From 77916c18e92e6ed1b9154174a8e9cf572b4dfcc6 Mon Sep 17 00:00:00 2001 From: CrowleyRajapakse Date: Fri, 6 Sep 2024 18:40:37 +0530 Subject: [PATCH] adding AIProvider and APIPolicy,Subscription,Ratelimit new CRD v3 versions --- common-go-libs/PROJECT | 16 + .../apis/cp/v1alpha3/groupversion_info.go | 37 + .../apis/cp/v1alpha3/subscription_types.go | 77 +++ .../apis/cp/v1alpha3/zz_generated.deepcopy.go | 148 ++++ .../apis/dp/v1alpha3/aiprovider_types.go | 81 +++ .../apis/dp/v1alpha3/apipolicy_types.go | 165 +++++ .../apis/dp/v1alpha3/groupversion_info.go | 37 + .../apis/dp/v1alpha3/ratelimitpolicy_types.go | 142 ++++ .../v1alpha3/resolveSubscriptionRatelimit.go | 39 ++ .../apis/dp/v1alpha3/zz_generated.deepcopy.go | 638 ++++++++++++++++++ .../crd/bases/cp.wso2.com_subscriptions.yaml | 61 ++ .../crd/bases/dp.wso2.com_aiproviders.yaml | 110 +++ .../crd/bases/dp.wso2.com_apipolicies.yaml | 277 ++++++++ .../bases/dp.wso2.com_ratelimitpolicies.yaml | 221 ++++++ common-go-libs/config/crd/kustomization.yaml | 24 + .../config/crd/kustomizeconfig.yaml | 19 + .../cainjection_in_cp_subscriptions.yaml | 7 + .../patches/cainjection_in_dp_aiprovider.yaml | 7 + .../patches/webhook_in_cp_subscriptions.yaml | 16 + .../crd/patches/webhook_in_dp_aiprovider.yaml | 16 + .../rbac/cp_subscription_editor_role.yaml | 31 + .../rbac/cp_subscription_viewer_role.yaml | 27 + .../rbac/dp_aiprovider_editor_role.yaml | 31 + .../rbac/dp_aiprovider_viewer_role.yaml | 27 + .../samples/cp_v1alpha3_subscription.yaml | 12 + .../samples/dp_v1alpha3_aiprovider.yaml | 12 + 26 files changed, 2278 insertions(+) create mode 100644 common-go-libs/apis/cp/v1alpha3/groupversion_info.go create mode 100644 common-go-libs/apis/cp/v1alpha3/subscription_types.go create mode 100644 common-go-libs/apis/cp/v1alpha3/zz_generated.deepcopy.go create mode 100644 common-go-libs/apis/dp/v1alpha3/aiprovider_types.go create mode 100644 common-go-libs/apis/dp/v1alpha3/apipolicy_types.go create mode 100644 common-go-libs/apis/dp/v1alpha3/groupversion_info.go create mode 100644 common-go-libs/apis/dp/v1alpha3/ratelimitpolicy_types.go create mode 100644 common-go-libs/apis/dp/v1alpha3/resolveSubscriptionRatelimit.go create mode 100644 common-go-libs/apis/dp/v1alpha3/zz_generated.deepcopy.go create mode 100644 common-go-libs/config/crd/bases/dp.wso2.com_aiproviders.yaml create mode 100644 common-go-libs/config/crd/kustomization.yaml create mode 100644 common-go-libs/config/crd/kustomizeconfig.yaml create mode 100644 common-go-libs/config/crd/patches/cainjection_in_cp_subscriptions.yaml create mode 100644 common-go-libs/config/crd/patches/cainjection_in_dp_aiprovider.yaml create mode 100644 common-go-libs/config/crd/patches/webhook_in_cp_subscriptions.yaml create mode 100644 common-go-libs/config/crd/patches/webhook_in_dp_aiprovider.yaml create mode 100644 common-go-libs/config/rbac/cp_subscription_editor_role.yaml create mode 100644 common-go-libs/config/rbac/cp_subscription_viewer_role.yaml create mode 100644 common-go-libs/config/rbac/dp_aiprovider_editor_role.yaml create mode 100644 common-go-libs/config/rbac/dp_aiprovider_viewer_role.yaml create mode 100644 common-go-libs/config/samples/cp_v1alpha3_subscription.yaml create mode 100644 common-go-libs/config/samples/dp_v1alpha3_aiprovider.yaml diff --git a/common-go-libs/PROJECT b/common-go-libs/PROJECT index 89fbcd315..51d234c0e 100644 --- a/common-go-libs/PROJECT +++ b/common-go-libs/PROJECT @@ -160,4 +160,20 @@ resources: defaulting: true validation: true webhookVersion: v1 +- api: + crdVersion: v1 + namespaced: true + domain: wso2.com + group: dp + kind: AIProvider + path: github.com/wso2/apk/common-go-libs/apis/dp/v1alpha3 + version: v1alpha3 +- api: + crdVersion: v1 + namespaced: true + domain: wso2.com + group: cp + kind: Subscription + path: github.com/wso2/apk/common-go-libs/apis/cp/v1alpha3 + version: v1alpha3 version: "3" diff --git a/common-go-libs/apis/cp/v1alpha3/groupversion_info.go b/common-go-libs/apis/cp/v1alpha3/groupversion_info.go new file mode 100644 index 000000000..3f20831e9 --- /dev/null +++ b/common-go-libs/apis/cp/v1alpha3/groupversion_info.go @@ -0,0 +1,37 @@ +/* + * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +// Package v1alpha3 contains API Schema definitions for the cp v1alpha3 API group +// +kubebuilder:object:generate=true +// +groupName=cp.wso2.com +package v1alpha3 + +import ( + "k8s.io/apimachinery/pkg/runtime/schema" + "sigs.k8s.io/controller-runtime/pkg/scheme" +) + +var ( + // GroupVersion is group version used to register these objects + GroupVersion = schema.GroupVersion{Group: "cp.wso2.com", Version: "v1alpha3"} + + // SchemeBuilder is used to add go types to the GroupVersionKind scheme + SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} + + // AddToScheme adds the types in this group-version to the given scheme. + AddToScheme = SchemeBuilder.AddToScheme +) diff --git a/common-go-libs/apis/cp/v1alpha3/subscription_types.go b/common-go-libs/apis/cp/v1alpha3/subscription_types.go new file mode 100644 index 000000000..eea3c5288 --- /dev/null +++ b/common-go-libs/apis/cp/v1alpha3/subscription_types.go @@ -0,0 +1,77 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +package v1alpha3 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! +// NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized. + +// SubscriptionSpec defines the desired state of Subscription +type SubscriptionSpec struct { + SubscriptionStatus string `json:"subscriptionStatus"` + Organization string `json:"organization"` + API API `json:"api"` + RatelimitRef RatelimitRef `json:"ratelimitRef"` +} + +// API defines the API associated with the subscription +type API struct { + Name string `json:"name"` + Version string `json:"version"` +} + +// RatelimitRef defines the ratelimit associated with the subscription +type RatelimitRef struct { + Name string `json:"name"` + Level string `json:"level"` +} + +// SubscriptionStatus defines the observed state of Subscription +type SubscriptionStatus struct { + // INSERT ADDITIONAL STATUS FIELD - define observed state of cluster + // Important: Run "make" to regenerate code after modifying this file +} + +//+kubebuilder:object:root=true +//+kubebuilder:subresource:status +//+kubebuilder:storageversion + +// Subscription is the Schema for the subscriptions API +type Subscription struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + Spec SubscriptionSpec `json:"spec,omitempty"` + Status SubscriptionStatus `json:"status,omitempty"` +} + +//+kubebuilder:object:root=true + +// SubscriptionList contains a list of Subscription +type SubscriptionList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + Items []Subscription `json:"items"` +} + +func init() { + SchemeBuilder.Register(&Subscription{}, &SubscriptionList{}) +} diff --git a/common-go-libs/apis/cp/v1alpha3/zz_generated.deepcopy.go b/common-go-libs/apis/cp/v1alpha3/zz_generated.deepcopy.go new file mode 100644 index 000000000..32f50db79 --- /dev/null +++ b/common-go-libs/apis/cp/v1alpha3/zz_generated.deepcopy.go @@ -0,0 +1,148 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +/* + * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +// Code generated by controller-gen. DO NOT EDIT. + +package v1alpha3 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *API) DeepCopyInto(out *API) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new API. +func (in *API) DeepCopy() *API { + if in == nil { + return nil + } + out := new(API) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RatelimitRef) DeepCopyInto(out *RatelimitRef) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RatelimitRef. +func (in *RatelimitRef) DeepCopy() *RatelimitRef { + if in == nil { + return nil + } + out := new(RatelimitRef) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Subscription) DeepCopyInto(out *Subscription) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + out.Spec = in.Spec + out.Status = in.Status +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Subscription. +func (in *Subscription) DeepCopy() *Subscription { + if in == nil { + return nil + } + out := new(Subscription) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *Subscription) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SubscriptionList) DeepCopyInto(out *SubscriptionList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]Subscription, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SubscriptionList. +func (in *SubscriptionList) DeepCopy() *SubscriptionList { + if in == nil { + return nil + } + out := new(SubscriptionList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *SubscriptionList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SubscriptionSpec) DeepCopyInto(out *SubscriptionSpec) { + *out = *in + out.API = in.API + out.RatelimitRef = in.RatelimitRef +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SubscriptionSpec. +func (in *SubscriptionSpec) DeepCopy() *SubscriptionSpec { + if in == nil { + return nil + } + out := new(SubscriptionSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SubscriptionStatus) DeepCopyInto(out *SubscriptionStatus) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SubscriptionStatus. +func (in *SubscriptionStatus) DeepCopy() *SubscriptionStatus { + if in == nil { + return nil + } + out := new(SubscriptionStatus) + in.DeepCopyInto(out) + return out +} diff --git a/common-go-libs/apis/dp/v1alpha3/aiprovider_types.go b/common-go-libs/apis/dp/v1alpha3/aiprovider_types.go new file mode 100644 index 000000000..acd5c30f9 --- /dev/null +++ b/common-go-libs/apis/dp/v1alpha3/aiprovider_types.go @@ -0,0 +1,81 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +package v1alpha3 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! +// NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized. + +// AIProviderSpec defines the desired state of AIProvider +type AIProviderSpec struct { + // Important: Run "make" to regenerate code after modifying this file + + // +kubebuilder:validation:MinLength=1 + ProviderName string `json:"providerName"` + ProviderAPIVersion string `json:"providerAPIVersion"` + Organization string `json:"organization"` + Model ValueDetails `json:"model"` + RateLimitFields RateLimitFields `json:"rateLimitFields"` +} + +// RateLimitFields defines the Rate Limit fields +type RateLimitFields struct { + PromptTokens ValueDetails `json:"promptTokens"` + CompletionToken ValueDetails `json:"completionToken"` + TotalToken ValueDetails `json:"totalToken"` +} + +// ValueDetails defines the value details +type ValueDetails struct { + In string `json:"in"` + Value string `json:"value"` +} + +// AIProviderStatus defines the observed state of AIProvider +type AIProviderStatus struct { + // INSERT ADDITIONAL STATUS FIELD - define observed state of cluster + // Important: Run "make" to regenerate code after modifying this file +} + +//+kubebuilder:object:root=true +//+kubebuilder:subresource:status + +// AIProvider is the Schema for the aiproviders API +type AIProvider struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + Spec AIProviderSpec `json:"spec,omitempty"` + Status AIProviderStatus `json:"status,omitempty"` +} + +//+kubebuilder:object:root=true + +// AIProviderList contains a list of AIProvider +type AIProviderList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + Items []AIProvider `json:"items"` +} + +func init() { + SchemeBuilder.Register(&AIProvider{}, &AIProviderList{}) +} diff --git a/common-go-libs/apis/dp/v1alpha3/apipolicy_types.go b/common-go-libs/apis/dp/v1alpha3/apipolicy_types.go new file mode 100644 index 000000000..79f042ee9 --- /dev/null +++ b/common-go-libs/apis/dp/v1alpha3/apipolicy_types.go @@ -0,0 +1,165 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +package v1alpha3 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + gwapiv1b1 "sigs.k8s.io/gateway-api/apis/v1alpha2" +) + +// EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! +// NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized. + +// APIPolicySpec defines the desired state of APIPolicy +type APIPolicySpec struct { + Default *PolicySpec `json:"default,omitempty"` + Override *PolicySpec `json:"override,omitempty"` + TargetRef gwapiv1b1.PolicyTargetReference `json:"targetRef,omitempty"` +} + +// PolicySpec contains API policies +type PolicySpec struct { + // RequestInterceptors referenced to intercetor services to be applied + // to the request flow. + // + // +optional + // +nullable + // +kubebuilder:validation:MaxItems=1 + RequestInterceptors []InterceptorReference `json:"requestInterceptors,omitempty"` + + // ResponseInterceptors referenced to intercetor services to be applied + // to the response flow. + // + // +optional + // +nullable + // +kubebuilder:validation:MaxItems=1 + ResponseInterceptors []InterceptorReference `json:"responseInterceptors,omitempty"` + + // BackendJWTPolicy holds reference to backendJWT policy configurations + BackendJWTPolicy *BackendJWTToken `json:"backendJwtPolicy,omitempty"` + + // CORS policy to be applied to the API. + CORSPolicy *CORSPolicy `json:"cORSPolicy,omitempty"` + + // SubscriptionValidation denotes whether subscription validation is enabled for the API + // + // +kubebuilder:default:=false + // +optional + SubscriptionValidation bool `json:"subscriptionValidation"` + + // AIProvider referenced to AIProvider resource to be applied + // to the API. + AIProvider *AIProviderReference `json:"aiProvider,omitempty"` +} + +// BackendJWTToken holds backend JWT token information +type BackendJWTToken struct { + // Name holds the name of the BackendJWT resource. + Name string `json:"name,omitempty"` +} + +// CORSPolicy holds CORS policy information +type CORSPolicy struct { + + // Enabled is to enable CORs policy for the API. + // + // +kubebuilder:default=true + // +optional + Enabled bool `json:"enabled"` + + // AllowCredentials indicates whether the request can include user credentials like + // cookies, HTTP authentication or client side SSL certificates. + // + // +optional + AccessControlAllowCredentials bool `json:"accessControlAllowCredentials,omitempty"` + + // AccessControlAllowHeaders indicates which headers can be used + // during the actual request. + // + // +optional + AccessControlAllowHeaders []string `json:"accessControlAllowHeaders,omitempty"` + + // AccessControlAllowMethods indicates which methods can be used + // during the actual request. + // + // +optional + AccessControlAllowMethods []string `json:"accessControlAllowMethods,omitempty"` + + // AccessControlAllowOrigins indicates which origins can be used + // during the actual request. + // + // +optional + AccessControlAllowOrigins []string `json:"accessControlAllowOrigins,omitempty"` + + // AccessControlExposeHeaders indicates which headers can be exposed + // as part of the response by listing their names. + // + // +optional + AccessControlExposeHeaders []string `json:"accessControlExposeHeaders,omitempty"` + + // AccessControlMaxAge indicates how long the results of a preflight request + // can be cached in a preflight result cache. + // + // +optional + AccessControlMaxAge *int `json:"accessControlMaxAge,omitempty"` +} + +// InterceptorReference holds InterceptorService reference using name and namespace +type InterceptorReference struct { + // Name is the referced CR's name of InterceptorService resource. + Name string `json:"name"` +} + +// AIProviderReference holds reference to AIProvider resource +type AIProviderReference struct { + // Name is the referced CR's name of AIProvider resource. + Name string `json:"name"` +} + +// APIPolicyStatus defines the observed state of APIPolicy +type APIPolicyStatus struct { + // INSERT ADDITIONAL STATUS FIELD - define observed state of cluster + // Important: Run "make" to regenerate code after modifying this file +} + +// +genclient +//+kubebuilder:object:root=true +//+kubebuilder:subresource:status +//+kubebuilder:storageversion + +// APIPolicy is the Schema for the apipolicies API +type APIPolicy struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + Spec APIPolicySpec `json:"spec,omitempty"` + Status APIPolicyStatus `json:"status,omitempty"` +} + +//+kubebuilder:object:root=true + +// APIPolicyList contains a list of APIPolicy +type APIPolicyList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + Items []APIPolicy `json:"items"` +} + +func init() { + SchemeBuilder.Register(&APIPolicy{}, &APIPolicyList{}) +} diff --git a/common-go-libs/apis/dp/v1alpha3/groupversion_info.go b/common-go-libs/apis/dp/v1alpha3/groupversion_info.go new file mode 100644 index 000000000..d250ac6d9 --- /dev/null +++ b/common-go-libs/apis/dp/v1alpha3/groupversion_info.go @@ -0,0 +1,37 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +// Package v1alpha3 contains API Schema definitions for the dp v1alpha3 API group +// +kubebuilder:object:generate=true +// +groupName=dp.wso2.com +package v1alpha3 + +import ( + "k8s.io/apimachinery/pkg/runtime/schema" + "sigs.k8s.io/controller-runtime/pkg/scheme" +) + +var ( + // GroupVersion is group version used to register these objects + GroupVersion = schema.GroupVersion{Group: "dp.wso2.com", Version: "v1alpha3"} + + // SchemeBuilder is used to add go types to the GroupVersionKind scheme + SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} + + // AddToScheme adds the types in this group-version to the given scheme. + AddToScheme = SchemeBuilder.AddToScheme +) diff --git a/common-go-libs/apis/dp/v1alpha3/ratelimitpolicy_types.go b/common-go-libs/apis/dp/v1alpha3/ratelimitpolicy_types.go new file mode 100644 index 000000000..f7476e4c5 --- /dev/null +++ b/common-go-libs/apis/dp/v1alpha3/ratelimitpolicy_types.go @@ -0,0 +1,142 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +package v1alpha3 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + gwapiv1b1 "sigs.k8s.io/gateway-api/apis/v1alpha2" +) + +// RateLimitPolicySpec defines the desired state of RateLimitPolicy +type RateLimitPolicySpec struct { + Default *RateLimitAPIPolicy `json:"default,omitempty"` + Override *RateLimitAPIPolicy `json:"override,omitempty"` + TargetRef gwapiv1b1.PolicyTargetReference `json:"targetRef,omitempty"` +} + +// RateLimitAPIPolicy defines the desired state of Policy +type RateLimitAPIPolicy struct { + + // API level ratelimit policy + // + // +optional + API *APIRateLimitPolicy `json:"api,omitempty"` + + // Subscription level ratelimit policy + // + // +optional + Subscription *SubscriptionRateLimitPolicy `json:"subscription,omitempty"` + + // Custom ratelimit policy + // + // +optional + Custom *CustomRateLimitPolicy `json:"custom,omitempty"` +} + +// APIRateLimitPolicy defines the desired state of APIPolicy +type APIRateLimitPolicy struct { + // RequestPerUnit is the number of requests allowed per unit time + // + // +kubeBuilder:validation:Minimum=1 + RequestsPerUnit uint32 `json:"requestsPerUnit,omitempty"` + + // Unit is the unit of the requestsPerUnit + // + // +kubebuilder:validation:Enum=Minute;Hour;Day + Unit string `json:"unit,omitempty"` +} + +// SubscriptionRateLimitPolicy defines the subscription-level rate limiting policy. +type SubscriptionRateLimitPolicy struct { + StopOnQuotaReach bool `json:"stopOnQuotaReach"` + Organization string `json:"organization"` + RequestCount *RequestCount `json:"requestCount,omitempty"` + BurstControl *BurstControl `json:"burstControl,omitempty"` +} + +// RequestCount defines the rule for request count quota. +type RequestCount struct { + RequestsPerUnit uint32 `json:"requestsPerUnit,omitempty"` + Unit string `json:"unit,omitempty"` +} + +// BurstControl defines the rule for token count quota. +type BurstControl struct { + RequestsPerUnit uint32 `json:"requestsPerUnit,omitempty"` + Unit string `json:"unit,omitempty"` +} + +// CustomRateLimitPolicy defines the desired state of CustomPolicy +type CustomRateLimitPolicy struct { + // RequestPerUnit is the number of requests allowed per unit time + // + // +kubeBuilder:validation:Minimum=1 + RequestsPerUnit uint32 `json:"requestsPerUnit,omitempty"` + + // Unit is the unit of the requestsPerUnit + // + // +kubebuilder:validation:Enum=Minute;Hour;Day + Unit string `json:"unit,omitempty"` + + // Key is the key of the custom policy + // + // +kubebuilder:validation:MinLength=1 + Key string `json:"key,omitempty"` + + // Value is the value of the custom policy + // + // +optional + Value string `json:"value,omitempty"` + + // Organization is the organization of the policy + // + // +kubeBuilder:validation:MinLength=1 + Organization string `json:"organization,omitempty"` +} + +// RateLimitPolicyStatus defines the observed state of RateLimitPolicy +type RateLimitPolicyStatus struct { + // INSERT ADDITIONAL STATUS FIELD - define observed state of cluster + // Important: Run "make" to regenerate code after modifying this file +} + +//+kubebuilder:object:root=true +//+kubebuilder:subresource:status +//+kubebuilder:storageversion + +// RateLimitPolicy is the Schema for the ratelimitpolicies API +type RateLimitPolicy struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + Spec RateLimitPolicySpec `json:"spec,omitempty"` + Status RateLimitPolicyStatus `json:"status,omitempty"` +} + +//+kubebuilder:object:root=true + +// RateLimitPolicyList contains a list of RateLimitPolicy +type RateLimitPolicyList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + Items []RateLimitPolicy `json:"items"` +} + +func init() { + SchemeBuilder.Register(&RateLimitPolicy{}, &RateLimitPolicyList{}) +} diff --git a/common-go-libs/apis/dp/v1alpha3/resolveSubscriptionRatelimit.go b/common-go-libs/apis/dp/v1alpha3/resolveSubscriptionRatelimit.go new file mode 100644 index 000000000..0d6667afd --- /dev/null +++ b/common-go-libs/apis/dp/v1alpha3/resolveSubscriptionRatelimit.go @@ -0,0 +1,39 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +package v1alpha3 + +// ResolveSubscriptionRatelimitPolicy defines the structure to resolve subscription rate limit policies. +type ResolveSubscriptionRatelimitPolicy struct { + Name string `json:"name"` + StopOnQuotaReach bool `json:"stopOnQuotaReach"` + Organization string `json:"organization"` + RequestCount ResolveRequestCount `json:"requestCount,omitempty"` + BurstControl ResolveBurstControl `json:"burstControl,omitempty"` +} + +// ResolveRequestCount defines the rule for request count quota. +type ResolveRequestCount struct { + RequestsPerUnit uint32 `json:"requestsPerUnit,omitempty"` + Unit string `json:"unit,omitempty"` +} + +// ResolveBurstControl defines the rule for token count quota. +type ResolveBurstControl struct { + RequestsPerUnit uint32 `json:"requestsPerUnit,omitempty"` + Unit string `json:"unit,omitempty"` +} diff --git a/common-go-libs/apis/dp/v1alpha3/zz_generated.deepcopy.go b/common-go-libs/apis/dp/v1alpha3/zz_generated.deepcopy.go new file mode 100644 index 000000000..433662bac --- /dev/null +++ b/common-go-libs/apis/dp/v1alpha3/zz_generated.deepcopy.go @@ -0,0 +1,638 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +/* + * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +// Code generated by controller-gen. DO NOT EDIT. + +package v1alpha3 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AIProvider) DeepCopyInto(out *AIProvider) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + out.Spec = in.Spec + out.Status = in.Status +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AIProvider. +func (in *AIProvider) DeepCopy() *AIProvider { + if in == nil { + return nil + } + out := new(AIProvider) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *AIProvider) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AIProviderList) DeepCopyInto(out *AIProviderList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]AIProvider, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AIProviderList. +func (in *AIProviderList) DeepCopy() *AIProviderList { + if in == nil { + return nil + } + out := new(AIProviderList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *AIProviderList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AIProviderReference) DeepCopyInto(out *AIProviderReference) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AIProviderReference. +func (in *AIProviderReference) DeepCopy() *AIProviderReference { + if in == nil { + return nil + } + out := new(AIProviderReference) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AIProviderSpec) DeepCopyInto(out *AIProviderSpec) { + *out = *in + out.Model = in.Model + out.RateLimitFields = in.RateLimitFields +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AIProviderSpec. +func (in *AIProviderSpec) DeepCopy() *AIProviderSpec { + if in == nil { + return nil + } + out := new(AIProviderSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AIProviderStatus) DeepCopyInto(out *AIProviderStatus) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AIProviderStatus. +func (in *AIProviderStatus) DeepCopy() *AIProviderStatus { + if in == nil { + return nil + } + out := new(AIProviderStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *APIPolicy) DeepCopyInto(out *APIPolicy) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + out.Status = in.Status +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIPolicy. +func (in *APIPolicy) DeepCopy() *APIPolicy { + if in == nil { + return nil + } + out := new(APIPolicy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *APIPolicy) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *APIPolicyList) DeepCopyInto(out *APIPolicyList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]APIPolicy, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIPolicyList. +func (in *APIPolicyList) DeepCopy() *APIPolicyList { + if in == nil { + return nil + } + out := new(APIPolicyList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *APIPolicyList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *APIPolicySpec) DeepCopyInto(out *APIPolicySpec) { + *out = *in + if in.Default != nil { + in, out := &in.Default, &out.Default + *out = new(PolicySpec) + (*in).DeepCopyInto(*out) + } + if in.Override != nil { + in, out := &in.Override, &out.Override + *out = new(PolicySpec) + (*in).DeepCopyInto(*out) + } + in.TargetRef.DeepCopyInto(&out.TargetRef) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIPolicySpec. +func (in *APIPolicySpec) DeepCopy() *APIPolicySpec { + if in == nil { + return nil + } + out := new(APIPolicySpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *APIPolicyStatus) DeepCopyInto(out *APIPolicyStatus) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIPolicyStatus. +func (in *APIPolicyStatus) DeepCopy() *APIPolicyStatus { + if in == nil { + return nil + } + out := new(APIPolicyStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *APIRateLimitPolicy) DeepCopyInto(out *APIRateLimitPolicy) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIRateLimitPolicy. +func (in *APIRateLimitPolicy) DeepCopy() *APIRateLimitPolicy { + if in == nil { + return nil + } + out := new(APIRateLimitPolicy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *BackendJWTToken) DeepCopyInto(out *BackendJWTToken) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BackendJWTToken. +func (in *BackendJWTToken) DeepCopy() *BackendJWTToken { + if in == nil { + return nil + } + out := new(BackendJWTToken) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *BurstControl) DeepCopyInto(out *BurstControl) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BurstControl. +func (in *BurstControl) DeepCopy() *BurstControl { + if in == nil { + return nil + } + out := new(BurstControl) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CORSPolicy) DeepCopyInto(out *CORSPolicy) { + *out = *in + if in.AccessControlAllowHeaders != nil { + in, out := &in.AccessControlAllowHeaders, &out.AccessControlAllowHeaders + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.AccessControlAllowMethods != nil { + in, out := &in.AccessControlAllowMethods, &out.AccessControlAllowMethods + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.AccessControlAllowOrigins != nil { + in, out := &in.AccessControlAllowOrigins, &out.AccessControlAllowOrigins + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.AccessControlExposeHeaders != nil { + in, out := &in.AccessControlExposeHeaders, &out.AccessControlExposeHeaders + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.AccessControlMaxAge != nil { + in, out := &in.AccessControlMaxAge, &out.AccessControlMaxAge + *out = new(int) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CORSPolicy. +func (in *CORSPolicy) DeepCopy() *CORSPolicy { + if in == nil { + return nil + } + out := new(CORSPolicy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CustomRateLimitPolicy) DeepCopyInto(out *CustomRateLimitPolicy) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomRateLimitPolicy. +func (in *CustomRateLimitPolicy) DeepCopy() *CustomRateLimitPolicy { + if in == nil { + return nil + } + out := new(CustomRateLimitPolicy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *InterceptorReference) DeepCopyInto(out *InterceptorReference) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InterceptorReference. +func (in *InterceptorReference) DeepCopy() *InterceptorReference { + if in == nil { + return nil + } + out := new(InterceptorReference) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PolicySpec) DeepCopyInto(out *PolicySpec) { + *out = *in + if in.RequestInterceptors != nil { + in, out := &in.RequestInterceptors, &out.RequestInterceptors + *out = make([]InterceptorReference, len(*in)) + copy(*out, *in) + } + if in.ResponseInterceptors != nil { + in, out := &in.ResponseInterceptors, &out.ResponseInterceptors + *out = make([]InterceptorReference, len(*in)) + copy(*out, *in) + } + if in.BackendJWTPolicy != nil { + in, out := &in.BackendJWTPolicy, &out.BackendJWTPolicy + *out = new(BackendJWTToken) + **out = **in + } + if in.CORSPolicy != nil { + in, out := &in.CORSPolicy, &out.CORSPolicy + *out = new(CORSPolicy) + (*in).DeepCopyInto(*out) + } + if in.AIProvider != nil { + in, out := &in.AIProvider, &out.AIProvider + *out = new(AIProviderReference) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicySpec. +func (in *PolicySpec) DeepCopy() *PolicySpec { + if in == nil { + return nil + } + out := new(PolicySpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RateLimitAPIPolicy) DeepCopyInto(out *RateLimitAPIPolicy) { + *out = *in + if in.API != nil { + in, out := &in.API, &out.API + *out = new(APIRateLimitPolicy) + **out = **in + } + if in.Subscription != nil { + in, out := &in.Subscription, &out.Subscription + *out = new(SubscriptionRateLimitPolicy) + (*in).DeepCopyInto(*out) + } + if in.Custom != nil { + in, out := &in.Custom, &out.Custom + *out = new(CustomRateLimitPolicy) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RateLimitAPIPolicy. +func (in *RateLimitAPIPolicy) DeepCopy() *RateLimitAPIPolicy { + if in == nil { + return nil + } + out := new(RateLimitAPIPolicy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RateLimitFields) DeepCopyInto(out *RateLimitFields) { + *out = *in + out.PromptTokens = in.PromptTokens + out.CompletionToken = in.CompletionToken + out.TotalToken = in.TotalToken +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RateLimitFields. +func (in *RateLimitFields) DeepCopy() *RateLimitFields { + if in == nil { + return nil + } + out := new(RateLimitFields) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RateLimitPolicy) DeepCopyInto(out *RateLimitPolicy) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + out.Status = in.Status +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RateLimitPolicy. +func (in *RateLimitPolicy) DeepCopy() *RateLimitPolicy { + if in == nil { + return nil + } + out := new(RateLimitPolicy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *RateLimitPolicy) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RateLimitPolicyList) DeepCopyInto(out *RateLimitPolicyList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]RateLimitPolicy, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RateLimitPolicyList. +func (in *RateLimitPolicyList) DeepCopy() *RateLimitPolicyList { + if in == nil { + return nil + } + out := new(RateLimitPolicyList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *RateLimitPolicyList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RateLimitPolicySpec) DeepCopyInto(out *RateLimitPolicySpec) { + *out = *in + if in.Default != nil { + in, out := &in.Default, &out.Default + *out = new(RateLimitAPIPolicy) + (*in).DeepCopyInto(*out) + } + if in.Override != nil { + in, out := &in.Override, &out.Override + *out = new(RateLimitAPIPolicy) + (*in).DeepCopyInto(*out) + } + in.TargetRef.DeepCopyInto(&out.TargetRef) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RateLimitPolicySpec. +func (in *RateLimitPolicySpec) DeepCopy() *RateLimitPolicySpec { + if in == nil { + return nil + } + out := new(RateLimitPolicySpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RateLimitPolicyStatus) DeepCopyInto(out *RateLimitPolicyStatus) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RateLimitPolicyStatus. +func (in *RateLimitPolicyStatus) DeepCopy() *RateLimitPolicyStatus { + if in == nil { + return nil + } + out := new(RateLimitPolicyStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RequestCount) DeepCopyInto(out *RequestCount) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequestCount. +func (in *RequestCount) DeepCopy() *RequestCount { + if in == nil { + return nil + } + out := new(RequestCount) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ResolveBurstControl) DeepCopyInto(out *ResolveBurstControl) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResolveBurstControl. +func (in *ResolveBurstControl) DeepCopy() *ResolveBurstControl { + if in == nil { + return nil + } + out := new(ResolveBurstControl) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ResolveRequestCount) DeepCopyInto(out *ResolveRequestCount) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResolveRequestCount. +func (in *ResolveRequestCount) DeepCopy() *ResolveRequestCount { + if in == nil { + return nil + } + out := new(ResolveRequestCount) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ResolveSubscriptionRatelimitPolicy) DeepCopyInto(out *ResolveSubscriptionRatelimitPolicy) { + *out = *in + out.RequestCount = in.RequestCount + out.BurstControl = in.BurstControl +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResolveSubscriptionRatelimitPolicy. +func (in *ResolveSubscriptionRatelimitPolicy) DeepCopy() *ResolveSubscriptionRatelimitPolicy { + if in == nil { + return nil + } + out := new(ResolveSubscriptionRatelimitPolicy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SubscriptionRateLimitPolicy) DeepCopyInto(out *SubscriptionRateLimitPolicy) { + *out = *in + if in.RequestCount != nil { + in, out := &in.RequestCount, &out.RequestCount + *out = new(RequestCount) + **out = **in + } + if in.BurstControl != nil { + in, out := &in.BurstControl, &out.BurstControl + *out = new(BurstControl) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SubscriptionRateLimitPolicy. +func (in *SubscriptionRateLimitPolicy) DeepCopy() *SubscriptionRateLimitPolicy { + if in == nil { + return nil + } + out := new(SubscriptionRateLimitPolicy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ValueDetails) DeepCopyInto(out *ValueDetails) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ValueDetails. +func (in *ValueDetails) DeepCopy() *ValueDetails { + if in == nil { + return nil + } + out := new(ValueDetails) + in.DeepCopyInto(out) + return out +} diff --git a/common-go-libs/config/crd/bases/cp.wso2.com_subscriptions.yaml b/common-go-libs/config/crd/bases/cp.wso2.com_subscriptions.yaml index 172cb762c..042c21e77 100644 --- a/common-go-libs/config/crd/bases/cp.wso2.com_subscriptions.yaml +++ b/common-go-libs/config/crd/bases/cp.wso2.com_subscriptions.yaml @@ -59,6 +59,67 @@ spec: type: object type: object served: true + storage: false + subresources: + status: {} + - name: v1alpha3 + schema: + openAPIV3Schema: + description: Subscription is the Schema for the subscriptions API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: SubscriptionSpec defines the desired state of Subscription + properties: + api: + description: API defines the API associated with the subscription + properties: + name: + type: string + version: + type: string + required: + - name + - version + type: object + organization: + type: string + ratelimitRef: + description: RatelimitRef defines the ratelimit associated with the + subscription + properties: + level: + type: string + name: + type: string + required: + - level + - name + type: object + subscriptionStatus: + type: string + required: + - api + - organization + - ratelimitRef + - subscriptionStatus + type: object + status: + description: SubscriptionStatus defines the observed state of Subscription + type: object + type: object + served: true storage: true subresources: status: {} diff --git a/common-go-libs/config/crd/bases/dp.wso2.com_aiproviders.yaml b/common-go-libs/config/crd/bases/dp.wso2.com_aiproviders.yaml new file mode 100644 index 000000000..7e3634e7a --- /dev/null +++ b/common-go-libs/config/crd/bases/dp.wso2.com_aiproviders.yaml @@ -0,0 +1,110 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.12.0 + name: aiproviders.dp.wso2.com +spec: + group: dp.wso2.com + names: + kind: AIProvider + listKind: AIProviderList + plural: aiproviders + singular: aiprovider + scope: Namespaced + versions: + - name: v1alpha3 + schema: + openAPIV3Schema: + description: AIProvider is the Schema for the aiproviders API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: AIProviderSpec defines the desired state of AIProvider + properties: + model: + description: ValueDetails defines the value details + properties: + in: + type: string + value: + type: string + required: + - in + - value + type: object + organization: + type: string + providerAPIVersion: + type: string + providerName: + minLength: 1 + type: string + rateLimitFields: + description: RateLimitFields defines the Rate Limit fields + properties: + completionToken: + description: ValueDetails defines the value details + properties: + in: + type: string + value: + type: string + required: + - in + - value + type: object + promptTokens: + description: ValueDetails defines the value details + properties: + in: + type: string + value: + type: string + required: + - in + - value + type: object + totalToken: + description: ValueDetails defines the value details + properties: + in: + type: string + value: + type: string + required: + - in + - value + type: object + required: + - completionToken + - promptTokens + - totalToken + type: object + required: + - model + - organization + - providerAPIVersion + - providerName + - rateLimitFields + type: object + status: + description: AIProviderStatus defines the observed state of AIProvider + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/common-go-libs/config/crd/bases/dp.wso2.com_apipolicies.yaml b/common-go-libs/config/crd/bases/dp.wso2.com_apipolicies.yaml index 5465823df..393206df5 100644 --- a/common-go-libs/config/crd/bases/dp.wso2.com_apipolicies.yaml +++ b/common-go-libs/config/crd/bases/dp.wso2.com_apipolicies.yaml @@ -506,3 +506,280 @@ spec: storage: true subresources: status: {} + - name: v1alpha3 + schema: + openAPIV3Schema: + description: APIPolicy is the Schema for the apipolicies API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: APIPolicySpec defines the desired state of APIPolicy + properties: + default: + description: PolicySpec contains API policies + properties: + aiProvider: + description: AIProvider referenced to AIProvider resource to be + applied to the API. + properties: + name: + description: Name is the referced CR's name of AIProvider + resource. + type: string + required: + - name + type: object + backendJwtPolicy: + description: BackendJWTPolicy holds reference to backendJWT policy + configurations + properties: + name: + description: Name holds the name of the BackendJWT resource. + type: string + type: object + cORSPolicy: + description: CORS policy to be applied to the API. + properties: + accessControlAllowCredentials: + description: AllowCredentials indicates whether the request + can include user credentials like cookies, HTTP authentication + or client side SSL certificates. + type: boolean + accessControlAllowHeaders: + description: AccessControlAllowHeaders indicates which headers + can be used during the actual request. + items: + type: string + type: array + accessControlAllowMethods: + description: AccessControlAllowMethods indicates which methods + can be used during the actual request. + items: + type: string + type: array + accessControlAllowOrigins: + description: AccessControlAllowOrigins indicates which origins + can be used during the actual request. + items: + type: string + type: array + accessControlExposeHeaders: + description: AccessControlExposeHeaders indicates which headers + can be exposed as part of the response by listing their + names. + items: + type: string + type: array + accessControlMaxAge: + description: AccessControlMaxAge indicates how long the results + of a preflight request can be cached in a preflight result + cache. + type: integer + enabled: + default: true + description: Enabled is to enable CORs policy for the API. + type: boolean + type: object + requestInterceptors: + description: RequestInterceptors referenced to intercetor services + to be applied to the request flow. + items: + description: InterceptorReference holds InterceptorService reference + using name and namespace + properties: + name: + description: Name is the referced CR's name of InterceptorService + resource. + type: string + required: + - name + type: object + maxItems: 1 + nullable: true + type: array + responseInterceptors: + description: ResponseInterceptors referenced to intercetor services + to be applied to the response flow. + items: + description: InterceptorReference holds InterceptorService reference + using name and namespace + properties: + name: + description: Name is the referced CR's name of InterceptorService + resource. + type: string + required: + - name + type: object + maxItems: 1 + nullable: true + type: array + subscriptionValidation: + default: false + description: SubscriptionValidation denotes whether subscription + validation is enabled for the API + type: boolean + type: object + override: + description: PolicySpec contains API policies + properties: + aiProvider: + description: AIProvider referenced to AIProvider resource to be + applied to the API. + properties: + name: + description: Name is the referced CR's name of AIProvider + resource. + type: string + required: + - name + type: object + backendJwtPolicy: + description: BackendJWTPolicy holds reference to backendJWT policy + configurations + properties: + name: + description: Name holds the name of the BackendJWT resource. + type: string + type: object + cORSPolicy: + description: CORS policy to be applied to the API. + properties: + accessControlAllowCredentials: + description: AllowCredentials indicates whether the request + can include user credentials like cookies, HTTP authentication + or client side SSL certificates. + type: boolean + accessControlAllowHeaders: + description: AccessControlAllowHeaders indicates which headers + can be used during the actual request. + items: + type: string + type: array + accessControlAllowMethods: + description: AccessControlAllowMethods indicates which methods + can be used during the actual request. + items: + type: string + type: array + accessControlAllowOrigins: + description: AccessControlAllowOrigins indicates which origins + can be used during the actual request. + items: + type: string + type: array + accessControlExposeHeaders: + description: AccessControlExposeHeaders indicates which headers + can be exposed as part of the response by listing their + names. + items: + type: string + type: array + accessControlMaxAge: + description: AccessControlMaxAge indicates how long the results + of a preflight request can be cached in a preflight result + cache. + type: integer + enabled: + default: true + description: Enabled is to enable CORs policy for the API. + type: boolean + type: object + requestInterceptors: + description: RequestInterceptors referenced to intercetor services + to be applied to the request flow. + items: + description: InterceptorReference holds InterceptorService reference + using name and namespace + properties: + name: + description: Name is the referced CR's name of InterceptorService + resource. + type: string + required: + - name + type: object + maxItems: 1 + nullable: true + type: array + responseInterceptors: + description: ResponseInterceptors referenced to intercetor services + to be applied to the response flow. + items: + description: InterceptorReference holds InterceptorService reference + using name and namespace + properties: + name: + description: Name is the referced CR's name of InterceptorService + resource. + type: string + required: + - name + type: object + maxItems: 1 + nullable: true + type: array + subscriptionValidation: + default: false + description: SubscriptionValidation denotes whether subscription + validation is enabled for the API + type: boolean + type: object + targetRef: + description: PolicyTargetReference identifies an API object to apply + a direct or inherited policy to. This should be used as part of + Policy resources that can target Gateway API resources. For more + information on how this policy attachment model works, and a sample + Policy resource, refer to the policy attachment documentation for + Gateway API. + properties: + group: + description: Group is the group of the target resource. + maxLength: 253 + pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + type: string + kind: + description: Kind is kind of the target resource. + maxLength: 63 + minLength: 1 + pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ + type: string + name: + description: Name is the name of the target resource. + maxLength: 253 + minLength: 1 + type: string + namespace: + description: Namespace is the namespace of the referent. When + unspecified, the local namespace is inferred. Even when policy + targets a resource in a different namespace, it MUST only apply + to traffic originating from the same namespace as the policy. + maxLength: 63 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ + type: string + required: + - group + - kind + - name + type: object + type: object + status: + description: APIPolicyStatus defines the observed state of APIPolicy + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/common-go-libs/config/crd/bases/dp.wso2.com_ratelimitpolicies.yaml b/common-go-libs/config/crd/bases/dp.wso2.com_ratelimitpolicies.yaml index e6f8a3fab..725bd1d2c 100644 --- a/common-go-libs/config/crd/bases/dp.wso2.com_ratelimitpolicies.yaml +++ b/common-go-libs/config/crd/bases/dp.wso2.com_ratelimitpolicies.yaml @@ -170,6 +170,227 @@ spec: type: object type: object served: true + storage: false + subresources: + status: {} + - name: v1alpha3 + schema: + openAPIV3Schema: + description: RateLimitPolicy is the Schema for the ratelimitpolicies API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: RateLimitPolicySpec defines the desired state of RateLimitPolicy + properties: + default: + description: RateLimitAPIPolicy defines the desired state of Policy + properties: + api: + description: API level ratelimit policy + properties: + requestsPerUnit: + description: RequestPerUnit is the number of requests allowed + per unit time + format: int32 + type: integer + unit: + description: Unit is the unit of the requestsPerUnit + enum: + - Minute + - Hour + - Day + type: string + type: object + custom: + description: Custom ratelimit policy + properties: + key: + description: Key is the key of the custom policy + minLength: 1 + type: string + organization: + description: Organization is the organization of the policy + type: string + requestsPerUnit: + description: RequestPerUnit is the number of requests allowed + per unit time + format: int32 + type: integer + unit: + description: Unit is the unit of the requestsPerUnit + enum: + - Minute + - Hour + - Day + type: string + value: + description: Value is the value of the custom policy + type: string + type: object + subscription: + description: Subscription level ratelimit policy + properties: + burstControl: + description: BurstControl defines the rule for token count + quota. + properties: + requestsPerUnit: + format: int32 + type: integer + unit: + type: string + type: object + organization: + type: string + requestCount: + description: RequestCount defines the rule for request count + quota. + properties: + requestsPerUnit: + format: int32 + type: integer + unit: + type: string + type: object + stopOnQuotaReach: + type: boolean + required: + - organization + - stopOnQuotaReach + type: object + type: object + override: + description: RateLimitAPIPolicy defines the desired state of Policy + properties: + api: + description: API level ratelimit policy + properties: + requestsPerUnit: + description: RequestPerUnit is the number of requests allowed + per unit time + format: int32 + type: integer + unit: + description: Unit is the unit of the requestsPerUnit + enum: + - Minute + - Hour + - Day + type: string + type: object + custom: + description: Custom ratelimit policy + properties: + key: + description: Key is the key of the custom policy + minLength: 1 + type: string + organization: + description: Organization is the organization of the policy + type: string + requestsPerUnit: + description: RequestPerUnit is the number of requests allowed + per unit time + format: int32 + type: integer + unit: + description: Unit is the unit of the requestsPerUnit + enum: + - Minute + - Hour + - Day + type: string + value: + description: Value is the value of the custom policy + type: string + type: object + subscription: + description: Subscription level ratelimit policy + properties: + burstControl: + description: BurstControl defines the rule for token count + quota. + properties: + requestsPerUnit: + format: int32 + type: integer + unit: + type: string + type: object + organization: + type: string + requestCount: + description: RequestCount defines the rule for request count + quota. + properties: + requestsPerUnit: + format: int32 + type: integer + unit: + type: string + type: object + stopOnQuotaReach: + type: boolean + required: + - organization + - stopOnQuotaReach + type: object + type: object + targetRef: + description: PolicyTargetReference identifies an API object to apply + a direct or inherited policy to. This should be used as part of + Policy resources that can target Gateway API resources. For more + information on how this policy attachment model works, and a sample + Policy resource, refer to the policy attachment documentation for + Gateway API. + properties: + group: + description: Group is the group of the target resource. + maxLength: 253 + pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + type: string + kind: + description: Kind is kind of the target resource. + maxLength: 63 + minLength: 1 + pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ + type: string + name: + description: Name is the name of the target resource. + maxLength: 253 + minLength: 1 + type: string + namespace: + description: Namespace is the namespace of the referent. When + unspecified, the local namespace is inferred. Even when policy + targets a resource in a different namespace, it MUST only apply + to traffic originating from the same namespace as the policy. + maxLength: 63 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ + type: string + required: + - group + - kind + - name + type: object + type: object + status: + description: RateLimitPolicyStatus defines the observed state of RateLimitPolicy + type: object + type: object + served: true storage: true subresources: status: {} diff --git a/common-go-libs/config/crd/kustomization.yaml b/common-go-libs/config/crd/kustomization.yaml new file mode 100644 index 000000000..10ba50c52 --- /dev/null +++ b/common-go-libs/config/crd/kustomization.yaml @@ -0,0 +1,24 @@ +# This kustomization.yaml is not intended to be run by itself, +# since it depends on service name and namespace that are out of this kustomize package. +# It should be run by config/default +resources: +- bases/dp.wso2.com_aiproviders.yaml +- bases/cp.wso2.com_subscriptions.yaml +#+kubebuilder:scaffold:crdkustomizeresource + +patchesStrategicMerge: +# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix. +# patches here are for enabling the conversion webhook for each CRD +#- patches/webhook_in_aiproviders.yaml +#- patches/webhook_in_subscriptions.yaml +#+kubebuilder:scaffold:crdkustomizewebhookpatch + +# [CERTMANAGER] To enable cert-manager, uncomment all the sections with [CERTMANAGER] prefix. +# patches here are for enabling the CA injection for each CRD +#- patches/cainjection_in_aiproviders.yaml +#- patches/cainjection_in_subscriptions.yaml +#+kubebuilder:scaffold:crdkustomizecainjectionpatch + +# the following config is for teaching kustomize how to do kustomization for CRDs. +configurations: +- kustomizeconfig.yaml diff --git a/common-go-libs/config/crd/kustomizeconfig.yaml b/common-go-libs/config/crd/kustomizeconfig.yaml new file mode 100644 index 000000000..ec5c150a9 --- /dev/null +++ b/common-go-libs/config/crd/kustomizeconfig.yaml @@ -0,0 +1,19 @@ +# This file is for teaching kustomize how to substitute name and namespace reference in CRD +nameReference: +- kind: Service + version: v1 + fieldSpecs: + - kind: CustomResourceDefinition + version: v1 + group: apiextensions.k8s.io + path: spec/conversion/webhook/clientConfig/service/name + +namespace: +- kind: CustomResourceDefinition + version: v1 + group: apiextensions.k8s.io + path: spec/conversion/webhook/clientConfig/service/namespace + create: false + +varReference: +- path: metadata/annotations diff --git a/common-go-libs/config/crd/patches/cainjection_in_cp_subscriptions.yaml b/common-go-libs/config/crd/patches/cainjection_in_cp_subscriptions.yaml new file mode 100644 index 000000000..fb858b6c8 --- /dev/null +++ b/common-go-libs/config/crd/patches/cainjection_in_cp_subscriptions.yaml @@ -0,0 +1,7 @@ +# The following patch adds a directive for certmanager to inject CA into the CRD +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) + name: subscriptions.cp.wso2.com diff --git a/common-go-libs/config/crd/patches/cainjection_in_dp_aiprovider.yaml b/common-go-libs/config/crd/patches/cainjection_in_dp_aiprovider.yaml new file mode 100644 index 000000000..32496f3cb --- /dev/null +++ b/common-go-libs/config/crd/patches/cainjection_in_dp_aiprovider.yaml @@ -0,0 +1,7 @@ +# The following patch adds a directive for certmanager to inject CA into the CRD +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) + name: aiproviders.dp.wso2.com diff --git a/common-go-libs/config/crd/patches/webhook_in_cp_subscriptions.yaml b/common-go-libs/config/crd/patches/webhook_in_cp_subscriptions.yaml new file mode 100644 index 000000000..bbdc9b512 --- /dev/null +++ b/common-go-libs/config/crd/patches/webhook_in_cp_subscriptions.yaml @@ -0,0 +1,16 @@ +# The following patch enables a conversion webhook for the CRD +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: subscriptions.cp.wso2.com +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + namespace: system + name: webhook-service + path: /convert + conversionReviewVersions: + - v1 diff --git a/common-go-libs/config/crd/patches/webhook_in_dp_aiprovider.yaml b/common-go-libs/config/crd/patches/webhook_in_dp_aiprovider.yaml new file mode 100644 index 000000000..b77ab9d02 --- /dev/null +++ b/common-go-libs/config/crd/patches/webhook_in_dp_aiprovider.yaml @@ -0,0 +1,16 @@ +# The following patch enables a conversion webhook for the CRD +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: aiproviders.dp.wso2.com +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + namespace: system + name: webhook-service + path: /convert + conversionReviewVersions: + - v1 diff --git a/common-go-libs/config/rbac/cp_subscription_editor_role.yaml b/common-go-libs/config/rbac/cp_subscription_editor_role.yaml new file mode 100644 index 000000000..5edd27911 --- /dev/null +++ b/common-go-libs/config/rbac/cp_subscription_editor_role.yaml @@ -0,0 +1,31 @@ +# permissions for end users to edit subscriptions. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/name: clusterrole + app.kubernetes.io/instance: subscription-editor-role + app.kubernetes.io/component: rbac + app.kubernetes.io/created-by: operator + app.kubernetes.io/part-of: operator + app.kubernetes.io/managed-by: kustomize + name: subscription-editor-role +rules: +- apiGroups: + - cp.wso2.com + resources: + - subscriptions + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - cp.wso2.com + resources: + - subscriptions/status + verbs: + - get diff --git a/common-go-libs/config/rbac/cp_subscription_viewer_role.yaml b/common-go-libs/config/rbac/cp_subscription_viewer_role.yaml new file mode 100644 index 000000000..93dfacbe5 --- /dev/null +++ b/common-go-libs/config/rbac/cp_subscription_viewer_role.yaml @@ -0,0 +1,27 @@ +# permissions for end users to view subscriptions. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/name: clusterrole + app.kubernetes.io/instance: subscription-viewer-role + app.kubernetes.io/component: rbac + app.kubernetes.io/created-by: operator + app.kubernetes.io/part-of: operator + app.kubernetes.io/managed-by: kustomize + name: subscription-viewer-role +rules: +- apiGroups: + - cp.wso2.com + resources: + - subscriptions + verbs: + - get + - list + - watch +- apiGroups: + - cp.wso2.com + resources: + - subscriptions/status + verbs: + - get diff --git a/common-go-libs/config/rbac/dp_aiprovider_editor_role.yaml b/common-go-libs/config/rbac/dp_aiprovider_editor_role.yaml new file mode 100644 index 000000000..82809fbe3 --- /dev/null +++ b/common-go-libs/config/rbac/dp_aiprovider_editor_role.yaml @@ -0,0 +1,31 @@ +# permissions for end users to edit aiproviders. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/name: clusterrole + app.kubernetes.io/instance: aiprovider-editor-role + app.kubernetes.io/component: rbac + app.kubernetes.io/created-by: operator + app.kubernetes.io/part-of: operator + app.kubernetes.io/managed-by: kustomize + name: aiprovider-editor-role +rules: +- apiGroups: + - dp.wso2.com + resources: + - aiproviders + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - dp.wso2.com + resources: + - aiproviders/status + verbs: + - get diff --git a/common-go-libs/config/rbac/dp_aiprovider_viewer_role.yaml b/common-go-libs/config/rbac/dp_aiprovider_viewer_role.yaml new file mode 100644 index 000000000..fe976fe1b --- /dev/null +++ b/common-go-libs/config/rbac/dp_aiprovider_viewer_role.yaml @@ -0,0 +1,27 @@ +# permissions for end users to view aiproviders. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/name: clusterrole + app.kubernetes.io/instance: aiprovider-viewer-role + app.kubernetes.io/component: rbac + app.kubernetes.io/created-by: operator + app.kubernetes.io/part-of: operator + app.kubernetes.io/managed-by: kustomize + name: aiprovider-viewer-role +rules: +- apiGroups: + - dp.wso2.com + resources: + - aiproviders + verbs: + - get + - list + - watch +- apiGroups: + - dp.wso2.com + resources: + - aiproviders/status + verbs: + - get diff --git a/common-go-libs/config/samples/cp_v1alpha3_subscription.yaml b/common-go-libs/config/samples/cp_v1alpha3_subscription.yaml new file mode 100644 index 000000000..fedb7c265 --- /dev/null +++ b/common-go-libs/config/samples/cp_v1alpha3_subscription.yaml @@ -0,0 +1,12 @@ +apiVersion: cp.wso2.com/v1alpha3 +kind: Subscription +metadata: + labels: + app.kubernetes.io/name: subscription + app.kubernetes.io/instance: subscription-sample + app.kubernetes.io/part-of: operator + app.kuberentes.io/managed-by: kustomize + app.kubernetes.io/created-by: operator + name: subscription-sample +spec: + # TODO(user): Add fields here diff --git a/common-go-libs/config/samples/dp_v1alpha3_aiprovider.yaml b/common-go-libs/config/samples/dp_v1alpha3_aiprovider.yaml new file mode 100644 index 000000000..b750a6a3f --- /dev/null +++ b/common-go-libs/config/samples/dp_v1alpha3_aiprovider.yaml @@ -0,0 +1,12 @@ +apiVersion: dp.wso2.com/v1alpha3 +kind: AIProvider +metadata: + labels: + app.kubernetes.io/name: aiprovider + app.kubernetes.io/instance: aiprovider-sample + app.kubernetes.io/part-of: operator + app.kuberentes.io/managed-by: kustomize + app.kubernetes.io/created-by: operator + name: aiprovider-sample +spec: + # TODO(user): Add fields here