Add feature flags to enable/disable compat APIs

[EricWittmann]

We have our core API, which should always be enabled. But it would be useful to be able to disable access to the various compatibility APIs we support: ccompat, ibmcompat, cncf

[famarting]

How should we implement this? The ideas I have:

• specific named flags to disable each api , i.e. DISABLE_CCOMPAT_API=true or as system property disable.cncf.api=true
• disable list by path, i.e. DISABLE_APIS=/apis/ccompat,/apis/cncf

@Apicurio/developers wdyt?

[jsenko]

I don't have a strong preference, but here are pros/cons I can think of:

1. Pros: Users can see exactly what APIs can be disabled by finding the available properties, it may be easier for automated tools (e.g. if the operator supports this in the future), Cons: Users have to find the available properties :) and set them individually, there may be a lot of them (if you include specific versions).
2. Pros: Flexible & easy to use, Cons: Uses may want to try disabling core API or subpaths e.g. /apis/core/v1/admin, or accidentally provide illegal input. If the API path changes (though this is not expected) the property needs to be updated.

[jsenko]

Alternatively, we can do number 2, but use API names instead of paths. But that would prevent disabling versions if we want to allow that.

[carlesarnal]

I have a slight preference for 1 since I think that 2 would be more error-prone.

[EricWittmann]

I actually like (2) best for its flexibility. It could be used for more than just disabling of APIs. It could disable subpaths only (as Jakub mentioned), it could disable the UI, it could disable the apidocs, etc. So I think my vote is actually for (2), implemented in a very generic way:

1. Configure a single property with a list of paths (regexp?)
2. If a request matches a path in that list, immediately return a 404

Done and done. :)