Routing rules priority not equal to ingress object

[doryer]

Describe the bug
Lately, when upgrading from v2.4.1 to v2.6.1, we saw that our routing rules order in the ALBs was been changed. as we implement routing rules that block some specific paths, it is really important to us to keep the order equal as defined in the Ingress object to prevent security issues

Steps to reproduce
Upgrading image to v2.6.1

Expected outcome
Routing rules order not getting changed, stays equal to Ingress object defnition

Environment
Production

• AWS Load Balancer controller version
  v.2.6.1, reverting to v2.4.1 worked.
• Kubernetes version
  1.23.8
• Using EKS (yes/no), if so version?
  No

Additional Context:
When deploying the alb-controller in latest version, saw lots of logs about modifications of listeners rules, after that we got a peak on some of our load balancers and saw that our previous behavior that was

1. Respond 404 for some path
2. Then forward all traffic
   Changed to
3. Forward all traffic
4. Respond 404 to specific path ( which have no meaning when rule number 1 forwarding all traffic )

[oliviassss]

@doryer, Hi, we had this fix (#2409) from v2.4.3 to sort the ingress rules per the upstream standard.
The current sorting algorithm is:

• all exact match paths come first, no need to sort since exact match has to be unique
• followed by prefix paths, sort by lengths - longer paths get precedence
• followed by ImplementationSpecific paths or paths with no pathType specified, keep the original order

If you'd like to keep the ingress rule order the same as in the manifest, would you consider to use ImplementationSpecific path type?

[oliviassss]

I'm closing this issue for now, please feel free to reach out if any concern, thanks