Reusing resources in Apigee proxies
Most of the time we come across repetitive policy patterns in proxies in APIGEE. Like Spike Arrest, oAuth token verification, Quota Checks etc.
Apigee provides different abstraction level of resources, at the organisation level or the environment or proxy levels.
Why/how can we reuse different artefacts in APIGEE?
- reduce development time by preventing effort duplication
- promote standards across API policies and development teams, e.g. in security and traffic management
- increase maintainability across all API proxies by managing common configuration or code in a central place
Apigee has different deployment procedures with different toolings such as:
- Apigee node tool
- Python deployment tool
- Maven deployment tool
- Grunt deployment tool
Out of all above, I found Maven deployment tool to be most powerful and configurable as per your need.
More details of the same can be found in Readme here.
For reuse of the artefacts, they have a maven plugin, Maven Dependancy Resolution plugin.
Maven Proxy Dependency Plugin
- The Proxy Dependency Plugin is an open source maven plugin that allows a common code project to be used to store common policies and resource files.
- Flow fragments can be configured, to define a sequence of steps that can be reused in other proxies. For example, a Common Security flow fragment may contain policies to Verify an Access Token, Strip the Authorization header and define a Spike Arrest.
- The Common Code bundle should be placed in its own repository.
- In order to manage multiple versions, branches can be used and the build tool can be used to check out the correct version of the common code for a given proxy.
Another greater way of reuse is GIT submodules. Using GIT submodules you can use a repository as a common repository and include in other repositories as a submodule.
- Git Submodules can be used to define a dependency between an API Proxy repository and a Common Code repository.
- Maven or a similar build tool will ensure that the correct commit of the common repository is checked out, will merge the API proxy directories of the given proxy and common code before continuing the deployment as normal.
- Git submodules allow a specific commit to be used, so its is easy to use different versions of the common code with each API Proxy.
- This approach only allows files to be shared, and Flow Fragments cannot be defined.
An example of using Git Submodules and Maven Dependancy plugin check this repository.