParameter` - the translator builds consumer plugins from the supported auth entries in `authParameter` This means consumer-level use cases that depend on non-auth plugins cannot currently be expressed through `ApisixConsumer`. ## User-facing use cases blocked today Examples of consumer-scoped behavior that are useful to configure at the consumer level: - applying rate limiting per consumer, such as `limit-count` or `limit-req` - attaching ACL-style behavior to a consumer - attaching decryption or other consumer-bound plugin behavior when the APISIX plugin supports consumer binding - attaching future consumer-scoped plugins without needing one-off CRD changes per auth type In practice, the current model works for auth credential management, but not for broader consumer policy management. ## Why this may be worth supporting A generic consumer plugin model would make `ApisixConsumer` more consistent with how routes, plugin configs, and APISIX itself can attach plugins to different resource scopes. It would also avoid the current situation where only a narrow set of auth-specific consumer use cases are representable through the CRD. ## Code context The current limitation appears to come from the CRD and translation model rather than only from validation: - `api/v2/apisixconsumer_types.go`: `ApisixConsumerSpec` only defines `authParameter` - `internal/adc/translator/apisixconsumer.go`: translation only maps supported auth config into consumer plugins - `config/crd/bases/apisix.apache.org_apisixconsumers.yaml`: generated schema reflects the same auth-only model ## Request Please help triage whether AIC should support a generic way to attach consumer-scoped plugins in `ApisixConsumer`. I am not assuming this must be supported immediately; the goal is to capture the gap and let the maintainers evaluate demand, scope, and API shape. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
