Kuadrant
diff --git a/‎README.md
+25-23 b/‎README.md
+25-23
diff --git a/‎doc/development.md
+19-20 b/‎doc/development.md
+19-20
diff --git a/‎doc/logging.md
+2 b/‎doc/logging.md
+2
diff --git a/‎doc/proposals/authpolicy-crd.md
+5-5 b/‎doc/proposals/authpolicy-crd.md
+5-5
@@ -18,7 +18,7 @@ The Operator to install and manage the lifecycle of the [Kuadrant](https://githu
       * [If you are an <em>API Provider</em>](#if-you-are-an-api-provider)
       * [If you are a <em>Cluster Operator</em>](#if-you-are-a-cluster-operator)
 * [User guides](#user-guides)
-* [<a href="/doc/rate-limiting.md">Kuadrant Rate Limiting</a>](#kuadrant-rate-limiting)
+* [<a href="doc/rate-limiting.md">Kuadrant Rate Limiting</a>](#kuadrant-rate-limiting)
 * [Documentation](#documentation)
 * [Contributing](#contributing)
 * [Licensing](#licensing)
@@ -32,29 +32,30 @@ more reusable and leverage the underlying kubernetes platform. It aims to delive
 of applications & services when it comes to rate limiting, authentication, authorization, discoverability, change management, usage contracts, insights, etc.
 
 Kuadrant aims to produce a set of loosely coupled functionalities built directly on top of Kubernetes.
-Furthermore it only strives to provide what Kubernetes doesn’t offer out of the box, i.e. Kuadrant won’t be designing a new Gateway/proxy,
+Furthermore, it only strives to provide what Kubernetes doesn’t offer out of the box, i.e. Kuadrant won’t be designing a new Gateway/proxy,
 instead it will opt to connect with what’s there and what’s being developed (think Envoy, Istio, GatewayAPI).
 
 Kuadrant is a system of cloud-native k8s components that grows as users’ needs grow.
+
 * From simple protection of a Service (via **AuthN**) that is used by teammates working on the same cluster, or “sibling” services, up to **AuthZ** of users using OIDC plus custom policies.
 * From no rate-limiting to rate-limiting for global service protection on to rate-limiting by users/plans
 
 ## Architecture
 
 Kuadrant relies on [Istio](https://istio.io/) and the [Gateway API](https://gateway-api.sigs.k8s.io/)
-to operate the cluster (istio's) ingress gateway to provide API management with **authentication** (authN),
+to operate the cluster (Istio's) ingress gateway to provide API management with **authentication** (authN),
 **authorization** (authZ) and **rate limiting** capabilities.
 
 ### Kuadrant components
 
-| CRD | Description                                                                                                                                                                                                                                                                     |
-| --- |---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| Control Plane | The control plane takes the customer desired configuration (declaratively as kubernetes custom resources) as input and ensures all components are configured to obey customer's desired behavior.<br> This repository contains the source code of the kuadrant control plane    |
-| [Kuadrant Operator](https://github.com/Kuadrant/kuadrant-operator) | A Kubernetes Operator to manage the lifecycle of the kuadrant deployment                                                                                                                                                                                                        |
-| [Authorino](https://github.com/Kuadrant/authorino) | The AuthN/AuthZ enforcer. As the [external istio authorizer](https://istio.io/latest/docs/tasks/security/authorization/authz-custom/) ([envoy external authorization](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/ext_authz_filter) serving gRPC service) |
-| [Limitador](https://github.com/Kuadrant/limitador) | The external rate limiting service. It exposes a gRPC service implementing the [Envoy Rate Limit protocol (v3)](https://www.envoyproxy.io/docs/envoy/latest/api-v3/service/ratelimit/v3/rls.proto)                                                                              |
-| [Authorino Operator](https://github.com/Kuadrant/authorino-operator) | A Kubernetes Operator to manage Authorino instances                                                                                                                                                                                                                             |
-| [Limitador Operator](https://github.com/Kuadrant/limitador-operator) | A Kubernetes Operator to manage Limitador instances                                                                                                                                                                                                                             |
+| CRD                                                                  | Description                                                                                                                                                                                                                                                                               |
+|----------------------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| Control Plane                                                        | The control plane takes the customer desired configuration (declaratively as kubernetes custom resources) as input and ensures all components are configured to obey customer's desired behavior.<br> This repository contains the source code of the kuadrant control plane              |
+| [Kuadrant Operator](https://github.com/Kuadrant/kuadrant-operator)   | A Kubernetes Operator to manage the lifecycle of the kuadrant deployment                                                                                                                                                                                                                  |
+| [Authorino](https://github.com/Kuadrant/authorino)                   | The AuthN/AuthZ enforcer. As the [external istio authorizer](https://istio.io/latest/docs/tasks/security/authorization/authz-custom/) ([envoy external authorization](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/ext_authz_filter) serving gRPC service) |
+| [Limitador](https://github.com/Kuadrant/limitador)                   | The external rate limiting service. It exposes a gRPC service implementing the [Envoy Rate Limit protocol (v3)](https://www.envoyproxy.io/docs/envoy/latest/api-v3/service/ratelimit/v3/rls.proto)                                                                                        |
+| [Authorino Operator](https://github.com/Kuadrant/authorino-operator) | A Kubernetes Operator to manage Authorino instances                                                                                                                                                                                                                                       |
+| [Limitador Operator](https://github.com/Kuadrant/limitador-operator) | A Kubernetes Operator to manage Limitador instances                                                                                                                                                                                                                                       |
 
 ### Provided APIs
 
@@ -86,7 +87,7 @@ Additionally, Kuadrant provides the following CRDs
 
 ### Installing Kuadrant
 
-Installing Kuadrant is a two-step procedure. Firstly, install the Kuadrant Operator and seconly,
+Installing Kuadrant is a two-step procedure. Firstly, install the Kuadrant Operator and secondly,
 request a Kuadrant instance by creating a *Kuadrant* custom resource.
 
 #### 1. Install the Kuadrant Operator
@@ -98,14 +99,14 @@ The Kuadrant Operator is available in public community operator catalogs, such a
 The operator is available from [OperatorHub.io](https://operatorhub.io/operator/kuadrant-operator).
 Just go to the linked page and follow installation steps (or just run these two commands):
 
-```
+```sh
 # Install Operator Lifecycle Manager (OLM), a tool to help manage the operators running on your cluster.
 
-$ curl -sL https://github.com/operator-framework/operator-lifecycle-manager/releases/download/v0.23.1/install.sh | bash -s v0.23.1
+curl -sL https://github.com/operator-framework/operator-lifecycle-manager/releases/download/v0.23.1/install.sh | bash -s v0.23.1
 
 # Install the operator by running the following command:
 
-$ kubectl create -f https://operatorhub.io/install/kuadrant-operator.yaml
+kubectl create -f https://operatorhub.io/install/kuadrant-operator.yaml
 ```
 
 **Openshift**
@@ -125,12 +126,13 @@ kubectl create namespace kuadrant
 
 Apply the `Kuadrant` custom resource:
 
-```yaml
-kubectl apply -n kuadrant -f -<<EOF
+```sh
+kubectl -n kuadrant apply -f - <<EOF
+---
 apiVersion: kuadrant.io/v1beta1
 kind: Kuadrant
 metadata:
-  name: kuadrant
+  name: kuadrant-sample
 spec: {}
 EOF
 ```
@@ -142,16 +144,16 @@ EOF
 * Deploy the service/API to be protected ("Upstream")
 * Expose the service/API using the kubernetes Gateway API, ie
   [HTTPRoute](https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRoute) object.
-* Write and apply the Kuadrant's [RateLimitPolicy](/doc/rate-limiting.md) and/or
-  [AuthPolicy](apis/apim/v1alpha1/authpolicy_types.go) custom resources targeting the HTTPRoute resource
+* Write and apply the Kuadrant's [RateLimitPolicy](doc/rate-limiting.md) and/or
+  [AuthPolicy](api/v1beta1/authpolicy_types.go) custom resources targeting the HTTPRoute resource
   to have your API protected.
 
 #### If you are a *Cluster Operator*
 
 * (Optionally) deploy istio ingress gateway using the
   [Gateway](https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.Gateway) resource.
-* Write and apply the Kuadrant's [RateLimitPolicy](/doc/rate-limiting.md) and/or
-  [AuthPolicy](apis/apim/v1alpha1/authpolicy_types.go) custom resources targeting the Gateway resource
+* Write and apply the Kuadrant's [RateLimitPolicy](doc/rate-limiting.md) and/or
+  [AuthPolicy](api/v1beta1/authpolicy_types.go) custom resources targeting the Gateway resource
   to have your gateway traffic protected.
 
 ## User guides
@@ -163,7 +165,7 @@ The user guides section of the docs gathers several use-cases as well as the ins
 * [Gateway rate limiting for cluster operators](doc/user-guides/gateway-rl-for-cluster-operators.md)
 * [Authenticated rate limiting with JWTs and Kubernetes authnz](doc/user-guides/authenticated-rl-with-jwt-and-k8s-authnz.md)
 
-## [Kuadrant Rate Limiting](/doc/rate-limiting.md)
+## [Kuadrant Rate Limiting](doc/rate-limiting.md)
 
 ## Documentation
 
 
@@ -9,7 +9,6 @@
    * [Build custom OLM catalog](#build-custom-olm-catalog)
       * [Build kuadrant operator bundle image](#build-kuadrant-operator-bundle-image)
       * [Build custom catalog](#build-custom-catalog)
-      * [Deploy kuadrant operator using OLM](#deploy-kuadrant-operator-using-olm-1)
    * [Cleaning up](#cleaning-up)
    * [Run tests](#run-tests)
       * [Unit tests](#unittests)
@@ -89,9 +88,9 @@ make install-olm
 
 Deploy kuadrant using OLM. The `make deploy-catalog` target accepts the following variables:
 
-| **Makefile Variable** | **Description** | **Default value** |
-| --- | --- | --- |
-| `CATALOG_IMG` | Kuadrant operator catalog image URL | `quay.io/kuadrant/kuadrant-operator-catalog:latest` |
+| **Makefile Variable** | **Description**                     | **Default value**                                   |
+|-----------------------|-------------------------------------|-----------------------------------------------------|
+| `CATALOG_IMG`         | Kuadrant operator catalog image URL | `quay.io/kuadrant/kuadrant-operator-catalog:latest` |
 
 ```sh
 make deploy-catalog [CATALOG_IMG=quay.io/kuadrant/kuadrant-operator-catalog:latest]
@@ -130,27 +129,27 @@ make bundle [IMG=quay.io/kuadrant/kuadrant-operator:latest] \
 
 * Build the bundle image from the manifests
 
-| **Makefile Variable** | **Description** | **Default value** |
-| --- | --- | --- |
-| `BUNDLE_IMG` | Kuadrant operator bundle image URL | `quay.io/kuadrant/kuadrant-operator-bundle:latest` |
+| **Makefile Variable** | **Description**                    | **Default value**                                  |
+|-----------------------|------------------------------------|----------------------------------------------------|
+| `BUNDLE_IMG`          | Kuadrant operator bundle image URL | `quay.io/kuadrant/kuadrant-operator-bundle:latest` |
 
 ```sh
 make bundle-build [BUNDLE_IMG=quay.io/kuadrant/kuadrant-operator-bundle:latest]
 ```
 
 * Push the bundle image to a registry
 
-| **Makefile Variable** | **Description** | **Default value** |
-| --- | --- | --- |
-| `BUNDLE_IMG` | Kuadrant operator bundle image URL | `quay.io/kuadrant/kuadrant-operator-bundle:latest` |
+| **Makefile Variable** | **Description**                    | **Default value**                                  |
+|-----------------------|------------------------------------|----------------------------------------------------|
+| `BUNDLE_IMG`          | Kuadrant operator bundle image URL | `quay.io/kuadrant/kuadrant-operator-bundle:latest` |
 
 ```sh
 make bundle-push [BUNDLE_IMG=quay.io/kuadrant/kuadrant-operator-bundle:latest]
 ```
 
 Frequently, you may need to build custom kuadrant bundle with the default (`latest`) Limitador and
 Authorino bundles. These are the example commands to build the manifests, build the bundle image
-and push to the regitry.
+and push to the registry.
 
 In the example, a new kuadrant operator bundle version `0.8.0` will be created that references
 the kuadrant operator image `quay.io/kuadrant/kuadrant-operator:v0.5.0` and latest Limitador and
@@ -169,17 +168,17 @@ make bundle-push BUNDLE_IMG=quay.io/kuadrant/kuadrant-operator-bundle:my-bundle
 
 ### Build custom catalog
 
-The catalog's format will be [File-based Catalg](https://olm.operatorframework.io/docs/reference/file-based-catalogs/).
+The catalog's format will be [File-based Catalog](https://olm.operatorframework.io/docs/reference/file-based-catalogs/).
 
 Make sure all the required bundles are pushed to the registry. It is required by the `opm` tool.
 
 The `make catalog` target accepts the following variables:
 
-| **Makefile Variable** | **Description** | **Default value** |
-| --- | --- | --- |
-| `BUNDLE_IMG` | Kuadrant operator bundle image URL | `quay.io/kuadrant/kuadrant-operator-bundle:latest` |
-| `LIMITADOR_OPERATOR_BUNDLE_IMG` | Limitador operator bundle URL | `quay.io/kuadrant/limitador-operator-bundle:latest` |
-| `AUTHORINO_OPERATOR_BUNDLE_IMG` | Authorino operator bundle URL | `quay.io/kuadrant/authorino-operator-bundle:latest` |
+| **Makefile Variable**           | **Description**                    | **Default value**                                   |
+|---------------------------------|------------------------------------|-----------------------------------------------------|
+| `BUNDLE_IMG`                    | Kuadrant operator bundle image URL | `quay.io/kuadrant/kuadrant-operator-bundle:latest`  |
+| `LIMITADOR_OPERATOR_BUNDLE_IMG` | Limitador operator bundle URL      | `quay.io/kuadrant/limitador-operator-bundle:latest` |
+| `AUTHORINO_OPERATOR_BUNDLE_IMG` | Authorino operator bundle URL      | `quay.io/kuadrant/authorino-operator-bundle:latest` |
 
 ```sh
 make catalog [BUNDLE_IMG=quay.io/kuadrant/kuadrant-operator-bundle:latest] \
@@ -189,9 +188,9 @@ make catalog [BUNDLE_IMG=quay.io/kuadrant/kuadrant-operator-bundle:latest] \
 
 * Build the catalog image from the manifests
 
-| **Makefile Variable** | **Description** | **Default value** |
-| --- | --- | --- |
-| `CATALOG_IMG` | Kuadrant operator catalog image URL | `quay.io/kuadrant/kuadrant-operator-catalog:latest` |
+| **Makefile Variable** | **Description**                     | **Default value**                                   |
+|-----------------------|-------------------------------------|-----------------------------------------------------|
+| `CATALOG_IMG`         | Kuadrant operator catalog image URL | `quay.io/kuadrant/kuadrant-operator-catalog:latest` |
 
 ```sh
 make catalog-build [CATALOG_IMG=quay.io/kuadrant/kuadrant-operator-catalog:latest]
 
@@ -1,6 +1,7 @@
 # Logging
 
 The kuadrant operator outputs 3 levels of log messages: (from lowest to highest level)
+
 1. `debug`
 2. `info` (default)
 3. `error`
@@ -12,6 +13,7 @@ Only `debug` logging will include processing details.
 To configure the desired log level, set the environment variable `LOG_LEVEL` to one of the supported values listed above. Default log level is `info`.
 
 Apart from log level, the operator can output messages to the logs in 2 different formats:
+
 - `production` (default): each line is a parseable JSON object with properties `{"level":string, "ts":int, "msg":string, "logger":string, extra values...}`
 - `development`: more human-readable outputs, extra stack traces and logging info, plus extra values output as JSON, in the format: `<timestamp-iso-8601>\t<log-level>\t<logger>\t<message>\t{extra-values-as-json}`
 
 
@@ -9,14 +9,14 @@ The new [GatewayAPI](https://gateway-api.sigs.k8s.io/) defines a standard [polic
 ## Goals
 
 With `targetRef`  from policy attachment concept, following are the goals:
-- Application developer should be able target [`HTTPRoute`](https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1alpha2.HTTPRoute) object in their own namespace. This will define authorization policy at the hostname/domain/vHost level.
+- Application developer should be able to target [`HTTPRoute`](https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1alpha2.HTTPRoute) object in their own namespace. This will define authorization policy at the hostname/domain/vHost level.
 - Cluster operator should be able to target [`Gateway`](https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1alpha2.Gateway) object along with HTTPRoute in the gateway's namespace. This will define policy at the <ins>listener</ins> level.
 - To reduce context sharing at the gateway and external authorization provider, action type and auth-provider are defaulted to `CUSTOM` and authorino respectively.
 
 ## Proposed Solution
 Following is the proposed new CRD that combines policy attachment concepts with Istio's AuthorizationPolicy:
 
-```yaml=
+```yaml
 apiVersion: kuadrant.io/v1beta1
 kind: AuthPolicy
 metadata:
@@ -50,7 +50,7 @@ status:
       reason: HTTPRouteProtected/GatewayProtected/Error
       status: "True" | "False"
       type: Available
-    observedGeneration: 1
+  observedGeneration: 1
 ```
 
 ### Target Reference
@@ -84,7 +84,7 @@ status:
 - `methods`: a method matches over request method like `DELETE`.
 
 Fields in a rule object are ANDed together but inner fields follow OR semantics. For example,
-```
+```yaml
 hosts: ["*.toystore.com"]
 methods: ["GET", "POST"]
 paths: ["/admin"]
@@ -100,7 +100,7 @@ AuthScheme is embedded form of [Authorino's AuthConfig](https://github.com/Kuadr
 
 The example AuthPolicy showed above will create the following AuthConfig:
 
-```yaml=
+```yaml
 apiVersion: authorino.kuadrant.io/v1beta1
 kind: AuthConfig
 metadata: