You are browsing unreleased documentation. See the latest documentation here.
deck gateway diff
The diff command is similar to a dry run of the deck gateway sync
command.
It loads entities from Kong and performs a diff with the entities in local files. This allows you to see the entities that will be created, updated, or deleted.
deck gateway diff
is the replacement fordeck diff
.
Indeck gateway diff
, the following has changed:
- Files changed to positional arguments without the
-s/--state
flag- The default write location changed from
kong.yaml
to-
(stdin/stdout)
Syntax
deck gateway diff [filename] [command-specific flags] [global flags]
Flags
-
-h
,--help
- help for diff
--json-output
- generate command execution report in a JSON format (Default:
false
) --no-mask-deck-env-vars-value
- do not mask DECK_ environment variable values in the diff output. (Default:
false
) --non-zero-exit-code
- return exit code 2 if there is a diff present,
exit code 0 if no diff is found,
and exit code 1 if an error occurs. (Default:
false
) --parallelism
- Maximum number of concurrent operations. (Default:
10
) --rbac-resources-only
- sync only the RBAC resources (Kong Gateway Enterprise only). (Default:
false
) --select-tag
- only entities matching tags specified via this flag are diffed. When this setting has multiple tag values, entities must match each of them.
--silence-events
- disable printing events to stdout (Default:
false
) --skip-ca-certificates
- do not diff CA certificates. (Default:
false
) --skip-consumers
- do not diff consumers or any plugins associated with consumers (Default:
false
) -
-w
,--workspace
- Diff configuration with a specific workspace (Kong Gateway Enterprise only). This takes precedence over _workspace fields in state files.
Global flags
--analytics
- Share anonymized data to help improve decK.
Use
--analytics=false
to disable this. (Default:true
) --ca-cert
- Custom CA certificate (raw contents) to use to verify Kong’s Admin TLS certificate.
This value can also be set using DECK_CA_CERT environment variable.
This takes precedence over
--ca-cert-file
flag. --ca-cert-file
- Path to a custom CA certificate to use to verify Kong’s Admin TLS certificate. This value can also be set using DECK_CA_CERT_FILE environment variable.
--config
- Config file (default is $HOME/.deck.yaml).
--headers
- HTTP headers (key:value) to inject in all requests to Kong’s Admin API. This flag can be specified multiple times to inject multiple headers.
--kong-addr
- HTTP address of Kong’s Admin API.
This value can also be set using the environment variable DECK_KONG_ADDR
environment variable. (Default:
"http://localhost:8001"
) --kong-cookie-jar-path
- Absolute path to a cookie-jar file in the Netscape cookie format for auth with Admin Server. You may also need to pass in as header the User-Agent that was used to create the cookie-jar.
--konnect-addr
- Address of the Konnect endpoint. (Default:
"https://us.api.konghq.com"
) --konnect-token
- Token associated with your Konnect account. This takes precedence over the
--konnect-token-file
flag. --konnect-token-file
- File containing the token associated with your Konnect account.
--konnect-control-plane-name
- Konnect control plane name.
--no-color
- Disable colorized output (Default:
false
) --skip-workspace-crud
- Skip API calls related to Workspaces (Kong Gateway Enterprise only). (Default:
false
) --timeout
- Set a request timeout for the client to connect with Kong (in seconds). (Default:
10
) --tls-client-cert
- PEM-encoded TLS client certificate to use for authentication with Kong’s Admin API. This value can also be set using DECK_TLS_CLIENT_CERT environment variable. Must be used in conjunction with tls-client-key
--tls-client-cert-file
- Path to the file containing TLS client certificate to use for authentication with Kong’s Admin API. This value can also be set using DECK_TLS_CLIENT_CERT_FILE environment variable. Must be used in conjunction with tls-client-key-file
--tls-client-key
- PEM-encoded private key for the corresponding client certificate . This value can also be set using DECK_TLS_CLIENT_KEY environment variable. Must be used in conjunction with tls-client-cert
--tls-client-key-file
- Path to file containing the private key for the corresponding client certificate. This value can also be set using DECK_TLS_CLIENT_KEY_FILE environment variable. Must be used in conjunction with tls-client-cert-file
--tls-server-name
- Name to use to verify the hostname in Kong’s Admin TLS certificate. This value can also be set using DECK_TLS_SERVER_NAME environment variable.
--tls-skip-verify
- Disable verification of Kong’s Admin TLS certificate.
This value can also be set using DECK_TLS_SKIP_VERIFY environment variable. (Default:
false
) --verbose
- Enable verbose logging levels
Setting this value to 2 outputs all HTTP requests/responses
between decK and Kong. (Default:
0
)
See also
Gateway subcommands:
- deck gateway diff - Performs a diff to determine the differences between the current entities in Kong and the ones on disk.
- deck gateway dump - Export Kong configuration to a file
- deck gateway ping - Verify connectivity with Kong
- deck gateway reset - Deletes all entities in Kong
- deck gateway sync - Sync performs operations to get Kong’s configuration to match the state file
- deck gateway validate - Validate the state file