ApplicationAuth controller is not able to update userkey of Application when product.Spec.AuthUserKey() != nil

[vinolipartec]

When

1. we have a product with a custom authUserKey field:

apiVersion: capabilities.3scale.net/v1beta1
kind: Product
metadata:
  name: test-product
spec:
  deployment:
    apicastSelfManaged:
      authentication:
        userkey:
          authUserKey: x-api-token

2. associated with an application:

apiVersion: capabilities.3scale.net/v1beta1
kind: Application
metadata:
  name: test-app
spec:
  productCR:
    name: test-product

3. and we want to change the user_key using ApplicationAuth:

apiVersion: capabilities.3scale.net/v1beta1
kind: ApplicationAuth
metadata:
  name: test
spec:
  applicationCRName: test-app
  authSecretRef:
    name: test-secret

I expect

that the user_key of application "test-app" will be updated.

Instead

it's not updated.

Notes

1. if authUserKey == user_key or is not set, update works
2. the operator uses authUserKey value in the PUT request, it seems that operator has a different behavior from the 3scale cli

3scale-operator/controllers/capabilities/applicationauth_controller.go

Lines 251 to 255 in 4e7d68b

	if product.Spec.AuthUserKey() == nil {
	params["user_key"] = authSecret.UserKey
	} else {
	params[*product.Spec.AuthUserKey()] = authSecret.UserKey
	}

[ioggstream]

Further information:

• Red Hat Integration - 3scale 0.12.2 provided by Red Hat
• update channel - threescale-2.15