TL;DR: can there be
jwt_secrets field on root level of declarative config file?
I am quite new to Kong. Taking over another application that uses dbless declarative config, I saw there is
jwt_secrets field on root level, next to
plugins. And Kong happily started with this config, no complains. Actually this app runs in real environment with this config, but I am not capable of validating jwt stuff actually being used.
When I decided to add schema validation to build pipeline, I discovered that in schema
jwt_secrets is declared as field of
FConsumer type, and this is also reflected in Go code.
And ofc validator with this schema gives me an error of
fail: (root): Additional property jwt_secrets is not allowed.
But a) thing is assumed to work in real env b) I have seen similar configs on forums, e.g. here
jwt_secrets root field valid, or what is the difference between having it on root level and under
prometheus plugins are involved, if that matters.