graphql-execute

Use the graphql-execute policy to execute a GraphQL query by using sub-queries.

Gateway support

Table 1. Table showing which gateways support this policy, and the corresponding policy version
Gateway Policy version
DataPower® API Gateway 2.0.0 (DataPower API Gateway Version 10.0.4.0 and later)

2.1.0 (DataPower API Gateway Version 10.5.2.0 and later)

This topic describes how to configure the policy in your OpenAPI source; for details on how to configure the policy in the assembly user interface, see GraphQL Execute.

About

The graphql-execute policy executes a GraphQL query by using sub-queries. The policy splits up the original GraphQL query into different sub-queries that can then be processed in different ways. The graphql-execute policy supports the following four different sub-queries as targets:
  1. root; contains the core GraphQL query that you want to invoke on the backend.
  2. __introspection; contains the introspection query that can be processed locally on the DataPower API Gateway without having to invoke the backend.
  3. __rateLimit; contains the __rateLimit query that specifies the different rate limit data that you want to receive.
  4. __cost; contains the __cost query that specifies the different cost data that you want to receive. This query must be in the format that is specified in the IBM GraphQL Cost Directives specification, see Introspection of Cost Analysis Results: __cost.
The root, __rateLimit, and __introspection targets can be executed in any order, or at the same time. The __cost target can be executed at any time if no response data is expected. If response data is expected, then the __cost target is executed after the root target in order to accurately return correct response cost data. After all the targets are executed, the graphql-execute policy combines all of the responses together. To enable the responses of the individual targets to be correctly merged with each other into a final, single response, the graphql-execute policy must include all of the introspection types that are associated with each level of the response data.
The graphql-execute policy has the following format:
- graphql-execute:
    version: version
    title: title
    description: description
    targets: 
      - execute: []
        catch:
        - execute: []
          otherwise: []

Properties

Table 2. graphql-execute policy properties
Property Required Description Data type
version Yes The policy version number. string
title No The title of the policy. string
description No A description of the policy. string
targets No The targets for the sub-queries. Valid values are:
  • root; contains the core GraphQL query that you want to invoke on the backend.
  • __introspection; contains the introspection query that can be processed locally on the DataPower API Gateway without having to invoke the backend.
  • __rateLimit; contains the __rateLimit query that specifies the different rate limit data that you want to receive.
  • __cost; contains the __cost query that specifies the different cost data that you want to receive. This query must be in the format that is specified in the IBM GraphQL Cost Directives specification, see Introspection of Cost Analysis Results: __cost.
string

Example

The following example shows a graphql-execute policy that includes all of the available targets.
                          - graphql-execute:
                              title: GraphQL execute
                              version: 2.1.0
                              allowCostIntrospection: false
                              targets:
                                - target: root
                                  execute:
                                    - validate:
                                        input: message
                                        version: 2.7.0
                                        validate-against: graphql
                                        description: >-
                                          Validate the GraphQL query and analyze
                                          the expected cost
                                        title: validate & analyze
                                    - ratelimit:
                                        version: 2.4.0
                                        title: ratelimit expected
                                        description: >-
                                          Consume expected cost of query from rate
                                          limits
                                        rate-limit:
                                          - name: graphql-type-cost
                                            operation: consume
                                          - name: graphql-field-cost
                                            operation: consume
                                        burst-limit: []
                                        source: plan-named
                                    - invoke:
                                        cache-ttl: 900
                                        graphql-send-type: detect
                                        parameter-control:
                                          type: allowlist
                                          values: []
                                        http-version: HTTP/1.1
                                        header-control:
                                          type: allowlist
                                          values:
                                            - User-Agent
                                            - X-Client-IP
                                            - X-Global-Transaction-ID
                                            - Content-Type
                                        chunked-uploads: true
                                        verb: keep
                                        stop-on-error:
                                          - ConnectionError
                                          - SOAPError
                                          - OperationError
                                        websocket-upgrade: false
                                        description: Invoke the backend GraphQL server
                                        compression: false
                                        title: graphql-invoke
                                        target-url: >-
                                          https://swapi-graphql.netlify.app/.netlify/functions/index
                                        backend-type: graphql
                                        version: 2.3.0
                                        cache-response: protocol
                                        timeout: 60
                                    - parse:
                                        title: parse
                                        version: 2.0.0
                                        description: >-
                                          Parse the response from the GraphQL
                                          backend server
                                        parse-settings-reference:
                                          default: apic-default-parsesettings
                                    - validate:
                                        input: message
                                        version: 2.7.0
                                        validate-against: graphql
                                        description: >-
                                          Validate the returned JSON and analyze
                                          the real cost
                                        title: validate & analyze
                                    - ratelimit:
                                        version: 2.4.0
                                        title: ratelimit actual
                                        description: >-
                                          Replenish over-estimated cost
                                          (determined from response) to rate
                                          limits
                                        rate-limit:
                                          - name: graphql-type-cost
                                            operation: replenish
                                          - name: graphql-field-cost
                                            operation: replenish
                                        burst-limit: []
                                        source: plan-named
                                  catch:
                                    - execute: []
                                      errors:
                                        - ConnectionError
                                - target: __introspection
                                  execute:
                                    - ratelimit:
                                        source: plan-named
                                        version: 2.4.0
                                        description: >-
                                          Apply design-time rate limit for
                                          introspection query
                                        title: ratelimit design-time
                                        burst-limit: []
                                        rate-limit:
                                          - operation: consume
                                            name: graphql-design-request
                                    - validate:
                                        input: message
                                        version: 2.7.0
                                        validate-against: graphql
                                        description: >-
                                          Validate the GraphQL query and analyze
                                          the expected cost
                                        title: validate & analyze
                                    - graphql-introspect:
                                        input: message
                                        version: 2.0.0
                                        description: >-
                                          Introspect the GraphQL schema using the
                                          query
                                        title: graphql-introspect
                                - target: __rateLimit
                                  execute:
                                    - ratelimit:
                                        version: 2.4.0
                                        title: ratelimit design-time
                                        description: >-
                                          Apply design-time rate limit for
                                          ratelimitinfo
                                        rate-limit:
                                          - name: graphql-design-request
                                            operation: consume
                                        burst-limit: []
                                        source: plan-named
                                    - validate:
                                        version: 2.7.0
                                        validate-against: graphql
                                        title: validate & analyze
                                        input: message
                                        description: Validate the GraphQL query
                                    - ratelimitinfo:
                                        version: 2.0.0
                                        title: ratelimitinfo
                                        input: message
                                - target: __cost
                                  execute:
                                    - ratelimit:
                                        version: 2.4.0
                                        title: ratelimit design-time
                                        description: >-
                                          Apply design-time rate limit for
                                          ratelimitinfo
                                        rate-limit:
                                          - name: graphql-design-request
                                            operation: consume
                                        burst-limit: []
                                        source: plan-named
                                    - validate:
                                        version: 2.7.0
                                        title: validate & analyze
                                        input: message
                                        validate-against: graphql
                                        description: Validate the GraphQL query
                                    - graphql-cost-analysis:
                                        version: 2.0.0
                                        title: graphql cost analysis
                                        input: message
                                        target: graphql_execute_args