deck file openapi2kong
Convert OpenAPI files to Kong’s decK format.
Important: Due to compatibility issues with the older
inso
tool, we strongly recommend using the--inso-compatible
flag when converting OpenAPI files.
The example file at Kong/go-apiops
has extensive annotations explaining the conversion process, as well as all supported
custom annotations (x-kong-...
directives).
Syntax
deck file openapi2kong [command-specific flags] [global flags]
Examples
# Convert an OAS file, adding 2 tags, with inso compatibility enabled
cat service_oas.yml | deck file openapi2kong --inso-compatible --select-tag=serviceA,teamB
Flags
--format
- Output format: yaml or json. (Default:
"yaml"
) --generate-security
- Generate OpenIDConnect plugins from the security directives. (Default:
false
) -
-h
,--help
- Help for openapi2kong.
--ignore-security-errors
- Ignore errors for unsupported security schemes. (Default:
false
) -
-i
,--inso-compatible
- This flag will enable Inso compatibility. The generated entity names will be the same, and no
id
fields will be generated. (Default:false
) --no-id
- Setting this flag will skip UUID generation for entities (no
id
fields will be added, implicit if--inso-compatible
is set). (Default:false
) -
-o
,--output-file
- Output file to write to. Use
-
to write to stdout. (Default:"-"
) --select-tag
- Select tags to apply to all entities. If omitted, uses the
"x-kong-tags"
directive from the file. -
-s
,--spec
- OpenAPI spec file to process. Use
-
to read from stdin. (Default:"-"
) --uuid-base
- The unique base-string for uuid-v5 generation of entity IDs. If omitted,
uses the root-level
"x-kong-name"
directive, or falls back toinfo.title
.
Global flags
--analytics
- Share anonymized data to help improve decK.
Use
--analytics=false
to disable this. (Default:true
) --ca-cert
- Custom CA certificate (raw contents) to use to verify Kong’s Admin TLS certificate.
This value can also be set using DECK_CA_CERT environment variable.
This takes precedence over
--ca-cert-file
flag. --ca-cert-file
- Path to a custom CA certificate to use to verify Kong’s Admin TLS certificate. This value can also be set using DECK_CA_CERT_FILE environment variable.
--config
- Config file (default is $HOME/.deck.yaml).
--headers
- HTTP headers (key:value) to inject in all requests to Kong’s Admin API. This flag can be specified multiple times to inject multiple headers.
--kong-addr
- HTTP address of Kong’s Admin API.
This value can also be set using the environment variable DECK_KONG_ADDR
environment variable. (Default:
"http://localhost:8001"
) --kong-cookie-jar-path
- Absolute path to a cookie-jar file in the Netscape cookie format for auth with Admin Server. You may also need to pass in as header the User-Agent that was used to create the cookie-jar.
--konnect-addr
- Address of the Konnect endpoint. (Default:
"https://us.api.konghq.com"
) --konnect-token
- Token associated with your Konnect account. This takes precedence over the
--konnect-token-file
flag. --konnect-token-file
- File containing the token associated with your Konnect account.
--konnect-control-plane-name
- Konnect control plane name.
--no-color
- Disable colorized output (Default:
false
) --skip-workspace-crud
- Skip API calls related to Workspaces (Kong Gateway Enterprise only). (Default:
false
) --timeout
- Set a request timeout for the client to connect with Kong (in seconds). (Default:
10
) --tls-client-cert
- PEM-encoded TLS client certificate to use for authentication with Kong’s Admin API. This value can also be set using DECK_TLS_CLIENT_CERT environment variable. Must be used in conjunction with tls-client-key
--tls-client-cert-file
- Path to the file containing TLS client certificate to use for authentication with Kong’s Admin API. This value can also be set using DECK_TLS_CLIENT_CERT_FILE environment variable. Must be used in conjunction with tls-client-key-file
--tls-client-key
- PEM-encoded private key for the corresponding client certificate . This value can also be set using DECK_TLS_CLIENT_KEY environment variable. Must be used in conjunction with tls-client-cert
--tls-client-key-file
- Path to file containing the private key for the corresponding client certificate. This value can also be set using DECK_TLS_CLIENT_KEY_FILE environment variable. Must be used in conjunction with tls-client-cert-file
--tls-server-name
- Name to use to verify the hostname in Kong’s Admin TLS certificate. This value can also be set using DECK_TLS_SERVER_NAME environment variable.
--tls-skip-verify
- Disable verification of Kong’s Admin TLS certificate.
This value can also be set using DECK_TLS_SKIP_VERIFY environment variable. (Default:
false
) --verbose
- Enable verbose logging levels
Setting this value to 2 outputs all HTTP requests/responses
between decK and Kong. (Default:
0
)
See also
File subcommands:
- deck file add-plugins - Add plugins to objects in a decK file
- deck file add-tags - Add tags to objects in a decK file
- deck file convert - Convert files from one format into another format
- deck file kong2kic - Convert decK state files to Kong Ingress Controller kubernetes manifests.
- deck file kong2tf - Convert decK state files to Terraform resources.
- deck file lint - Validate a file against a ruleset
- deck file list-tags - List current tags from objects in a decK file
- deck file merge - Merge multiple decK files into one
- deck file namespace - Apply a namespace to routes in a decK file by prefixing the path.
- deck file openapi2kong - Convert OpenAPI specifications to Kong’s decK format
- deck file patch - Apply patches on top of a decK file
- deck file remove-tags - Remove tags from objects in a decK file
- deck file render - Combines multiple complete configuration files and renders them as one Kong declarative config file.
- deck file validate - Locally validates the state file for basic structure or relationship errors.