ratelimitpolicy virtualhosts ratelimits (Kuadrant#85)

* ratelimitpolicy virtualhosts ratelimits

* apim/ratelimitpolicy_controller: remove unnecessary route match for virtualhost

* fix lint issue

Author: eguzki

apis/apim/v1alpha1/ratelimitpolicy_types.go

@@ -29,8 +29,14 @@ type RLGenericKey struct {
 	DescriptorValue string `json:"descriptor_value"`
 }
 
+//TODO(eguzki): oneOf each kind
+//
+// https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/route/v3/route_components.proto#envoy-v3-api-msg-config-route-v3-ratelimit-action
+
+// Action_Specifier defines the envoy rate limit actions
 type ActionSpecifier struct {
-	GenericKey RLGenericKey `json:"generic_key"`
+	// +optional
+	GenericKey *RLGenericKey `json:"generic_key,omitempty"`
 }
 
 // +kubebuilder:validation:Enum=PREAUTH;POSTAUTH;BOTH
@@ -57,19 +63,23 @@ var RateLimitStageName = map[int32]string{
 var RateLimitStageValue = map[RateLimitStage]int32{
 	"PREAUTH":  0,
 	"POSTAUTH": 1,
-	"BOTH":     2,
 }
 
-type Route struct {
-	// name of the route present in the virutalservice
-	Name string `json:"name"`
+type RateLimit struct {
 	// Definfing phase at which rate limits will be applied.
 	// Valid values are: PREAUTH, POSTAUTH, BOTH
 	Stage RateLimitStage `json:"stage"`
-	// rule specific actions
+	// +optional
 	Actions []*ActionSpecifier `json:"actions,omitempty"`
 }
 
+type Route struct {
+	// name of the route present in the virutalservice
+	Name string `json:"name"`
+	// +optional
+	RateLimits []*RateLimit `json:"rateLimits,omitempty"`
+}
+
 type NetworkingRef struct {
 	Type NetworkingRefType `json:"type"`
 	Name string            `json:"name"`
@@ -85,9 +95,11 @@ type RateLimitPolicySpec struct {
 	//+listType=map
 	//+listMapKey=name
 	Routes []Route `json:"routes,omitempty"`
-	// these actions are used for all of the matching rules
-	Actions []*ActionSpecifier                `json:"actions,omitempty"`
-	Limits  []limitadorv1alpha1.RateLimitSpec `json:"limits,omitempty"`
+
+	// RateLimits are used for all of the matching rules
+	// +optional
+	RateLimits []*RateLimit                      `json:"rateLimits,omitempty"`
+	Limits     []limitadorv1alpha1.RateLimitSpec `json:"limits,omitempty"`
 }
 
 //+kubebuilder:object:root=true

apis/apim/v1alpha1/zz_generated.deepcopy.go

@@ -36,24 +36,6 @@ spec:
           spec:
             description: RateLimitPolicySpec defines the desired state of RateLimitPolicy
             properties:
-              actions:
-                description: these actions are used for all of the matching rules
-                items:
-                  properties:
-                    generic_key:
-                      properties:
-                        descriptor_key:
-                          type: string
-                        descriptor_value:
-                          type: string
-                      required:
-                      - descriptor_key
-                      - descriptor_value
-                      type: object
-                  required:
-                  - generic_key
-                  type: object
-                type: array
               limits:
                 items:
                   description: RateLimitSpec defines the desired state of RateLimit
@@ -99,13 +81,14 @@ spec:
                 - type
                 - name
                 x-kubernetes-list-type: map
-              routes:
-                description: route specific staging and actions
+              rateLimits:
+                description: RateLimits are used for all of the matching rules
                 items:
                   properties:
                     actions:
-                      description: rule specific actions
                       items:
+                        description: Action_Specifier defines the envoy rate limit
+                          actions
                         properties:
                           generic_key:
                             properties:
@@ -117,13 +100,8 @@ spec:
                             - descriptor_key
                             - descriptor_value
                             type: object
-                        required:
-                        - generic_key
                         type: object
                       type: array
-                    name:
-                      description: name of the route present in the virutalservice
-                      type: string
                     stage:
                       description: 'Definfing phase at which rate limits will be applied.
                         Valid values are: PREAUTH, POSTAUTH, BOTH'
@@ -133,10 +111,52 @@ spec:
                       - BOTH
                       type: string
                   required:
-                  - name
                   - stage
                   type: object
                 type: array
+              routes:
+                description: route specific staging and actions
+                items:
+                  properties:
+                    name:
+                      description: name of the route present in the virutalservice
+                      type: string
+                    rateLimits:
+                      items:
+                        properties:
+                          actions:
+                            items:
+                              description: Action_Specifier defines the envoy rate
+                                limit actions
+                              properties:
+                                generic_key:
+                                  properties:
+                                    descriptor_key:
+                                      type: string
+                                    descriptor_value:
+                                      type: string
+                                  required:
+                                  - descriptor_key
+                                  - descriptor_value
+                                  type: object
+                              type: object
+                            type: array
+                          stage:
+                            description: 'Definfing phase at which rate limits will
+                              be applied. Valid values are: PREAUTH, POSTAUTH, BOTH'
+                            enum:
+                            - PREAUTH
+                            - POSTAUTH
+                            - BOTH
+                            type: string
+                        required:
+                        - stage
+                        type: object
+                      type: array
+                  required:
+                  - name
+                  type: object
+                type: array
                 x-kubernetes-list-map-keys:
                 - name
                 x-kubernetes-list-type: map

config/crd/bases/apim.kuadrant.io_ratelimitpolicies.yaml

@@ -112,24 +112,6 @@ spec:
           spec:
             description: RateLimitPolicySpec defines the desired state of RateLimitPolicy
             properties:
-              actions:
-                description: these actions are used for all of the matching rules
-                items:
-                  properties:
-                    generic_key:
-                      properties:
-                        descriptor_key:
-                          type: string
-                        descriptor_value:
-                          type: string
-                      required:
-                      - descriptor_key
-                      - descriptor_value
-                      type: object
-                  required:
-                  - generic_key
-                  type: object
-                type: array
               limits:
                 items:
                   description: RateLimitSpec defines the desired state of RateLimit
@@ -175,13 +157,13 @@ spec:
                 - type
                 - name
                 x-kubernetes-list-type: map
-              routes:
-                description: route specific staging and actions
+              rateLimits:
+                description: RateLimits are used for all of the matching rules
                 items:
                   properties:
                     actions:
-                      description: rule specific actions
                       items:
+                        description: Action_Specifier defines the envoy rate limit actions
                         properties:
                           generic_key:
                             properties:
@@ -193,13 +175,8 @@ spec:
                             - descriptor_key
                             - descriptor_value
                             type: object
-                        required:
-                        - generic_key
                         type: object
                       type: array
-                    name:
-                      description: name of the route present in the virutalservice
-                      type: string
                     stage:
                       description: 'Definfing phase at which rate limits will be applied. Valid values are: PREAUTH, POSTAUTH, BOTH'
                       enum:
@@ -208,10 +185,50 @@ spec:
                       - BOTH
                       type: string
                   required:
-                  - name
                   - stage
                   type: object
                 type: array
+              routes:
+                description: route specific staging and actions
+                items:
+                  properties:
+                    name:
+                      description: name of the route present in the virutalservice
+                      type: string
+                    rateLimits:
+                      items:
+                        properties:
+                          actions:
+                            items:
+                              description: Action_Specifier defines the envoy rate limit actions
+                              properties:
+                                generic_key:
+                                  properties:
+                                    descriptor_key:
+                                      type: string
+                                    descriptor_value:
+                                      type: string
+                                  required:
+                                  - descriptor_key
+                                  - descriptor_value
+                                  type: object
+                              type: object
+                            type: array
+                          stage:
+                            description: 'Definfing phase at which rate limits will be applied. Valid values are: PREAUTH, POSTAUTH, BOTH'
+                            enum:
+                            - PREAUTH
+                            - POSTAUTH
+                            - BOTH
+                            type: string
+                        required:
+                        - stage
+                        type: object
+                      type: array
+                  required:
+                  - name
+                  type: object
+                type: array
                 x-kubernetes-list-map-keys:
                 - name
                 x-kubernetes-list-type: map