From 906dc2c957c87e02f202db3a01e989655f042b85 Mon Sep 17 00:00:00 2001 From: KevFan Date: Thu, 14 Mar 2024 13:08:07 +0000 Subject: [PATCH] refactor: use default limits field for rlp controller tests --- api/v1beta2/ratelimitpolicy_types.go | 8 +- ...adrant-operator.clusterserviceversion.yaml | 2 +- .../kuadrant.io_ratelimitpolicies.yaml | 292 ++++++++++-------- .../bases/kuadrant.io_ratelimitpolicies.yaml | 292 ++++++++++-------- .../ratelimitpolicy_controller_test.go | 4 +- 5 files changed, 326 insertions(+), 272 deletions(-) diff --git a/api/v1beta2/ratelimitpolicy_types.go b/api/v1beta2/ratelimitpolicy_types.go index 2f5457a5e..ce3a3a576 100644 --- a/api/v1beta2/ratelimitpolicy_types.go +++ b/api/v1beta2/ratelimitpolicy_types.go @@ -127,15 +127,17 @@ type RateLimitPolicySpec struct { // +kubebuilder:validation:XValidation:rule="self.kind == 'HTTPRoute' || self.kind == 'Gateway'",message="Invalid targetRef.kind. The only supported values are 'HTTPRoute' and 'Gateway'" TargetRef gatewayapiv1alpha2.PolicyTargetReference `json:"targetRef"` - // Defaults define explicit default values for this policy and for policies inheriting this policy + // Defaults define explicit default values for this policy and for policies inheriting this policy. + // Defaults are mutually exclusive with implicit defaults defined by CommonSpec. // +optional Defaults CommonSpec `json:"defaults,omitempty"` - // Implicit default + // CommonSpec defines implicit default values for this policy and for policies inheriting this policy. + // CommonSpec is mutually exclusive with explicit defaults defined by Defaults. CommonSpec `json:""` } -// CommonSpec contains fields +// CommonSpec contains common shared fields. type CommonSpec struct { // Limits holds the struct of limits indexed by a unique name // +optional diff --git a/bundle/manifests/kuadrant-operator.clusterserviceversion.yaml b/bundle/manifests/kuadrant-operator.clusterserviceversion.yaml index 97b80d87b..244df8647 100644 --- a/bundle/manifests/kuadrant-operator.clusterserviceversion.yaml +++ b/bundle/manifests/kuadrant-operator.clusterserviceversion.yaml @@ -106,7 +106,7 @@ metadata: capabilities: Basic Install categories: Integration & Delivery containerImage: quay.io/kuadrant/kuadrant-operator:latest - createdAt: "2024-03-13T11:55:14Z" + createdAt: "2024-03-14T15:29:50Z" operators.operatorframework.io/builder: operator-sdk-v1.32.0 operators.operatorframework.io/project_layout: go.kubebuilder.io/v3 repository: https://github.com/Kuadrant/kuadrant-operator diff --git a/bundle/manifests/kuadrant.io_ratelimitpolicies.yaml b/bundle/manifests/kuadrant.io_ratelimitpolicies.yaml index fa1345dfd..d4cf856fd 100644 --- a/bundle/manifests/kuadrant.io_ratelimitpolicies.yaml +++ b/bundle/manifests/kuadrant.io_ratelimitpolicies.yaml @@ -68,23 +68,25 @@ spec: description: RateLimitPolicySpec defines the desired state of RateLimitPolicy properties: defaults: - description: Defaults define explicit default values for this policy - and for policies inheriting this policy + description: |- + Defaults define explicit default values for this policy and for policies inheriting this policy. + Defaults are mutually exclusive with implicit defaults defined by CommonSpec. properties: limits: additionalProperties: description: Limit represents a complete rate limit configuration properties: counters: - description: Counters defines additional rate limit counters - based on context qualifiers and well known selectors TODO - Document properly "Well-known selector" https://github.com/Kuadrant/architecture/blob/main/rfcs/0001-rlp-v2.md#well-known-selectors + description: |- + Counters defines additional rate limit counters based on context qualifiers and well known selectors + TODO Document properly "Well-known selector" https://github.com/Kuadrant/architecture/blob/main/rfcs/0001-rlp-v2.md#well-known-selectors items: - description: 'ContextSelector defines one item from the - well known attributes Attributes: https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/advanced/attributes + description: |- + ContextSelector defines one item from the well known attributes + Attributes: https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/advanced/attributes Well-known selectors: https://github.com/Kuadrant/architecture/blob/main/rfcs/0001-rlp-v2.md#well-known-selectors They are named by a dot-separated path (e.g. request.path) - Example: "request.path" -> The path portion of the URL' + Example: "request.path" -> The path portion of the URL maxLength: 253 minLength: 1 type: string @@ -104,8 +106,9 @@ spec: a given period of time type: integer unit: - description: 'Duration defines the time uni Possible - values are: "second", "minute", "hour", "day"' + description: |- + Duration defines the time uni + Possible values are: "second", "minute", "hour", "day" enum: - second - minute @@ -122,92 +125,102 @@ spec: description: RouteSelectors defines semantics for matching an HTTP request based on conditions items: - description: RouteSelector defines semantics for matching - an HTTP request based on conditions https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec + description: |- + RouteSelector defines semantics for matching an HTTP request based on conditions + https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec properties: hostnames: - description: Hostnames defines a set of hostname that - should match against the HTTP Host header to select - a HTTPRoute to process the request https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec + description: |- + Hostnames defines a set of hostname that should match against the HTTP Host header to select a HTTPRoute to process the request + https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec items: - description: "Hostname is the fully qualified domain - name of a network host. This matches the RFC 1123 - definition of a hostname with 2 notable exceptions: - \n 1. IPs are not allowed. 2. A hostname may be - prefixed with a wildcard label (`*.`). The wildcard - label must appear by itself as the first label. - \n Hostname can be \"precise\" which is a domain - name without the terminating dot of a network - host (e.g. \"foo.example.com\") or \"wildcard\", - which is a domain name prefixed with a single - wildcard label (e.g. `*.example.com`). \n Note - that as per RFC1035 and RFC1123, a *label* must - consist of lower case alphanumeric characters - or '-', and must start and end with an alphanumeric - character. No other punctuation is allowed." + description: |- + Hostname is the fully qualified domain name of a network host. This matches + the RFC 1123 definition of a hostname with 2 notable exceptions: + + + 1. IPs are not allowed. + 2. A hostname may be prefixed with a wildcard label (`*.`). The wildcard + label must appear by itself as the first label. + + + Hostname can be "precise" which is a domain name without the terminating + dot of a network host (e.g. "foo.example.com") or "wildcard", which is a + domain name prefixed with a single wildcard label (e.g. `*.example.com`). + + + Note that as per RFC1035 and RFC1123, a *label* must consist of lower case + alphanumeric characters or '-', and must start and end with an alphanumeric + character. No other punctuation is allowed. maxLength: 253 minLength: 1 pattern: ^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ type: string type: array matches: - description: Matches define conditions used for matching - the rule against incoming HTTP requests. https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec + description: |- + Matches define conditions used for matching the rule against incoming HTTP requests. + https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec items: description: "HTTPRouteMatch defines the predicate - used to match requests to a given action. Multiple + used to match requests to a given\naction. Multiple match types are ANDed together, i.e. the match - will evaluate to true only if all conditions are - satisfied. \n For example, the match below will - match a HTTP request only if its path starts with - `/foo` AND it contains the `version: v1` header: - \n ``` match: \n path: value: \"/foo\" headers: - - name: \"version\" value \"v1\" \n ```" + will\nevaluate to true only if all conditions + are satisfied.\n\n\nFor example, the match below + will match a HTTP request only if its path\nstarts + with `/foo` AND it contains the `version: v1` + header:\n\n\n```\nmatch:\n\n\n\tpath:\n\t value: + \"/foo\"\n\theaders:\n\t- name: \"version\"\n\t + \ value \"v1\"\n\n\n```" properties: headers: - description: Headers specifies HTTP request - header matchers. Multiple match values are - ANDed together, meaning, a request must match - all the specified headers to select the route. + description: |- + Headers specifies HTTP request header matchers. Multiple match values are + ANDed together, meaning, a request must match all the specified headers + to select the route. items: - description: HTTPHeaderMatch describes how - to select a HTTP route by matching HTTP - request headers. + description: |- + HTTPHeaderMatch describes how to select a HTTP route by matching HTTP request + headers. properties: name: - description: "Name is the name of the - HTTP Header to be matched. Name matching - MUST be case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, only the first entry with - an equivalent name MUST be considered - for a match. Subsequent entries with - an equivalent header name MUST be ignored. - Due to the case-insensitivity of header - names, \"foo\" and \"Foo\" are considered - equivalent. \n When a header is repeated - in an HTTP request, it is implementation-specific - behavior as to how this is represented. - Generally, proxies should follow the - guidance from the RFC: https://www.rfc-editor.org/rfc/rfc7230.html#section-3.2.2 - regarding processing a repeated header, - with special handling for \"Set-Cookie\"." + description: |- + Name is the name of the HTTP Header to be matched. Name matching MUST be + case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). + + + If multiple entries specify equivalent header names, only the first + entry with an equivalent name MUST be considered for a match. Subsequent + entries with an equivalent header name MUST be ignored. Due to the + case-insensitivity of header names, "foo" and "Foo" are considered + equivalent. + + + When a header is repeated in an HTTP request, it is + implementation-specific behavior as to how this is represented. + Generally, proxies should follow the guidance from the RFC: + https://www.rfc-editor.org/rfc/rfc7230.html#section-3.2.2 regarding + processing a repeated header, with special handling for "Set-Cookie". maxLength: 256 minLength: 1 pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ type: string type: default: Exact - description: "Type specifies how to match - against the value of the header. \n - Support: Core (Exact) \n Support: Implementation-specific - (RegularExpression) \n Since RegularExpression - HeaderMatchType has implementation-specific - conformance, implementations can support - POSIX, PCRE or any other dialects of - regular expressions. Please read the - implementation's documentation to determine - the supported dialect." + description: |- + Type specifies how to match against the value of the header. + + + Support: Core (Exact) + + + Support: Implementation-specific (RegularExpression) + + + Since RegularExpression HeaderMatchType has implementation-specific + conformance, implementations can support POSIX, PCRE or any other dialects + of regular expressions. Please read the implementation's documentation to + determine the supported dialect. enum: - Exact - RegularExpression @@ -228,10 +241,13 @@ spec: - name x-kubernetes-list-type: map method: - description: "Method specifies HTTP method matcher. - When specified, this route will be matched - only if the request has the specified method. - \n Support: Extended" + description: |- + Method specifies HTTP method matcher. + When specified, this route will be matched only if the request has the + specified method. + + + Support: Extended enum: - GET - HEAD @@ -247,16 +263,20 @@ spec: default: type: PathPrefix value: / - description: Path specifies a HTTP request path - matcher. If this field is not specified, a - default prefix match on the "/" path is provided. + description: |- + Path specifies a HTTP request path matcher. If this field is not + specified, a default prefix match on the "/" path is provided. properties: type: default: PathPrefix - description: "Type specifies how to match - against the path Value. \n Support: Core - (Exact, PathPrefix) \n Support: Implementation-specific - (RegularExpression)" + description: |- + Type specifies how to match against the path Value. + + + Support: Core (Exact, PathPrefix) + + + Support: Implementation-specific (RegularExpression) enum: - Exact - PathPrefix @@ -318,55 +338,60 @@ spec: ? self.value.matches(r"""^(?:[-A-Za-z0-9/._~!$&''()*+,;=:@]|[%][0-9a-fA-F]{2})+$""") : true' queryParams: - description: "QueryParams specifies HTTP query - parameter matchers. Multiple match values - are ANDed together, meaning, a request must - match all the specified query parameters to - select the route. \n Support: Extended" + description: |- + QueryParams specifies HTTP query parameter matchers. Multiple match + values are ANDed together, meaning, a request must match all the + specified query parameters to select the route. + + + Support: Extended items: - description: HTTPQueryParamMatch describes - how to select a HTTP route by matching HTTP + description: |- + HTTPQueryParamMatch describes how to select a HTTP route by matching HTTP query parameters. properties: name: - description: "Name is the name of the - HTTP query param to be matched. This - must be an exact string match. (See + description: |- + Name is the name of the HTTP query param to be matched. This must be an + exact string match. (See https://tools.ietf.org/html/rfc7230#section-2.7.3). - \n If multiple entries specify equivalent - query param names, only the first entry - with an equivalent name MUST be considered - for a match. Subsequent entries with - an equivalent query param name MUST - be ignored. \n If a query param is repeated - in an HTTP request, the behavior is - purposely left undefined, since different - data planes have different capabilities. - However, it is *recommended* that implementations - should match against the first value - of the param if the data plane supports - it, as this behavior is expected in - other load balancing contexts outside - of the Gateway API. \n Users SHOULD - NOT route traffic based on repeated - query params to guard themselves against - potential differences in the implementations." + + + If multiple entries specify equivalent query param names, only the first + entry with an equivalent name MUST be considered for a match. Subsequent + entries with an equivalent query param name MUST be ignored. + + + If a query param is repeated in an HTTP request, the behavior is + purposely left undefined, since different data planes have different + capabilities. However, it is *recommended* that implementations should + match against the first value of the param if the data plane supports it, + as this behavior is expected in other load balancing contexts outside of + the Gateway API. + + + Users SHOULD NOT route traffic based on repeated query params to guard + themselves against potential differences in the implementations. maxLength: 256 minLength: 1 pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ type: string type: default: Exact - description: "Type specifies how to match - against the value of the query parameter. - \n Support: Extended (Exact) \n Support: - Implementation-specific (RegularExpression) - \n Since RegularExpression QueryParamMatchType - has Implementation-specific conformance, - implementations can support POSIX, PCRE - or any other dialects of regular expressions. - Please read the implementation's documentation - to determine the supported dialect." + description: |- + Type specifies how to match against the value of the query parameter. + + + Support: Extended (Exact) + + + Support: Implementation-specific (RegularExpression) + + + Since RegularExpression QueryParamMatchType has Implementation-specific + conformance, implementations can support POSIX, PCRE or any other + dialects of regular expressions. Please read the implementation's + documentation to determine the supported dialect. enum: - Exact - RegularExpression @@ -393,17 +418,18 @@ spec: maxItems: 15 type: array when: - description: When holds the list of conditions for the policy - to be enforced. Called also "soft" conditions as route - selectors must also match + description: |- + When holds the list of conditions for the policy to be enforced. + Called also "soft" conditions as route selectors must also match items: - description: RouteSelector defines semantics for matching - an HTTP request based on conditions https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec + description: |- + RouteSelector defines semantics for matching an HTTP request based on conditions + https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec properties: operator: - description: 'The binary operator to be applied to - the content fetched from the selector Possible values - are: "eq" (equal to), "neq" (not equal to)' + description: |- + The binary operator to be applied to the content fetched from the selector + Possible values are: "eq" (equal to), "neq" (not equal to) enum: - eq - neq @@ -414,9 +440,9 @@ spec: - matches type: string selector: - description: Selector defines one item from the well - known selectors TODO Document properly "Well-known - selector" https://github.com/Kuadrant/architecture/blob/main/rfcs/0001-rlp-v2.md#well-known-selectors + description: |- + Selector defines one item from the well known selectors + TODO Document properly "Well-known selector" https://github.com/Kuadrant/architecture/blob/main/rfcs/0001-rlp-v2.md#well-known-selectors maxLength: 253 minLength: 1 type: string diff --git a/config/crd/bases/kuadrant.io_ratelimitpolicies.yaml b/config/crd/bases/kuadrant.io_ratelimitpolicies.yaml index 89507ac0f..1b47636d0 100644 --- a/config/crd/bases/kuadrant.io_ratelimitpolicies.yaml +++ b/config/crd/bases/kuadrant.io_ratelimitpolicies.yaml @@ -67,23 +67,25 @@ spec: description: RateLimitPolicySpec defines the desired state of RateLimitPolicy properties: defaults: - description: Defaults define explicit default values for this policy - and for policies inheriting this policy + description: |- + Defaults define explicit default values for this policy and for policies inheriting this policy. + Defaults are mutually exclusive with implicit defaults defined by CommonSpec. properties: limits: additionalProperties: description: Limit represents a complete rate limit configuration properties: counters: - description: Counters defines additional rate limit counters - based on context qualifiers and well known selectors TODO - Document properly "Well-known selector" https://github.com/Kuadrant/architecture/blob/main/rfcs/0001-rlp-v2.md#well-known-selectors + description: |- + Counters defines additional rate limit counters based on context qualifiers and well known selectors + TODO Document properly "Well-known selector" https://github.com/Kuadrant/architecture/blob/main/rfcs/0001-rlp-v2.md#well-known-selectors items: - description: 'ContextSelector defines one item from the - well known attributes Attributes: https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/advanced/attributes + description: |- + ContextSelector defines one item from the well known attributes + Attributes: https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/advanced/attributes Well-known selectors: https://github.com/Kuadrant/architecture/blob/main/rfcs/0001-rlp-v2.md#well-known-selectors They are named by a dot-separated path (e.g. request.path) - Example: "request.path" -> The path portion of the URL' + Example: "request.path" -> The path portion of the URL maxLength: 253 minLength: 1 type: string @@ -103,8 +105,9 @@ spec: a given period of time type: integer unit: - description: 'Duration defines the time uni Possible - values are: "second", "minute", "hour", "day"' + description: |- + Duration defines the time uni + Possible values are: "second", "minute", "hour", "day" enum: - second - minute @@ -121,92 +124,102 @@ spec: description: RouteSelectors defines semantics for matching an HTTP request based on conditions items: - description: RouteSelector defines semantics for matching - an HTTP request based on conditions https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec + description: |- + RouteSelector defines semantics for matching an HTTP request based on conditions + https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec properties: hostnames: - description: Hostnames defines a set of hostname that - should match against the HTTP Host header to select - a HTTPRoute to process the request https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec + description: |- + Hostnames defines a set of hostname that should match against the HTTP Host header to select a HTTPRoute to process the request + https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec items: - description: "Hostname is the fully qualified domain - name of a network host. This matches the RFC 1123 - definition of a hostname with 2 notable exceptions: - \n 1. IPs are not allowed. 2. A hostname may be - prefixed with a wildcard label (`*.`). The wildcard - label must appear by itself as the first label. - \n Hostname can be \"precise\" which is a domain - name without the terminating dot of a network - host (e.g. \"foo.example.com\") or \"wildcard\", - which is a domain name prefixed with a single - wildcard label (e.g. `*.example.com`). \n Note - that as per RFC1035 and RFC1123, a *label* must - consist of lower case alphanumeric characters - or '-', and must start and end with an alphanumeric - character. No other punctuation is allowed." + description: |- + Hostname is the fully qualified domain name of a network host. This matches + the RFC 1123 definition of a hostname with 2 notable exceptions: + + + 1. IPs are not allowed. + 2. A hostname may be prefixed with a wildcard label (`*.`). The wildcard + label must appear by itself as the first label. + + + Hostname can be "precise" which is a domain name without the terminating + dot of a network host (e.g. "foo.example.com") or "wildcard", which is a + domain name prefixed with a single wildcard label (e.g. `*.example.com`). + + + Note that as per RFC1035 and RFC1123, a *label* must consist of lower case + alphanumeric characters or '-', and must start and end with an alphanumeric + character. No other punctuation is allowed. maxLength: 253 minLength: 1 pattern: ^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ type: string type: array matches: - description: Matches define conditions used for matching - the rule against incoming HTTP requests. https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec + description: |- + Matches define conditions used for matching the rule against incoming HTTP requests. + https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec items: description: "HTTPRouteMatch defines the predicate - used to match requests to a given action. Multiple + used to match requests to a given\naction. Multiple match types are ANDed together, i.e. the match - will evaluate to true only if all conditions are - satisfied. \n For example, the match below will - match a HTTP request only if its path starts with - `/foo` AND it contains the `version: v1` header: - \n ``` match: \n path: value: \"/foo\" headers: - - name: \"version\" value \"v1\" \n ```" + will\nevaluate to true only if all conditions + are satisfied.\n\n\nFor example, the match below + will match a HTTP request only if its path\nstarts + with `/foo` AND it contains the `version: v1` + header:\n\n\n```\nmatch:\n\n\n\tpath:\n\t value: + \"/foo\"\n\theaders:\n\t- name: \"version\"\n\t + \ value \"v1\"\n\n\n```" properties: headers: - description: Headers specifies HTTP request - header matchers. Multiple match values are - ANDed together, meaning, a request must match - all the specified headers to select the route. + description: |- + Headers specifies HTTP request header matchers. Multiple match values are + ANDed together, meaning, a request must match all the specified headers + to select the route. items: - description: HTTPHeaderMatch describes how - to select a HTTP route by matching HTTP - request headers. + description: |- + HTTPHeaderMatch describes how to select a HTTP route by matching HTTP request + headers. properties: name: - description: "Name is the name of the - HTTP Header to be matched. Name matching - MUST be case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, only the first entry with - an equivalent name MUST be considered - for a match. Subsequent entries with - an equivalent header name MUST be ignored. - Due to the case-insensitivity of header - names, \"foo\" and \"Foo\" are considered - equivalent. \n When a header is repeated - in an HTTP request, it is implementation-specific - behavior as to how this is represented. - Generally, proxies should follow the - guidance from the RFC: https://www.rfc-editor.org/rfc/rfc7230.html#section-3.2.2 - regarding processing a repeated header, - with special handling for \"Set-Cookie\"." + description: |- + Name is the name of the HTTP Header to be matched. Name matching MUST be + case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). + + + If multiple entries specify equivalent header names, only the first + entry with an equivalent name MUST be considered for a match. Subsequent + entries with an equivalent header name MUST be ignored. Due to the + case-insensitivity of header names, "foo" and "Foo" are considered + equivalent. + + + When a header is repeated in an HTTP request, it is + implementation-specific behavior as to how this is represented. + Generally, proxies should follow the guidance from the RFC: + https://www.rfc-editor.org/rfc/rfc7230.html#section-3.2.2 regarding + processing a repeated header, with special handling for "Set-Cookie". maxLength: 256 minLength: 1 pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ type: string type: default: Exact - description: "Type specifies how to match - against the value of the header. \n - Support: Core (Exact) \n Support: Implementation-specific - (RegularExpression) \n Since RegularExpression - HeaderMatchType has implementation-specific - conformance, implementations can support - POSIX, PCRE or any other dialects of - regular expressions. Please read the - implementation's documentation to determine - the supported dialect." + description: |- + Type specifies how to match against the value of the header. + + + Support: Core (Exact) + + + Support: Implementation-specific (RegularExpression) + + + Since RegularExpression HeaderMatchType has implementation-specific + conformance, implementations can support POSIX, PCRE or any other dialects + of regular expressions. Please read the implementation's documentation to + determine the supported dialect. enum: - Exact - RegularExpression @@ -227,10 +240,13 @@ spec: - name x-kubernetes-list-type: map method: - description: "Method specifies HTTP method matcher. - When specified, this route will be matched - only if the request has the specified method. - \n Support: Extended" + description: |- + Method specifies HTTP method matcher. + When specified, this route will be matched only if the request has the + specified method. + + + Support: Extended enum: - GET - HEAD @@ -246,16 +262,20 @@ spec: default: type: PathPrefix value: / - description: Path specifies a HTTP request path - matcher. If this field is not specified, a - default prefix match on the "/" path is provided. + description: |- + Path specifies a HTTP request path matcher. If this field is not + specified, a default prefix match on the "/" path is provided. properties: type: default: PathPrefix - description: "Type specifies how to match - against the path Value. \n Support: Core - (Exact, PathPrefix) \n Support: Implementation-specific - (RegularExpression)" + description: |- + Type specifies how to match against the path Value. + + + Support: Core (Exact, PathPrefix) + + + Support: Implementation-specific (RegularExpression) enum: - Exact - PathPrefix @@ -317,55 +337,60 @@ spec: ? self.value.matches(r"""^(?:[-A-Za-z0-9/._~!$&''()*+,;=:@]|[%][0-9a-fA-F]{2})+$""") : true' queryParams: - description: "QueryParams specifies HTTP query - parameter matchers. Multiple match values - are ANDed together, meaning, a request must - match all the specified query parameters to - select the route. \n Support: Extended" + description: |- + QueryParams specifies HTTP query parameter matchers. Multiple match + values are ANDed together, meaning, a request must match all the + specified query parameters to select the route. + + + Support: Extended items: - description: HTTPQueryParamMatch describes - how to select a HTTP route by matching HTTP + description: |- + HTTPQueryParamMatch describes how to select a HTTP route by matching HTTP query parameters. properties: name: - description: "Name is the name of the - HTTP query param to be matched. This - must be an exact string match. (See + description: |- + Name is the name of the HTTP query param to be matched. This must be an + exact string match. (See https://tools.ietf.org/html/rfc7230#section-2.7.3). - \n If multiple entries specify equivalent - query param names, only the first entry - with an equivalent name MUST be considered - for a match. Subsequent entries with - an equivalent query param name MUST - be ignored. \n If a query param is repeated - in an HTTP request, the behavior is - purposely left undefined, since different - data planes have different capabilities. - However, it is *recommended* that implementations - should match against the first value - of the param if the data plane supports - it, as this behavior is expected in - other load balancing contexts outside - of the Gateway API. \n Users SHOULD - NOT route traffic based on repeated - query params to guard themselves against - potential differences in the implementations." + + + If multiple entries specify equivalent query param names, only the first + entry with an equivalent name MUST be considered for a match. Subsequent + entries with an equivalent query param name MUST be ignored. + + + If a query param is repeated in an HTTP request, the behavior is + purposely left undefined, since different data planes have different + capabilities. However, it is *recommended* that implementations should + match against the first value of the param if the data plane supports it, + as this behavior is expected in other load balancing contexts outside of + the Gateway API. + + + Users SHOULD NOT route traffic based on repeated query params to guard + themselves against potential differences in the implementations. maxLength: 256 minLength: 1 pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ type: string type: default: Exact - description: "Type specifies how to match - against the value of the query parameter. - \n Support: Extended (Exact) \n Support: - Implementation-specific (RegularExpression) - \n Since RegularExpression QueryParamMatchType - has Implementation-specific conformance, - implementations can support POSIX, PCRE - or any other dialects of regular expressions. - Please read the implementation's documentation - to determine the supported dialect." + description: |- + Type specifies how to match against the value of the query parameter. + + + Support: Extended (Exact) + + + Support: Implementation-specific (RegularExpression) + + + Since RegularExpression QueryParamMatchType has Implementation-specific + conformance, implementations can support POSIX, PCRE or any other + dialects of regular expressions. Please read the implementation's + documentation to determine the supported dialect. enum: - Exact - RegularExpression @@ -392,17 +417,18 @@ spec: maxItems: 15 type: array when: - description: When holds the list of conditions for the policy - to be enforced. Called also "soft" conditions as route - selectors must also match + description: |- + When holds the list of conditions for the policy to be enforced. + Called also "soft" conditions as route selectors must also match items: - description: RouteSelector defines semantics for matching - an HTTP request based on conditions https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec + description: |- + RouteSelector defines semantics for matching an HTTP request based on conditions + https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec properties: operator: - description: 'The binary operator to be applied to - the content fetched from the selector Possible values - are: "eq" (equal to), "neq" (not equal to)' + description: |- + The binary operator to be applied to the content fetched from the selector + Possible values are: "eq" (equal to), "neq" (not equal to) enum: - eq - neq @@ -413,9 +439,9 @@ spec: - matches type: string selector: - description: Selector defines one item from the well - known selectors TODO Document properly "Well-known - selector" https://github.com/Kuadrant/architecture/blob/main/rfcs/0001-rlp-v2.md#well-known-selectors + description: |- + Selector defines one item from the well known selectors + TODO Document properly "Well-known selector" https://github.com/Kuadrant/architecture/blob/main/rfcs/0001-rlp-v2.md#well-known-selectors maxLength: 253 minLength: 1 type: string diff --git a/controllers/ratelimitpolicy_controller_test.go b/controllers/ratelimitpolicy_controller_test.go index 1173e2e3e..227fb4f7e 100644 --- a/controllers/ratelimitpolicy_controller_test.go +++ b/controllers/ratelimitpolicy_controller_test.go @@ -53,7 +53,7 @@ var _ = Describe("RateLimitPolicy controller", func() { Kind: "HTTPRoute", Name: gatewayapiv1.ObjectName(routeName), }, - CommonSpec: kuadrantv1beta2.CommonSpec{ + Defaults: kuadrantv1beta2.CommonSpec{ Limits: map[string]kuadrantv1beta2.Limit{ "l1": { Rates: []kuadrantv1beta2.Rate{ @@ -256,7 +256,7 @@ var _ = Describe("RateLimitPolicy controller", func() { // create ratelimitpolicy rlp := policyFactory(func(policy *kuadrantv1beta2.RateLimitPolicy) { - policy.Spec.Limits = map[string]kuadrantv1beta2.Limit{ + policy.Spec.Defaults.Limits = map[string]kuadrantv1beta2.Limit{ "toys": { Rates: []kuadrantv1beta2.Rate{ {Limit: 50, Duration: 1, Unit: kuadrantv1beta2.TimeUnit("minute")},