diff --git a/adapter/api/proto/wso2/discovery/api/api.proto b/adapter/api/proto/wso2/discovery/api/api.proto index ef315612a1..5688b1cc62 100644 --- a/adapter/api/proto/wso2/discovery/api/api.proto +++ b/adapter/api/proto/wso2/discovery/api/api.proto @@ -54,4 +54,5 @@ message Api { bool systemAPI = 24; BackendJWTTokenInfo backendJWTTokenInfo = 25; bytes apiDefinitionFile = 26; + string environment = 27; } diff --git a/adapter/api/proto/wso2/discovery/subscription/jwtIssuer.proto b/adapter/api/proto/wso2/discovery/subscription/jwtIssuer.proto index bdaf1c71a9..4b8a8f79e6 100644 --- a/adapter/api/proto/wso2/discovery/subscription/jwtIssuer.proto +++ b/adapter/api/proto/wso2/discovery/subscription/jwtIssuer.proto @@ -35,6 +35,7 @@ message JWTIssuer { string consumerKeyClaim = 6; string scopesClaim = 7; map claimMapping = 8; + repeated string environments = 9; } message Certificate { string certificate = 1; diff --git a/adapter/config/default_config.go b/adapter/config/default_config.go index a991155527..820a3a86da 100644 --- a/adapter/config/default_config.go +++ b/adapter/config/default_config.go @@ -42,6 +42,7 @@ var defaultConfig = &Config{ Operator: operator{ Namespaces: nil, }, + Environment: "Default", }, Envoy: envoy{ ListenerCodecType: "AUTO", diff --git a/adapter/config/types.go b/adapter/config/types.go index 1f2dc978ab..6ed5852e28 100644 --- a/adapter/config/types.go +++ b/adapter/config/types.go @@ -93,6 +93,8 @@ type adapter struct { SoapErrorInXMLEnabled bool // Operator represents the operator related configurations Operator operator + // Environment of the Adapter + Environment string } // Envoy Listener Component related configurations. diff --git a/adapter/internal/interceptor/interceptor.go b/adapter/internal/interceptor/interceptor.go index 10760a0057..8c26b24c5e 100644 --- a/adapter/internal/interceptor/interceptor.go +++ b/adapter/internal/interceptor/interceptor.go @@ -71,6 +71,7 @@ type InvocationContext struct { Vhost string ClusterName string APIProperties string + Environment string } var ( @@ -89,6 +90,7 @@ var ( organizationId = "{{.Context.OrganizationID}}", basePath = "{{.Context.BasePath}}", supportedMethods = "{{.Context.SupportedMethods}}", + environment = "{{.Context.Environment}}", apiName = "{{.Context.APIName}}", apiVersion = "{{.Context.APIVersion}}", pathTemplate = "{{.Context.PathTemplate}}", diff --git a/adapter/internal/oasparser/config_generator.go b/adapter/internal/oasparser/config_generator.go index 14aac9338d..5042bddb36 100644 --- a/adapter/internal/oasparser/config_generator.go +++ b/adapter/internal/oasparser/config_generator.go @@ -213,6 +213,7 @@ func GetEnforcerAPI(adapterInternalAPI model.AdapterInternalAPI, vhost string) * // GraphqlComplexityInfo: adapterInternalAPI.GraphQLComplexities.Data.List, SystemAPI: adapterInternalAPI.IsSystemAPI, ApiDefinitionFile: adapterInternalAPI.GetAPIDefinitionFile(), + Environment: adapterInternalAPI.GetEnvironment(), } } diff --git a/adapter/internal/oasparser/envoyconf/internal_dtos.go b/adapter/internal/oasparser/envoyconf/internal_dtos.go index 1a43584d02..b8c7f11edc 100644 --- a/adapter/internal/oasparser/envoyconf/internal_dtos.go +++ b/adapter/internal/oasparser/envoyconf/internal_dtos.go @@ -19,7 +19,7 @@ package envoyconf import ( "github.com/wso2/apk/adapter/internal/oasparser/model" - dpv1alpha1 "github.com/wso2/apk/adapter/internal/operator/apis/dp/v1alpha1" + dpv1alpha2 "github.com/wso2/apk/adapter/internal/operator/apis/dp/v1alpha2" ) // routeCreateParams is the DTO used to provide information to the envoy route create function @@ -42,13 +42,16 @@ type routeCreateParams struct { isDefaultVersion bool createDefaultPath bool apiLevelRateLimitPolicy *model.RateLimitPolicy - apiProperties []dpv1alpha1.Property + apiProperties []dpv1alpha2.Property + environment string + envType string } // RatelimitCriteria criterias of rate limiting type ratelimitCriteria struct { level string organizationID string - vHost string basePathForRLService string + environment string + envType string } diff --git a/adapter/internal/oasparser/envoyconf/routes_configs.go b/adapter/internal/oasparser/envoyconf/routes_configs.go index 3259ff6723..20e54fc36f 100644 --- a/adapter/internal/oasparser/envoyconf/routes_configs.go +++ b/adapter/internal/oasparser/envoyconf/routes_configs.go @@ -34,6 +34,7 @@ import ( logger "github.com/wso2/apk/adapter/internal/loggers" "github.com/wso2/apk/adapter/internal/oasparser/constants" "github.com/wso2/apk/adapter/internal/oasparser/model" + opConstants "github.com/wso2/apk/adapter/internal/operator/constants" "google.golang.org/protobuf/types/known/anypb" "google.golang.org/protobuf/types/known/durationpb" "google.golang.org/protobuf/types/known/wrapperspb" @@ -112,6 +113,11 @@ func generateRouteAction(apiType string, routeConfig *model.EndpointConfig, rate func generateRateLimitPolicy(ratelimitCriteria *ratelimitCriteria) []*routev3.RateLimit { + environmentValue := ratelimitCriteria.environment + if ratelimitCriteria.level != RateLimitPolicyAPILevel && ratelimitCriteria.envType == opConstants.Sandbox { + environmentValue += "_sandbox" + } + rateLimit := routev3.RateLimit{ Actions: []*routev3.RateLimit_Action{ { @@ -125,8 +131,8 @@ func generateRateLimitPolicy(ratelimitCriteria *ratelimitCriteria) []*routev3.Ra { ActionSpecifier: &routev3.RateLimit_Action_GenericKey_{ GenericKey: &routev3.RateLimit_Action_GenericKey{ - DescriptorKey: DescriptorKeyForVhost, - DescriptorValue: ratelimitCriteria.vHost, + DescriptorKey: DescriptorKeyForEnvironment, + DescriptorValue: environmentValue, }, }, }, diff --git a/adapter/internal/oasparser/envoyconf/routes_with_clusters.go b/adapter/internal/oasparser/envoyconf/routes_with_clusters.go index 80cce383e5..af3975b81b 100644 --- a/adapter/internal/oasparser/envoyconf/routes_with_clusters.go +++ b/adapter/internal/oasparser/envoyconf/routes_with_clusters.go @@ -52,13 +52,13 @@ import ( logging "github.com/wso2/apk/adapter/internal/logging" "github.com/wso2/apk/adapter/internal/oasparser/constants" "github.com/wso2/apk/adapter/internal/oasparser/model" + dpv1alpha2 "github.com/wso2/apk/adapter/internal/operator/apis/dp/v1alpha2" "github.com/wso2/apk/adapter/internal/svcdiscovery" "github.com/golang/protobuf/proto" "github.com/golang/protobuf/ptypes" "github.com/golang/protobuf/ptypes/any" "github.com/golang/protobuf/ptypes/wrappers" - dpv1alpha1 "github.com/wso2/apk/adapter/internal/operator/apis/dp/v1alpha1" gwapiv1b1 "sigs.k8s.io/gateway-api/apis/v1beta1" ) @@ -77,7 +77,7 @@ type CombinedTemplateValues struct { const ( DescriptorKeyForOrg = "org" OrgMetadataKey = "customorg" - DescriptorKeyForVhost = "vhost" + DescriptorKeyForEnvironment = "environment" DescriptorKeyForPath = "path" DescriptorKeyForMethod = "method" DescriptorValueForAPIMethod = "ALL" @@ -766,6 +766,7 @@ func createRoutes(params *routeCreateParams) (routes []*routev3.Route, err error Vhost: contextExtensions[vHostContextExtension], ClusterName: contextExtensions[clusterNameContextExtension], APIProperties: getAPIProperties(params.apiProperties), + Environment: params.environment, } luaPerFilterConfig = lua.LuaPerRoute{ Override: &lua.LuaPerRoute_SourceCode{ @@ -816,8 +817,9 @@ func createRoutes(params *routeCreateParams) (routes []*routev3.Route, err error rateLimitPolicyCriteria = &ratelimitCriteria{ level: rateLimitPolicyLevel, organizationID: params.organizationID, - vHost: vHost, basePathForRLService: basePathForRLService, + environment: params.environment, + envType: params.envType, } } var ( @@ -1447,7 +1449,7 @@ func getUpgradeConfig(apiType string) []*routev3.RouteAction_UpgradeConfig { return upgradeConfig } -func getAPIProperties(apiPropertiesConfig []dpv1alpha1.Property) string { +func getAPIProperties(apiPropertiesConfig []dpv1alpha2.Property) string { var apiProperties = make(map[string]string) for _, val := range apiPropertiesConfig { apiProperties[val.Name] = val.Value @@ -1528,6 +1530,8 @@ func genRouteCreateParams(swagger *model.AdapterInternalAPI, resource *model.Res apiProperties: swagger.APIProperties, routeConfig: resource.GetEndpoints().Config, createDefaultPath: createDefaultPath, + environment: swagger.GetEnvironment(), + envType: swagger.EnvType, } return params } diff --git a/adapter/internal/oasparser/envoyconf/routes_with_clusters_test.go b/adapter/internal/oasparser/envoyconf/routes_with_clusters_test.go index e096a266da..0c63d5fa45 100644 --- a/adapter/internal/oasparser/envoyconf/routes_with_clusters_test.go +++ b/adapter/internal/oasparser/envoyconf/routes_with_clusters_test.go @@ -24,6 +24,7 @@ import ( envoy "github.com/wso2/apk/adapter/internal/oasparser/envoyconf" "github.com/wso2/apk/adapter/internal/operator/apis/dp/v1alpha1" + "github.com/wso2/apk/adapter/internal/operator/apis/dp/v1alpha2" "github.com/wso2/apk/adapter/internal/operator/constants" "github.com/wso2/apk/adapter/internal/operator/synchronizer" operatorutils "github.com/wso2/apk/adapter/internal/operator/utils" @@ -34,16 +35,16 @@ import ( func TestCreateRoutesWithClustersWithExactAndRegularExpressionRules(t *testing.T) { apiState := synchronizer.APIState{} - apiDefinition := v1alpha1.API{ + apiDefinition := v1alpha2.API{ ObjectMeta: metav1.ObjectMeta{ Namespace: "default", Name: "test-api-2", }, - Spec: v1alpha1.APISpec{ - APIName: "test-api-2", - APIVersion: "2.0.0", - BasePath: "/test-api/2.0.0", - Production: []v1alpha1.EnvConfig{ + Spec: v1alpha2.APISpec{ + APIName: "test-api-2", + APIVersion: "2.0.0", + BasePath: "/test-api/2.0.0", + Production: []v1alpha2.EnvConfig{ { HTTPRouteRefs: []string{ "test-api-2-prod-http-route", @@ -156,19 +157,105 @@ func TestCreateRoutesWithClustersWithExactAndRegularExpressionRules(t *testing.T "The route regex for the two paths should not be the same") } +func TestGenerateAdapterInternalAPIForDefaultCase(t *testing.T) { + + apiState := generateSampleAPI("test-api-1", "1.0.0", "/test-api/1.0.0") + httpRouteState := synchronizer.HTTPRouteState{} + httpRouteState = *apiState.ProdHTTPRoute + + adapterInternalAPI, err := synchronizer.GenerateAdapterInternalAPI(apiState, &httpRouteState, constants.Production) + assert.Nil(t, err, "Error should not be present when apiState is converted to a AdapterInternalAPI object") + assert.Equal(t, "Default", adapterInternalAPI.GetEnvironment(), "Environment is incorrect.") +} + +func TestGenerateAdapterInternalAPIForSpecificEnvironment(t *testing.T) { + + apiState := generateSampleAPI("test-api-2", "1.0.0", "/test-api2/1.0.0") + httpRouteState := synchronizer.HTTPRouteState{} + httpRouteState = *apiState.ProdHTTPRoute + apiState.APIDefinition.Spec.Environment = "dev" + + adapterInternalAPI, err := synchronizer.GenerateAdapterInternalAPI(apiState, &httpRouteState, constants.Production) + assert.Nil(t, err, "Error should not be present when apiState is converted to a AdapterInternalAPI object") + assert.Equal(t, "dev", adapterInternalAPI.GetEnvironment(), "Environment is incorrect.") +} + +func generateSampleAPI(apiName string, apiVersion string, basePath string) synchronizer.APIState { + + apiState := synchronizer.APIState{} + apiDefinition := v1alpha2.API{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: "default", + Name: apiName, + }, + Spec: v1alpha2.APISpec{ + APIName: apiName, + APIVersion: apiVersion, + BasePath: basePath, + Production: []v1alpha2.EnvConfig{ + { + HTTPRouteRefs: []string{ + apiName + "-prod-http-route", + }, + }, + }, + }, + } + apiState.APIDefinition = &apiDefinition + httpRouteState := synchronizer.HTTPRouteState{} + methodTypeGet := gwapiv1b1.HTTPMethodGet + + httpRoute := gwapiv1b1.HTTPRoute{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: "default", + Name: apiName + "-prod-http-route", + }, + Spec: gwapiv1b1.HTTPRouteSpec{ + Hostnames: []gwapiv1b1.Hostname{"prod.gw.wso2.com"}, + CommonRouteSpec: createDefaultCommonRouteSpec(), + Rules: []gwapiv1b1.HTTPRouteRule{ + { + Matches: []gwapiv1b1.HTTPRouteMatch{ + { + Path: &gwapiv1b1.HTTPPathMatch{ + Type: operatorutils.PathMatchTypePtr(gwapiv1b1.PathMatchExact), + Value: operatorutils.StringPtr("/exact-path-api/2.0.0/(.*)/exact-path"), + }, + Method: &methodTypeGet, + }, + }, + BackendRefs: []gwapiv1b1.HTTPBackendRef{ + createDefaultBackendRef(apiName + "backend-1"), + }, + }, + }, + }, + } + + httpRouteState.HTTPRouteCombined = &httpRoute + + backendMapping := make(map[string]*v1alpha1.ResolvedBackend) + backendMapping[k8types.NamespacedName{Namespace: "default", Name: apiName + "backend-1"}.String()] = + &v1alpha1.ResolvedBackend{Services: []v1alpha1.Service{{Host: "test-service-1.default", Port: 7001}}, Protocol: v1alpha1.HTTPProtocol} + httpRouteState.BackendMapping = backendMapping + + apiState.ProdHTTPRoute = &httpRouteState + return apiState +} + // TODO: Fix this test case func TestCreateRoutesWithClustersWithMultiplePathPrefixRules(t *testing.T) { apiState := synchronizer.APIState{} - apiDefinition := v1alpha1.API{ + apiDefinition := v1alpha2.API{ ObjectMeta: metav1.ObjectMeta{ Namespace: "default", Name: "test-api-1", }, - Spec: v1alpha1.APISpec{ - APIName: "test-api", - APIVersion: "1.0.0", - BasePath: "/test-api/1.0.0", - Production: []v1alpha1.EnvConfig{ + Spec: v1alpha2.APISpec{ + APIName: "test-api", + APIVersion: "1.0.0", + BasePath: "/test-api/1.0.0", + Production: []v1alpha2.EnvConfig{ { HTTPRouteRefs: []string{ "test-api-1-prod-http-route", @@ -306,16 +393,16 @@ func TestCreateRoutesWithClustersWithMultiplePathPrefixRules(t *testing.T) { func TestCreateRoutesWithClustersWithBackendTLSConfigs(t *testing.T) { apiState := synchronizer.APIState{} - apiDefinition := v1alpha1.API{ + apiDefinition := v1alpha2.API{ ObjectMeta: metav1.ObjectMeta{ Namespace: "default", Name: "test-api-3", }, - Spec: v1alpha1.APISpec{ - APIName: "test-api-3", - APIVersion: "1.0.0", - BasePath: "/test-api-3/1.0.0", - Production: []v1alpha1.EnvConfig{ + Spec: v1alpha2.APISpec{ + APIName: "test-api-3", + APIVersion: "1.0.0", + BasePath: "/test-api-3/1.0.0", + Production: []v1alpha2.EnvConfig{ { HTTPRouteRefs: []string{ "test-api-3-prod-http-route", @@ -612,16 +699,16 @@ func TestCreateHealthEndpoint(t *testing.T) { func TestCreateRoutesWithClustersDifferentBackendRefs(t *testing.T) { apiState := synchronizer.APIState{} - apiDefinition := v1alpha1.API{ + apiDefinition := v1alpha2.API{ ObjectMeta: metav1.ObjectMeta{ Namespace: "default", Name: "test-api-different-backendrefs", }, - Spec: v1alpha1.APISpec{ - APIName: "test-api-different-backendrefs", - APIVersion: "1.0.0", - BasePath: "/test-api-different-backendrefs/1.0.0", - Production: []v1alpha1.EnvConfig{ + Spec: v1alpha2.APISpec{ + APIName: "test-api-different-backendrefs", + APIVersion: "1.0.0", + BasePath: "/test-api-different-backendrefs/1.0.0", + Production: []v1alpha2.EnvConfig{ { HTTPRouteRefs: []string{ "test-api-different-backendrefs-prod-http-route", @@ -702,16 +789,16 @@ func TestCreateRoutesWithClustersDifferentBackendRefs(t *testing.T) { func TestCreateRoutesWithClustersSameBackendRefs(t *testing.T) { apiState := synchronizer.APIState{} - apiDefinition := v1alpha1.API{ + apiDefinition := v1alpha2.API{ ObjectMeta: metav1.ObjectMeta{ Namespace: "default", Name: "test-api-same-backendrefs", }, - Spec: v1alpha1.APISpec{ - APIName: "test-api-same-backendrefs", - APIVersion: "1.0.0", - BasePath: "/test-api-same-backendrefs/1.0.0", - Production: []v1alpha1.EnvConfig{ + Spec: v1alpha2.APISpec{ + APIName: "test-api-same-backendrefs", + APIVersion: "1.0.0", + BasePath: "/test-api-same-backendrefs/1.0.0", + Production: []v1alpha2.EnvConfig{ { HTTPRouteRefs: []string{ "test-api-same-backendrefs-prod-http-route", diff --git a/adapter/internal/oasparser/model/adapter_internal_api.go b/adapter/internal/oasparser/model/adapter_internal_api.go index 30371fbcb6..b7d9f7b033 100644 --- a/adapter/internal/oasparser/model/adapter_internal_api.go +++ b/adapter/internal/oasparser/model/adapter_internal_api.go @@ -30,6 +30,7 @@ import ( logger "github.com/wso2/apk/adapter/internal/loggers" "github.com/wso2/apk/adapter/internal/oasparser/constants" dpv1alpha1 "github.com/wso2/apk/adapter/internal/operator/apis/dp/v1alpha1" + dpv1alpha2 "github.com/wso2/apk/adapter/internal/operator/apis/dp/v1alpha2" ) // AdapterInternalAPI represents the object structure holding the information related to the @@ -65,11 +66,12 @@ type AdapterInternalAPI struct { backendJWTTokenInfo *BackendJWTTokenInfo apiDefinitionFile []byte apiDefinitionEndpoint string - APIProperties []dpv1alpha1.Property + APIProperties []dpv1alpha2.Property // GraphQLSchema string // GraphQLComplexities GraphQLComplexityYaml IsSystemAPI bool RateLimitPolicy *RateLimitPolicy + environment string } // BackendJWTTokenInfo represents the object structure holding the information related to the JWT Generator @@ -390,6 +392,16 @@ func (swagger *AdapterInternalAPI) GetOrganizationID() string { return swagger.OrganizationID } +// SetEnvironment sets the environment of the API. +func (swagger *AdapterInternalAPI) SetEnvironment(environment string) { + swagger.environment = environment +} + +// GetEnvironment returns the environment of the API +func (swagger *AdapterInternalAPI) GetEnvironment() string { + return swagger.environment +} + // Validate method confirms that the adapterInternalAPI has all required fields in the required format. // This needs to be checked prior to generate router/enforcer related resources. func (swagger *AdapterInternalAPI) Validate() error { diff --git a/adapter/internal/oasparser/model/http_route.go b/adapter/internal/oasparser/model/http_route.go index af9a1e8f94..8c6fdf1222 100644 --- a/adapter/internal/oasparser/model/http_route.go +++ b/adapter/internal/oasparser/model/http_route.go @@ -26,6 +26,7 @@ import ( "github.com/wso2/apk/adapter/internal/loggers" "github.com/wso2/apk/adapter/internal/oasparser/constants" dpv1alpha1 "github.com/wso2/apk/adapter/internal/operator/apis/dp/v1alpha1" + dpv1alpha2 "github.com/wso2/apk/adapter/internal/operator/apis/dp/v1alpha2" "github.com/wso2/apk/adapter/internal/operator/utils" "golang.org/x/exp/maps" "k8s.io/apimachinery/pkg/types" @@ -631,7 +632,7 @@ func getAllowedOperations(httpMethod *gwapiv1b1.HTTPMethod, policies OperationPo } // SetInfoAPICR populates ID, ApiType, Version and XWso2BasePath of adapterInternalAPI. -func (swagger *AdapterInternalAPI) SetInfoAPICR(api dpv1alpha1.API) { +func (swagger *AdapterInternalAPI) SetInfoAPICR(api dpv1alpha2.API) { swagger.UUID = string(api.ObjectMeta.UID) swagger.title = api.Spec.APIName swagger.apiType = api.Spec.APIType diff --git a/adapter/internal/operator/PROJECT b/adapter/internal/operator/PROJECT index c76b1eb826..04d0992dc7 100644 --- a/adapter/internal/operator/PROJECT +++ b/adapter/internal/operator/PROJECT @@ -1,3 +1,7 @@ +# Code generated by tool. DO NOT EDIT. +# This file is used to track the info used to scaffold your project +# and allow the plugins properly work. +# More info: https://book.kubebuilder.io/reference/project-config.html domain: wso2.com layout: - go.kubebuilder.io/v3 @@ -131,4 +135,20 @@ resources: defaulting: true validation: true webhookVersion: v1 +- api: + crdVersion: v1 + namespaced: true + domain: wso2.com + group: dp + kind: API + path: github.com/wso2/apk/adapter/internal/operator/apis/dp/v1alpha2 + version: v1alpha2 +- api: + crdVersion: v1 + namespaced: true + domain: wso2.com + group: dp + kind: TokenIssuer + path: github.com/wso2/apk/adapter/internal/operator/apis/dp/v1alpha2 + version: v1alpha2 version: "3" diff --git a/adapter/internal/operator/apis/cp/v1alpha1/zz_generated.deepcopy.go b/adapter/internal/operator/apis/cp/v1alpha1/zz_generated.deepcopy.go index 8d17864345..3fcc395b86 100644 --- a/adapter/internal/operator/apis/cp/v1alpha1/zz_generated.deepcopy.go +++ b/adapter/internal/operator/apis/cp/v1alpha1/zz_generated.deepcopy.go @@ -2,7 +2,7 @@ // +build !ignore_autogenerated /* - * Copyright (c) 2022, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. + * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/adapter/internal/operator/apis/dp/v1alpha1/resolvedJWTIssuer.go b/adapter/internal/operator/apis/dp/v1alpha1/resolvedJWTIssuer.go index 1271b0c016..ed387cf441 100644 --- a/adapter/internal/operator/apis/dp/v1alpha1/resolvedJWTIssuer.go +++ b/adapter/internal/operator/apis/dp/v1alpha1/resolvedJWTIssuer.go @@ -31,6 +31,7 @@ type ResolvedJWTIssuer struct { ScopesClaim string SignatureValidation ResolvedSignatureValidation ClaimMappings map[string]string + Environments []string } // ResolvedSignatureValidation holds the resolved properties of SignatureValidation diff --git a/adapter/internal/operator/apis/dp/v1alpha1/tokenissuer_conversion.go b/adapter/internal/operator/apis/dp/v1alpha1/tokenissuer_conversion.go new file mode 100644 index 0000000000..481e51a474 --- /dev/null +++ b/adapter/internal/operator/apis/dp/v1alpha1/tokenissuer_conversion.go @@ -0,0 +1,144 @@ +/* + * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +package v1alpha1 + +import ( + "github.com/wso2/apk/adapter/internal/operator/apis/dp/v1alpha2" + "sigs.k8s.io/controller-runtime/pkg/conversion" +) + +// ConvertTo converts this TokenIssuer CR to the Hub version (v1alpha2). +// src is v1alpha1.TokenIssuer and dst is v1alpha2.TokenIssuer. +func (src *TokenIssuer) ConvertTo(dstRaw conversion.Hub) error { + + dst := dstRaw.(*v1alpha2.TokenIssuer) + dst.ObjectMeta = src.ObjectMeta + + // Spec + dst.Spec.Name = src.Spec.Name + dst.Spec.Organization = src.Spec.Organization + dst.Spec.Issuer = src.Spec.Issuer + dst.Spec.ConsumerKeyClaim = src.Spec.ConsumerKeyClaim + dst.Spec.ScopesClaim = src.Spec.ScopesClaim + + sig := *src.Spec.SignatureValidation + jwks := *sig.JWKS + certificate := *sig.Certificate + + jwksv2 := v1alpha2.JWKS{ + URL: jwks.URL, + TLS: &v1alpha2.CERTConfig{ + CertificateInline: jwks.TLS.CertificateInline, + SecretRef: &v1alpha2.RefConfig{ + Name: jwks.TLS.SecretRef.Name, + Key: jwks.TLS.SecretRef.Key, + }, + ConfigMapRef: &v1alpha2.RefConfig{ + Name: jwks.TLS.ConfigMapRef.Name, + Key: jwks.TLS.ConfigMapRef.Key, + }, + }, + } + + certv2 := v1alpha2.CERTConfig{ + CertificateInline: certificate.CertificateInline, + SecretRef: &v1alpha2.RefConfig{ + Name: certificate.SecretRef.Name, + Key: certificate.SecretRef.Key, + }, + ConfigMapRef: &v1alpha2.RefConfig{ + Name: certificate.ConfigMapRef.Name, + Key: certificate.ConfigMapRef.Key, + }, + } + + dst.Spec.SignatureValidation = &v1alpha2.SignatureValidation{ + JWKS: &jwksv2, + Certificate: &certv2, + } + + var claimMappings []v1alpha2.ClaimMapping + for _, p := range *src.Spec.ClaimMappings { + claimMappings = append(claimMappings, v1alpha2.ClaimMapping(p)) + } + dst.Spec.ClaimMappings = &claimMappings + + dst.Spec.TargetRef = src.Spec.TargetRef + return nil +} + +// ConvertFrom converts from the Hub version (v1alpha2) to this version. +// src is v1alpha1.TokenIssuer and dst is v1alpha2.TokenIssuer. +func (src *TokenIssuer) ConvertFrom(srcRaw conversion.Hub) error { + + dst := srcRaw.(*v1alpha2.TokenIssuer) + src.ObjectMeta = dst.ObjectMeta + + // Spec + src.Spec.Name = dst.Spec.Name + src.Spec.Organization = dst.Spec.Organization + src.Spec.Issuer = dst.Spec.Issuer + src.Spec.ConsumerKeyClaim = dst.Spec.ConsumerKeyClaim + src.Spec.ScopesClaim = dst.Spec.ScopesClaim + + sig := *dst.Spec.SignatureValidation + jwks := *sig.JWKS + certificate := *sig.Certificate + + jwksv1 := JWKS{ + URL: jwks.URL, + TLS: &CERTConfig{ + CertificateInline: jwks.TLS.CertificateInline, + SecretRef: &RefConfig{ + Name: jwks.TLS.SecretRef.Name, + Key: jwks.TLS.SecretRef.Key, + }, + ConfigMapRef: &RefConfig{ + Name: jwks.TLS.ConfigMapRef.Name, + Key: jwks.TLS.ConfigMapRef.Key, + }, + }, + } + + certv1 := CERTConfig{ + CertificateInline: certificate.CertificateInline, + SecretRef: &RefConfig{ + Name: certificate.SecretRef.Name, + Key: certificate.SecretRef.Key, + }, + ConfigMapRef: &RefConfig{ + Name: certificate.ConfigMapRef.Name, + Key: certificate.ConfigMapRef.Key, + }, + } + + src.Spec.SignatureValidation = &SignatureValidation{ + JWKS: &jwksv1, + Certificate: &certv1, + } + + var claimMappings []ClaimMapping + for _, p := range *dst.Spec.ClaimMappings { + claimMappings = append(claimMappings, ClaimMapping(p)) + } + src.Spec.ClaimMappings = &claimMappings + + src.Spec.TargetRef = dst.Spec.TargetRef + + return nil +} diff --git a/adapter/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go b/adapter/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go index 4f8965be47..d70d020d71 100644 --- a/adapter/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go +++ b/adapter/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go @@ -2,7 +2,7 @@ // +build !ignore_autogenerated /* - * Copyright (c) 2022, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. + * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -1319,6 +1319,11 @@ func (in *ResolvedJWTIssuer) DeepCopyInto(out *ResolvedJWTIssuer) { (*out)[key] = val } } + if in.Environments != nil { + in, out := &in.Environments, &out.Environments + *out = make([]string, len(*in)) + copy(*out, *in) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResolvedJWTIssuer. diff --git a/adapter/internal/operator/apis/dp/v1alpha2/api_types.go b/adapter/internal/operator/apis/dp/v1alpha2/api_types.go new file mode 100644 index 0000000000..9d21a2f04b --- /dev/null +++ b/adapter/internal/operator/apis/dp/v1alpha2/api_types.go @@ -0,0 +1,202 @@ +/* + * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +package v1alpha2 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! +// NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized. + +// APISpec defines the desired state of API +type APISpec struct { + + // APIName is the unique name of the API + //can be used to uniquely identify an API. + // + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=60 + // +kubebuilder:validation:Pattern="^[^~!@#;:%^*()+={}|\\<>\"'',&$\\[\\]\\/]*$" + APIName string `json:"apiName"` + + // APIVersion is the version number of the API. + // + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=30 + // +kubebuilder:validation:Pattern="^[^~!@#;:%^*()+={}|\\<>\"'',&/$\\[\\]\\s+\\/]+$" + APIVersion string `json:"apiVersion"` + + // IsDefaultVersion indicates whether this API version should be used as a default API + // + // +optional + IsDefaultVersion bool `json:"isDefaultVersion"` + + // DefinitionFileRef contains the OpenAPI 3 or Swagger + // definition of the API in a ConfigMap. + // + // +optional + DefinitionFileRef string `json:"definitionFileRef"` + + // DefinitionPath contains the path to expose the API definition. + // + // +kubebuilder:default:=/api-definition + // +kubebuilder:validation:MinLength=1 + DefinitionPath string `json:"definitionPath"` + + // Production contains a list of references to HttpRoutes + // of type HttpRoute. + // xref: https://github.com/kubernetes-sigs/gateway-api/blob/main/apis/v1beta1/httproute_types.go + // + // + // +optional + // +nullable + // +kubebuilder:validation:MaxItems=1 + Production []EnvConfig `json:"production"` + + // Sandbox contains a list of references to HttpRoutes + // of type HttpRoute. + // xref: https://github.com/kubernetes-sigs/gateway-api/blob/main/apis/v1beta1/httproute_types.go + // + // + // +optional + // +nullable + // +kubebuilder:validation:MaxItems=1 + Sandbox []EnvConfig `json:"sandbox"` + + // APIType denotes the type of the API. + // Possible values could be REST, GraphQL, Async + // + // +kubebuilder:validation:Enum=REST + APIType string `json:"apiType"` + + // BasePath denotes the basepath of the API. + // e.g: /pet-store-api/1.0.6 + // + // +kubectl:validation:MaxLength=232 + // +kubebuilder:validation:Pattern=^[/][a-zA-Z0-9~/_.-]*$ + BasePath string `json:"basePath"` + + // Organization denotes the organization. + // related to the API + // + // +optional + Organization string `json:"organization"` + + // SystemAPI denotes if it is an internal system API. + // + // +optional + SystemAPI bool `json:"systemAPI"` + + // APIProperties denotes the custom properties of the API. + // + // +optional + // +nullable + APIProperties []Property `json:"apiProperties,omitempty"` + + // Environment denotes the environment of the API. + // + // +optional + // +nullable + Environment string `json:"environment,omitempty"` +} + +// Property holds key value pair of APIProperties +type Property struct { + Name string `json:"name,omitempty"` + Value string `json:"value,omitempty"` +} + +// EnvConfig contains the environment specific configuration +type EnvConfig struct { + // HTTPRouteRefs denotes the environment of the API. + HTTPRouteRefs []string `json:"httpRouteRefs"` +} + +// APIStatus defines the observed state of API +type APIStatus struct { + // DeploymentStatus denotes the deployment status of the API + // + // +optional + DeploymentStatus DeploymentStatus `json:"deploymentStatus"` +} + +// DeploymentStatus contains the status of the API deployment +type DeploymentStatus struct { + + // Status denotes the state of the API in its lifecycle. + // Possible values could be Accepted, Invalid, Deploy etc. + // + // + Status string `json:"status"` + + // Message represents a user friendly message that explains the + // current state of the API. + // + // + // +optional + Message string `json:"message"` + + // Accepted represents whether the API is accepted or not. + // + // + Accepted bool `json:"accepted"` + + // TransitionTime represents the last known transition timestamp. + // + // + TransitionTime *metav1.Time `json:"transitionTime"` + + // Events contains a list of events related to the API. + // + // + // +optional + Events []string `json:"events,omitempty"` +} + +// +genclient +//+kubebuilder:object:root=true +//+kubebuilder:subresource:status +//+kubebuilder:storageversion +//+kubebuilder:printcolumn:name="API Name",type="string",JSONPath=".spec.apiName" +//+kubebuilder:printcolumn:name="Version",type="string",JSONPath=".spec.apiVersion" +//+kubebuilder:printcolumn:name="BasePath",type="string",JSONPath=".spec.basePath" +//+kubebuilder:printcolumn:name="Organization",type="string",JSONPath=".spec.organization" +//+kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp" + +// API is the Schema for the apis API +type API struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + Spec APISpec `json:"spec,omitempty"` + Status APIStatus `json:"status,omitempty"` +} + +//+kubebuilder:object:root=true + +// APIList contains a list of API +type APIList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + Items []API `json:"items"` +} + +func init() { + SchemeBuilder.Register(&API{}, &APIList{}) +} diff --git a/adapter/internal/operator/apis/dp/v1alpha2/groupversion_info.go b/adapter/internal/operator/apis/dp/v1alpha2/groupversion_info.go new file mode 100644 index 0000000000..5ee8176785 --- /dev/null +++ b/adapter/internal/operator/apis/dp/v1alpha2/groupversion_info.go @@ -0,0 +1,37 @@ +/* + * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +// Package v1alpha2 contains API Schema definitions for the dp v1alpha2 API group +// +kubebuilder:object:generate=true +// +groupName=dp.wso2.com +package v1alpha2 + +import ( + "k8s.io/apimachinery/pkg/runtime/schema" + "sigs.k8s.io/controller-runtime/pkg/scheme" +) + +var ( + // GroupVersion is group version used to register these objects + GroupVersion = schema.GroupVersion{Group: "dp.wso2.com", Version: "v1alpha2"} + + // SchemeBuilder is used to add go types to the GroupVersionKind scheme + SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} + + // AddToScheme adds the types in this group-version to the given scheme. + AddToScheme = SchemeBuilder.AddToScheme +) diff --git a/adapter/internal/operator/apis/dp/v1alpha2/tokenissuer_conversion.go b/adapter/internal/operator/apis/dp/v1alpha2/tokenissuer_conversion.go new file mode 100644 index 0000000000..52742c4ef7 --- /dev/null +++ b/adapter/internal/operator/apis/dp/v1alpha2/tokenissuer_conversion.go @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +package v1alpha2 + +// Hub marks this type as a conversion hub. +func (*TokenIssuer) Hub() {} diff --git a/adapter/internal/operator/apis/dp/v1alpha2/tokenissuer_types.go b/adapter/internal/operator/apis/dp/v1alpha2/tokenissuer_types.go new file mode 100644 index 0000000000..1a382fcdf1 --- /dev/null +++ b/adapter/internal/operator/apis/dp/v1alpha2/tokenissuer_types.go @@ -0,0 +1,151 @@ +/* + * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +package v1alpha2 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + gwapiv1b1 "sigs.k8s.io/gateway-api/apis/v1alpha2" +) + +// EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! +// NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized. + +// TokenIssuerSpec defines the desired state of TokenIssuer +type TokenIssuerSpec struct { + // Name is the unique name of the Token Issuer in + // the Organization defined . "Organization/Name" can + // be used to uniquely identify an Issuer. + // + // +kubebuilder:validation:MinLength=1 + Name string `json:"name"` + + // Organization denotes the organization of the Token Issuer. + // + // +kubebuilder:validation:MinLength=1 + Organization string `json:"organization"` + + // Issuer denotes the issuer of the Token Issuer. + // + // +kubebuilder:validation:MinLength=1 + Issuer string `json:"issuer"` + + // ConsumerKeyClaim denotes the claim key of the consumer key. + // + // +kubebuilder:validation:MinLength=1 + ConsumerKeyClaim string `json:"consumerKeyClaim"` + + // ScopesClaim denotes the claim key of the scopes. + // + // +kubebuilder:validation:MinLength=1 + ScopesClaim string `json:"scopesClaim"` + + // SignatureValidation denotes the signature validation method of jwt + SignatureValidation *SignatureValidation `json:"signatureValidation"` + + // ClaimMappings denotes the claim mappings of the jwt + ClaimMappings *[]ClaimMapping `json:"claimMappings,omitempty"` + + // TargetRef denotes the reference to the which gateway it applies to + TargetRef *gwapiv1b1.PolicyTargetReference `json:"targetRef,omitempty"` + + // Environments denotes the environments that are applicable for the token issuer. + // + // +optional + // +nullable + Environments []string `json:"environments,omitempty"` +} + +// ClaimMapping defines the reference configuration +type ClaimMapping struct { + // RemoteClaim denotes the remote claim + RemoteClaim string `json:"remoteClaim"` + // LocalClaim denotes the local claim + LocalClaim string `json:"localClaim"` +} + +// SignatureValidation defines the signature validation method +type SignatureValidation struct { + // JWKS denotes the JWKS endpoint information + JWKS *JWKS `json:"jwks,omitempty"` + // Certificate denotes the certificate information + Certificate *CERTConfig `json:"certificate,omitempty"` +} + +// JWKS defines the JWKS endpoint +type JWKS struct { + // URL is the URL of the JWKS endpoint + URL string `json:"url"` + // TLS denotes the TLS configuration of the JWKS endpoint + TLS *CERTConfig `json:"tls,omitempty"` +} + +// CERTConfig defines the certificate configuration +type CERTConfig struct { + // CertificateInline is the Inline Certificate entry + CertificateInline *string `json:"certificateInline,omitempty"` + // SecretRef denotes the reference to the Secret that contains the Certificate + SecretRef *RefConfig `json:"secretRef,omitempty"` + // ConfigMapRef denotes the reference to the ConfigMap that contains the Certificate + ConfigMapRef *RefConfig `json:"configMapRef,omitempty"` +} + +// RefConfig holds a config for a secret or a configmap +type RefConfig struct { + // Name of the secret or configmap + // + // +kubebuilder:validation:MinLength=1 + Name string `json:"name"` + + // Key of the secret or configmap + // + // +kubebuilder:validation:MinLength=1 + Key string `json:"key"` +} + +// TokenIssuerStatus defines the observed state of TokenIssuer +type TokenIssuerStatus struct { + // INSERT ADDITIONAL STATUS FIELD - define observed state of cluster + // Important: Run "make" to regenerate code after modifying this file +} + +// +genclient +//+kubebuilder:object:root=true +//+kubebuilder:subresource:status +//+kubebuilder:storageversion + +// TokenIssuer is the Schema for the tokenissuers API +type TokenIssuer struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + Spec TokenIssuerSpec `json:"spec,omitempty"` + Status TokenIssuerStatus `json:"status,omitempty"` +} + +//+kubebuilder:object:root=true + +// TokenIssuerList contains a list of TokenIssuer +type TokenIssuerList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + Items []TokenIssuer `json:"items"` +} + +func init() { + SchemeBuilder.Register(&TokenIssuer{}, &TokenIssuerList{}) +} diff --git a/adapter/internal/operator/apis/dp/v1alpha2/zz_generated.deepcopy.go b/adapter/internal/operator/apis/dp/v1alpha2/zz_generated.deepcopy.go new file mode 100644 index 0000000000..566b24869c --- /dev/null +++ b/adapter/internal/operator/apis/dp/v1alpha2/zz_generated.deepcopy.go @@ -0,0 +1,414 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +/* + * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +// Code generated by controller-gen. DO NOT EDIT. + +package v1alpha2 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" + apisv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *API) DeepCopyInto(out *API) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new API. +func (in *API) DeepCopy() *API { + if in == nil { + return nil + } + out := new(API) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *API) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *APIList) DeepCopyInto(out *APIList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]API, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIList. +func (in *APIList) DeepCopy() *APIList { + if in == nil { + return nil + } + out := new(APIList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *APIList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *APISpec) DeepCopyInto(out *APISpec) { + *out = *in + if in.Production != nil { + in, out := &in.Production, &out.Production + *out = make([]EnvConfig, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Sandbox != nil { + in, out := &in.Sandbox, &out.Sandbox + *out = make([]EnvConfig, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.APIProperties != nil { + in, out := &in.APIProperties, &out.APIProperties + *out = make([]Property, len(*in)) + copy(*out, *in) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APISpec. +func (in *APISpec) DeepCopy() *APISpec { + if in == nil { + return nil + } + out := new(APISpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *APIStatus) DeepCopyInto(out *APIStatus) { + *out = *in + in.DeploymentStatus.DeepCopyInto(&out.DeploymentStatus) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIStatus. +func (in *APIStatus) DeepCopy() *APIStatus { + if in == nil { + return nil + } + out := new(APIStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CERTConfig) DeepCopyInto(out *CERTConfig) { + *out = *in + if in.CertificateInline != nil { + in, out := &in.CertificateInline, &out.CertificateInline + *out = new(string) + **out = **in + } + if in.SecretRef != nil { + in, out := &in.SecretRef, &out.SecretRef + *out = new(RefConfig) + **out = **in + } + if in.ConfigMapRef != nil { + in, out := &in.ConfigMapRef, &out.ConfigMapRef + *out = new(RefConfig) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CERTConfig. +func (in *CERTConfig) DeepCopy() *CERTConfig { + if in == nil { + return nil + } + out := new(CERTConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ClaimMapping) DeepCopyInto(out *ClaimMapping) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClaimMapping. +func (in *ClaimMapping) DeepCopy() *ClaimMapping { + if in == nil { + return nil + } + out := new(ClaimMapping) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DeploymentStatus) DeepCopyInto(out *DeploymentStatus) { + *out = *in + if in.TransitionTime != nil { + in, out := &in.TransitionTime, &out.TransitionTime + *out = (*in).DeepCopy() + } + if in.Events != nil { + in, out := &in.Events, &out.Events + *out = make([]string, len(*in)) + copy(*out, *in) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeploymentStatus. +func (in *DeploymentStatus) DeepCopy() *DeploymentStatus { + if in == nil { + return nil + } + out := new(DeploymentStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *EnvConfig) DeepCopyInto(out *EnvConfig) { + *out = *in + if in.HTTPRouteRefs != nil { + in, out := &in.HTTPRouteRefs, &out.HTTPRouteRefs + *out = make([]string, len(*in)) + copy(*out, *in) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvConfig. +func (in *EnvConfig) DeepCopy() *EnvConfig { + if in == nil { + return nil + } + out := new(EnvConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *JWKS) DeepCopyInto(out *JWKS) { + *out = *in + if in.TLS != nil { + in, out := &in.TLS, &out.TLS + *out = new(CERTConfig) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JWKS. +func (in *JWKS) DeepCopy() *JWKS { + if in == nil { + return nil + } + out := new(JWKS) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Property) DeepCopyInto(out *Property) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Property. +func (in *Property) DeepCopy() *Property { + if in == nil { + return nil + } + out := new(Property) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RefConfig) DeepCopyInto(out *RefConfig) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RefConfig. +func (in *RefConfig) DeepCopy() *RefConfig { + if in == nil { + return nil + } + out := new(RefConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SignatureValidation) DeepCopyInto(out *SignatureValidation) { + *out = *in + if in.JWKS != nil { + in, out := &in.JWKS, &out.JWKS + *out = new(JWKS) + (*in).DeepCopyInto(*out) + } + if in.Certificate != nil { + in, out := &in.Certificate, &out.Certificate + *out = new(CERTConfig) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SignatureValidation. +func (in *SignatureValidation) DeepCopy() *SignatureValidation { + if in == nil { + return nil + } + out := new(SignatureValidation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TokenIssuer) DeepCopyInto(out *TokenIssuer) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + out.Status = in.Status +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenIssuer. +func (in *TokenIssuer) DeepCopy() *TokenIssuer { + if in == nil { + return nil + } + out := new(TokenIssuer) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *TokenIssuer) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TokenIssuerList) DeepCopyInto(out *TokenIssuerList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]TokenIssuer, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenIssuerList. +func (in *TokenIssuerList) DeepCopy() *TokenIssuerList { + if in == nil { + return nil + } + out := new(TokenIssuerList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *TokenIssuerList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TokenIssuerSpec) DeepCopyInto(out *TokenIssuerSpec) { + *out = *in + if in.SignatureValidation != nil { + in, out := &in.SignatureValidation, &out.SignatureValidation + *out = new(SignatureValidation) + (*in).DeepCopyInto(*out) + } + if in.ClaimMappings != nil { + in, out := &in.ClaimMappings, &out.ClaimMappings + *out = new([]ClaimMapping) + if **in != nil { + in, out := *in, *out + *out = make([]ClaimMapping, len(*in)) + copy(*out, *in) + } + } + if in.TargetRef != nil { + in, out := &in.TargetRef, &out.TargetRef + *out = new(apisv1alpha2.PolicyTargetReference) + (*in).DeepCopyInto(*out) + } + if in.Environments != nil { + in, out := &in.Environments, &out.Environments + *out = make([]string, len(*in)) + copy(*out, *in) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenIssuerSpec. +func (in *TokenIssuerSpec) DeepCopy() *TokenIssuerSpec { + if in == nil { + return nil + } + out := new(TokenIssuerSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TokenIssuerStatus) DeepCopyInto(out *TokenIssuerStatus) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenIssuerStatus. +func (in *TokenIssuerStatus) DeepCopy() *TokenIssuerStatus { + if in == nil { + return nil + } + out := new(TokenIssuerStatus) + in.DeepCopyInto(out) + return out +} diff --git a/adapter/internal/operator/config/crd/bases/dp.wso2.com_apis.yaml b/adapter/internal/operator/config/crd/bases/dp.wso2.com_apis.yaml index 8a98f9e3a2..1da03bb326 100644 --- a/adapter/internal/operator/config/crd/bases/dp.wso2.com_apis.yaml +++ b/adapter/internal/operator/config/crd/bases/dp.wso2.com_apis.yaml @@ -184,6 +184,182 @@ spec: type: object type: object served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .spec.apiName + name: API Name + type: string + - jsonPath: .spec.apiVersion + name: Version + type: string + - jsonPath: .spec.basePath + name: BasePath + type: string + - jsonPath: .spec.organization + name: Organization + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha2 + schema: + openAPIV3Schema: + description: API is the Schema for the apis API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: APISpec defines the desired state of API + properties: + apiName: + description: APIName is the unique name of the API can be used to + uniquely identify an API. + maxLength: 60 + minLength: 1 + pattern: ^[^~!@#;:%^*()+={}|\<>"'',&$\[\]\/]*$ + type: string + apiProperties: + description: APIProperties denotes the custom properties of the API. + items: + description: Property holds key value pair of APIProperties + properties: + name: + type: string + value: + type: string + type: object + nullable: true + type: array + apiType: + description: APIType denotes the type of the API. Possible values + could be REST, GraphQL, Async + enum: + - REST + type: string + apiVersion: + description: APIVersion is the version number of the API. + maxLength: 30 + minLength: 1 + pattern: ^[^~!@#;:%^*()+={}|\<>"'',&/$\[\]\s+\/]+$ + type: string + basePath: + description: 'BasePath denotes the basepath of the API. e.g: /pet-store-api/1.0.6' + pattern: ^[/][a-zA-Z0-9~/_.-]*$ + type: string + definitionFileRef: + description: DefinitionFileRef contains the OpenAPI 3 or Swagger definition + of the API in a ConfigMap. + type: string + definitionPath: + default: /api-definition + description: DefinitionPath contains the path to expose the API definition. + minLength: 1 + type: string + environment: + description: Environment denotes the environment of the API. + nullable: true + type: string + isDefaultVersion: + description: IsDefaultVersion indicates whether this API version should + be used as a default API + type: boolean + organization: + description: Organization denotes the organization. related to the + API + type: string + production: + description: 'Production contains a list of references to HttpRoutes + of type HttpRoute. xref: https://github.com/kubernetes-sigs/gateway-api/blob/main/apis/v1beta1/httproute_types.go' + items: + description: EnvConfig contains the environment specific configuration + properties: + httpRouteRefs: + description: HTTPRouteRefs denotes the environment of the API. + items: + type: string + type: array + required: + - httpRouteRefs + type: object + maxItems: 1 + nullable: true + type: array + sandbox: + description: 'Sandbox contains a list of references to HttpRoutes + of type HttpRoute. xref: https://github.com/kubernetes-sigs/gateway-api/blob/main/apis/v1beta1/httproute_types.go' + items: + description: EnvConfig contains the environment specific configuration + properties: + httpRouteRefs: + description: HTTPRouteRefs denotes the environment of the API. + items: + type: string + type: array + required: + - httpRouteRefs + type: object + maxItems: 1 + nullable: true + type: array + systemAPI: + description: SystemAPI denotes if it is an internal system API. + type: boolean + required: + - apiName + - apiType + - apiVersion + - basePath + - definitionPath + type: object + status: + description: APIStatus defines the observed state of API + properties: + deploymentStatus: + description: DeploymentStatus denotes the deployment status of the + API + properties: + accepted: + description: Accepted represents whether the API is accepted or + not. + type: boolean + events: + description: Events contains a list of events related to the API. + items: + type: string + type: array + message: + description: Message represents a user friendly message that explains + the current state of the API. + type: string + status: + description: Status denotes the state of the API in its lifecycle. + Possible values could be Accepted, Invalid, Deploy etc. + type: string + transitionTime: + description: TransitionTime represents the last known transition + timestamp. + format: date-time + type: string + required: + - accepted + - status + - transitionTime + type: object + type: object + type: object + served: true storage: true subresources: status: {} diff --git a/adapter/internal/operator/config/crd/bases/dp.wso2.com_tokenissuers.yaml b/adapter/internal/operator/config/crd/bases/dp.wso2.com_tokenissuers.yaml index f87896ddd2..df170450a5 100644 --- a/adapter/internal/operator/config/crd/bases/dp.wso2.com_tokenissuers.yaml +++ b/adapter/internal/operator/config/crd/bases/dp.wso2.com_tokenissuers.yaml @@ -215,6 +215,216 @@ spec: type: object type: object served: true + storage: false + subresources: + status: {} + - name: v1alpha2 + schema: + openAPIV3Schema: + description: TokenIssuer is the Schema for the tokenissuers API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: TokenIssuerSpec defines the desired state of TokenIssuer + properties: + claimMappings: + description: ClaimMappings denotes the claim mappings of the jwt + items: + description: ClaimMapping defines the reference configuration + properties: + localClaim: + description: LocalClaim denotes the local claim + type: string + remoteClaim: + description: RemoteClaim denotes the remote claim + type: string + required: + - localClaim + - remoteClaim + type: object + type: array + consumerKeyClaim: + description: ConsumerKeyClaim denotes the claim key of the consumer + key. + minLength: 1 + type: string + environments: + description: Environments denotes the environments that are applicable + for the token issuer. + items: + type: string + nullable: true + type: array + issuer: + description: Issuer denotes the issuer of the Token Issuer. + minLength: 1 + type: string + name: + description: Name is the unique name of the Token Issuer in the Organization + defined . "Organization/Name" can be used to uniquely identify an + Issuer. + minLength: 1 + type: string + organization: + description: Organization denotes the organization of the Token Issuer. + minLength: 1 + type: string + scopesClaim: + description: ScopesClaim denotes the claim key of the scopes. + minLength: 1 + type: string + signatureValidation: + description: SignatureValidation denotes the signature validation + method of jwt + properties: + certificate: + description: Certificate denotes the certificate information + properties: + certificateInline: + description: CertificateInline is the Inline Certificate entry + type: string + configMapRef: + description: ConfigMapRef denotes the reference to the ConfigMap + that contains the Certificate + properties: + key: + description: Key of the secret or configmap + minLength: 1 + type: string + name: + description: Name of the secret or configmap + minLength: 1 + type: string + required: + - key + - name + type: object + secretRef: + description: SecretRef denotes the reference to the Secret + that contains the Certificate + properties: + key: + description: Key of the secret or configmap + minLength: 1 + type: string + name: + description: Name of the secret or configmap + minLength: 1 + type: string + required: + - key + - name + type: object + type: object + jwks: + description: JWKS denotes the JWKS endpoint information + properties: + tls: + description: TLS denotes the TLS configuration of the JWKS + endpoint + properties: + certificateInline: + description: CertificateInline is the Inline Certificate + entry + type: string + configMapRef: + description: ConfigMapRef denotes the reference to the + ConfigMap that contains the Certificate + properties: + key: + description: Key of the secret or configmap + minLength: 1 + type: string + name: + description: Name of the secret or configmap + minLength: 1 + type: string + required: + - key + - name + type: object + secretRef: + description: SecretRef denotes the reference to the Secret + that contains the Certificate + properties: + key: + description: Key of the secret or configmap + minLength: 1 + type: string + name: + description: Name of the secret or configmap + minLength: 1 + type: string + required: + - key + - name + type: object + type: object + url: + description: URL is the URL of the JWKS endpoint + type: string + required: + - url + type: object + type: object + targetRef: + description: TargetRef denotes the reference to the which gateway + it applies to + properties: + group: + description: Group is the group of the target resource. + maxLength: 253 + pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + type: string + kind: + description: Kind is kind of the target resource. + maxLength: 63 + minLength: 1 + pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ + type: string + name: + description: Name is the name of the target resource. + maxLength: 253 + minLength: 1 + type: string + namespace: + description: Namespace is the namespace of the referent. When + unspecified, the local namespace is inferred. Even when policy + targets a resource in a different namespace, it MUST only apply + to traffic originating from the same namespace as the policy. + maxLength: 63 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ + type: string + required: + - group + - kind + - name + type: object + required: + - consumerKeyClaim + - issuer + - name + - organization + - scopesClaim + - signatureValidation + type: object + status: + description: TokenIssuerStatus defines the observed state of TokenIssuer + type: object + type: object + served: true storage: true subresources: status: {} diff --git a/adapter/internal/operator/config/crd/kustomization.yaml b/adapter/internal/operator/config/crd/kustomization.yaml index 3b66cea552..2a61fd5a0e 100644 --- a/adapter/internal/operator/config/crd/kustomization.yaml +++ b/adapter/internal/operator/config/crd/kustomization.yaml @@ -13,6 +13,7 @@ resources: - bases/dp.wso2.com_interceptorservices.yaml - bases/dp.wso2.com_jwtissuers.yaml - bases/dp.wso2.com_backendjwts.yaml +- bases/dp.wso2.com_tokenissuers.yaml #+kubebuilder:scaffold:crdkustomizeresource patchesStrategicMerge: @@ -44,6 +45,7 @@ patchesStrategicMerge: #- patches/cainjection_in_interceptorservices.yaml #- patches/cainjection_in_jwtissuers.yaml #- patches/cainjection_in_backendjwts.yaml +#- patches/cainjection_in_tokenissuers.yaml #+kubebuilder:scaffold:crdkustomizecainjectionpatch # the following config is for teaching kustomize how to do kustomization for CRDs. diff --git a/adapter/internal/operator/config/crd/patches/cainjection_in_dp_apis.yaml b/adapter/internal/operator/config/crd/patches/cainjection_in_dp_apis.yaml new file mode 100644 index 0000000000..7f949667b8 --- /dev/null +++ b/adapter/internal/operator/config/crd/patches/cainjection_in_dp_apis.yaml @@ -0,0 +1,7 @@ +# The following patch adds a directive for certmanager to inject CA into the CRD +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) + name: apis.dp.wso2.com diff --git a/adapter/internal/operator/config/crd/patches/cainjection_in_dp_tokenissuers.yaml b/adapter/internal/operator/config/crd/patches/cainjection_in_dp_tokenissuers.yaml new file mode 100644 index 0000000000..0d2bd32a2b --- /dev/null +++ b/adapter/internal/operator/config/crd/patches/cainjection_in_dp_tokenissuers.yaml @@ -0,0 +1,7 @@ +# The following patch adds a directive for certmanager to inject CA into the CRD +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) + name: tokenissuers.dp.wso2.com diff --git a/adapter/internal/operator/config/crd/patches/webhook_in_dp_apis.yaml b/adapter/internal/operator/config/crd/patches/webhook_in_dp_apis.yaml new file mode 100644 index 0000000000..ad0c609d56 --- /dev/null +++ b/adapter/internal/operator/config/crd/patches/webhook_in_dp_apis.yaml @@ -0,0 +1,16 @@ +# The following patch enables a conversion webhook for the CRD +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: apis.dp.wso2.com +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + namespace: system + name: webhook-service + path: /convert + conversionReviewVersions: + - v1 diff --git a/adapter/internal/operator/config/rbac/dp_api_editor_role.yaml b/adapter/internal/operator/config/rbac/dp_api_editor_role.yaml new file mode 100644 index 0000000000..2de3070c5b --- /dev/null +++ b/adapter/internal/operator/config/rbac/dp_api_editor_role.yaml @@ -0,0 +1,31 @@ +# permissions for end users to edit apis. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/name: clusterrole + app.kubernetes.io/instance: api-editor-role + app.kubernetes.io/component: rbac + app.kubernetes.io/created-by: operator + app.kubernetes.io/part-of: operator + app.kubernetes.io/managed-by: kustomize + name: api-editor-role +rules: +- apiGroups: + - dp.wso2.com + resources: + - apis + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - dp.wso2.com + resources: + - apis/status + verbs: + - get diff --git a/adapter/internal/operator/config/rbac/dp_api_viewer_role.yaml b/adapter/internal/operator/config/rbac/dp_api_viewer_role.yaml new file mode 100644 index 0000000000..75e4c488a0 --- /dev/null +++ b/adapter/internal/operator/config/rbac/dp_api_viewer_role.yaml @@ -0,0 +1,27 @@ +# permissions for end users to view apis. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/name: clusterrole + app.kubernetes.io/instance: api-viewer-role + app.kubernetes.io/component: rbac + app.kubernetes.io/created-by: operator + app.kubernetes.io/part-of: operator + app.kubernetes.io/managed-by: kustomize + name: api-viewer-role +rules: +- apiGroups: + - dp.wso2.com + resources: + - apis + verbs: + - get + - list + - watch +- apiGroups: + - dp.wso2.com + resources: + - apis/status + verbs: + - get diff --git a/adapter/internal/operator/config/rbac/dp_tokenissuer_editor_role.yaml b/adapter/internal/operator/config/rbac/dp_tokenissuer_editor_role.yaml new file mode 100644 index 0000000000..f8f7a8f31f --- /dev/null +++ b/adapter/internal/operator/config/rbac/dp_tokenissuer_editor_role.yaml @@ -0,0 +1,31 @@ +# permissions for end users to edit tokenissuers. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/name: clusterrole + app.kubernetes.io/instance: tokenissuer-editor-role + app.kubernetes.io/component: rbac + app.kubernetes.io/created-by: operator + app.kubernetes.io/part-of: operator + app.kubernetes.io/managed-by: kustomize + name: tokenissuer-editor-role +rules: +- apiGroups: + - dp.wso2.com + resources: + - tokenissuers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - dp.wso2.com + resources: + - tokenissuers/status + verbs: + - get diff --git a/adapter/internal/operator/config/rbac/dp_tokenissuer_viewer_role.yaml b/adapter/internal/operator/config/rbac/dp_tokenissuer_viewer_role.yaml new file mode 100644 index 0000000000..35ba43c027 --- /dev/null +++ b/adapter/internal/operator/config/rbac/dp_tokenissuer_viewer_role.yaml @@ -0,0 +1,27 @@ +# permissions for end users to view tokenissuers. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/name: clusterrole + app.kubernetes.io/instance: tokenissuer-viewer-role + app.kubernetes.io/component: rbac + app.kubernetes.io/created-by: operator + app.kubernetes.io/part-of: operator + app.kubernetes.io/managed-by: kustomize + name: tokenissuer-viewer-role +rules: +- apiGroups: + - dp.wso2.com + resources: + - tokenissuers + verbs: + - get + - list + - watch +- apiGroups: + - dp.wso2.com + resources: + - tokenissuers/status + verbs: + - get diff --git a/adapter/internal/operator/config/samples/dp_v1alpha2_api.yaml b/adapter/internal/operator/config/samples/dp_v1alpha2_api.yaml new file mode 100644 index 0000000000..d7c9ebcb5e --- /dev/null +++ b/adapter/internal/operator/config/samples/dp_v1alpha2_api.yaml @@ -0,0 +1,12 @@ +apiVersion: dp.wso2.com/v1alpha2 +kind: API +metadata: + labels: + app.kubernetes.io/name: api + app.kubernetes.io/instance: api-sample + app.kubernetes.io/part-of: operator + app.kubernetes.io/managed-by: kustomize + app.kubernetes.io/created-by: operator + name: api-sample +spec: + # TODO(user): Add fields here diff --git a/adapter/internal/operator/config/samples/dp_v1alpha2_tokenissuer.yaml b/adapter/internal/operator/config/samples/dp_v1alpha2_tokenissuer.yaml new file mode 100644 index 0000000000..fead00d94f --- /dev/null +++ b/adapter/internal/operator/config/samples/dp_v1alpha2_tokenissuer.yaml @@ -0,0 +1,12 @@ +apiVersion: dp.wso2.com/v1alpha2 +kind: TokenIssuer +metadata: + labels: + app.kubernetes.io/name: tokenissuer + app.kubernetes.io/instance: tokenissuer-sample + app.kubernetes.io/part-of: operator + app.kubernetes.io/managed-by: kustomize + app.kubernetes.io/created-by: operator + name: tokenissuer-sample +spec: + # TODO(user): Add fields here diff --git a/adapter/internal/operator/controllers/dp/api_controller.go b/adapter/internal/operator/controllers/dp/api_controller.go index bfdbd36078..77eafcf108 100644 --- a/adapter/internal/operator/controllers/dp/api_controller.go +++ b/adapter/internal/operator/controllers/dp/api_controller.go @@ -46,6 +46,7 @@ import ( k8client "sigs.k8s.io/controller-runtime/pkg/client" dpv1alpha1 "github.com/wso2/apk/adapter/internal/operator/apis/dp/v1alpha1" + dpv1alpha2 "github.com/wso2/apk/adapter/internal/operator/apis/dp/v1alpha2" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) @@ -90,7 +91,7 @@ type APIReconciler struct { mgr manager.Manager } -// NewAPIController creates a new API controller instance. API Controllers watches for dpv1alpha1.API and gwapiv1b1.HTTPRoute. +// NewAPIController creates a new API controller instance. API Controllers watches for dpv1alpha2.API and gwapiv1b1.HTTPRoute. func NewAPIController(mgr manager.Manager, operatorDataStore *synchronizer.OperatorDataStore, statusUpdater *status.UpdateHandler, ch *chan synchronizer.APIEvent, successChannel *chan synchronizer.SuccessEvent) error { apiReconciler := &APIReconciler{ @@ -112,7 +113,7 @@ func NewAPIController(mgr manager.Manager, operatorDataStore *synchronizer.Opera conf := config.ReadConfigs() predicates := []predicate.Predicate{predicate.NewPredicateFuncs(utils.FilterByNamespaces(conf.Adapter.Operator.Namespaces))} - if err := c.Watch(source.Kind(mgr.GetCache(), &dpv1alpha1.API{}), &handler.EnqueueRequestForObject{}, + if err := c.Watch(source.Kind(mgr.GetCache(), &dpv1alpha2.API{}), &handler.EnqueueRequestForObject{}, predicates...); err != nil { loggers.LoggerAPKOperator.ErrorC(logging.PrintError(logging.Error2611, logging.BLOCKER, "Error watching API resources: %v", err)) return err @@ -221,7 +222,7 @@ func (apiReconciler *APIReconciler) Reconcile(ctx context.Context, req ctrl.Requ applyAllAPIsOnce.Do(apiReconciler.applyStartupAPIs) loggers.LoggerAPKOperator.Infof("Reconciling for API %s", req.NamespacedName.String()) // Check whether the API CR exist, if not consider as a DELETE event. - var apiCR dpv1alpha1.API + var apiCR dpv1alpha2.API if err := apiReconciler.client.Get(ctx, req.NamespacedName, &apiCR); err != nil { apiState, found := apiReconciler.ods.GetCachedAPI(req.NamespacedName) if found && k8error.IsNotFound(err) { @@ -271,7 +272,7 @@ func (apiReconciler *APIReconciler) applyStartupAPIs() { // resolveAPIRefs validates following references related to the API // - HTTPRoutes -func (apiReconciler *APIReconciler) resolveAPIRefs(ctx context.Context, api dpv1alpha1.API) (*synchronizer.APIEvent, error) { +func (apiReconciler *APIReconciler) resolveAPIRefs(ctx context.Context, api dpv1alpha2.API) (*synchronizer.APIEvent, error) { var prodHTTPRouteRefs, sandHTTPRouteRefs []string if len(api.Spec.Production) > 0 { prodHTTPRouteRefs = api.Spec.Production[0].HTTPRouteRefs @@ -505,7 +506,7 @@ func (apiReconciler *APIReconciler) removeOldOwnerRefsFromChild(ctx context.Cont // - Authentications func (apiReconciler *APIReconciler) resolveHTTPRouteRefs(ctx context.Context, httpRouteState *synchronizer.HTTPRouteState, httpRouteRefs []string, namespace string, interceptorServiceMapping map[string]dpv1alpha1.InterceptorService, - api dpv1alpha1.API) (*synchronizer.HTTPRouteState, error) { + api dpv1alpha2.API) (*synchronizer.HTTPRouteState, error) { var err error httpRouteState.HTTPRouteCombined, httpRouteState.HTTPRoutePartitions, err = apiReconciler.concatHTTPRoutes(ctx, httpRouteRefs, namespace, api) if err != nil { @@ -517,7 +518,7 @@ func (apiReconciler *APIReconciler) resolveHTTPRouteRefs(ctx context.Context, ht } func (apiReconciler *APIReconciler) concatHTTPRoutes(ctx context.Context, httpRouteRefs []string, - namespace string, api dpv1alpha1.API) (*gwapiv1b1.HTTPRoute, map[string]*gwapiv1b1.HTTPRoute, error) { + namespace string, api dpv1alpha2.API) (*gwapiv1b1.HTTPRoute, map[string]*gwapiv1b1.HTTPRoute, error) { var combinedHTTPRoute *gwapiv1b1.HTTPRoute httpRoutePartitions := make(map[string]*gwapiv1b1.HTTPRoute) for _, httpRouteRef := range httpRouteRefs { @@ -538,7 +539,7 @@ func (apiReconciler *APIReconciler) concatHTTPRoutes(ctx context.Context, httpRo } func (apiReconciler *APIReconciler) getAuthenticationsForAPI(ctx context.Context, - api dpv1alpha1.API) (map[string]dpv1alpha1.Authentication, error) { + api dpv1alpha2.API) (map[string]dpv1alpha1.Authentication, error) { nameSpacedName := utils.NamespacedName(&api).String() authentications := make(map[string]dpv1alpha1.Authentication) authenticationList := &dpv1alpha1.AuthenticationList{} @@ -558,7 +559,7 @@ func (apiReconciler *APIReconciler) getAuthenticationsForAPI(ctx context.Context } func (apiReconciler *APIReconciler) getRatelimitPoliciesForAPI(ctx context.Context, - api dpv1alpha1.API) (map[string]dpv1alpha1.RateLimitPolicy, error) { + api dpv1alpha2.API) (map[string]dpv1alpha1.RateLimitPolicy, error) { nameSpacedName := utils.NamespacedName(&api).String() ratelimitPolicies := make(map[string]dpv1alpha1.RateLimitPolicy) ratelimitPolicyList := &dpv1alpha1.RateLimitPolicyList{} @@ -578,7 +579,7 @@ func (apiReconciler *APIReconciler) getRatelimitPoliciesForAPI(ctx context.Conte } func (apiReconciler *APIReconciler) getScopesForHTTPRoute(ctx context.Context, - httpRoute *gwapiv1b1.HTTPRoute, api dpv1alpha1.API) (map[string]dpv1alpha1.Scope, error) { + httpRoute *gwapiv1b1.HTTPRoute, api dpv1alpha2.API) (map[string]dpv1alpha1.Scope, error) { scopes := make(map[string]dpv1alpha1.Scope) for _, rule := range httpRoute.Spec.Rules { for _, filter := range rule.Filters { @@ -600,7 +601,7 @@ func (apiReconciler *APIReconciler) getScopesForHTTPRoute(ctx context.Context, } func (apiReconciler *APIReconciler) getAuthenticationsForResources(ctx context.Context, - api dpv1alpha1.API) (map[string]dpv1alpha1.Authentication, error) { + api dpv1alpha2.API) (map[string]dpv1alpha1.Authentication, error) { nameSpacedName := utils.NamespacedName(&api).String() authentications := make(map[string]dpv1alpha1.Authentication) authenticationList := &dpv1alpha1.AuthenticationList{} @@ -620,7 +621,7 @@ func (apiReconciler *APIReconciler) getAuthenticationsForResources(ctx context.C } func (apiReconciler *APIReconciler) getRatelimitPoliciesForResources(ctx context.Context, - api dpv1alpha1.API) (map[string]dpv1alpha1.RateLimitPolicy, error) { + api dpv1alpha2.API) (map[string]dpv1alpha1.RateLimitPolicy, error) { nameSpacedName := utils.NamespacedName(&api).String() ratelimitpolicies := make(map[string]dpv1alpha1.RateLimitPolicy) ratelimitPolicyList := &dpv1alpha1.RateLimitPolicyList{} @@ -640,7 +641,7 @@ func (apiReconciler *APIReconciler) getRatelimitPoliciesForResources(ctx context } func (apiReconciler *APIReconciler) getAPIPoliciesForAPI(ctx context.Context, - api dpv1alpha1.API) (map[string]dpv1alpha1.APIPolicy, error) { + api dpv1alpha2.API) (map[string]dpv1alpha1.APIPolicy, error) { nameSpacedName := utils.NamespacedName(&api).String() apiPolicies := make(map[string]dpv1alpha1.APIPolicy) apiPolicyList := &dpv1alpha1.APIPolicyList{} @@ -660,7 +661,7 @@ func (apiReconciler *APIReconciler) getAPIPoliciesForAPI(ctx context.Context, } func (apiReconciler *APIReconciler) getAPIDefinitionForAPI(ctx context.Context, - apiDefinitionFile, namespace string, api dpv1alpha1.API) ([]byte, error) { + apiDefinitionFile, namespace string, api dpv1alpha2.API) ([]byte, error) { configMap := &corev1.ConfigMap{} if err := utils.ResolveRef(ctx, apiReconciler.client, &api, types.NamespacedName{Namespace: namespace, Name: apiDefinitionFile}, true, configMap); err != nil { @@ -676,7 +677,7 @@ func (apiReconciler *APIReconciler) getAPIDefinitionForAPI(ctx context.Context, } func (apiReconciler *APIReconciler) getAPIPoliciesForResources(ctx context.Context, - api dpv1alpha1.API) (map[string]dpv1alpha1.APIPolicy, error) { + api dpv1alpha2.API) (map[string]dpv1alpha1.APIPolicy, error) { nameSpacedName := utils.NamespacedName(&api).String() apiPolicies := make(map[string]dpv1alpha1.APIPolicy) apiPolicyList := &dpv1alpha1.APIPolicyList{} @@ -700,7 +701,7 @@ func (apiReconciler *APIReconciler) getAPIPoliciesForResources(ctx context.Conte // - backend JWTs func (apiReconciler *APIReconciler) getAPIPolicyChildrenRefs(ctx context.Context, apiPolicies, resourceAPIPolicies map[string]dpv1alpha1.APIPolicy, - api dpv1alpha1.API) (map[string]dpv1alpha1.InterceptorService, map[string]dpv1alpha1.BackendJWT, error) { + api dpv1alpha2.API) (map[string]dpv1alpha1.InterceptorService, map[string]dpv1alpha1.BackendJWT, error) { allAPIPolicies := append(maps.Values(apiPolicies), maps.Values(resourceAPIPolicies)...) interceptorServices := make(map[string]dpv1alpha1.InterceptorService) backendJWTs := make(map[string]dpv1alpha1.BackendJWT) @@ -775,7 +776,7 @@ func (apiReconciler *APIReconciler) getAPIPolicyChildrenRefs(ctx context.Context func (apiReconciler *APIReconciler) getResolvedBackendsMapping(ctx context.Context, httpRouteState *synchronizer.HTTPRouteState, interceptorServiceMapping map[string]dpv1alpha1.InterceptorService, - api dpv1alpha1.API) map[string]*dpv1alpha1.ResolvedBackend { + api dpv1alpha2.API) map[string]*dpv1alpha1.ResolvedBackend { backendMapping := make(map[string]*dpv1alpha1.ResolvedBackend) // Resolve backends in HTTPRoute @@ -814,7 +815,7 @@ func (apiReconciler *APIReconciler) getAPIForHTTPRoute(ctx context.Context, obj return []reconcile.Request{} } - apiList := &dpv1alpha1.APIList{} + apiList := &dpv1alpha2.APIList{} if err := apiReconciler.client.List(ctx, apiList, &k8client.ListOptions{ FieldSelector: fields.OneTermEqualSelector(httpRouteAPIIndex, utils.NamespacedName(httpRoute).String()), }); err != nil { @@ -1166,9 +1167,9 @@ func (apiReconciler *APIReconciler) getAPIsForGateway(ctx context.Context, obj k // apiPolicy schemes related to httproutes // This helps to find apiPolicy schemes binded to HTTPRoute. func addIndexes(ctx context.Context, mgr manager.Manager) error { - if err := mgr.GetFieldIndexer().IndexField(ctx, &dpv1alpha1.API{}, httpRouteAPIIndex, + if err := mgr.GetFieldIndexer().IndexField(ctx, &dpv1alpha2.API{}, httpRouteAPIIndex, func(rawObj k8client.Object) []string { - api := rawObj.(*dpv1alpha1.API) + api := rawObj.(*dpv1alpha2.API) var httpRoutes []string if len(api.Spec.Production) > 0 { for _, ref := range api.Spec.Production[0].HTTPRouteRefs { @@ -1576,9 +1577,9 @@ func (apiReconciler *APIReconciler) handleStatus() { apiReconciler.statusUpdater.Send(status.Update{ NamespacedName: successEvent.APINamespacedName, - Resource: new(dpv1alpha1.API), + Resource: new(dpv1alpha2.API), UpdateStatus: func(obj k8client.Object) k8client.Object { - h, ok := obj.(*dpv1alpha1.API) + h, ok := obj.(*dpv1alpha2.API) if !ok { loggers.LoggerAPKOperator.ErrorC(logging.PrintError(logging.Error2626, logging.BLOCKER, "Unsupported object type %T", obj)) } diff --git a/adapter/internal/operator/controllers/dp/tokenissuer_controller.go b/adapter/internal/operator/controllers/dp/tokenissuer_controller.go index c717ebf190..33f5da3dfc 100644 --- a/adapter/internal/operator/controllers/dp/tokenissuer_controller.go +++ b/adapter/internal/operator/controllers/dp/tokenissuer_controller.go @@ -25,6 +25,7 @@ import ( "github.com/wso2/apk/adapter/internal/discovery/xds" "github.com/wso2/apk/adapter/internal/loggers" dpv1alpha1 "github.com/wso2/apk/adapter/internal/operator/apis/dp/v1alpha1" + dpv1alpha2 "github.com/wso2/apk/adapter/internal/operator/apis/dp/v1alpha2" "github.com/wso2/apk/adapter/internal/operator/constants" "github.com/wso2/apk/adapter/internal/operator/utils" "github.com/wso2/apk/adapter/pkg/discovery/api/wso2/discovery/subscription" @@ -45,6 +46,7 @@ const ( tokenIssuerIndex = "tokenIssuerIndex" secretTokenIssuerIndex = "secretTokenIssuerIndex" configmapIssuerIndex = "configmapIssuerIndex" + defaultAllEnvironments = "*" ) // TokenssuerReconciler reconciles a TokenIssuer object @@ -192,6 +194,7 @@ func marshalJWTIssuerList(jwtIssuerMapping dpv1alpha1.JWTIssuerMapping) *subscri } jwtIssuer.ClaimMapping = internalJWTIssuer.ClaimMappings jwtIssuer.Certificate = certificate + jwtIssuer.Environments = internalJWTIssuer.Environments jwtIssuers = append(jwtIssuers, jwtIssuer) } @@ -203,7 +206,7 @@ func marshalJWTIssuerList(jwtIssuerMapping dpv1alpha1.JWTIssuerMapping) *subscri // getJWTIssuers returns the JWTIssuers for the given JWTIssuerMapping func getJWTIssuers(ctx context.Context, client k8client.Client, namespace types.NamespacedName) (dpv1alpha1.JWTIssuerMapping, error) { jwtIssuerMapping := make(dpv1alpha1.JWTIssuerMapping) - jwtIssuerList := &dpv1alpha1.TokenIssuerList{} + jwtIssuerList := &dpv1alpha2.TokenIssuerList{} if err := client.List(ctx, jwtIssuerList); err != nil { return nil, err } @@ -213,12 +216,24 @@ func getJWTIssuers(ctx context.Context, client k8client.Client, namespace types. resolvedJwtIssuer.ConsumerKeyClaim = jwtIssuer.Spec.ConsumerKeyClaim resolvedJwtIssuer.ScopesClaim = jwtIssuer.Spec.ScopesClaim resolvedJwtIssuer.Organization = jwtIssuer.Spec.Organization + resolvedJwtIssuer.Environments = getTokenIssuerEnvironments(jwtIssuer.Spec.Environments) + signatureValidation := dpv1alpha1.ResolvedSignatureValidation{} if jwtIssuer.Spec.SignatureValidation.JWKS != nil && len(jwtIssuer.Spec.SignatureValidation.JWKS.URL) > 0 { jwks := &dpv1alpha1.ResolvedJWKS{} jwks.URL = jwtIssuer.Spec.SignatureValidation.JWKS.URL if jwtIssuer.Spec.SignatureValidation.JWKS.TLS != nil { - tlsCertificate, err := utils.ResolveCertificate(ctx, client, jwtIssuer.ObjectMeta.Namespace, *&jwtIssuer.Spec.SignatureValidation.JWKS.TLS.CertificateInline, *&jwtIssuer.Spec.SignatureValidation.JWKS.TLS.ConfigMapRef, *&jwtIssuer.Spec.SignatureValidation.JWKS.TLS.SecretRef) + + var tlsConfigMapRef *dpv1alpha1.RefConfig + var tlsSecretRef *dpv1alpha1.RefConfig + if jwtIssuer.Spec.SignatureValidation.JWKS.TLS.ConfigMapRef != nil { + tlsConfigMapRef = utils.ConvertRefConfigsV2ToV1(jwtIssuer.Spec.SignatureValidation.JWKS.TLS.ConfigMapRef) + } + if jwtIssuer.Spec.SignatureValidation.JWKS.TLS.SecretRef != nil { + tlsSecretRef = utils.ConvertRefConfigsV2ToV1(jwtIssuer.Spec.SignatureValidation.JWKS.TLS.SecretRef) + } + + tlsCertificate, err := utils.ResolveCertificate(ctx, client, jwtIssuer.ObjectMeta.Namespace, jwtIssuer.Spec.SignatureValidation.JWKS.TLS.CertificateInline, tlsConfigMapRef, tlsSecretRef) if err != nil || tlsCertificate == "" { loggers.LoggerAPKOperator.ErrorC(logging.PrintError(logging.Error2659, logging.MAJOR, "Error resolving certificate for JWKS %v", err.Error())) continue @@ -228,7 +243,17 @@ func getJWTIssuers(ctx context.Context, client k8client.Client, namespace types. signatureValidation.JWKS = jwks } if jwtIssuer.Spec.SignatureValidation.Certificate != nil { - tlsCertificate, err := utils.ResolveCertificate(ctx, client, jwtIssuer.ObjectMeta.Namespace, jwtIssuer.Spec.SignatureValidation.Certificate.CertificateInline, *&jwtIssuer.Spec.SignatureValidation.Certificate.ConfigMapRef, *&jwtIssuer.Spec.SignatureValidation.Certificate.SecretRef) + + var tlsConfigMapRef *dpv1alpha1.RefConfig + var tlsSecretRef *dpv1alpha1.RefConfig + if jwtIssuer.Spec.SignatureValidation.Certificate.ConfigMapRef != nil { + tlsConfigMapRef = utils.ConvertRefConfigsV2ToV1(jwtIssuer.Spec.SignatureValidation.Certificate.ConfigMapRef) + } + if jwtIssuer.Spec.SignatureValidation.Certificate.SecretRef != nil { + tlsSecretRef = utils.ConvertRefConfigsV2ToV1(jwtIssuer.Spec.SignatureValidation.Certificate.SecretRef) + } + + tlsCertificate, err := utils.ResolveCertificate(ctx, client, jwtIssuer.ObjectMeta.Namespace, jwtIssuer.Spec.SignatureValidation.Certificate.CertificateInline, tlsConfigMapRef, tlsSecretRef) if err != nil || tlsCertificate == "" { loggers.LoggerAPKOperator.ErrorC(logging.PrintError(logging.Error2659, logging.MAJOR, "Error resolving certificate for JWKS %v", err.Error())) return nil, err @@ -249,10 +274,22 @@ func getJWTIssuers(ctx context.Context, client k8client.Client, namespace types. } return jwtIssuerMapping, nil } -func getResolvedClaimMapping(claimMappings []dpv1alpha1.ClaimMapping) map[string]string { +func getResolvedClaimMapping(claimMappings []dpv1alpha2.ClaimMapping) map[string]string { resolvedClaimMappings := make(map[string]string) for _, claimMapping := range claimMappings { resolvedClaimMappings[claimMapping.RemoteClaim] = claimMapping.LocalClaim } return resolvedClaimMappings } + +func getTokenIssuerEnvironments(environments []string) []string { + + resolvedEnvironments := []string{} + if len(environments) == 0 { + resolvedEnvironments = append(resolvedEnvironments, defaultAllEnvironments) + } else { + resolvedEnvironments = environments + } + + return resolvedEnvironments +} diff --git a/adapter/internal/operator/hack/boilerplate.go.txt b/adapter/internal/operator/hack/boilerplate.go.txt index 4d1df243dd..c32be1a39c 100644 --- a/adapter/internal/operator/hack/boilerplate.go.txt +++ b/adapter/internal/operator/hack/boilerplate.go.txt @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. + * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/adapter/internal/operator/operator.go b/adapter/internal/operator/operator.go index 1ed9f369c8..ea2631672f 100644 --- a/adapter/internal/operator/operator.go +++ b/adapter/internal/operator/operator.go @@ -46,6 +46,7 @@ import ( cpv1alpha1 "github.com/wso2/apk/adapter/internal/operator/apis/cp/v1alpha1" dpv1alpha1 "github.com/wso2/apk/adapter/internal/operator/apis/dp/v1alpha1" + dpv1alpha2 "github.com/wso2/apk/adapter/internal/operator/apis/dp/v1alpha2" //+kubebuilder:scaffold:imports ) @@ -63,6 +64,7 @@ func init() { utilruntime.Must(gwapiv1a2.AddToScheme(scheme)) utilruntime.Must(cpv1alpha1.AddToScheme(scheme)) + utilruntime.Must(dpv1alpha2.AddToScheme(scheme)) //+kubebuilder:scaffold:scheme } diff --git a/adapter/internal/operator/synchronizer/api_state.go b/adapter/internal/operator/synchronizer/api_state.go index 55904ffa17..38f21ad45e 100644 --- a/adapter/internal/operator/synchronizer/api_state.go +++ b/adapter/internal/operator/synchronizer/api_state.go @@ -19,6 +19,7 @@ package synchronizer import ( "github.com/wso2/apk/adapter/internal/operator/apis/dp/v1alpha1" + "github.com/wso2/apk/adapter/internal/operator/apis/dp/v1alpha2" gwapiv1b1 "sigs.k8s.io/gateway-api/apis/v1beta1" ) @@ -26,7 +27,7 @@ import ( // the state of the Kubernetes controller cache to detect updates. // +k8s:deepcopy-gen=true type APIState struct { - APIDefinition *v1alpha1.API + APIDefinition *v1alpha2.API ProdHTTPRoute *HTTPRouteState SandHTTPRoute *HTTPRouteState Authentications map[string]v1alpha1.Authentication diff --git a/adapter/internal/operator/synchronizer/gateway_synchronizer.go b/adapter/internal/operator/synchronizer/gateway_synchronizer.go index ac0b0789b4..73d01a6cd2 100644 --- a/adapter/internal/operator/synchronizer/gateway_synchronizer.go +++ b/adapter/internal/operator/synchronizer/gateway_synchronizer.go @@ -159,6 +159,7 @@ func getGlobalInterceptorScript(gatewayAPIPolicies map[string]dpv1alpha1.APIPoli OrganizationID: "", BasePath: "", SupportedMethods: "", + Environment: "", APIName: "", APIVersion: "", PathTemplate: "", diff --git a/adapter/internal/operator/synchronizer/synchronizer.go b/adapter/internal/operator/synchronizer/synchronizer.go index 3b1ea19a6b..ce22c4ea97 100644 --- a/adapter/internal/operator/synchronizer/synchronizer.go +++ b/adapter/internal/operator/synchronizer/synchronizer.go @@ -158,6 +158,14 @@ func GenerateAdapterInternalAPI(apiState APIState, httpRoute *HTTPRouteState, en adapterInternalAPI.SetAPIDefinitionFile(apiState.APIDefinitionFile) adapterInternalAPI.SetAPIDefinitionEndpoint(apiState.APIDefinition.Spec.DefinitionPath) adapterInternalAPI.EnvType = envType + + environment := apiState.APIDefinition.Spec.Environment + if environment == "" { + conf := config.ReadConfigs() + environment = conf.Adapter.Environment + } + adapterInternalAPI.SetEnvironment(environment) + resourceParams := model.ResourceParams{ AuthSchemes: apiState.Authentications, ResourceAuthSchemes: apiState.ResourceAuthentications, diff --git a/adapter/internal/operator/synchronizer/zz_generated.deepcopy.go b/adapter/internal/operator/synchronizer/zz_generated.deepcopy.go index cea194db1d..3397623bbe 100644 --- a/adapter/internal/operator/synchronizer/zz_generated.deepcopy.go +++ b/adapter/internal/operator/synchronizer/zz_generated.deepcopy.go @@ -2,7 +2,7 @@ // +build !ignore_autogenerated /* - * Copyright (c) 2022, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. + * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -24,6 +24,7 @@ package synchronizer import ( "github.com/wso2/apk/adapter/internal/operator/apis/dp/v1alpha1" + "github.com/wso2/apk/adapter/internal/operator/apis/dp/v1alpha2" "sigs.k8s.io/gateway-api/apis/v1beta1" ) @@ -32,7 +33,7 @@ func (in *APIState) DeepCopyInto(out *APIState) { *out = *in if in.APIDefinition != nil { in, out := &in.APIDefinition, &out.APIDefinition - *out = new(v1alpha1.API) + *out = new(v1alpha2.API) (*in).DeepCopyInto(*out) } if in.ProdHTTPRoute != nil { diff --git a/adapter/internal/operator/utils/utils.go b/adapter/internal/operator/utils/utils.go index e5c498a9e8..327f1ca1f1 100644 --- a/adapter/internal/operator/utils/utils.go +++ b/adapter/internal/operator/utils/utils.go @@ -30,6 +30,7 @@ import ( "github.com/wso2/apk/adapter/config" "github.com/wso2/apk/adapter/internal/loggers" dpv1alpha1 "github.com/wso2/apk/adapter/internal/operator/apis/dp/v1alpha1" + dpv1alpha2 "github.com/wso2/apk/adapter/internal/operator/apis/dp/v1alpha2" constants "github.com/wso2/apk/adapter/internal/operator/constants" "github.com/wso2/apk/adapter/pkg/logging" "github.com/wso2/apk/adapter/pkg/utils/envutils" @@ -295,7 +296,7 @@ func getSecretValue(ctx context.Context, client k8client.Client, // ResolveAndAddBackendToMapping resolves backend from reference and adds it to the backendMapping. func ResolveAndAddBackendToMapping(ctx context.Context, client k8client.Client, backendMapping map[string]*dpv1alpha1.ResolvedBackend, - backendRef dpv1alpha1.BackendReference, interceptorServiceNamespace string, api *dpv1alpha1.API) { + backendRef dpv1alpha1.BackendReference, interceptorServiceNamespace string, api *dpv1alpha2.API) { backendName := types.NamespacedName{ Name: backendRef.Name, Namespace: interceptorServiceNamespace, @@ -307,7 +308,7 @@ func ResolveAndAddBackendToMapping(ctx context.Context, client k8client.Client, } // ResolveRef this function will return k8client object and update owner -func ResolveRef(ctx context.Context, client k8client.Client, api *dpv1alpha1.API, +func ResolveRef(ctx context.Context, client k8client.Client, api *dpv1alpha2.API, namespacedName types.NamespacedName, isReplace bool, obj k8client.Object, opts ...k8client.GetOption) error { if err := client.Get(ctx, namespacedName, obj, opts...); err != nil { return err @@ -323,7 +324,7 @@ func ResolveRef(ctx context.Context, client k8client.Client, api *dpv1alpha1.API // GetResolvedBackend resolves backend TLS configurations. func GetResolvedBackend(ctx context.Context, client k8client.Client, - backendNamespacedName types.NamespacedName, api *dpv1alpha1.API) *dpv1alpha1.ResolvedBackend { + backendNamespacedName types.NamespacedName, api *dpv1alpha2.API) *dpv1alpha1.ResolvedBackend { resolvedBackend := dpv1alpha1.ResolvedBackend{} resolvedTLSConfig := dpv1alpha1.ResolvedTLSConfig{} var backend dpv1alpha1.Backend @@ -390,7 +391,7 @@ func GetResolvedBackend(ctx context.Context, client k8client.Client, } // UpdateOwnerReference update the child with owner reference of the given parent. -func UpdateOwnerReference(ctx context.Context, client k8client.Client, child metav1.Object, api dpv1alpha1.API, +func UpdateOwnerReference(ctx context.Context, client k8client.Client, child metav1.Object, api dpv1alpha2.API, isReplace bool) error { if isReplace { child.SetOwnerReferences([]metav1.OwnerReference{ @@ -505,7 +506,7 @@ func RetrieveNamespaceListOptions(namespaces []string) k8client.ListOptions { // GetInterceptorService reads InterceptorService when interceptorReference is given func GetInterceptorService(ctx context.Context, client k8client.Client, namespace string, - interceptorReference *dpv1alpha1.InterceptorReference, api *dpv1alpha1.API) *dpv1alpha1.InterceptorService { + interceptorReference *dpv1alpha1.InterceptorReference, api *dpv1alpha2.API) *dpv1alpha1.InterceptorService { interceptorService := &dpv1alpha1.InterceptorService{} interceptorRef := types.NamespacedName{ Namespace: namespace, @@ -521,7 +522,7 @@ func GetInterceptorService(ctx context.Context, client k8client.Client, namespac // GetBackendJWT reads BackendJWT when backendJWTReference is given func GetBackendJWT(ctx context.Context, client k8client.Client, namespace, - backendJWTReference string, api *dpv1alpha1.API) *dpv1alpha1.BackendJWT { + backendJWTReference string, api *dpv1alpha2.API) *dpv1alpha1.BackendJWT { backendJWT := &dpv1alpha1.BackendJWT{} backendJWTRef := types.NamespacedName{ Namespace: namespace, @@ -536,21 +537,21 @@ func GetBackendJWT(ctx context.Context, client k8client.Client, namespace, } // RetrieveAPIList retrieves API list from the given kubernetes client -func RetrieveAPIList(k8sclient k8client.Client) ([]dpv1alpha1.API, error) { +func RetrieveAPIList(k8sclient k8client.Client) ([]dpv1alpha2.API, error) { ctx := context.Background() conf := config.ReadConfigs() namespaces := conf.Adapter.Operator.Namespaces - var apis []dpv1alpha1.API + var apis []dpv1alpha2.API if namespaces == nil { - apiList := &dpv1alpha1.APIList{} + apiList := &dpv1alpha2.APIList{} if err := k8sclient.List(ctx, apiList, &k8client.ListOptions{}); err != nil { return nil, err } - apis = make([]dpv1alpha1.API, len(apiList.Items)) + apis = make([]dpv1alpha2.API, len(apiList.Items)) copy(apis[:], apiList.Items[:]) } else { for _, namespace := range namespaces { - apiList := &dpv1alpha1.APIList{} + apiList := &dpv1alpha2.APIList{} if err := k8sclient.List(ctx, apiList, &k8client.ListOptions{Namespace: namespace}); err != nil { return nil, err } @@ -559,3 +560,12 @@ func RetrieveAPIList(k8sclient k8client.Client) ([]dpv1alpha1.API, error) { } return apis, nil } + +// ConvertRefConfigsV2ToV1 converts RefConfig v2 to v1 +func ConvertRefConfigsV2ToV1(refConfig *dpv1alpha2.RefConfig) *dpv1alpha1.RefConfig { + + return &dpv1alpha1.RefConfig{ + Name: refConfig.Name, + Key: refConfig.Key, + } +} diff --git a/adapter/pkg/discovery/api/wso2/discovery/api/api.pb.go b/adapter/pkg/discovery/api/wso2/discovery/api/api.pb.go index 25f867493e..d031764f02 100644 --- a/adapter/pkg/discovery/api/wso2/discovery/api/api.pb.go +++ b/adapter/pkg/discovery/api/wso2/discovery/api/api.pb.go @@ -64,6 +64,7 @@ type Api struct { SystemAPI bool `protobuf:"varint,24,opt,name=systemAPI,proto3" json:"systemAPI,omitempty"` BackendJWTTokenInfo *BackendJWTTokenInfo `protobuf:"bytes,25,opt,name=backendJWTTokenInfo,proto3" json:"backendJWTTokenInfo,omitempty"` ApiDefinitionFile []byte `protobuf:"bytes,26,opt,name=apiDefinitionFile,proto3" json:"apiDefinitionFile,omitempty"` + Environment string `protobuf:"bytes,27,opt,name=environment,proto3" json:"environment,omitempty"` } func (x *Api) Reset() { @@ -231,6 +232,13 @@ func (x *Api) GetApiDefinitionFile() []byte { return nil } +func (x *Api) GetEnvironment() string { + if x != nil { + return x.Environment + } + return "" +} + var File_wso2_discovery_api_api_proto protoreflect.FileDescriptor var file_wso2_discovery_api_api_proto_rawDesc = []byte{ @@ -244,7 +252,7 @@ var file_wso2_discovery_api_api_proto_rawDesc = []byte{ 0x69, 0x63, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x2c, 0x77, 0x73, 0x6f, 0x32, 0x2f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x42, 0x61, 0x63, 0x6b, 0x65, 0x6e, 0x64, 0x4a, 0x57, 0x54, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x49, - 0x6e, 0x66, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xf7, 0x05, 0x0a, 0x03, 0x41, 0x70, + 0x6e, 0x66, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x99, 0x06, 0x0a, 0x03, 0x41, 0x70, 0x69, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x14, 0x0a, 0x05, 0x74, 0x69, 0x74, 0x6c, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x74, 0x69, 0x74, 0x6c, 0x65, 0x12, 0x18, 0x0a, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, @@ -292,14 +300,16 @@ var file_wso2_discovery_api_api_proto_rawDesc = []byte{ 0x6e, 0x49, 0x6e, 0x66, 0x6f, 0x12, 0x2c, 0x0a, 0x11, 0x61, 0x70, 0x69, 0x44, 0x65, 0x66, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x46, 0x69, 0x6c, 0x65, 0x18, 0x1a, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x11, 0x61, 0x70, 0x69, 0x44, 0x65, 0x66, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x46, - 0x69, 0x6c, 0x65, 0x42, 0x70, 0x0a, 0x23, 0x6f, 0x72, 0x67, 0x2e, 0x77, 0x73, 0x6f, 0x32, 0x2e, - 0x61, 0x70, 0x6b, 0x2e, 0x65, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x65, 0x72, 0x2e, 0x64, 0x69, 0x73, - 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x42, 0x08, 0x41, 0x70, 0x69, 0x50, - 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x3d, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, - 0x6f, 0x6d, 0x2f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2f, 0x67, 0x6f, - 0x2d, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x2d, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x2f, 0x77, - 0x73, 0x6f, 0x32, 0x2f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2f, 0x61, 0x70, - 0x69, 0x3b, 0x61, 0x70, 0x69, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x69, 0x6c, 0x65, 0x12, 0x20, 0x0a, 0x0b, 0x65, 0x6e, 0x76, 0x69, 0x72, 0x6f, 0x6e, 0x6d, 0x65, + 0x6e, 0x74, 0x18, 0x1b, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x65, 0x6e, 0x76, 0x69, 0x72, 0x6f, + 0x6e, 0x6d, 0x65, 0x6e, 0x74, 0x42, 0x70, 0x0a, 0x23, 0x6f, 0x72, 0x67, 0x2e, 0x77, 0x73, 0x6f, + 0x32, 0x2e, 0x61, 0x70, 0x6b, 0x2e, 0x65, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x65, 0x72, 0x2e, 0x64, + 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x42, 0x08, 0x41, 0x70, + 0x69, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x3d, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, + 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2f, + 0x67, 0x6f, 0x2d, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x2d, 0x70, 0x6c, 0x61, 0x6e, 0x65, + 0x2f, 0x77, 0x73, 0x6f, 0x32, 0x2f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2f, + 0x61, 0x70, 0x69, 0x3b, 0x61, 0x70, 0x69, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( diff --git a/adapter/pkg/discovery/api/wso2/discovery/subscription/jwtIssuer.pb.go b/adapter/pkg/discovery/api/wso2/discovery/subscription/jwtIssuer.pb.go index 4e097261de..5b28d8c8d4 100644 --- a/adapter/pkg/discovery/api/wso2/discovery/subscription/jwtIssuer.pb.go +++ b/adapter/pkg/discovery/api/wso2/discovery/subscription/jwtIssuer.pb.go @@ -50,6 +50,7 @@ type JWTIssuer struct { ConsumerKeyClaim string `protobuf:"bytes,6,opt,name=consumerKeyClaim,proto3" json:"consumerKeyClaim,omitempty"` ScopesClaim string `protobuf:"bytes,7,opt,name=scopesClaim,proto3" json:"scopesClaim,omitempty"` ClaimMapping map[string]string `protobuf:"bytes,8,rep,name=claimMapping,proto3" json:"claimMapping,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` + Environments []string `protobuf:"bytes,9,rep,name=environments,proto3" json:"environments,omitempty"` } func (x *JWTIssuer) Reset() { @@ -140,6 +141,13 @@ func (x *JWTIssuer) GetClaimMapping() map[string]string { return nil } +func (x *JWTIssuer) GetEnvironments() []string { + if x != nil { + return x.Environments + } + return nil +} + type Certificate struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache @@ -257,7 +265,7 @@ var file_wso2_discovery_subscription_jwtIssuer_proto_rawDesc = []byte{ 0x2f, 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x2f, 0x6a, 0x77, 0x74, 0x49, 0x73, 0x73, 0x75, 0x65, 0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x1b, 0x77, 0x73, 0x6f, 0x32, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x73, 0x75, - 0x62, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0xae, 0x03, 0x0a, 0x09, 0x4a, + 0x62, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0xd2, 0x03, 0x0a, 0x09, 0x4a, 0x57, 0x54, 0x49, 0x73, 0x73, 0x75, 0x65, 0x72, 0x12, 0x18, 0x0a, 0x07, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x49, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x49, 0x64, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, @@ -280,30 +288,32 @@ var file_wso2_discovery_subscription_jwtIssuer_proto_rawDesc = []byte{ 0x65, 0x72, 0x79, 0x2e, 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x4a, 0x57, 0x54, 0x49, 0x73, 0x73, 0x75, 0x65, 0x72, 0x2e, 0x43, 0x6c, 0x61, 0x69, 0x6d, 0x4d, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x0c, 0x63, 0x6c, - 0x61, 0x69, 0x6d, 0x4d, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x1a, 0x3f, 0x0a, 0x11, 0x43, 0x6c, - 0x61, 0x69, 0x6d, 0x4d, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, - 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, - 0x79, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, - 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x22, 0x66, 0x0a, 0x0b, 0x43, - 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x12, 0x20, 0x0a, 0x0b, 0x63, 0x65, - 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, - 0x0b, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x12, 0x35, 0x0a, 0x04, - 0x6a, 0x77, 0x6b, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x77, 0x73, 0x6f, - 0x32, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x73, 0x75, 0x62, 0x73, - 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x4a, 0x57, 0x4b, 0x53, 0x52, 0x04, 0x6a, - 0x77, 0x6b, 0x73, 0x22, 0x2a, 0x0a, 0x04, 0x4a, 0x57, 0x4b, 0x53, 0x12, 0x10, 0x0a, 0x03, 0x75, - 0x72, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x75, 0x72, 0x6c, 0x12, 0x10, 0x0a, - 0x03, 0x74, 0x6c, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x74, 0x6c, 0x73, 0x42, - 0x91, 0x01, 0x0a, 0x2c, 0x6f, 0x72, 0x67, 0x2e, 0x77, 0x73, 0x6f, 0x32, 0x2e, 0x61, 0x70, 0x6b, - 0x2e, 0x65, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x65, 0x72, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, - 0x65, 0x72, 0x79, 0x2e, 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, - 0x42, 0x0e, 0x4a, 0x57, 0x54, 0x49, 0x73, 0x73, 0x75, 0x65, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, - 0x50, 0x01, 0x5a, 0x4f, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x65, - 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2f, 0x67, 0x6f, 0x2d, 0x63, 0x6f, 0x6e, - 0x74, 0x72, 0x6f, 0x6c, 0x2d, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x2f, 0x77, 0x73, 0x6f, 0x32, 0x2f, - 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2f, 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, - 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x3b, 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, - 0x69, 0x6f, 0x6e, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x61, 0x69, 0x6d, 0x4d, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x12, 0x22, 0x0a, 0x0c, 0x65, 0x6e, + 0x76, 0x69, 0x72, 0x6f, 0x6e, 0x6d, 0x65, 0x6e, 0x74, 0x73, 0x18, 0x09, 0x20, 0x03, 0x28, 0x09, + 0x52, 0x0c, 0x65, 0x6e, 0x76, 0x69, 0x72, 0x6f, 0x6e, 0x6d, 0x65, 0x6e, 0x74, 0x73, 0x1a, 0x3f, + 0x0a, 0x11, 0x43, 0x6c, 0x61, 0x69, 0x6d, 0x4d, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x45, 0x6e, + 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, + 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x22, + 0x66, 0x0a, 0x0b, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x12, 0x20, + 0x0a, 0x0b, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x18, 0x01, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x0b, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, + 0x12, 0x35, 0x0a, 0x04, 0x6a, 0x77, 0x6b, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, + 0x2e, 0x77, 0x73, 0x6f, 0x32, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, + 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x4a, 0x57, 0x4b, + 0x53, 0x52, 0x04, 0x6a, 0x77, 0x6b, 0x73, 0x22, 0x2a, 0x0a, 0x04, 0x4a, 0x57, 0x4b, 0x53, 0x12, + 0x10, 0x0a, 0x03, 0x75, 0x72, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x75, 0x72, + 0x6c, 0x12, 0x10, 0x0a, 0x03, 0x74, 0x6c, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, + 0x74, 0x6c, 0x73, 0x42, 0x91, 0x01, 0x0a, 0x2c, 0x6f, 0x72, 0x67, 0x2e, 0x77, 0x73, 0x6f, 0x32, + 0x2e, 0x61, 0x70, 0x6b, 0x2e, 0x65, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x65, 0x72, 0x2e, 0x64, 0x69, + 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x70, + 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x0e, 0x4a, 0x57, 0x54, 0x49, 0x73, 0x73, 0x75, 0x65, 0x72, 0x50, + 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x4f, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, + 0x6f, 0x6d, 0x2f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2f, 0x67, 0x6f, + 0x2d, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x2d, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x2f, 0x77, + 0x73, 0x6f, 0x32, 0x2f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2f, 0x73, 0x75, + 0x62, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x3b, 0x73, 0x75, 0x62, 0x73, 0x63, + 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( diff --git a/admin/admin-domain-service/README.md b/admin/admin-domain-service/README.md index 957e3c219f..dee1992983 100644 --- a/admin/admin-domain-service/README.md +++ b/admin/admin-domain-service/README.md @@ -1,2 +1,4 @@ ## Admin Domain Service +### Functionalities + diff --git a/admin/admin-domain-service/docker/Dockerfile b/admin/admin-domain-service/docker/Dockerfile index c4d0848e6c..70993268f4 100644 --- a/admin/admin-domain-service/docker/Dockerfile +++ b/admin/admin-domain-service/docker/Dockerfile @@ -22,6 +22,10 @@ FROM ubuntu:22.04 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' LC_ALL='en_US.UTF-8' +# Upgrade Ubuntu Dependencies +RUN apt-get update \ + && apt-get upgrade -y + # install JDK Dependencies RUN apt-get update \ && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends tzdata curl wget ca-certificates fontconfig locales \ diff --git a/backoffice/backoffice-domain-service/README.md b/backoffice/backoffice-domain-service/README.md index 253790a73f..d9da35b00d 100644 --- a/backoffice/backoffice-domain-service/README.md +++ b/backoffice/backoffice-domain-service/README.md @@ -1 +1,3 @@ -## Backoffice Domain Service \ No newline at end of file +## Backoffice Domain Service + +### Functionalities. \ No newline at end of file diff --git a/backoffice/backoffice-domain-service/docker/Dockerfile b/backoffice/backoffice-domain-service/docker/Dockerfile index b4f5a01b98..0806c796cb 100644 --- a/backoffice/backoffice-domain-service/docker/Dockerfile +++ b/backoffice/backoffice-domain-service/docker/Dockerfile @@ -22,6 +22,10 @@ FROM ubuntu:22.04 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' LC_ALL='en_US.UTF-8' +# Upgrade Ubuntu Dependencies +RUN apt-get update \ + && apt-get upgrade -y + # install JDK Dependencies RUN apt-get update \ && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends tzdata curl wget ca-certificates fontconfig locales \ diff --git a/build-apk.sh b/build-apk.sh index d4b1c655f1..ae3cbc2471 100755 --- a/build-apk.sh +++ b/build-apk.sh @@ -14,6 +14,8 @@ cd gateway/router;./gradlew build; cd $current_dir; cd gateway/enforcer;./gradlew build; cd $current_dir; +cd common-controller;./gradlew build; +cd $current_dir; cd idp/idp-domain-service;./gradlew build; cd $current_dir; cd idp/idp-ui;./gradlew build; diff --git a/common-controller/coverage.out b/common-controller/coverage.out index c2ec4bc896..d651655b82 100644 --- a/common-controller/coverage.out +++ b/common-controller/coverage.out @@ -1,573 +1,610 @@ mode: atomic -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/apipolicy_types.go:138.13,140.2 1 1 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/interceptorservice_webhook.go:28.78,32.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/interceptorservice_webhook.go:41.41,41.42 0 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/interceptorservice_webhook.go:49.75,52.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/interceptorservice_webhook.go:55.93,58.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/interceptorservice_webhook.go:61.75,64.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/backendjwt_types.go:109.13,111.2 1 1 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/custom_ratelimit_policy.go:32.94,40.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_types.go:194.13,196.2 1 1 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/apipolicy_webhook.go:33.69,37.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/apipolicy_webhook.go:46.32,46.33 0 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/apipolicy_webhook.go:54.66,56.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/apipolicy_webhook.go:59.84,61.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/apipolicy_webhook.go:64.44,67.33 2 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/apipolicy_webhook.go:70.2,71.51 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/apipolicy_webhook.go:75.2,75.107 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/apipolicy_webhook.go:79.2,79.22 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/apipolicy_webhook.go:84.2,84.12 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/apipolicy_webhook.go:67.33,69.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/apipolicy_webhook.go:71.51,74.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/apipolicy_webhook.go:75.107,78.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/apipolicy_webhook.go:79.22,83.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/apipolicy_webhook.go:88.66,91.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/backend_types.go:280.13,282.2 1 1 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/backendjwt_webhook.go:34.70,38.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/backendjwt_webhook.go:47.33,49.2 0 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/backendjwt_webhook.go:57.67,60.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/backendjwt_webhook.go:63.85,66.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/backendjwt_webhook.go:68.48,71.31 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/backendjwt_webhook.go:97.2,97.22 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/backendjwt_webhook.go:102.2,102.12 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/backendjwt_webhook.go:71.31,73.18 2 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/backendjwt_webhook.go:74.14,75.55 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/backendjwt_webhook.go:78.16,79.65 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/backendjwt_webhook.go:82.15,83.60 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/backendjwt_webhook.go:86.15,87.67 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/backendjwt_webhook.go:90.15,91.67 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/backendjwt_webhook.go:75.55,77.5 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/backendjwt_webhook.go:79.65,81.5 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/backendjwt_webhook.go:83.60,85.5 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/backendjwt_webhook.go:87.67,89.5 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/backendjwt_webhook.go:91.67,93.5 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/backendjwt_webhook.go:97.22,101.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/backendjwt_webhook.go:106.67,109.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/ratelimitpolicy_webhook.go:33.75,37.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/ratelimitpolicy_webhook.go:46.38,48.2 0 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/ratelimitpolicy_webhook.go:56.72,60.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/ratelimitpolicy_webhook.go:63.90,67.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/ratelimitpolicy_webhook.go:70.72,74.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/ratelimitpolicy_webhook.go:77.52,79.33 2 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/ratelimitpolicy_webhook.go:83.2,84.51 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/ratelimitpolicy_webhook.go:88.2,88.107 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/ratelimitpolicy_webhook.go:93.2,93.22 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/ratelimitpolicy_webhook.go:98.2,98.12 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/ratelimitpolicy_webhook.go:79.33,82.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/ratelimitpolicy_webhook.go:84.51,87.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/ratelimitpolicy_webhook.go:88.107,91.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/ratelimitpolicy_webhook.go:93.22,97.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:30.39,36.2 5 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:39.32,40.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:43.2,45.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:40.15,42.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:49.48,50.34 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:53.2,53.12 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:50.34,52.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:57.47,61.21 4 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:61.21,64.22 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:64.22,66.4 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:71.40,72.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:75.2,77.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:72.15,74.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:81.52,82.34 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:85.2,85.12 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:82.34,84.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:89.51,95.2 5 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:98.44,99.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:102.2,104.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:99.15,101.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:108.54,109.34 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:112.2,112.12 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:109.34,111.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:116.59,120.21 4 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:120.21,123.22 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:123.22,125.4 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:130.52,131.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:134.2,136.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:131.15,133.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:140.58,141.34 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:144.2,144.12 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:141.34,143.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:148.59,150.23 2 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:155.2,155.24 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:160.2,160.43 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:150.23,154.3 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:155.24,159.3 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:164.52,165.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:168.2,170.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:165.15,167.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:174.63,176.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:179.56,180.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:183.2,185.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:180.15,182.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:189.69,191.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:194.62,195.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:198.2,200.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:195.15,197.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:204.47,206.26 2 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:213.2,213.23 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:220.2,220.29 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:206.26,209.22 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:209.22,211.4 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:213.23,216.22 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:216.22,218.4 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:220.29,224.3 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:228.40,229.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:232.2,234.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:229.15,231.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:238.51,241.2 2 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:244.44,245.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:248.2,250.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:245.15,247.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:254.47,260.2 5 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:263.40,264.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:267.2,269.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:264.15,266.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:273.52,274.34 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:277.2,277.12 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:274.34,276.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:281.53,287.2 5 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:290.46,291.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:294.2,296.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:291.15,293.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:300.55,301.34 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:304.2,304.12 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:301.34,303.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:308.61,312.21 4 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:312.21,315.22 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:315.22,317.4 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:322.54,323.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:326.2,328.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:323.15,325.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:332.59,333.34 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:336.2,336.12 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:333.34,335.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:340.61,342.28 2 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:342.28,346.3 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:350.54,351.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:354.2,356.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:351.15,353.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:360.65,362.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:365.58,366.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:369.2,371.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:366.15,368.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:375.63,377.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:380.56,381.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:384.2,386.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:381.15,383.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:390.55,394.21 4 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:394.21,397.22 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:397.22,399.4 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:404.48,405.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:408.2,410.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:405.15,407.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:414.56,415.34 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:418.2,418.12 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:415.34,417.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:422.65,424.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:427.58,428.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:431.2,433.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:428.15,430.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:437.55,439.24 2 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:444.2,444.19 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:449.2,449.24 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:454.2,454.30 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:459.2,459.23 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:464.2,464.21 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:469.2,469.27 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:439.24,443.3 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:444.19,448.3 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:449.24,453.3 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:454.30,458.3 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:459.23,463.3 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:464.21,468.3 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:469.27,473.3 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:477.48,478.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:481.2,483.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:478.15,480.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:487.59,489.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:492.52,493.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:496.2,498.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:493.15,495.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:502.71,505.2 2 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:508.64,509.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:512.2,514.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:509.15,511.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:518.53,520.41 2 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:525.2,525.41 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:530.2,530.41 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:535.2,535.42 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:540.2,540.35 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:520.41,524.3 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:525.41,529.3 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:530.41,534.3 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:535.42,539.3 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:540.35,544.3 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:548.46,549.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:552.2,554.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:549.15,551.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:558.61,560.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:563.54,564.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:567.2,569.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:564.15,566.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:573.55,575.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:578.48,579.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:582.2,584.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:579.15,581.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:588.75,590.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:593.68,594.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:597.2,599.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:594.15,596.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:603.81,605.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:608.74,609.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:612.2,614.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:609.15,611.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:618.65,620.30 2 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:624.2,624.22 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:620.30,623.3 2 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:624.22,628.3 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:632.58,633.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:636.2,638.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:633.15,635.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:642.51,644.29 2 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:644.29,648.3 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:652.44,653.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:656.2,658.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:653.15,655.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:662.55,664.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:667.48,668.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:671.2,673.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:668.15,670.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:677.73,679.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:682.66,683.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:686.2,688.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:683.15,685.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:692.69,698.2 5 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:701.62,702.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:705.2,707.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:702.15,704.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:711.63,712.34 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:715.2,715.12 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:712.34,714.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:719.77,723.21 4 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:723.21,726.22 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:726.22,728.4 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:733.70,734.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:737.2,739.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:734.15,736.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:743.67,744.34 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:747.2,747.12 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:744.34,746.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:751.77,754.24 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:754.24,758.3 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:762.70,763.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:766.2,768.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:763.15,765.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:772.81,774.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:777.74,778.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:781.2,783.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:778.15,780.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:787.53,789.35 2 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:794.2,794.36 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:799.2,799.32 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:804.2,804.26 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:789.35,793.3 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:794.36,798.3 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:799.32,803.3 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:804.26,808.3 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:812.46,813.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:816.2,818.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:813.15,815.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:822.49,824.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:827.42,828.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:831.2,833.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:828.15,830.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:837.69,839.19 2 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:844.2,844.22 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:839.19,843.3 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:844.22,848.3 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:852.62,853.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:856.2,858.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:853.15,855.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:862.63,868.2 5 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:871.56,872.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:875.2,877.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:872.15,874.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:881.60,882.34 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:885.2,885.12 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:882.34,884.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:889.71,893.21 4 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:893.21,896.22 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:896.22,898.4 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:903.64,904.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:907.2,909.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:904.15,906.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:913.64,914.34 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:917.2,917.12 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:914.34,916.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:921.71,923.23 2 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:928.2,928.24 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:933.2,933.43 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:923.23,927.3 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:928.24,932.3 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:937.64,938.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:941.2,943.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:938.15,940.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:947.75,949.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:952.68,953.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:956.2,958.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:953.15,955.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:962.51,964.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:967.44,968.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:971.2,973.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:968.15,970.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:977.65,979.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:982.58,983.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:986.2,988.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:983.15,985.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:992.83,995.25 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:1000.2,1000.21 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:995.25,999.3 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:1000.21,1004.3 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:1008.76,1009.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:1012.2,1014.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:1009.15,1011.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:1018.63,1021.2 2 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:1024.56,1025.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:1028.2,1030.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:1025.15,1027.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:1034.55,1036.27 2 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:1036.27,1040.3 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:1044.48,1045.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:1048.2,1050.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:1045.15,1047.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:1054.51,1056.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:1059.44,1060.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:1063.2,1065.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:1060.15,1062.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:1069.61,1071.21 2 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:1071.21,1075.3 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:1079.54,1080.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:1083.2,1085.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:1080.15,1082.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:1089.47,1091.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:1094.40,1095.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:1098.2,1100.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:1095.15,1097.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:1104.51,1106.33 2 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:1111.2,1111.25 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:1116.2,1116.28 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:1121.2,1121.27 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:1106.33,1110.3 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:1111.25,1115.3 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:1116.28,1120.3 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:1121.27,1125.3 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:1129.44,1130.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:1133.2,1135.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:1130.15,1132.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:1139.47,1141.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:1144.40,1145.15 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:1148.2,1150.12 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go:1145.15,1147.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/ratelimitpolicy_types.go:114.13,116.2 1 1 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:44.63,49.2 2 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:58.26,60.2 0 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:68.60,70.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:73.78,75.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:78.60,82.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:85.35,89.25 4 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:96.2,96.27 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:105.2,105.31 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:109.2,109.243 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:114.2,115.32 2 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:118.2,118.29 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:122.2,122.43 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:127.2,127.43 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:132.2,132.22 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:137.2,137.12 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:89.25,90.48 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:90.48,93.4 2 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:96.27,98.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:98.8,98.98 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:98.98,100.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:100.8,100.78 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:100.78,102.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:105.31,107.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:109.243,112.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:115.32,117.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:118.29,120.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:122.43,125.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:127.43,130.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:132.22,136.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:140.51,141.30 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:146.2,146.14 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:141.30,142.16 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:142.16,144.4 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:149.73,152.16 2 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:157.2,158.30 2 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:191.2,191.12 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:152.16,156.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:158.30,160.68 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:160.68,161.92 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:168.4,168.31 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:161.92,167.5 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:168.31,171.34 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:181.5,181.73 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:171.34,172.77 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:172.77,178.7 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:181.73,187.6 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:194.39,199.23 5 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:217.2,217.18 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:199.23,201.69 2 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:205.3,206.34 2 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:201.69,204.4 2 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:207.8,208.40 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:208.40,210.90 2 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:214.4,214.41 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:210.90,213.5 2 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:220.75,221.50 1 1 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:224.2,224.11 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:221.50,223.3 1 1 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:228.56,230.21 2 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:233.2,233.17 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go:230.21,232.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/backend_webhook.go:35.67,39.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/backend_webhook.go:48.29,52.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/backend_webhook.go:60.64,62.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/backend_webhook.go:65.82,67.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/backend_webhook.go:70.64,75.2 2 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/backend_webhook.go:77.47,80.24 3 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/backend_webhook.go:89.2,89.22 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/backend_webhook.go:94.2,94.12 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/backend_webhook.go:80.24,81.54 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/backend_webhook.go:81.54,82.44 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/backend_webhook.go:82.44,85.5 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/backend_webhook.go:89.22,93.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1/interceptorservice_types.go:91.13,93.2 1 1 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:66.98,73.45 3 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:78.2,79.16 2 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:85.2,89.106 3 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:95.2,96.112 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:102.2,102.143 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:108.2,109.12 2 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:73.45,76.3 2 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:79.16,83.3 2 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:89.106,93.3 2 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:96.112,100.3 2 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:102.143,106.3 2 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:125.125,134.92 6 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:154.2,157.53 3 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:160.2,166.27 6 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:134.92,137.39 2 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:145.3,146.45 2 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:152.3,152.28 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:137.39,140.50 3 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:143.4,143.69 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:140.50,142.5 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:146.45,151.4 4 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:157.53,159.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:169.136,171.9 2 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:177.2,182.17 3 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:186.2,186.46 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:191.2,191.17 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:171.9,175.3 2 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:182.17,184.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:186.46,189.3 2 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:195.116,197.9 2 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:203.2,208.4 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:197.9,201.3 2 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:211.142,213.9 2 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:219.2,224.17 3 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:227.2,227.46 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:232.2,232.17 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:213.9,217.3 2 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:224.17,226.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:227.46,230.3 2 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:236.95,242.62 5 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:296.2,296.67 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:392.2,392.32 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:242.62,246.22 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:249.3,252.35 4 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:267.3,267.32 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:282.3,282.43 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:289.3,292.53 4 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:246.22,248.4 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:252.35,253.61 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:253.61,254.18 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:254.18,258.31 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:261.6,261.56 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:258.31,260.7 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:261.56,263.7 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:267.32,268.58 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:268.58,269.18 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:269.18,273.31 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:276.6,276.56 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:273.31,275.7 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:276.56,278.7 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:282.43,285.4 2 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:285.9,288.4 2 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:296.67,300.22 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:303.3,306.35 4 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:346.3,346.32 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:386.3,390.51 5 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:300.22,302.4 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:306.35,307.61 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:307.61,308.18 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:308.18,312.31 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:315.6,315.48 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:312.31,314.7 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:315.48,316.43 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:316.43,317.38 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:317.38,318.130 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:336.9,336.59 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:318.130,321.43 3 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:326.10,327.50 2 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:334.10,334.76 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:321.43,323.11 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:323.16,325.11 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:327.50,330.11 2 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:330.16,333.11 2 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:336.59,338.10 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:346.32,347.58 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:347.58,348.18 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:348.18,352.31 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:355.6,355.48 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:352.31,354.7 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:355.48,356.43 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:356.43,357.38 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:357.38,358.130 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:376.9,376.59 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:358.130,361.43 3 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:366.10,367.50 2 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:374.10,374.76 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:361.43,363.11 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:363.16,365.11 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:367.50,370.11 2 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:370.16,373.11 2 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:376.59,378.10 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:396.82,399.66 2 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:403.2,403.30 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:399.66,402.3 2 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:407.118,411.2 3 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:413.65,415.41 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:437.2,438.41 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:448.2,448.12 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:415.41,418.46 3 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:431.4,431.26 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:418.46,419.41 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:419.41,420.36 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:420.36,421.68 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:421.68,427.8 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:432.18,434.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:438.41,447.4 4 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:452.61,457.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:460.83,461.42 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:464.2,464.25 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:461.42,463.3 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:470.78,471.41 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:471.41,472.24 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:475.3,475.70 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:472.24,474.4 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:480.39,483.2 1 0 -github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:486.96,490.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/backendjwt_types.go:109.13,111.2 1 1 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/backendjwt_webhook.go:34.70,38.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/backendjwt_webhook.go:47.33,49.2 0 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/backendjwt_webhook.go:57.67,60.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/backendjwt_webhook.go:63.85,66.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/backendjwt_webhook.go:68.48,71.31 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/backendjwt_webhook.go:97.2,97.22 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/backendjwt_webhook.go:102.2,102.12 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/backendjwt_webhook.go:71.31,73.18 2 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/backendjwt_webhook.go:74.14,75.55 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/backendjwt_webhook.go:78.16,79.65 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/backendjwt_webhook.go:82.15,83.60 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/backendjwt_webhook.go:86.15,87.67 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/backendjwt_webhook.go:90.15,91.67 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/backendjwt_webhook.go:75.55,77.5 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/backendjwt_webhook.go:79.65,81.5 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/backendjwt_webhook.go:83.60,85.5 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/backendjwt_webhook.go:87.67,89.5 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/backendjwt_webhook.go:91.67,93.5 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/backendjwt_webhook.go:97.22,101.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/backendjwt_webhook.go:106.67,109.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/ratelimitpolicy_webhook.go:33.75,37.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/ratelimitpolicy_webhook.go:46.38,48.2 0 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/ratelimitpolicy_webhook.go:56.72,60.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/ratelimitpolicy_webhook.go:63.90,67.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/ratelimitpolicy_webhook.go:70.72,74.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/ratelimitpolicy_webhook.go:77.52,79.33 2 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/ratelimitpolicy_webhook.go:83.2,84.51 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/ratelimitpolicy_webhook.go:88.2,88.107 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/ratelimitpolicy_webhook.go:93.2,93.22 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/ratelimitpolicy_webhook.go:98.2,98.12 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/ratelimitpolicy_webhook.go:79.33,82.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/ratelimitpolicy_webhook.go:84.51,87.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/ratelimitpolicy_webhook.go:88.107,91.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/ratelimitpolicy_webhook.go:93.22,97.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/api_conversion.go:27.56,45.43 13 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/api_conversion.go:48.2,52.40 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/api_conversion.go:55.2,58.37 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/api_conversion.go:61.2,66.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/api_conversion.go:45.43,47.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/api_conversion.go:52.40,54.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/api_conversion.go:58.37,60.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/api_conversion.go:71.58,89.43 13 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/api_conversion.go:92.2,96.40 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/api_conversion.go:99.2,102.37 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/api_conversion.go:105.2,110.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/api_conversion.go:89.43,91.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/api_conversion.go:96.40,98.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/api_conversion.go:102.37,104.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/api_types.go:194.13,196.2 1 1 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/backend_webhook.go:35.67,39.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/backend_webhook.go:48.29,52.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/backend_webhook.go:60.64,62.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/backend_webhook.go:65.82,67.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/backend_webhook.go:70.64,75.2 2 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/backend_webhook.go:77.47,80.24 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/backend_webhook.go:89.2,89.22 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/backend_webhook.go:94.2,94.12 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/backend_webhook.go:80.24,81.54 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/backend_webhook.go:81.54,82.44 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/backend_webhook.go:82.44,85.5 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/backend_webhook.go:89.22,93.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/apipolicy_types.go:138.13,140.2 1 1 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/custom_ratelimit_policy.go:32.94,40.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/interceptorservice_types.go:91.13,93.2 1 1 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/interceptorservice_webhook.go:28.78,32.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/interceptorservice_webhook.go:41.41,41.42 0 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/interceptorservice_webhook.go:49.75,52.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/interceptorservice_webhook.go:55.93,58.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/interceptorservice_webhook.go:61.75,64.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/ratelimitpolicy_types.go:114.13,116.2 1 1 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:30.39,36.2 5 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:39.32,40.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:43.2,45.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:40.15,42.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:49.48,50.34 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:53.2,53.12 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:50.34,52.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:57.47,61.21 4 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:61.21,64.22 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:64.22,66.4 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:71.40,72.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:75.2,77.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:72.15,74.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:81.52,82.34 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:85.2,85.12 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:82.34,84.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:89.51,95.2 5 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:98.44,99.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:102.2,104.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:99.15,101.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:108.54,109.34 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:112.2,112.12 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:109.34,111.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:116.59,120.21 4 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:120.21,123.22 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:123.22,125.4 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:130.52,131.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:134.2,136.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:131.15,133.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:140.58,141.34 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:144.2,144.12 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:141.34,143.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:148.59,150.23 2 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:155.2,155.24 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:160.2,160.43 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:150.23,154.3 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:155.24,159.3 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:164.52,165.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:168.2,170.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:165.15,167.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:174.63,176.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:179.56,180.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:183.2,185.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:180.15,182.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:189.69,191.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:194.62,195.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:198.2,200.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:195.15,197.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:204.47,206.26 2 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:213.2,213.23 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:220.2,220.29 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:206.26,209.22 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:209.22,211.4 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:213.23,216.22 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:216.22,218.4 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:220.29,224.3 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:228.40,229.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:232.2,234.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:229.15,231.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:238.51,241.2 2 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:244.44,245.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:248.2,250.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:245.15,247.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:254.47,260.2 5 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:263.40,264.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:267.2,269.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:264.15,266.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:273.52,274.34 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:277.2,277.12 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:274.34,276.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:281.53,287.2 5 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:290.46,291.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:294.2,296.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:291.15,293.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:300.55,301.34 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:304.2,304.12 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:301.34,303.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:308.61,312.21 4 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:312.21,315.22 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:315.22,317.4 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:322.54,323.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:326.2,328.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:323.15,325.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:332.59,333.34 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:336.2,336.12 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:333.34,335.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:340.61,342.28 2 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:342.28,346.3 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:350.54,351.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:354.2,356.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:351.15,353.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:360.65,362.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:365.58,366.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:369.2,371.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:366.15,368.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:375.63,377.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:380.56,381.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:384.2,386.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:381.15,383.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:390.55,394.21 4 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:394.21,397.22 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:397.22,399.4 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:404.48,405.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:408.2,410.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:405.15,407.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:414.56,415.34 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:418.2,418.12 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:415.34,417.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:422.65,424.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:427.58,428.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:431.2,433.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:428.15,430.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:437.55,439.24 2 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:444.2,444.19 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:449.2,449.24 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:454.2,454.30 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:459.2,459.23 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:464.2,464.21 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:469.2,469.27 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:439.24,443.3 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:444.19,448.3 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:449.24,453.3 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:454.30,458.3 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:459.23,463.3 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:464.21,468.3 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:469.27,473.3 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:477.48,478.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:481.2,483.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:478.15,480.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:487.59,489.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:492.52,493.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:496.2,498.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:493.15,495.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:502.71,505.2 2 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:508.64,509.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:512.2,514.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:509.15,511.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:518.53,520.41 2 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:525.2,525.41 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:530.2,530.41 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:535.2,535.42 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:540.2,540.35 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:520.41,524.3 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:525.41,529.3 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:530.41,534.3 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:535.42,539.3 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:540.35,544.3 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:548.46,549.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:552.2,554.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:549.15,551.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:558.61,560.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:563.54,564.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:567.2,569.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:564.15,566.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:573.55,575.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:578.48,579.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:582.2,584.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:579.15,581.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:588.75,590.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:593.68,594.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:597.2,599.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:594.15,596.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:603.81,605.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:608.74,609.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:612.2,614.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:609.15,611.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:618.65,620.30 2 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:624.2,624.22 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:620.30,623.3 2 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:624.22,628.3 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:632.58,633.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:636.2,638.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:633.15,635.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:642.51,644.29 2 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:644.29,648.3 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:652.44,653.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:656.2,658.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:653.15,655.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:662.55,664.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:667.48,668.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:671.2,673.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:668.15,670.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:677.73,679.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:682.66,683.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:686.2,688.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:683.15,685.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:692.69,698.2 5 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:701.62,702.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:705.2,707.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:702.15,704.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:711.63,712.34 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:715.2,715.12 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:712.34,714.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:719.77,723.21 4 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:723.21,726.22 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:726.22,728.4 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:733.70,734.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:737.2,739.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:734.15,736.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:743.67,744.34 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:747.2,747.12 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:744.34,746.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:751.77,754.24 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:754.24,758.3 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:762.70,763.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:766.2,768.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:763.15,765.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:772.81,774.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:777.74,778.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:781.2,783.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:778.15,780.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:787.53,789.35 2 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:794.2,794.36 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:799.2,799.32 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:804.2,804.26 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:789.35,793.3 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:794.36,798.3 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:799.32,803.3 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:804.26,808.3 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:812.46,813.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:816.2,818.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:813.15,815.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:822.49,824.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:827.42,828.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:831.2,833.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:828.15,830.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:837.69,839.19 2 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:844.2,844.22 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:839.19,843.3 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:844.22,848.3 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:852.62,853.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:856.2,858.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:853.15,855.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:862.63,868.2 5 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:871.56,872.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:875.2,877.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:872.15,874.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:881.60,882.34 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:885.2,885.12 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:882.34,884.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:889.71,893.21 4 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:893.21,896.22 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:896.22,898.4 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:903.64,904.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:907.2,909.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:904.15,906.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:913.64,914.34 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:917.2,917.12 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:914.34,916.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:921.71,923.23 2 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:928.2,928.24 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:933.2,933.43 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:923.23,927.3 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:928.24,932.3 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:937.64,938.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:941.2,943.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:938.15,940.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:947.75,949.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:952.68,953.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:956.2,958.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:953.15,955.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:962.51,964.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:967.44,968.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:971.2,973.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:968.15,970.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:977.65,979.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:982.58,983.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:986.2,988.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:983.15,985.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:992.83,995.25 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:995.25,999.3 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:1003.76,1004.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:1007.2,1009.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:1004.15,1006.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:1013.63,1016.2 2 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:1019.56,1020.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:1023.2,1025.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:1020.15,1022.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:1029.55,1031.27 2 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:1031.27,1035.3 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:1039.48,1040.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:1043.2,1045.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:1040.15,1042.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:1049.51,1051.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:1054.44,1055.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:1058.2,1060.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:1055.15,1057.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:1064.61,1066.21 2 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:1066.21,1070.3 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:1074.54,1075.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:1078.2,1080.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:1075.15,1077.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:1084.47,1086.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:1089.40,1090.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:1093.2,1095.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:1090.15,1092.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:1099.51,1101.33 2 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:1106.2,1106.25 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:1111.2,1111.28 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:1116.2,1116.27 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:1101.33,1105.3 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:1106.25,1110.3 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:1111.28,1115.3 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:1116.27,1120.3 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:1124.44,1125.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:1128.2,1130.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:1125.15,1127.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:1134.47,1136.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:1139.40,1140.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:1143.2,1145.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go:1140.15,1142.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/api_webhook.go:25.63,29.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/backend_types.go:280.13,282.2 1 1 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/apipolicy_webhook.go:33.69,37.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/apipolicy_webhook.go:46.32,46.33 0 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/apipolicy_webhook.go:54.66,56.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/apipolicy_webhook.go:59.84,61.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/apipolicy_webhook.go:64.44,67.33 2 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/apipolicy_webhook.go:70.2,71.51 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/apipolicy_webhook.go:75.2,75.107 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/apipolicy_webhook.go:79.2,79.22 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/apipolicy_webhook.go:84.2,84.12 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/apipolicy_webhook.go:67.33,69.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/apipolicy_webhook.go:71.51,74.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/apipolicy_webhook.go:75.107,78.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/apipolicy_webhook.go:79.22,83.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1/apipolicy_webhook.go:88.66,91.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_conversion.go:21.20,21.21 0 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_types.go:200.13,202.2 1 1 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:45.63,51.2 2 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:60.26,62.2 0 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:70.60,72.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:75.78,77.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:80.60,84.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:87.35,92.25 4 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:99.2,99.27 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:108.2,108.31 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:112.2,112.243 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:117.2,118.32 2 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:121.2,121.29 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:125.2,125.43 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:130.2,130.43 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:135.2,135.22 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:141.2,141.12 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:92.25,93.48 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:93.48,96.4 2 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:99.27,101.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:101.8,101.98 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:101.98,103.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:103.8,103.78 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:103.78,105.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:108.31,110.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:112.243,115.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:118.32,120.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:121.29,123.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:125.43,128.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:130.43,133.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:135.22,139.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:144.51,145.30 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:150.2,150.14 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:145.30,146.16 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:146.16,148.4 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:153.73,156.16 2 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:161.2,163.30 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:199.2,199.12 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:156.16,160.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:163.30,165.68 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:165.68,169.54 2 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:176.4,176.31 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:169.54,175.5 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:176.31,179.34 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:189.5,189.73 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:179.34,180.77 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:180.77,186.7 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:189.73,195.6 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:202.39,207.23 5 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:225.2,225.18 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:207.23,209.69 2 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:213.3,214.34 2 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:209.69,212.4 2 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:215.8,216.40 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:216.40,218.90 2 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:222.4,222.41 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:218.90,221.5 2 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:228.75,229.50 1 1 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:232.2,232.11 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:229.50,231.3 1 1 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:236.56,238.21 2 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:241.2,241.17 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go:238.21,240.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:30.39,36.2 5 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:39.32,40.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:43.2,45.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:40.15,42.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:49.48,50.34 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:53.2,53.12 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:50.34,52.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:57.47,61.21 4 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:61.21,64.22 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:64.22,66.4 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:71.40,72.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:75.2,77.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:72.15,74.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:81.52,82.34 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:85.2,85.12 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:82.34,84.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:89.47,91.26 2 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:98.2,98.23 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:105.2,105.29 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:91.26,94.22 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:94.22,96.4 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:98.23,101.22 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:101.22,103.4 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:105.29,109.3 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:113.40,114.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:117.2,119.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:114.15,116.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:123.51,126.2 2 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:129.44,130.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:133.2,135.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:130.15,132.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:139.65,141.30 2 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:145.2,145.22 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:141.30,144.3 2 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:145.22,149.3 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:153.58,154.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:157.2,159.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:154.15,156.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:163.51,165.29 2 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:165.29,169.3 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:173.44,174.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:177.2,179.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:174.15,176.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:183.49,185.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:188.42,189.15 1 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:192.2,194.12 3 0 +github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go:189.15,191.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:69.98,76.45 3 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:81.2,82.16 2 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:88.2,92.106 3 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:98.2,99.112 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:105.2,105.143 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:111.2,112.12 2 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:76.45,79.3 2 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:82.16,86.3 2 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:92.106,96.3 2 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:99.112,103.3 2 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:105.143,109.3 2 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:128.125,137.92 6 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:156.2,156.89 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:171.2,171.27 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:137.92,140.39 2 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:146.3,147.45 2 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:153.3,153.28 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:140.39,145.4 4 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:147.45,152.4 4 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:156.89,160.3 3 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:160.8,162.126 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:162.126,164.4 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:164.9,164.49 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:164.49,168.4 3 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:174.136,176.9 2 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:182.2,187.17 3 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:191.2,191.46 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:196.2,196.17 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:176.9,180.3 2 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:187.17,189.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:191.46,194.3 2 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:200.116,202.9 2 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:208.2,213.4 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:202.9,206.3 2 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:216.142,218.9 2 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:224.2,229.17 3 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:232.2,232.46 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:237.2,237.17 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:218.9,222.3 2 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:229.17,231.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:232.46,235.3 2 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:241.94,249.21 3 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:253.2,258.62 4 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:277.2,277.67 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:311.2,311.24 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:249.21,251.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:258.62,261.43 2 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:269.3,273.52 5 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:261.43,264.4 2 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:264.9,267.4 2 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:277.67,285.35 6 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:297.3,297.32 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:285.35,288.18 2 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:291.4,291.36 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:288.18,290.5 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:291.36,294.5 2 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:297.32,300.18 2 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:303.4,303.36 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:300.18,302.5 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:303.36,307.5 3 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:315.103,320.31 3 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:357.2,357.33 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:320.31,321.16 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:321.16,325.29 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:329.4,329.46 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:325.29,328.5 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:329.46,330.41 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:330.41,331.36 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:331.36,332.128 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:332.128,335.41 3 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:340.8,341.48 2 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:348.8,348.74 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:335.41,337.9 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:337.14,339.9 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:341.48,344.9 2 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:344.14,347.9 2 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:361.82,364.66 2 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:368.2,368.30 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:364.66,367.3 2 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:372.118,376.2 3 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:378.65,380.41 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:402.2,403.41 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:413.2,413.12 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:380.41,383.46 3 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:396.4,396.26 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:383.46,384.41 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:384.41,385.36 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:385.36,386.68 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:386.68,392.8 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:397.18,399.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:403.41,412.4 4 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:417.61,422.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:425.83,426.42 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:429.2,429.25 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:426.42,428.3 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:435.78,436.41 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:436.41,437.24 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:440.3,440.70 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:437.24,439.4 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:445.39,448.2 1 0 +github.com/wso2/apk/common-controller/internal/operator/controller/ratelimitpolicy_controller.go:451.96,455.2 1 0 diff --git a/common-controller/go.mod b/common-controller/go.mod index 972a652e9a..41f019e426 100644 --- a/common-controller/go.mod +++ b/common-controller/go.mod @@ -18,6 +18,7 @@ require ( github.com/pelletier/go-toml v1.8.1 github.com/redis/go-redis/v9 v9.2.1 github.com/wso2/apk/adapter v0.0.0-20230811031118-fa0d1ec8848c + golang.org/x/exp v0.0.0-20230801115018-d63ba01acd4b google.golang.org/grpc v1.57.0 ) @@ -86,7 +87,6 @@ require ( go.uber.org/atomic v1.7.0 // indirect go.uber.org/multierr v1.6.0 // indirect go.uber.org/zap v1.24.0 // indirect - golang.org/x/exp v0.0.0-20230801115018-d63ba01acd4b golang.org/x/net v0.10.0 // indirect golang.org/x/oauth2 v0.7.0 // indirect golang.org/x/sys v0.8.0 // indirect diff --git a/common-controller/internal/cache/datastore.go b/common-controller/internal/cache/datastore.go index 0a05be97a7..250617ea5f 100644 --- a/common-controller/internal/cache/datastore.go +++ b/common-controller/internal/cache/datastore.go @@ -21,14 +21,14 @@ import ( "sync" logger "github.com/sirupsen/logrus" - dpv1alpha1 "github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1" + dpv1alpha1 "github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1" "k8s.io/apimachinery/pkg/types" "sigs.k8s.io/controller-runtime/pkg/client" ) // RatelimitDataStore is a cache for rate limit policies. type RatelimitDataStore struct { - resolveRatelimitStore map[types.NamespacedName]*dpv1alpha1.ResolveRateLimitAPIPolicy + resolveRatelimitStore map[types.NamespacedName][]dpv1alpha1.ResolveRateLimitAPIPolicy customRatelimitStore map[types.NamespacedName]*dpv1alpha1.CustomRateLimitPolicyDef mu sync.Mutex } @@ -36,18 +36,18 @@ type RatelimitDataStore struct { // CreateNewOperatorDataStore creates a new RatelimitDataStore. func CreateNewOperatorDataStore() *RatelimitDataStore { return &RatelimitDataStore{ - resolveRatelimitStore: map[types.NamespacedName]*dpv1alpha1.ResolveRateLimitAPIPolicy{}, + resolveRatelimitStore: map[types.NamespacedName][]dpv1alpha1.ResolveRateLimitAPIPolicy{}, customRatelimitStore: map[types.NamespacedName]*dpv1alpha1.CustomRateLimitPolicyDef{}, } } // AddorUpdateResolveRatelimitToStore adds a new ratelimit to the RatelimitDataStore. func (ods *RatelimitDataStore) AddorUpdateResolveRatelimitToStore(rateLimit types.NamespacedName, - resolveRatelimit dpv1alpha1.ResolveRateLimitAPIPolicy) { + resolveRatelimitPolicyList []dpv1alpha1.ResolveRateLimitAPIPolicy) { ods.mu.Lock() defer ods.mu.Unlock() logger.Debug("Adding/Updating ratelimit to cache") - ods.resolveRatelimitStore[rateLimit] = &resolveRatelimit + ods.resolveRatelimitStore[rateLimit] = resolveRatelimitPolicyList } // AddorUpdateCustomRatelimitToStore adds a new ratelimit to the RatelimitDataStore. @@ -60,11 +60,11 @@ func (ods *RatelimitDataStore) AddorUpdateCustomRatelimitToStore(rateLimit types } // GetResolveRatelimitPolicy get cached ratelimit -func (ods *RatelimitDataStore) GetResolveRatelimitPolicy(rateLimit types.NamespacedName) (dpv1alpha1.ResolveRateLimitAPIPolicy, bool) { - var rateLimitPolicy dpv1alpha1.ResolveRateLimitAPIPolicy +func (ods *RatelimitDataStore) GetResolveRatelimitPolicy(rateLimit types.NamespacedName) ([]dpv1alpha1.ResolveRateLimitAPIPolicy, bool) { + var rateLimitPolicy []dpv1alpha1.ResolveRateLimitAPIPolicy if cachedRatelimit, found := ods.resolveRatelimitStore[rateLimit]; found { logger.Debug("Found cached ratelimit") - return *cachedRatelimit, true + return cachedRatelimit, true } return rateLimitPolicy, false } diff --git a/common-controller/internal/config/default_config.go b/common-controller/internal/config/default_config.go index 64ef5f510c..58bf768ea8 100644 --- a/common-controller/internal/config/default_config.go +++ b/common-controller/internal/config/default_config.go @@ -33,5 +33,6 @@ var defaultConfig = &Config{ Truststore: truststore{ Location: "/home/wso2/security/truststore", }, + Environment: "Default", }, } diff --git a/common-controller/internal/config/types.go b/common-controller/internal/config/types.go index 6e131d5abc..c945565c51 100644 --- a/common-controller/internal/config/types.go +++ b/common-controller/internal/config/types.go @@ -43,6 +43,7 @@ type commoncontroller struct { Redis redis Sts sts WebServer webServer + Environment string } type keystore struct { diff --git a/common-controller/internal/operator/PROJECT b/common-controller/internal/operator/PROJECT index d415d08d62..67793a4ef7 100644 --- a/common-controller/internal/operator/PROJECT +++ b/common-controller/internal/operator/PROJECT @@ -5,8 +5,9 @@ domain: wso2.com layout: - go.kubebuilder.io/v4 +multigroup: true projectName: operator -repo: github.com/wso2/apk/common-controller +repo: github.com/wso2/apk/common-controller/internal/operator resources: - api: crdVersion: v1 @@ -15,6 +16,30 @@ resources: domain: wso2.com group: dp kind: RateLimitPolicy - path: github.com/wso2/apk/common-controller/api/dp/v1alpha1 + path: github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1 version: v1alpha1 +- api: + crdVersion: v1 + namespaced: true + domain: wso2.com + group: dp + kind: API + path: github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2 + version: v1alpha2 + webhooks: + conversion: true + defaulting: true + validation: true + webhookVersion: v1 +- api: + crdVersion: v1 + namespaced: true + domain: wso2.com + group: dp + kind: API + path: github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1 + version: v1alpha1 + webhooks: + conversion: true + webhookVersion: v1 version: "3" diff --git a/common-controller/internal/operator/apis/cp/.gitKeep b/common-controller/internal/operator/api/cp/.gitKeep similarity index 100% rename from common-controller/internal/operator/apis/cp/.gitKeep rename to common-controller/internal/operator/api/cp/.gitKeep diff --git a/common-controller/internal/operator/api/dp/v1alpha1/api_conversion.go b/common-controller/internal/operator/api/dp/v1alpha1/api_conversion.go new file mode 100644 index 0000000000..3d794fc087 --- /dev/null +++ b/common-controller/internal/operator/api/dp/v1alpha1/api_conversion.go @@ -0,0 +1,111 @@ +/* + * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +package v1alpha1 + +import ( + "github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2" + "sigs.k8s.io/controller-runtime/pkg/conversion" +) + +// ConvertTo converts this API CR to the Hub version (v1alpha2). +// src is v1alpha1.API and dst is v1alpha2.API. +func (src *API) ConvertTo(dstRaw conversion.Hub) error { + + dst := dstRaw.(*v1alpha2.API) + dst.ObjectMeta = src.ObjectMeta + + // Spec + dst.Spec.APIName = src.Spec.APIName + dst.Spec.APIVersion = src.Spec.APIVersion + dst.Spec.IsDefaultVersion = src.Spec.IsDefaultVersion + dst.Spec.DefinitionFileRef = src.Spec.DefinitionFileRef + dst.Spec.DefinitionPath = src.Spec.DefinitionPath + dst.Spec.APIType = src.Spec.APIType + dst.Spec.BasePath = src.Spec.BasePath + dst.Spec.Organization = src.Spec.Organization + dst.Spec.SystemAPI = src.Spec.SystemAPI + + // Convert []Property to []v1alpha2.Property + var properties []v1alpha2.Property + for _, p := range src.Spec.APIProperties { + properties = append(properties, v1alpha2.Property(p)) + } + dst.Spec.APIProperties = properties + + // Convert []EnvConfig to []v1alpha2.EnvConfig + var production []v1alpha2.EnvConfig + for _, p := range src.Spec.Production { + production = append(production, v1alpha2.EnvConfig(p)) + } + dst.Spec.Production = production + + var sandbox []v1alpha2.EnvConfig + for _, s := range src.Spec.Sandbox { + sandbox = append(sandbox, v1alpha2.EnvConfig(s)) + } + dst.Spec.Sandbox = sandbox + + // Status + dst.Status.DeploymentStatus = v1alpha2.DeploymentStatus(src.Status.DeploymentStatus) + + return nil +} + +// ConvertFrom converts from the Hub version (v1alpha2) to this version. +// src is v1alpha1.API and dst is v1alpha2.API. +func (src *API) ConvertFrom(srcRaw conversion.Hub) error { + + dst := srcRaw.(*v1alpha2.API) + src.ObjectMeta = dst.ObjectMeta + + // Spec + src.Spec.APIName = dst.Spec.APIName + src.Spec.APIVersion = dst.Spec.APIVersion + src.Spec.IsDefaultVersion = dst.Spec.IsDefaultVersion + src.Spec.DefinitionFileRef = dst.Spec.DefinitionFileRef + src.Spec.DefinitionPath = dst.Spec.DefinitionPath + src.Spec.APIType = dst.Spec.APIType + src.Spec.BasePath = dst.Spec.BasePath + src.Spec.Organization = dst.Spec.Organization + src.Spec.SystemAPI = dst.Spec.SystemAPI + + // Convert []Property to []v1alpha1.Property + var properties []Property + for _, p := range dst.Spec.APIProperties { + properties = append(properties, Property(p)) + } + src.Spec.APIProperties = properties + + // Convert []EnvConfig to []v1alpha1.EnvConfig + var production []EnvConfig + for _, p := range dst.Spec.Production { + production = append(production, EnvConfig(p)) + } + src.Spec.Production = production + + var sandbox []EnvConfig + for _, s := range dst.Spec.Sandbox { + sandbox = append(sandbox, EnvConfig(s)) + } + src.Spec.Sandbox = sandbox + + // Status + src.Status.DeploymentStatus = DeploymentStatus(dst.Status.DeploymentStatus) + + return nil +} diff --git a/common-controller/internal/operator/apis/dp/v1alpha1/api_types.go b/common-controller/internal/operator/api/dp/v1alpha1/api_types.go similarity index 100% rename from common-controller/internal/operator/apis/dp/v1alpha1/api_types.go rename to common-controller/internal/operator/api/dp/v1alpha1/api_types.go diff --git a/common-controller/internal/operator/api/dp/v1alpha1/api_webhook.go b/common-controller/internal/operator/api/dp/v1alpha1/api_webhook.go new file mode 100644 index 0000000000..67c0fc54e2 --- /dev/null +++ b/common-controller/internal/operator/api/dp/v1alpha1/api_webhook.go @@ -0,0 +1,29 @@ +/* + * Copyright (c) 2022, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +package v1alpha1 + +import ( + ctrl "sigs.k8s.io/controller-runtime" +) + +// SetupWebhookWithManager creates a new webhook builder for API +func (r *API) SetupWebhookWithManager(mgr ctrl.Manager) error { + return ctrl.NewWebhookManagedBy(mgr). + For(r). + Complete() +} diff --git a/common-controller/internal/operator/apis/dp/v1alpha1/apipolicy_types.go b/common-controller/internal/operator/api/dp/v1alpha1/apipolicy_types.go similarity index 100% rename from common-controller/internal/operator/apis/dp/v1alpha1/apipolicy_types.go rename to common-controller/internal/operator/api/dp/v1alpha1/apipolicy_types.go diff --git a/common-controller/internal/operator/apis/dp/v1alpha1/apipolicy_webhook.go b/common-controller/internal/operator/api/dp/v1alpha1/apipolicy_webhook.go similarity index 100% rename from common-controller/internal/operator/apis/dp/v1alpha1/apipolicy_webhook.go rename to common-controller/internal/operator/api/dp/v1alpha1/apipolicy_webhook.go diff --git a/common-controller/internal/operator/apis/dp/v1alpha1/backend_types.go b/common-controller/internal/operator/api/dp/v1alpha1/backend_types.go similarity index 100% rename from common-controller/internal/operator/apis/dp/v1alpha1/backend_types.go rename to common-controller/internal/operator/api/dp/v1alpha1/backend_types.go diff --git a/common-controller/internal/operator/apis/dp/v1alpha1/backend_webhook.go b/common-controller/internal/operator/api/dp/v1alpha1/backend_webhook.go similarity index 100% rename from common-controller/internal/operator/apis/dp/v1alpha1/backend_webhook.go rename to common-controller/internal/operator/api/dp/v1alpha1/backend_webhook.go diff --git a/common-controller/internal/operator/apis/dp/v1alpha1/backendjwt_types.go b/common-controller/internal/operator/api/dp/v1alpha1/backendjwt_types.go similarity index 100% rename from common-controller/internal/operator/apis/dp/v1alpha1/backendjwt_types.go rename to common-controller/internal/operator/api/dp/v1alpha1/backendjwt_types.go diff --git a/common-controller/internal/operator/apis/dp/v1alpha1/backendjwt_webhook.go b/common-controller/internal/operator/api/dp/v1alpha1/backendjwt_webhook.go similarity index 100% rename from common-controller/internal/operator/apis/dp/v1alpha1/backendjwt_webhook.go rename to common-controller/internal/operator/api/dp/v1alpha1/backendjwt_webhook.go diff --git a/common-controller/internal/operator/apis/dp/v1alpha1/custom_ratelimit_policy.go b/common-controller/internal/operator/api/dp/v1alpha1/custom_ratelimit_policy.go similarity index 100% rename from common-controller/internal/operator/apis/dp/v1alpha1/custom_ratelimit_policy.go rename to common-controller/internal/operator/api/dp/v1alpha1/custom_ratelimit_policy.go diff --git a/common-controller/internal/operator/apis/dp/v1alpha1/groupversion_info.go b/common-controller/internal/operator/api/dp/v1alpha1/groupversion_info.go similarity index 100% rename from common-controller/internal/operator/apis/dp/v1alpha1/groupversion_info.go rename to common-controller/internal/operator/api/dp/v1alpha1/groupversion_info.go diff --git a/common-controller/internal/operator/apis/dp/v1alpha1/interceptorservice_types.go b/common-controller/internal/operator/api/dp/v1alpha1/interceptorservice_types.go similarity index 100% rename from common-controller/internal/operator/apis/dp/v1alpha1/interceptorservice_types.go rename to common-controller/internal/operator/api/dp/v1alpha1/interceptorservice_types.go diff --git a/common-controller/internal/operator/apis/dp/v1alpha1/interceptorservice_webhook.go b/common-controller/internal/operator/api/dp/v1alpha1/interceptorservice_webhook.go similarity index 100% rename from common-controller/internal/operator/apis/dp/v1alpha1/interceptorservice_webhook.go rename to common-controller/internal/operator/api/dp/v1alpha1/interceptorservice_webhook.go diff --git a/common-controller/internal/operator/apis/dp/v1alpha1/ratelimitpolicy_types.go b/common-controller/internal/operator/api/dp/v1alpha1/ratelimitpolicy_types.go similarity index 100% rename from common-controller/internal/operator/apis/dp/v1alpha1/ratelimitpolicy_types.go rename to common-controller/internal/operator/api/dp/v1alpha1/ratelimitpolicy_types.go diff --git a/common-controller/internal/operator/apis/dp/v1alpha1/ratelimitpolicy_webhook.go b/common-controller/internal/operator/api/dp/v1alpha1/ratelimitpolicy_webhook.go similarity index 100% rename from common-controller/internal/operator/apis/dp/v1alpha1/ratelimitpolicy_webhook.go rename to common-controller/internal/operator/api/dp/v1alpha1/ratelimitpolicy_webhook.go diff --git a/common-controller/internal/operator/apis/dp/v1alpha1/resolveRatelimit.go b/common-controller/internal/operator/api/dp/v1alpha1/resolveRatelimit.go similarity index 96% rename from common-controller/internal/operator/apis/dp/v1alpha1/resolveRatelimit.go rename to common-controller/internal/operator/api/dp/v1alpha1/resolveRatelimit.go index bb8c319beb..e3787acc0e 100644 --- a/common-controller/internal/operator/apis/dp/v1alpha1/resolveRatelimit.go +++ b/common-controller/internal/operator/api/dp/v1alpha1/resolveRatelimit.go @@ -24,9 +24,9 @@ type ResolveRateLimitAPIPolicy struct { API ResolveRateLimit `json:"api,omitempty"` Resources []ResolveResource `json:"resourceList,omitempty"` Organization string `json:"organization,omitempty"` - Vhost []string `json:"vhost,omitempty"` BasePath string `json:"basePath,omitempty"` UUID string `json:"uuid,omitempty"` + Environment string `json:"environment,omitempty"` } // ResolveRateLimit is the rate limit value for the applied policy diff --git a/common-controller/internal/operator/apis/dp/v1alpha1/webhook_suite_test.go b/common-controller/internal/operator/api/dp/v1alpha1/webhook_suite_test.go similarity index 100% rename from common-controller/internal/operator/apis/dp/v1alpha1/webhook_suite_test.go rename to common-controller/internal/operator/api/dp/v1alpha1/webhook_suite_test.go diff --git a/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go b/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go similarity index 99% rename from common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go rename to common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go index f71f263473..9fc6c57686 100644 --- a/common-controller/internal/operator/apis/dp/v1alpha1/zz_generated.deepcopy.go +++ b/common-controller/internal/operator/api/dp/v1alpha1/zz_generated.deepcopy.go @@ -997,11 +997,6 @@ func (in *ResolveRateLimitAPIPolicy) DeepCopyInto(out *ResolveRateLimitAPIPolicy *out = make([]ResolveResource, len(*in)) copy(*out, *in) } - if in.Vhost != nil { - in, out := &in.Vhost, &out.Vhost - *out = make([]string, len(*in)) - copy(*out, *in) - } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResolveRateLimitAPIPolicy. diff --git a/common-controller/internal/operator/api/dp/v1alpha2/api_conversion.go b/common-controller/internal/operator/api/dp/v1alpha2/api_conversion.go new file mode 100644 index 0000000000..5a1953e138 --- /dev/null +++ b/common-controller/internal/operator/api/dp/v1alpha2/api_conversion.go @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +package v1alpha2 + +// Hub marks this type as a conversion hub. +func (*API) Hub() {} diff --git a/common-controller/internal/operator/api/dp/v1alpha2/api_types.go b/common-controller/internal/operator/api/dp/v1alpha2/api_types.go new file mode 100644 index 0000000000..9d21a2f04b --- /dev/null +++ b/common-controller/internal/operator/api/dp/v1alpha2/api_types.go @@ -0,0 +1,202 @@ +/* + * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +package v1alpha2 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! +// NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized. + +// APISpec defines the desired state of API +type APISpec struct { + + // APIName is the unique name of the API + //can be used to uniquely identify an API. + // + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=60 + // +kubebuilder:validation:Pattern="^[^~!@#;:%^*()+={}|\\<>\"'',&$\\[\\]\\/]*$" + APIName string `json:"apiName"` + + // APIVersion is the version number of the API. + // + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=30 + // +kubebuilder:validation:Pattern="^[^~!@#;:%^*()+={}|\\<>\"'',&/$\\[\\]\\s+\\/]+$" + APIVersion string `json:"apiVersion"` + + // IsDefaultVersion indicates whether this API version should be used as a default API + // + // +optional + IsDefaultVersion bool `json:"isDefaultVersion"` + + // DefinitionFileRef contains the OpenAPI 3 or Swagger + // definition of the API in a ConfigMap. + // + // +optional + DefinitionFileRef string `json:"definitionFileRef"` + + // DefinitionPath contains the path to expose the API definition. + // + // +kubebuilder:default:=/api-definition + // +kubebuilder:validation:MinLength=1 + DefinitionPath string `json:"definitionPath"` + + // Production contains a list of references to HttpRoutes + // of type HttpRoute. + // xref: https://github.com/kubernetes-sigs/gateway-api/blob/main/apis/v1beta1/httproute_types.go + // + // + // +optional + // +nullable + // +kubebuilder:validation:MaxItems=1 + Production []EnvConfig `json:"production"` + + // Sandbox contains a list of references to HttpRoutes + // of type HttpRoute. + // xref: https://github.com/kubernetes-sigs/gateway-api/blob/main/apis/v1beta1/httproute_types.go + // + // + // +optional + // +nullable + // +kubebuilder:validation:MaxItems=1 + Sandbox []EnvConfig `json:"sandbox"` + + // APIType denotes the type of the API. + // Possible values could be REST, GraphQL, Async + // + // +kubebuilder:validation:Enum=REST + APIType string `json:"apiType"` + + // BasePath denotes the basepath of the API. + // e.g: /pet-store-api/1.0.6 + // + // +kubectl:validation:MaxLength=232 + // +kubebuilder:validation:Pattern=^[/][a-zA-Z0-9~/_.-]*$ + BasePath string `json:"basePath"` + + // Organization denotes the organization. + // related to the API + // + // +optional + Organization string `json:"organization"` + + // SystemAPI denotes if it is an internal system API. + // + // +optional + SystemAPI bool `json:"systemAPI"` + + // APIProperties denotes the custom properties of the API. + // + // +optional + // +nullable + APIProperties []Property `json:"apiProperties,omitempty"` + + // Environment denotes the environment of the API. + // + // +optional + // +nullable + Environment string `json:"environment,omitempty"` +} + +// Property holds key value pair of APIProperties +type Property struct { + Name string `json:"name,omitempty"` + Value string `json:"value,omitempty"` +} + +// EnvConfig contains the environment specific configuration +type EnvConfig struct { + // HTTPRouteRefs denotes the environment of the API. + HTTPRouteRefs []string `json:"httpRouteRefs"` +} + +// APIStatus defines the observed state of API +type APIStatus struct { + // DeploymentStatus denotes the deployment status of the API + // + // +optional + DeploymentStatus DeploymentStatus `json:"deploymentStatus"` +} + +// DeploymentStatus contains the status of the API deployment +type DeploymentStatus struct { + + // Status denotes the state of the API in its lifecycle. + // Possible values could be Accepted, Invalid, Deploy etc. + // + // + Status string `json:"status"` + + // Message represents a user friendly message that explains the + // current state of the API. + // + // + // +optional + Message string `json:"message"` + + // Accepted represents whether the API is accepted or not. + // + // + Accepted bool `json:"accepted"` + + // TransitionTime represents the last known transition timestamp. + // + // + TransitionTime *metav1.Time `json:"transitionTime"` + + // Events contains a list of events related to the API. + // + // + // +optional + Events []string `json:"events,omitempty"` +} + +// +genclient +//+kubebuilder:object:root=true +//+kubebuilder:subresource:status +//+kubebuilder:storageversion +//+kubebuilder:printcolumn:name="API Name",type="string",JSONPath=".spec.apiName" +//+kubebuilder:printcolumn:name="Version",type="string",JSONPath=".spec.apiVersion" +//+kubebuilder:printcolumn:name="BasePath",type="string",JSONPath=".spec.basePath" +//+kubebuilder:printcolumn:name="Organization",type="string",JSONPath=".spec.organization" +//+kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp" + +// API is the Schema for the apis API +type API struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + Spec APISpec `json:"spec,omitempty"` + Status APIStatus `json:"status,omitempty"` +} + +//+kubebuilder:object:root=true + +// APIList contains a list of API +type APIList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + Items []API `json:"items"` +} + +func init() { + SchemeBuilder.Register(&API{}, &APIList{}) +} diff --git a/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go b/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go similarity index 92% rename from common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go rename to common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go index d69b11c7ac..c2f297bbcd 100644 --- a/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook.go +++ b/common-controller/internal/operator/api/dp/v1alpha2/api_webhook.go @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. + * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -15,7 +15,7 @@ * */ -package v1alpha1 +package v1alpha2 import ( "context" @@ -26,6 +26,7 @@ import ( "github.com/wso2/apk/adapter/pkg/logging" "github.com/wso2/apk/common-controller/internal/config" "github.com/wso2/apk/common-controller/internal/loggers" + "github.com/wso2/apk/common-controller/internal/operator/utils" "golang.org/x/exp/slices" apierrors "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/runtime" @@ -42,6 +43,7 @@ var c client.Client // SetupWebhookWithManager creates a new webhook builder for API func (r *API) SetupWebhookWithManager(mgr ctrl.Manager) error { + c = mgr.GetClient() return ctrl.NewWebhookManagedBy(mgr). For(r). @@ -50,17 +52,17 @@ func (r *API) SetupWebhookWithManager(mgr ctrl.Manager) error { // TODO(user): EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! -//+kubebuilder:webhook:path=/mutate-dp-wso2-com-v1alpha1-api,mutating=true,failurePolicy=fail,sideEffects=None,groups=dp.wso2.com,resources=apis,verbs=create;update,versions=v1alpha1,name=mapi.kb.io,admissionReviewVersions=v1 +//+kubebuilder:webhook:path=/mutate-dp-wso2-com-v1alpha2-api,mutating=true,failurePolicy=fail,sideEffects=None,groups=dp.wso2.com,resources=apis,verbs=create;update,versions=v1alpha2,name=mapi.kb.io,admissionReviewVersions=v1 var _ webhook.Defaulter = &API{} // Default implements webhook.Defaulter so a webhook will be registered for the type func (r *API) Default() { - // TODO: Add any defaulting logic here + // TODO(user): fill in your defaulting logic. } // TODO(user): change verbs to "verbs=create;update;delete" if you want to enable deletion validation. -//+kubebuilder:webhook:path=/validate-dp-wso2-com-v1alpha1-api,mutating=false,failurePolicy=fail,sideEffects=None,groups=dp.wso2.com,resources=apis,verbs=create;update,versions=v1alpha1,name=vapi.kb.io,admissionReviewVersions=v1 +//+kubebuilder:webhook:path=/validate-dp-wso2-com-v1alpha2-api,mutating=false,failurePolicy=fail,sideEffects=None,groups=dp.wso2.com,resources=apis,verbs=create;update,versions=v1alpha2,name=vapi.kb.io,admissionReviewVersions=v1 var _ webhook.Validator = &API{} @@ -83,6 +85,7 @@ func (r *API) ValidateDelete() (admission.Warnings, error) { // validateAPI validate api crd fields func (r *API) validateAPI() error { + var allErrs field.ErrorList conf := config.ReadConfigs() namespaces := conf.CommonController.Operator.Namespaces @@ -134,6 +137,7 @@ func (r *API) validateAPI() error { schema.GroupKind{Group: "dp.wso2.com", Kind: "API"}, r.Name, allErrs) } + return nil } @@ -155,10 +159,14 @@ func (r *API) validateAPIBasePathExistsAndDefaultVersion() *field.Error { } currentAPIBasePathWithoutVersion := getBasePathWithoutVersion(r.Spec.BasePath) + incomingAPIEnvironment := utils.GetEnvironment(r.Spec.Environment) for _, api := range apiList { if (types.NamespacedName{Namespace: r.Namespace, Name: r.Name} != types.NamespacedName{Namespace: api.Namespace, Name: api.Name}) { - if api.Spec.Organization == r.Spec.Organization && api.Spec.BasePath == r.Spec.BasePath { + + existingAPIEnvironment := utils.GetEnvironment(api.Spec.Environment) + if api.Spec.Organization == r.Spec.Organization && api.Spec.BasePath == r.Spec.BasePath && + incomingAPIEnvironment == existingAPIEnvironment { return &field.Error{ Type: field.ErrorTypeDuplicate, Field: field.NewPath("spec").Child("basePath").String(), diff --git a/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook_test.go b/common-controller/internal/operator/api/dp/v1alpha2/api_webhook_test.go similarity index 93% rename from common-controller/internal/operator/apis/dp/v1alpha1/api_webhook_test.go rename to common-controller/internal/operator/api/dp/v1alpha2/api_webhook_test.go index 3239579417..a994829ee7 100644 --- a/common-controller/internal/operator/apis/dp/v1alpha1/api_webhook_test.go +++ b/common-controller/internal/operator/api/dp/v1alpha2/api_webhook_test.go @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. + * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -15,7 +15,7 @@ * */ -package v1alpha1 +package v1alpha2 import ( "testing" diff --git a/common-controller/internal/operator/api/dp/v1alpha2/groupversion_info.go b/common-controller/internal/operator/api/dp/v1alpha2/groupversion_info.go new file mode 100644 index 0000000000..5ee8176785 --- /dev/null +++ b/common-controller/internal/operator/api/dp/v1alpha2/groupversion_info.go @@ -0,0 +1,37 @@ +/* + * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +// Package v1alpha2 contains API Schema definitions for the dp v1alpha2 API group +// +kubebuilder:object:generate=true +// +groupName=dp.wso2.com +package v1alpha2 + +import ( + "k8s.io/apimachinery/pkg/runtime/schema" + "sigs.k8s.io/controller-runtime/pkg/scheme" +) + +var ( + // GroupVersion is group version used to register these objects + GroupVersion = schema.GroupVersion{Group: "dp.wso2.com", Version: "v1alpha2"} + + // SchemeBuilder is used to add go types to the GroupVersionKind scheme + SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} + + // AddToScheme adds the types in this group-version to the given scheme. + AddToScheme = SchemeBuilder.AddToScheme +) diff --git a/common-controller/internal/operator/api/dp/v1alpha2/webhook_suite_test.go b/common-controller/internal/operator/api/dp/v1alpha2/webhook_suite_test.go new file mode 100644 index 0000000000..a06710c0ce --- /dev/null +++ b/common-controller/internal/operator/api/dp/v1alpha2/webhook_suite_test.go @@ -0,0 +1,133 @@ +/* + * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +package v1alpha2 + +import ( + "context" + "crypto/tls" + "fmt" + "net" + "path/filepath" + "testing" + "time" + + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" + + admissionv1 "k8s.io/api/admission/v1" + //+kubebuilder:scaffold:imports + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/client-go/rest" + ctrl "sigs.k8s.io/controller-runtime" + "sigs.k8s.io/controller-runtime/pkg/client" + "sigs.k8s.io/controller-runtime/pkg/envtest" + logf "sigs.k8s.io/controller-runtime/pkg/log" + "sigs.k8s.io/controller-runtime/pkg/log/zap" +) + +// These tests use Ginkgo (BDD-style Go testing framework). Refer to +// http://onsi.github.io/ginkgo/ to learn more about Ginkgo. + +var cfg *rest.Config +var k8sClient client.Client +var testEnv *envtest.Environment +var ctx context.Context +var cancel context.CancelFunc + +func TestAPIs(t *testing.T) { + RegisterFailHandler(Fail) + + RunSpecs(t, "Webhook Suite") +} + +var _ = BeforeSuite(func() { + logf.SetLogger(zap.New(zap.WriteTo(GinkgoWriter), zap.UseDevMode(true))) + + ctx, cancel = context.WithCancel(context.TODO()) + + By("bootstrapping test environment") + testEnv = &envtest.Environment{ + CRDDirectoryPaths: []string{filepath.Join("..", "..", "..", "config", "crd", "bases")}, + ErrorIfCRDPathMissing: false, + WebhookInstallOptions: envtest.WebhookInstallOptions{ + Paths: []string{filepath.Join("..", "..", "..", "config", "webhook")}, + }, + } + + var err error + // cfg is defined in this file globally. + cfg, err = testEnv.Start() + Expect(err).NotTo(HaveOccurred()) + Expect(cfg).NotTo(BeNil()) + + scheme := runtime.NewScheme() + err = AddToScheme(scheme) + Expect(err).NotTo(HaveOccurred()) + + err = admissionv1.AddToScheme(scheme) + Expect(err).NotTo(HaveOccurred()) + + //+kubebuilder:scaffold:scheme + + k8sClient, err = client.New(cfg, client.Options{Scheme: scheme}) + Expect(err).NotTo(HaveOccurred()) + Expect(k8sClient).NotTo(BeNil()) + + // start webhook server using Manager + webhookInstallOptions := &testEnv.WebhookInstallOptions + mgr, err := ctrl.NewManager(cfg, ctrl.Options{ + Scheme: scheme, + Host: webhookInstallOptions.LocalServingHost, + Port: webhookInstallOptions.LocalServingPort, + CertDir: webhookInstallOptions.LocalServingCertDir, + LeaderElection: false, + MetricsBindAddress: "0", + }) + Expect(err).NotTo(HaveOccurred()) + + err = (&API{}).SetupWebhookWithManager(mgr) + Expect(err).NotTo(HaveOccurred()) + + //+kubebuilder:scaffold:webhook + + go func() { + defer GinkgoRecover() + err = mgr.Start(ctx) + Expect(err).NotTo(HaveOccurred()) + }() + + // wait for the webhook server to get ready + dialer := &net.Dialer{Timeout: time.Second} + addrPort := fmt.Sprintf("%s:%d", webhookInstallOptions.LocalServingHost, webhookInstallOptions.LocalServingPort) + Eventually(func() error { + conn, err := tls.DialWithDialer(dialer, "tcp", addrPort, &tls.Config{InsecureSkipVerify: true}) + if err != nil { + return err + } + conn.Close() + return nil + }).Should(Succeed()) + +}) + +var _ = AfterSuite(func() { + cancel() + By("tearing down the test environment") + err := testEnv.Stop() + Expect(err).NotTo(HaveOccurred()) +}) diff --git a/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go b/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go new file mode 100644 index 0000000000..c36ab0a966 --- /dev/null +++ b/common-controller/internal/operator/api/dp/v1alpha2/zz_generated.deepcopy.go @@ -0,0 +1,195 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +/* + * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +// Code generated by controller-gen. DO NOT EDIT. + +package v1alpha2 + +import ( + "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *API) DeepCopyInto(out *API) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new API. +func (in *API) DeepCopy() *API { + if in == nil { + return nil + } + out := new(API) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *API) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *APIList) DeepCopyInto(out *APIList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]API, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIList. +func (in *APIList) DeepCopy() *APIList { + if in == nil { + return nil + } + out := new(APIList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *APIList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *APISpec) DeepCopyInto(out *APISpec) { + *out = *in + if in.Production != nil { + in, out := &in.Production, &out.Production + *out = make([]EnvConfig, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Sandbox != nil { + in, out := &in.Sandbox, &out.Sandbox + *out = make([]EnvConfig, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.APIProperties != nil { + in, out := &in.APIProperties, &out.APIProperties + *out = make([]Property, len(*in)) + copy(*out, *in) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APISpec. +func (in *APISpec) DeepCopy() *APISpec { + if in == nil { + return nil + } + out := new(APISpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *APIStatus) DeepCopyInto(out *APIStatus) { + *out = *in + in.DeploymentStatus.DeepCopyInto(&out.DeploymentStatus) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIStatus. +func (in *APIStatus) DeepCopy() *APIStatus { + if in == nil { + return nil + } + out := new(APIStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DeploymentStatus) DeepCopyInto(out *DeploymentStatus) { + *out = *in + if in.TransitionTime != nil { + in, out := &in.TransitionTime, &out.TransitionTime + *out = (*in).DeepCopy() + } + if in.Events != nil { + in, out := &in.Events, &out.Events + *out = make([]string, len(*in)) + copy(*out, *in) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeploymentStatus. +func (in *DeploymentStatus) DeepCopy() *DeploymentStatus { + if in == nil { + return nil + } + out := new(DeploymentStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *EnvConfig) DeepCopyInto(out *EnvConfig) { + *out = *in + if in.HTTPRouteRefs != nil { + in, out := &in.HTTPRouteRefs, &out.HTTPRouteRefs + *out = make([]string, len(*in)) + copy(*out, *in) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvConfig. +func (in *EnvConfig) DeepCopy() *EnvConfig { + if in == nil { + return nil + } + out := new(EnvConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Property) DeepCopyInto(out *Property) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Property. +func (in *Property) DeepCopy() *Property { + if in == nil { + return nil + } + out := new(Property) + in.DeepCopyInto(out) + return out +} diff --git a/common-controller/internal/operator/config/certmanager/certificate.yaml b/common-controller/internal/operator/config/certmanager/certificate.yaml new file mode 100644 index 0000000000..293f9f5cb3 --- /dev/null +++ b/common-controller/internal/operator/config/certmanager/certificate.yaml @@ -0,0 +1,39 @@ +# The following manifests contain a self-signed issuer CR and a certificate CR. +# More document can be found at https://docs.cert-manager.io +# WARNING: Targets CertManager v1.0. Check https://cert-manager.io/docs/installation/upgrading/ for breaking changes. +apiVersion: cert-manager.io/v1 +kind: Issuer +metadata: + labels: + app.kubernetes.io/name: certificate + app.kubernetes.io/instance: serving-cert + app.kubernetes.io/component: certificate + app.kubernetes.io/created-by: operator + app.kubernetes.io/part-of: operator + app.kubernetes.io/managed-by: kustomize + name: selfsigned-issuer + namespace: system +spec: + selfSigned: {} +--- +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + labels: + app.kubernetes.io/name: certificate + app.kubernetes.io/instance: serving-cert + app.kubernetes.io/component: certificate + app.kubernetes.io/created-by: operator + app.kubernetes.io/part-of: operator + app.kubernetes.io/managed-by: kustomize + name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml + namespace: system +spec: + # SERVICE_NAME and SERVICE_NAMESPACE will be substituted by kustomize + dnsNames: + - SERVICE_NAME.SERVICE_NAMESPACE.svc + - SERVICE_NAME.SERVICE_NAMESPACE.svc.cluster.local + issuerRef: + kind: Issuer + name: selfsigned-issuer + secretName: webhook-server-cert # this secret will not be prefixed, since it's not managed by kustomize diff --git a/common-controller/internal/operator/config/certmanager/kustomization.yaml b/common-controller/internal/operator/config/certmanager/kustomization.yaml new file mode 100644 index 0000000000..bebea5a595 --- /dev/null +++ b/common-controller/internal/operator/config/certmanager/kustomization.yaml @@ -0,0 +1,5 @@ +resources: +- certificate.yaml + +configurations: +- kustomizeconfig.yaml diff --git a/common-controller/internal/operator/config/certmanager/kustomizeconfig.yaml b/common-controller/internal/operator/config/certmanager/kustomizeconfig.yaml new file mode 100644 index 0000000000..cf6f89e889 --- /dev/null +++ b/common-controller/internal/operator/config/certmanager/kustomizeconfig.yaml @@ -0,0 +1,8 @@ +# This configuration is for teaching kustomize how to update name ref substitution +nameReference: +- kind: Issuer + group: cert-manager.io + fieldSpecs: + - kind: Certificate + group: cert-manager.io + path: spec/issuerRef/name diff --git a/common-controller/internal/operator/config/crd/bases/dp.wso2.com_apis.yaml b/common-controller/internal/operator/config/crd/bases/dp.wso2.com_apis.yaml index 85e741a57d..55ab3158cd 100644 --- a/common-controller/internal/operator/config/crd/bases/dp.wso2.com_apis.yaml +++ b/common-controller/internal/operator/config/crd/bases/dp.wso2.com_apis.yaml @@ -183,6 +183,182 @@ spec: type: object type: object served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .spec.apiName + name: API Name + type: string + - jsonPath: .spec.apiVersion + name: Version + type: string + - jsonPath: .spec.basePath + name: BasePath + type: string + - jsonPath: .spec.organization + name: Organization + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha2 + schema: + openAPIV3Schema: + description: API is the Schema for the apis API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: APISpec defines the desired state of API + properties: + apiName: + description: APIName is the unique name of the API can be used to + uniquely identify an API. + maxLength: 60 + minLength: 1 + pattern: ^[^~!@#;:%^*()+={}|\<>"'',&$\[\]\/]*$ + type: string + apiProperties: + description: APIProperties denotes the custom properties of the API. + items: + description: Property holds key value pair of APIProperties + properties: + name: + type: string + value: + type: string + type: object + nullable: true + type: array + apiType: + description: APIType denotes the type of the API. Possible values + could be REST, GraphQL, Async + enum: + - REST + type: string + apiVersion: + description: APIVersion is the version number of the API. + maxLength: 30 + minLength: 1 + pattern: ^[^~!@#;:%^*()+={}|\<>"'',&/$\[\]\s+\/]+$ + type: string + basePath: + description: 'BasePath denotes the basepath of the API. e.g: /pet-store-api/1.0.6' + pattern: ^[/][a-zA-Z0-9~/_.-]*$ + type: string + definitionFileRef: + description: DefinitionFileRef contains the OpenAPI 3 or Swagger definition + of the API in a ConfigMap. + type: string + definitionPath: + default: /api-definition + description: DefinitionPath contains the path to expose the API definition. + minLength: 1 + type: string + environment: + description: Environment denotes the environment of the API. + nullable: true + type: string + isDefaultVersion: + description: IsDefaultVersion indicates whether this API version should + be used as a default API + type: boolean + organization: + description: Organization denotes the organization. related to the + API + type: string + production: + description: 'Production contains a list of references to HttpRoutes + of type HttpRoute. xref: https://github.com/kubernetes-sigs/gateway-api/blob/main/apis/v1beta1/httproute_types.go' + items: + description: EnvConfig contains the environment specific configuration + properties: + httpRouteRefs: + description: HTTPRouteRefs denotes the environment of the API. + items: + type: string + type: array + required: + - httpRouteRefs + type: object + maxItems: 1 + nullable: true + type: array + sandbox: + description: 'Sandbox contains a list of references to HttpRoutes + of type HttpRoute. xref: https://github.com/kubernetes-sigs/gateway-api/blob/main/apis/v1beta1/httproute_types.go' + items: + description: EnvConfig contains the environment specific configuration + properties: + httpRouteRefs: + description: HTTPRouteRefs denotes the environment of the API. + items: + type: string + type: array + required: + - httpRouteRefs + type: object + maxItems: 1 + nullable: true + type: array + systemAPI: + description: SystemAPI denotes if it is an internal system API. + type: boolean + required: + - apiName + - apiType + - apiVersion + - basePath + - definitionPath + type: object + status: + description: APIStatus defines the observed state of API + properties: + deploymentStatus: + description: DeploymentStatus denotes the deployment status of the + API + properties: + accepted: + description: Accepted represents whether the API is accepted or + not. + type: boolean + events: + description: Events contains a list of events related to the API. + items: + type: string + type: array + message: + description: Message represents a user friendly message that explains + the current state of the API. + type: string + status: + description: Status denotes the state of the API in its lifecycle. + Possible values could be Accepted, Invalid, Deploy etc. + type: string + transitionTime: + description: TransitionTime represents the last known transition + timestamp. + format: date-time + type: string + required: + - accepted + - status + - transitionTime + type: object + type: object + type: object + served: true storage: true subresources: status: {} diff --git a/common-controller/internal/operator/config/crd/kustomization.yaml b/common-controller/internal/operator/config/crd/kustomization.yaml index efe0fc6583..b274ccd2ea 100644 --- a/common-controller/internal/operator/config/crd/kustomization.yaml +++ b/common-controller/internal/operator/config/crd/kustomization.yaml @@ -3,17 +3,20 @@ # It should be run by config/default resources: - bases/dp.wso2.com_ratelimitpolicies.yaml +- bases/dp.wso2.com_apis.yaml #+kubebuilder:scaffold:crdkustomizeresource patches: # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix. # patches here are for enabling the conversion webhook for each CRD #- patches/webhook_in_ratelimitpolicies.yaml +#- path: patches/webhook_in_apis.yaml #+kubebuilder:scaffold:crdkustomizewebhookpatch # [CERTMANAGER] To enable cert-manager, uncomment all the sections with [CERTMANAGER] prefix. # patches here are for enabling the CA injection for each CRD #- patches/cainjection_in_ratelimitpolicies.yaml +#- path: patches/cainjection_in_apis.yaml #+kubebuilder:scaffold:crdkustomizecainjectionpatch # the following config is for teaching kustomize how to do kustomization for CRDs. diff --git a/common-controller/internal/operator/config/crd/patches/cainjection_in_dp_apis.yaml b/common-controller/internal/operator/config/crd/patches/cainjection_in_dp_apis.yaml new file mode 100644 index 0000000000..e64dc4f552 --- /dev/null +++ b/common-controller/internal/operator/config/crd/patches/cainjection_in_dp_apis.yaml @@ -0,0 +1,7 @@ +# The following patch adds a directive for certmanager to inject CA into the CRD +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME + name: apis.dp.wso2.com diff --git a/common-controller/internal/operator/config/crd/patches/webhook_in_dp_apis.yaml b/common-controller/internal/operator/config/crd/patches/webhook_in_dp_apis.yaml new file mode 100644 index 0000000000..ad0c609d56 --- /dev/null +++ b/common-controller/internal/operator/config/crd/patches/webhook_in_dp_apis.yaml @@ -0,0 +1,16 @@ +# The following patch enables a conversion webhook for the CRD +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: apis.dp.wso2.com +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + namespace: system + name: webhook-service + path: /convert + conversionReviewVersions: + - v1 diff --git a/common-controller/internal/operator/config/default/manager_webhook_patch.yaml b/common-controller/internal/operator/config/default/manager_webhook_patch.yaml new file mode 100644 index 0000000000..738de350b7 --- /dev/null +++ b/common-controller/internal/operator/config/default/manager_webhook_patch.yaml @@ -0,0 +1,23 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: controller-manager + namespace: system +spec: + template: + spec: + containers: + - name: manager + ports: + - containerPort: 9443 + name: webhook-server + protocol: TCP + volumeMounts: + - mountPath: /tmp/k8s-webhook-server/serving-certs + name: cert + readOnly: true + volumes: + - name: cert + secret: + defaultMode: 420 + secretName: webhook-server-cert diff --git a/common-controller/internal/operator/config/default/webhookcainjection_patch.yaml b/common-controller/internal/operator/config/default/webhookcainjection_patch.yaml new file mode 100644 index 0000000000..bf002d361a --- /dev/null +++ b/common-controller/internal/operator/config/default/webhookcainjection_patch.yaml @@ -0,0 +1,29 @@ +# This patch add annotation to admission webhook config and +# CERTIFICATE_NAMESPACE and CERTIFICATE_NAME will be substituted by kustomize +apiVersion: admissionregistration.k8s.io/v1 +kind: MutatingWebhookConfiguration +metadata: + labels: + app.kubernetes.io/name: mutatingwebhookconfiguration + app.kubernetes.io/instance: mutating-webhook-configuration + app.kubernetes.io/component: webhook + app.kubernetes.io/created-by: operator + app.kubernetes.io/part-of: operator + app.kubernetes.io/managed-by: kustomize + name: mutating-webhook-configuration + annotations: + cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration +metadata: + labels: + app.kubernetes.io/name: validatingwebhookconfiguration + app.kubernetes.io/instance: validating-webhook-configuration + app.kubernetes.io/component: webhook + app.kubernetes.io/created-by: operator + app.kubernetes.io/part-of: operator + app.kubernetes.io/managed-by: kustomize + name: validating-webhook-configuration + annotations: + cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME diff --git a/common-controller/internal/operator/config/rbac/dp_api_editor_role.yaml b/common-controller/internal/operator/config/rbac/dp_api_editor_role.yaml new file mode 100644 index 0000000000..2de3070c5b --- /dev/null +++ b/common-controller/internal/operator/config/rbac/dp_api_editor_role.yaml @@ -0,0 +1,31 @@ +# permissions for end users to edit apis. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/name: clusterrole + app.kubernetes.io/instance: api-editor-role + app.kubernetes.io/component: rbac + app.kubernetes.io/created-by: operator + app.kubernetes.io/part-of: operator + app.kubernetes.io/managed-by: kustomize + name: api-editor-role +rules: +- apiGroups: + - dp.wso2.com + resources: + - apis + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - dp.wso2.com + resources: + - apis/status + verbs: + - get diff --git a/common-controller/internal/operator/config/rbac/dp_api_viewer_role.yaml b/common-controller/internal/operator/config/rbac/dp_api_viewer_role.yaml new file mode 100644 index 0000000000..75e4c488a0 --- /dev/null +++ b/common-controller/internal/operator/config/rbac/dp_api_viewer_role.yaml @@ -0,0 +1,27 @@ +# permissions for end users to view apis. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/name: clusterrole + app.kubernetes.io/instance: api-viewer-role + app.kubernetes.io/component: rbac + app.kubernetes.io/created-by: operator + app.kubernetes.io/part-of: operator + app.kubernetes.io/managed-by: kustomize + name: api-viewer-role +rules: +- apiGroups: + - dp.wso2.com + resources: + - apis + verbs: + - get + - list + - watch +- apiGroups: + - dp.wso2.com + resources: + - apis/status + verbs: + - get diff --git a/common-controller/internal/operator/config/samples/dp_v1alpha2_api.yaml b/common-controller/internal/operator/config/samples/dp_v1alpha2_api.yaml new file mode 100644 index 0000000000..d7c9ebcb5e --- /dev/null +++ b/common-controller/internal/operator/config/samples/dp_v1alpha2_api.yaml @@ -0,0 +1,12 @@ +apiVersion: dp.wso2.com/v1alpha2 +kind: API +metadata: + labels: + app.kubernetes.io/name: api + app.kubernetes.io/instance: api-sample + app.kubernetes.io/part-of: operator + app.kubernetes.io/managed-by: kustomize + app.kubernetes.io/created-by: operator + name: api-sample +spec: + # TODO(user): Add fields here diff --git a/common-controller/internal/operator/config/samples/kustomization.yaml b/common-controller/internal/operator/config/samples/kustomization.yaml index 21aa5398a5..afdee71b46 100644 --- a/common-controller/internal/operator/config/samples/kustomization.yaml +++ b/common-controller/internal/operator/config/samples/kustomization.yaml @@ -1,4 +1,5 @@ ## Append samples of your project ## resources: - dp_v1alpha1_ratelimitpolicy.yaml +- dp_v1alpha2_api.yaml #+kubebuilder:scaffold:manifestskustomizesamples diff --git a/common-controller/internal/operator/config/webhook/kustomization.yaml b/common-controller/internal/operator/config/webhook/kustomization.yaml new file mode 100644 index 0000000000..9cf26134e4 --- /dev/null +++ b/common-controller/internal/operator/config/webhook/kustomization.yaml @@ -0,0 +1,6 @@ +resources: +- manifests.yaml +- service.yaml + +configurations: +- kustomizeconfig.yaml diff --git a/common-controller/internal/operator/config/webhook/kustomizeconfig.yaml b/common-controller/internal/operator/config/webhook/kustomizeconfig.yaml new file mode 100644 index 0000000000..206316e54f --- /dev/null +++ b/common-controller/internal/operator/config/webhook/kustomizeconfig.yaml @@ -0,0 +1,22 @@ +# the following config is for teaching kustomize where to look at when substituting nameReference. +# It requires kustomize v2.1.0 or newer to work properly. +nameReference: +- kind: Service + version: v1 + fieldSpecs: + - kind: MutatingWebhookConfiguration + group: admissionregistration.k8s.io + path: webhooks/clientConfig/service/name + - kind: ValidatingWebhookConfiguration + group: admissionregistration.k8s.io + path: webhooks/clientConfig/service/name + +namespace: +- kind: MutatingWebhookConfiguration + group: admissionregistration.k8s.io + path: webhooks/clientConfig/service/namespace + create: true +- kind: ValidatingWebhookConfiguration + group: admissionregistration.k8s.io + path: webhooks/clientConfig/service/namespace + create: true diff --git a/common-controller/internal/operator/config/webhook/manifests.yaml b/common-controller/internal/operator/config/webhook/manifests.yaml index fda9cdbc9b..f131a34203 100644 --- a/common-controller/internal/operator/config/webhook/manifests.yaml +++ b/common-controller/internal/operator/config/webhook/manifests.yaml @@ -10,14 +10,14 @@ webhooks: service: name: webhook-service namespace: system - path: /mutate-dp-wso2-com-v1alpha1-api + path: /mutate-dp-wso2-com-v1alpha2-api failurePolicy: Fail name: mapi.kb.io rules: - apiGroups: - dp.wso2.com apiVersions: - - v1alpha1 + - v1alpha2 operations: - CREATE - UPDATE @@ -136,14 +136,14 @@ webhooks: service: name: webhook-service namespace: system - path: /validate-dp-wso2-com-v1alpha1-api + path: /validate-dp-wso2-com-v1alpha2-api failurePolicy: Fail name: vapi.kb.io rules: - apiGroups: - dp.wso2.com apiVersions: - - v1alpha1 + - v1alpha2 operations: - CREATE - UPDATE diff --git a/common-controller/internal/operator/config/webhook/service.yaml b/common-controller/internal/operator/config/webhook/service.yaml new file mode 100644 index 0000000000..3d52bb199a --- /dev/null +++ b/common-controller/internal/operator/config/webhook/service.yaml @@ -0,0 +1,20 @@ + +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/name: service + app.kubernetes.io/instance: webhook-service + app.kubernetes.io/component: webhook + app.kubernetes.io/created-by: operator + app.kubernetes.io/part-of: operator + app.kubernetes.io/managed-by: kustomize + name: webhook-service + namespace: system +spec: + ports: + - port: 443 + protocol: TCP + targetPort: 9443 + selector: + control-plane: controller-manager diff --git a/common-controller/internal/operator/controller/ratelimitpolicy_controller.go b/common-controller/internal/operator/controller/ratelimitpolicy_controller.go index 7b33e76ba6..9ab2f3dc3a 100644 --- a/common-controller/internal/operator/controller/ratelimitpolicy_controller.go +++ b/common-controller/internal/operator/controller/ratelimitpolicy_controller.go @@ -18,8 +18,10 @@ package controller import ( "context" + "fmt" logger "github.com/sirupsen/logrus" + "github.com/wso2/apk/common-controller/internal/operator/utils" k8error "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/fields" "k8s.io/apimachinery/pkg/runtime" @@ -43,7 +45,8 @@ import ( cache "github.com/wso2/apk/common-controller/internal/cache" "github.com/wso2/apk/common-controller/internal/config" loggers "github.com/wso2/apk/common-controller/internal/loggers" - dpv1alpha1 "github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1" + dpv1alpha1 "github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1" + dpv1alpha2 "github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2" constants "github.com/wso2/apk/common-controller/internal/operator/constant" xds "github.com/wso2/apk/common-controller/internal/xds" ) @@ -85,7 +88,7 @@ func NewratelimitController(mgr manager.Manager, ratelimitStore *cache.Ratelimit conf := config.ReadConfigs() predicates := []predicate.Predicate{predicate.NewPredicateFuncs(FilterByNamespaces(conf.CommonController.Operator.Namespaces))} - if err := c.Watch(source.Kind(mgr.GetCache(), &dpv1alpha1.API{}), + if err := c.Watch(source.Kind(mgr.GetCache(), &dpv1alpha2.API{}), handler.EnqueueRequestsFromMapFunc(ratelimitReconsiler.getRatelimitForAPI), predicates...); err != nil { loggers.LoggerAPKOperator.ErrorC(logging.PrintError(logging.Error2611, logging.BLOCKER, "Error watching API resources: %v", err)) @@ -132,14 +135,12 @@ func (ratelimitReconsiler *RateLimitPolicyReconciler) Reconcile(ctx context.Cont // Check k8s RatelimitPolicy Availbility if err := ratelimitReconsiler.client.Get(ctx, ratelimitKey, &ratelimitPolicy); err != nil { - resolveRateLimitAPIPolicy, found := ratelimitReconsiler.ods.GetResolveRatelimitPolicy(req.NamespacedName) + resolveRateLimitAPIPolicyList, found := ratelimitReconsiler.ods.GetResolveRatelimitPolicy(req.NamespacedName) // If availble in cache Delete cache and xds if found && k8error.IsNotFound(err) { ratelimitReconsiler.ods.DeleteResolveRatelimitPolicy(req.NamespacedName) - xds.DeleteAPILevelRateLimitPolicies(resolveRateLimitAPIPolicy) - if resolveRateLimitAPIPolicy.Resources != nil { - xds.DeleteResourceLevelRateLimitPolicies(resolveRateLimitAPIPolicy) - } + xds.DeleteAPILevelRateLimitPolicies(resolveRateLimitAPIPolicyList) + xds.DeleteResourceLevelRateLimitPolicies(resolveRateLimitAPIPolicyList) xds.UpdateRateLimiterPolicies(conf.CommonController.Server.Label) } resolveCustomRateLimitPolicy, foundCustom := ratelimitReconsiler.ods.GetCachedCustomRatelimitPolicy(req.NamespacedName) @@ -151,23 +152,27 @@ func (ratelimitReconsiler *RateLimitPolicyReconciler) Reconcile(ctx context.Cont } return ctrl.Result{}, nil } - var vhost, resolveRatelimit = ratelimitReconsiler.marshelRateLimit(ctx, ratelimitKey, ratelimitPolicy) - var customRateLimitPolicy = ratelimitReconsiler.marshelCustomRateLimit(ctx, ratelimitKey, ratelimitPolicy) - if vhost == nil && customRateLimitPolicy.Key == "" { - return ctrl.Result{}, nil + if ratelimitPolicy.Spec.Override != nil && ratelimitPolicy.Spec.Override.Custom != nil { + var customRateLimitPolicy = ratelimitReconsiler.marshelCustomRateLimit(ctx, ratelimitKey, ratelimitPolicy) + ratelimitReconsiler.ods.AddorUpdateCustomRatelimitToStore(ratelimitKey, customRateLimitPolicy) + xds.UpdateRateLimitXDSCacheForCustomPolicies(customRateLimitPolicy) + } else { + + if resolveRatelimitPolicyList, err := ratelimitReconsiler.marshelRateLimit(ctx, ratelimitKey, ratelimitPolicy); err != nil { + return ctrl.Result{}, err + } else if len(resolveRatelimitPolicyList) > 0 { + ratelimitReconsiler.ods.AddorUpdateResolveRatelimitToStore(ratelimitKey, resolveRatelimitPolicyList) + xds.UpdateRateLimitXDSCache(resolveRatelimitPolicyList) + xds.UpdateRateLimiterPolicies(conf.CommonController.Server.Label) + } } - ratelimitReconsiler.ods.AddorUpdateResolveRatelimitToStore(ratelimitKey, resolveRatelimit) - ratelimitReconsiler.ods.AddorUpdateCustomRatelimitToStore(ratelimitKey, customRateLimitPolicy) - xds.UpdateRateLimitXDSCache(vhost, resolveRatelimit) - xds.UpdateRateLimitXDSCacheForCustomPolicies(customRateLimitPolicy) - xds.UpdateRateLimiterPolicies(conf.CommonController.Server.Label) return ctrl.Result{}, nil } func (ratelimitReconsiler *RateLimitPolicyReconciler) getRatelimitForAPI(ctx context.Context, obj k8client.Object) []reconcile.Request { - api, ok := obj.(*dpv1alpha1.API) + api, ok := obj.(*dpv1alpha2.API) if !ok { loggers.LoggerAPKOperator.ErrorC(logging.PrintError(logging.Error2622, logging.TRIVIAL, "Unexpected object type, bypassing reconciliation: %v", api)) @@ -233,52 +238,26 @@ func (ratelimitReconsiler *RateLimitPolicyReconciler) getRatelimitForHTTPRoute(c } func (ratelimitReconsiler *RateLimitPolicyReconciler) marshelRateLimit(ctx context.Context, ratelimitKey types.NamespacedName, - ratelimitPolicy dpv1alpha1.RateLimitPolicy) ([]string, dpv1alpha1.ResolveRateLimitAPIPolicy) { - var api dpv1alpha1.API - var vhost []string - var resolveResourceList []dpv1alpha1.ResolveResource - var resolveRatelimit dpv1alpha1.ResolveRateLimitAPIPolicy + ratelimitPolicy dpv1alpha1.RateLimitPolicy) ([]dpv1alpha1.ResolveRateLimitAPIPolicy, error) { + + policyList := []dpv1alpha1.ResolveRateLimitAPIPolicy{} + var api dpv1alpha2.API + + if err := ratelimitReconsiler.client.Get(ctx, types.NamespacedName{ + Namespace: ratelimitKey.Namespace, + Name: string(ratelimitPolicy.Spec.TargetRef.Name)}, + &api); err != nil { + return nil, fmt.Errorf("error while getting API : %v, %s", string(ratelimitPolicy.Spec.TargetRef.Name), err.Error()) + } + + organization := api.Spec.Organization + basePath := api.Spec.BasePath + environment := utils.GetEnvironment(api.Spec.Environment) + // API Level Rate limit policy if ratelimitPolicy.Spec.TargetRef.Kind == constants.KindAPI { - if err := ratelimitReconsiler.client.Get(ctx, types.NamespacedName{ - Namespace: ratelimitKey.Namespace, - Name: string(ratelimitPolicy.Spec.TargetRef.Name)}, - &api); err != nil { - return nil, resolveRatelimit - } - var organization = api.Spec.Organization - var basePath = api.Spec.BasePath - var httpRoute gwapiv1b1.HTTPRoute - if len(api.Spec.Production) > 0 { - for _, ref := range api.Spec.Production[0].HTTPRouteRefs { - if ref != "" { - if err := ratelimitReconsiler.client.Get(ctx, types.NamespacedName{ - Namespace: ratelimitKey.Namespace, - Name: ref}, - &httpRoute); err != nil { - return nil, resolveRatelimit - } - for _, hostName := range httpRoute.Spec.Hostnames { - vhost = append(vhost, string(hostName)) - } - } - } - } - if len(api.Spec.Sandbox) > 0 { - for _, ref := range api.Spec.Sandbox[0].HTTPRouteRefs { - if ref != "" { - if err := ratelimitReconsiler.client.Get(ctx, types.NamespacedName{ - Namespace: ratelimitKey.Namespace, - Name: ref}, - &httpRoute); err != nil { - return nil, resolveRatelimit - } - for _, hostName := range httpRoute.Spec.Hostnames { - vhost = append(vhost, string(hostName)) - } - } - } - } + + var resolveRatelimit dpv1alpha1.ResolveRateLimitAPIPolicy if ratelimitPolicy.Spec.Override != nil { resolveRatelimit.API.RequestsPerUnit = ratelimitPolicy.Spec.Override.API.RequestsPerUnit resolveRatelimit.API.Unit = ratelimitPolicy.Spec.Override.API.Unit @@ -286,110 +265,96 @@ func (ratelimitReconsiler *RateLimitPolicyReconciler) marshelRateLimit(ctx conte resolveRatelimit.API.RequestsPerUnit = ratelimitPolicy.Spec.Default.API.RequestsPerUnit resolveRatelimit.API.Unit = ratelimitPolicy.Spec.Default.API.Unit } - resolveRatelimit.Vhost = vhost + + resolveRatelimit.Environment = environment resolveRatelimit.Organization = organization resolveRatelimit.BasePath = basePath resolveRatelimit.UUID = string(api.ObjectMeta.UID) + policyList = append(policyList, resolveRatelimit) } // Resource Level Rate limit policy if ratelimitPolicy.Spec.TargetRef.Kind == constants.KindResource { - if err := ratelimitReconsiler.client.Get(ctx, types.NamespacedName{ - Namespace: ratelimitKey.Namespace, - Name: string(ratelimitPolicy.Spec.TargetRef.Name)}, - &api); err != nil { - return nil, resolveRatelimit - } - var organization = api.Spec.Organization - var basePath = api.Spec.BasePath - var httpRoute gwapiv1b1.HTTPRoute + + var resolveRatelimit dpv1alpha1.ResolveRateLimitAPIPolicy + resolveRatelimit.Organization = organization + resolveRatelimit.BasePath = basePath + resolveRatelimit.UUID = string(api.ObjectMeta.UID) + resolveRatelimit.Environment = environment + if len(api.Spec.Production) > 0 { - for _, ref := range api.Spec.Production[0].HTTPRouteRefs { - if ref != "" { - if err := ratelimitReconsiler.client.Get(ctx, types.NamespacedName{ - Namespace: ratelimitKey.Namespace, - Name: ref}, - &httpRoute); err != nil { - return nil, resolveRatelimit - } - for _, rule := range httpRoute.Spec.Rules { - for _, filter := range rule.Filters { - if filter.ExtensionRef != nil { - if filter.ExtensionRef.Kind == constants.KindRateLimitPolicy && string(filter.ExtensionRef.Name) == ratelimitPolicy.Name { - var resolveResource dpv1alpha1.ResolveResource - resolveResource.Path = *rule.Matches[0].Path.Value - if rule.Matches[0].Method != nil { - resolveResource.Method = string(*rule.Matches[0].Method) - } else { - resolveResource.Method = constants.All - } - resolveResource.PathMatchType = *rule.Matches[0].Path.Type - if ratelimitPolicy.Spec.Override != nil { - resolveResource.ResourceRatelimit.RequestsPerUnit = ratelimitPolicy.Spec.Override.API.RequestsPerUnit - resolveResource.ResourceRatelimit.Unit = ratelimitPolicy.Spec.Override.API.Unit - } else { - resolveResource.ResourceRatelimit.RequestsPerUnit = ratelimitPolicy.Spec.Default.API.RequestsPerUnit - resolveResource.ResourceRatelimit.Unit = ratelimitPolicy.Spec.Default.API.Unit - } - resolveResourceList = append(resolveResourceList, resolveResource) - } - for _, hostName := range httpRoute.Spec.Hostnames { - vhost = append(vhost, string(hostName)) - } - } - } - } - } + resolveResourceList, err := ratelimitReconsiler.getResourceList(ctx, ratelimitKey, ratelimitPolicy, api.Spec.Production[0].HTTPRouteRefs) + if err != nil { + return nil, err + } + if len(resolveResourceList) > 0 { + resolveRatelimit.Resources = resolveResourceList + policyList = append(policyList, resolveRatelimit) } } + if len(api.Spec.Sandbox) > 0 { - for _, ref := range api.Spec.Sandbox[0].HTTPRouteRefs { - if ref != "" { - if err := ratelimitReconsiler.client.Get(ctx, types.NamespacedName{ - Namespace: ratelimitKey.Namespace, - Name: ref}, - &httpRoute); err != nil { - return nil, resolveRatelimit - } - for _, rule := range httpRoute.Spec.Rules { - for _, filter := range rule.Filters { - if filter.ExtensionRef != nil { - if filter.ExtensionRef.Kind == constants.KindRateLimitPolicy && string(filter.ExtensionRef.Name) == ratelimitPolicy.Name { - var resolveResource dpv1alpha1.ResolveResource - resolveResource.Path = *rule.Matches[0].Path.Value - if rule.Matches[0].Method != nil { - resolveResource.Method = string(*rule.Matches[0].Method) - } else { - resolveResource.Method = constants.All - } - resolveResource.PathMatchType = *rule.Matches[0].Path.Type - if ratelimitPolicy.Spec.Override != nil { - resolveResource.ResourceRatelimit.RequestsPerUnit = ratelimitPolicy.Spec.Override.API.RequestsPerUnit - resolveResource.ResourceRatelimit.Unit = ratelimitPolicy.Spec.Override.API.Unit - } else { - resolveResource.ResourceRatelimit.RequestsPerUnit = ratelimitPolicy.Spec.Default.API.RequestsPerUnit - resolveResource.ResourceRatelimit.Unit = ratelimitPolicy.Spec.Default.API.Unit - } - resolveResourceList = append(resolveResourceList, resolveResource) - } - for _, hostName := range httpRoute.Spec.Hostnames { - vhost = append(vhost, string(hostName)) - } + + resolveResourceList, err := ratelimitReconsiler.getResourceList(ctx, ratelimitKey, ratelimitPolicy, api.Spec.Sandbox[0].HTTPRouteRefs) + if err != nil { + return nil, err + } + if len(resolveResourceList) > 0 { + resolveRatelimit.Resources = resolveResourceList + resolveRatelimit.Environment += "_sandbox" + policyList = append(policyList, resolveRatelimit) + } + } + } + + return policyList, nil +} + +func (ratelimitReconsiler *RateLimitPolicyReconciler) getResourceList(ctx context.Context, ratelimitKey types.NamespacedName, + ratelimitPolicy dpv1alpha1.RateLimitPolicy, httpRefs []string) ([]dpv1alpha1.ResolveResource, error) { + + var resolveResourceList []dpv1alpha1.ResolveResource + var httpRoute gwapiv1b1.HTTPRoute + + for _, ref := range httpRefs { + if ref != "" { + if err := ratelimitReconsiler.client.Get(ctx, types.NamespacedName{ + Namespace: ratelimitKey.Namespace, + Name: ref}, + &httpRoute); err != nil { + return nil, fmt.Errorf("error while getting HTTPRoute : %v for API : %v, %s", string(ref), + string(ratelimitPolicy.Spec.TargetRef.Name), err.Error()) + } + for _, rule := range httpRoute.Spec.Rules { + for _, filter := range rule.Filters { + if filter.ExtensionRef != nil { + if filter.ExtensionRef.Kind == constants.KindRateLimitPolicy && string(filter.ExtensionRef.Name) == ratelimitPolicy.Name { + var resolveResource dpv1alpha1.ResolveResource + resolveResource.Path = *rule.Matches[0].Path.Value + if rule.Matches[0].Method != nil { + resolveResource.Method = string(*rule.Matches[0].Method) + } else { + resolveResource.Method = constants.All } + resolveResource.PathMatchType = *rule.Matches[0].Path.Type + if ratelimitPolicy.Spec.Override != nil { + resolveResource.ResourceRatelimit.RequestsPerUnit = ratelimitPolicy.Spec.Override.API.RequestsPerUnit + resolveResource.ResourceRatelimit.Unit = ratelimitPolicy.Spec.Override.API.Unit + } else { + resolveResource.ResourceRatelimit.RequestsPerUnit = ratelimitPolicy.Spec.Default.API.RequestsPerUnit + resolveResource.ResourceRatelimit.Unit = ratelimitPolicy.Spec.Default.API.Unit + } + resolveResourceList = append(resolveResourceList, resolveResource) } - } } + } } - resolveRatelimit.Organization = organization - resolveRatelimit.BasePath = basePath - resolveRatelimit.UUID = string(api.ObjectMeta.UID) - resolveRatelimit.Vhost = vhost - resolveRatelimit.Resources = resolveResourceList } - return vhost, resolveRatelimit + + return resolveResourceList, nil } func (ratelimitReconsiler *RateLimitPolicyReconciler) marshelCustomRateLimit(ctx context.Context, ratelimitKey types.NamespacedName, diff --git a/common-controller/internal/operator/controller/suite_test.go b/common-controller/internal/operator/controller/suite_test.go index da4387e3e4..cddbedb234 100644 --- a/common-controller/internal/operator/controller/suite_test.go +++ b/common-controller/internal/operator/controller/suite_test.go @@ -30,7 +30,7 @@ import ( logf "sigs.k8s.io/controller-runtime/pkg/log" "sigs.k8s.io/controller-runtime/pkg/log/zap" - dpv1alpha1 "github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1" + dpv1alpha1 "github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1" //+kubebuilder:scaffold:imports ) diff --git a/common-controller/internal/operator/hack/boilerplate.go.txt b/common-controller/internal/operator/hack/boilerplate.go.txt index 4d1df243dd..c32be1a39c 100644 --- a/common-controller/internal/operator/hack/boilerplate.go.txt +++ b/common-controller/internal/operator/hack/boilerplate.go.txt @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. + * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/common-controller/internal/operator/operator.go b/common-controller/internal/operator/operator.go index c512b71ef5..f241cbfb60 100644 --- a/common-controller/internal/operator/operator.go +++ b/common-controller/internal/operator/operator.go @@ -26,8 +26,6 @@ import ( "github.com/wso2/apk/adapter/pkg/logging" cache "github.com/wso2/apk/common-controller/internal/cache" "github.com/wso2/apk/common-controller/internal/loggers" - dpv1alpha1 "github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1" - dpcontrollers "github.com/wso2/apk/common-controller/internal/operator/controller" "k8s.io/apimachinery/pkg/runtime" utilruntime "k8s.io/apimachinery/pkg/util/runtime" clientgoscheme "k8s.io/client-go/kubernetes/scheme" @@ -35,6 +33,10 @@ import ( "sigs.k8s.io/controller-runtime/pkg/healthz" "sigs.k8s.io/controller-runtime/pkg/log/zap" gwapiv1b1 "sigs.k8s.io/gateway-api/apis/v1beta1" + + dpv1alpha1 "github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1" + dpv1alpha2 "github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha2" + dpcontrollers "github.com/wso2/apk/common-controller/internal/operator/controller" //+kubebuilder:scaffold:imports ) @@ -47,6 +49,7 @@ func init() { utilruntime.Must(clientgoscheme.AddToScheme(scheme)) utilruntime.Must(gwapiv1b1.AddToScheme(scheme)) utilruntime.Must(dpv1alpha1.AddToScheme(scheme)) + utilruntime.Must(dpv1alpha2.AddToScheme(scheme)) //+kubebuilder:scaffold:scheme } @@ -97,6 +100,11 @@ func InitOperator() { "Unable to create webhook API, error: %v", err)) } + if err = (&dpv1alpha2.API{}).SetupWebhookWithManager(mgr); err != nil { + loggers.LoggerAPKOperator.ErrorC(logging.PrintError(logging.Error2601, logging.MAJOR, + "Unable to create webhook API, error: %v", err)) + } + if err = (&dpv1alpha1.RateLimitPolicy{}).SetupWebhookWithManager(mgr); err != nil { loggers.LoggerAPKOperator.ErrorC(logging.PrintError(logging.Error2637, logging.MAJOR, "Unable to create webhook for Ratelimit, error: %v", err)) diff --git a/common-controller/internal/operator/utils/utils.go b/common-controller/internal/operator/utils/utils.go new file mode 100644 index 0000000000..28e2bb5135 --- /dev/null +++ b/common-controller/internal/operator/utils/utils.go @@ -0,0 +1,31 @@ +/* + * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +package utils + +import ( + "github.com/wso2/apk/common-controller/internal/config" +) + +// GetEnvironment takes the environment of the API. If the value is empty, +// it will return the default environment that is set in the config of the common controller. +func GetEnvironment(environment string) string { + if environment != "" { + return environment + } + return config.ReadConfigs().CommonController.Environment +} diff --git a/common-controller/internal/xds/ratelimiter_cache.go b/common-controller/internal/xds/ratelimiter_cache.go index a3ab11ecfe..b9193f6ec9 100644 --- a/common-controller/internal/xds/ratelimiter_cache.go +++ b/common-controller/internal/xds/ratelimiter_cache.go @@ -30,7 +30,7 @@ import ( logger "github.com/sirupsen/logrus" "github.com/wso2/apk/adapter/pkg/logging" "github.com/wso2/apk/common-controller/internal/loggers" - dpv1alpha1 "github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1" + dpv1alpha1 "github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1" constants "github.com/wso2/apk/common-controller/internal/operator/constant" ) @@ -38,7 +38,7 @@ import ( const ( DescriptorKeyForOrg = "org" OrgMetadataKey = "customorg" - DescriptorKeyForVhost = "vhost" + DescriptorKeyForEnvironment = "environment" DescriptorKeyForPath = "path" DescriptorKeyForMethod = "method" DescriptorValueForAPIMethod = "ALL" @@ -65,7 +65,7 @@ type rateLimitPolicyCache struct { // TODO: (renuka) move both 'apiLevelRateLimitPolicies' and 'apiLevelMu' to a new struct when doing the App level rate limiting // So app level rate limits are in a new struct and refer in this struct. - // org -> vhost -> API-Identifier (i.e. Vhost:API-UUID) -> Rate Limit Configs + // org -> environment -> API-Identifier (i.e. Environment:API-UUID) -> Rate Limit Configs apiLevelRateLimitPolicies map[string]map[string]map[string]map[string]*rls_config.RateLimitDescriptor // org -> Custom Rate Limit Configs @@ -76,7 +76,7 @@ type rateLimitPolicyCache struct { } // AddAPILevelRateLimitPolicies adds inline Rate Limit policies in APIs to be updated in the Rate Limiter service. -func (r *rateLimitPolicyCache) AddAPILevelRateLimitPolicies(vHosts []string, resolveRatelimit dpv1alpha1.ResolveRateLimitAPIPolicy) { +func (r *rateLimitPolicyCache) AddAPILevelRateLimitPolicies(resolveRatelimit dpv1alpha1.ResolveRateLimitAPIPolicy) { rlsConfigs := rls_config.RateLimitDescriptor{} httpMethods := []string{"GET", "POST", "PUT", "DELETE", "PATCH", "HEAD", "OPTIONS"} @@ -104,16 +104,17 @@ func (r *rateLimitPolicyCache) AddAPILevelRateLimitPolicies(vHosts []string, res if _, ok := r.apiLevelRateLimitPolicies[org]; !ok { r.apiLevelRateLimitPolicies[org] = make(map[string]map[string]map[string]*rls_config.RateLimitDescriptor) } - for _, vHost := range vHosts { - if _, ok := r.apiLevelRateLimitPolicies[org][vHost]; !ok { - r.apiLevelRateLimitPolicies[org][vHost] = make(map[string]map[string]*rls_config.RateLimitDescriptor) - } - if _, ok := r.apiLevelRateLimitPolicies[org][vHost][resolveRatelimit.BasePath+resolveRatelimit.BasePath+resource.Path]; !ok { - r.apiLevelRateLimitPolicies[org][vHost][resolveRatelimit.BasePath+resolveRatelimit.BasePath+resource.Path] = make(map[string]*rls_config.RateLimitDescriptor) - r.apiLevelRateLimitPolicies[org][vHost][resolveRatelimit.BasePath+resolveRatelimit.BasePath+resource.Path][httpMethod] = rlConf - } else { - r.apiLevelRateLimitPolicies[org][vHost][resolveRatelimit.BasePath+resolveRatelimit.BasePath+resource.Path][httpMethod] = rlConf - } + + environment := resolveRatelimit.Environment + if _, ok := r.apiLevelRateLimitPolicies[org][environment]; !ok { + r.apiLevelRateLimitPolicies[org][environment] = make(map[string]map[string]*rls_config.RateLimitDescriptor) + } + + if _, ok := r.apiLevelRateLimitPolicies[org][environment][resolveRatelimit.BasePath+resolveRatelimit.BasePath+resource.Path]; !ok { + r.apiLevelRateLimitPolicies[org][environment][resolveRatelimit.BasePath+resolveRatelimit.BasePath+resource.Path] = make(map[string]*rls_config.RateLimitDescriptor) + r.apiLevelRateLimitPolicies[org][environment][resolveRatelimit.BasePath+resolveRatelimit.BasePath+resource.Path][httpMethod] = rlConf + } else { + r.apiLevelRateLimitPolicies[org][environment][resolveRatelimit.BasePath+resolveRatelimit.BasePath+resource.Path][httpMethod] = rlConf } } } else { @@ -128,16 +129,17 @@ func (r *rateLimitPolicyCache) AddAPILevelRateLimitPolicies(vHosts []string, res if _, ok := r.apiLevelRateLimitPolicies[org]; !ok { r.apiLevelRateLimitPolicies[org] = make(map[string]map[string]map[string]*rls_config.RateLimitDescriptor) } - for _, vHost := range vHosts { - if _, ok := r.apiLevelRateLimitPolicies[org][vHost]; !ok { - r.apiLevelRateLimitPolicies[org][vHost] = make(map[string]map[string]*rls_config.RateLimitDescriptor) - } - if _, ok := r.apiLevelRateLimitPolicies[org][vHost][resolveRatelimit.BasePath+resolveRatelimit.BasePath+resource.Path]; !ok { - r.apiLevelRateLimitPolicies[org][vHost][resolveRatelimit.BasePath+resolveRatelimit.BasePath+resource.Path] = make(map[string]*rls_config.RateLimitDescriptor) - r.apiLevelRateLimitPolicies[org][vHost][resolveRatelimit.BasePath+resolveRatelimit.BasePath+resource.Path][method] = rlConf - } else { - r.apiLevelRateLimitPolicies[org][vHost][resolveRatelimit.BasePath+resolveRatelimit.BasePath+resource.Path][method] = rlConf - } + + environment := resolveRatelimit.Environment + if _, ok := r.apiLevelRateLimitPolicies[org][environment]; !ok { + r.apiLevelRateLimitPolicies[org][environment] = make(map[string]map[string]*rls_config.RateLimitDescriptor) + } + + if _, ok := r.apiLevelRateLimitPolicies[org][environment][resolveRatelimit.BasePath+resolveRatelimit.BasePath+resource.Path]; !ok { + r.apiLevelRateLimitPolicies[org][environment][resolveRatelimit.BasePath+resolveRatelimit.BasePath+resource.Path] = make(map[string]*rls_config.RateLimitDescriptor) + r.apiLevelRateLimitPolicies[org][environment][resolveRatelimit.BasePath+resolveRatelimit.BasePath+resource.Path][method] = rlConf + } else { + r.apiLevelRateLimitPolicies[org][environment][resolveRatelimit.BasePath+resolveRatelimit.BasePath+resource.Path][method] = rlConf } } } @@ -158,40 +160,36 @@ func (r *rateLimitPolicyCache) AddAPILevelRateLimitPolicies(vHosts []string, res if _, ok := r.apiLevelRateLimitPolicies[org]; !ok { r.apiLevelRateLimitPolicies[org] = make(map[string]map[string]map[string]*rls_config.RateLimitDescriptor) } - for _, vHost := range vHosts { - if _, ok := r.apiLevelRateLimitPolicies[org][vHost]; !ok { - r.apiLevelRateLimitPolicies[org][vHost] = make(map[string]map[string]*rls_config.RateLimitDescriptor) - } - if _, ok := r.apiLevelRateLimitPolicies[org][vHost][resolveRatelimit.BasePath]; !ok { - r.apiLevelRateLimitPolicies[org][vHost][resolveRatelimit.BasePath] = make(map[string]*rls_config.RateLimitDescriptor) - } - r.apiLevelRateLimitPolicies[org][vHost][resolveRatelimit.BasePath][DescriptorValueForAPIMethod] = &rlsConfigs + + environment := resolveRatelimit.Environment + if _, ok := r.apiLevelRateLimitPolicies[org][environment]; !ok { + r.apiLevelRateLimitPolicies[org][environment] = make(map[string]map[string]*rls_config.RateLimitDescriptor) + } + if _, ok := r.apiLevelRateLimitPolicies[org][environment][resolveRatelimit.BasePath]; !ok { + r.apiLevelRateLimitPolicies[org][environment][resolveRatelimit.BasePath] = make(map[string]*rls_config.RateLimitDescriptor) } + r.apiLevelRateLimitPolicies[org][environment][resolveRatelimit.BasePath][DescriptorValueForAPIMethod] = &rlsConfigs } } // DeleteAPILevelRateLimitPolicies deletes inline Rate Limit policies added with the API. -func (r *rateLimitPolicyCache) DeleteAPILevelRateLimitPolicies(org string, vHosts []string, basePath string) { +func (r *rateLimitPolicyCache) DeleteAPILevelRateLimitPolicies(org string, environment string, basePath string) { r.apiLevelMu.Lock() defer r.apiLevelMu.Unlock() - for _, vHost := range vHosts { - delete(r.apiLevelRateLimitPolicies[org][vHost][basePath], DescriptorValueForAPIMethod) - } + delete(r.apiLevelRateLimitPolicies[org][environment][basePath], DescriptorValueForAPIMethod) } // DeleteAPILevelRateLimitPolicies deletes inline Rate Limit policies added with the API. -func (r *rateLimitPolicyCache) DeleteResourceLevelRateLimitPolicies(org string, vHosts []string, basePath string, path string, method string) { +func (r *rateLimitPolicyCache) DeleteResourceLevelRateLimitPolicies(org string, environment string, basePath string, path string, method string) { httpMethods := []string{"GET", "POST", "PUT", "DELETE", "PATCH", "HEAD", "OPTIONS"} r.apiLevelMu.Lock() defer r.apiLevelMu.Unlock() - for _, vHost := range vHosts { - if method == constants.All { - for _, httpMethod := range httpMethods { - delete(r.apiLevelRateLimitPolicies[org][vHost][basePath+basePath+path], httpMethod) - } - } else { - delete(r.apiLevelRateLimitPolicies[org][vHost][basePath+basePath+path], method) + if method == constants.All { + for _, httpMethod := range httpMethods { + delete(r.apiLevelRateLimitPolicies[org][environment][basePath+basePath+path], httpMethod) } + } else { + delete(r.apiLevelRateLimitPolicies[org][environment][basePath+basePath+path], method) } } @@ -209,10 +207,10 @@ func (r *rateLimitPolicyCache) generateRateLimitConfig() *rls_config.RateLimitCo defer r.apiLevelMu.RUnlock() // Generate API level rate limit configurations for org, orgPolicies := range r.apiLevelRateLimitPolicies { - var vHostDescriptors []*rls_config.RateLimitDescriptor - for vHost, vHostPolicies := range orgPolicies { + var envDescriptors []*rls_config.RateLimitDescriptor + for env, envPolicies := range orgPolicies { var apiPathDiscriptors []*rls_config.RateLimitDescriptor - for path, apiPathPolicies := range vHostPolicies { + for path, apiPathPolicies := range envPolicies { // Configure API Level rate limit policies only if, the API is deployed to the gateway label // Check API deployed to the gateway label var methodDescriptors []*rls_config.RateLimitDescriptor @@ -228,17 +226,18 @@ func (r *rateLimitPolicyCache) generateRateLimitConfig() *rls_config.RateLimitCo apiPathDiscriptors = append(apiPathDiscriptors, apiPathDiscriptor) } - vHostDescriptor := &rls_config.RateLimitDescriptor{ - Key: DescriptorKeyForVhost, - Value: vHost, + envDescriptor := &rls_config.RateLimitDescriptor{ + Key: DescriptorKeyForEnvironment, + Value: env, Descriptors: apiPathDiscriptors, } - vHostDescriptors = append(vHostDescriptors, vHostDescriptor) + envDescriptors = append(envDescriptors, envDescriptor) } + orgDescriptor := &rls_config.RateLimitDescriptor{ Key: DescriptorKeyForOrg, Value: org, - Descriptors: vHostDescriptors, + Descriptors: envDescriptors, } orgDescriptors = append(orgDescriptors, orgDescriptor) } diff --git a/common-controller/internal/xds/server.go b/common-controller/internal/xds/server.go index d92f4f1751..1f105aa25f 100644 --- a/common-controller/internal/xds/server.go +++ b/common-controller/internal/xds/server.go @@ -23,7 +23,7 @@ import ( corev3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3" envoy_cachev3 "github.com/envoyproxy/go-control-plane/pkg/cache/v3" - dpv1alpha1 "github.com/wso2/apk/common-controller/internal/operator/apis/dp/v1alpha1" + dpv1alpha1 "github.com/wso2/apk/common-controller/internal/operator/api/dp/v1alpha1" ) const ( @@ -55,9 +55,12 @@ func GetRateLimiterCache() envoy_cachev3.SnapshotCache { } // UpdateRateLimitXDSCache updates the xDS cache of the RateLimiter. -func UpdateRateLimitXDSCache(vhosts []string, resolveRatelimit dpv1alpha1.ResolveRateLimitAPIPolicy) { - // Add Rate Limit inline policies in API to the cache - rlsPolicyCache.AddAPILevelRateLimitPolicies(vhosts, resolveRatelimit) +func UpdateRateLimitXDSCache(resolveRatelimitPolicyList []dpv1alpha1.ResolveRateLimitAPIPolicy) { + + for _, resolveRatelimitPolicy := range resolveRatelimitPolicyList { + // Add Rate Limit inline policies in API to the cache + rlsPolicyCache.AddAPILevelRateLimitPolicies(resolveRatelimitPolicy) + } } // UpdateRateLimitXDSCacheForCustomPolicies updates the xDS cache of the RateLimiter for custom policies. @@ -68,21 +71,31 @@ func UpdateRateLimitXDSCacheForCustomPolicies(customRateLimitPolicies dpv1alpha1 } // DeleteAPILevelRateLimitPolicies delete the ratelimit xds cache -func DeleteAPILevelRateLimitPolicies(resolveRatelimit dpv1alpha1.ResolveRateLimitAPIPolicy) { - var org = resolveRatelimit.Organization - var vhost = resolveRatelimit.Vhost - var basePath = resolveRatelimit.BasePath - rlsPolicyCache.DeleteAPILevelRateLimitPolicies(org, vhost, basePath) +func DeleteAPILevelRateLimitPolicies(resolveRatelimitPolicyList []dpv1alpha1.ResolveRateLimitAPIPolicy) { + + for _, resolveRatelimit := range resolveRatelimitPolicyList { + var org = resolveRatelimit.Organization + var environment = resolveRatelimit.Environment + var basePath = resolveRatelimit.BasePath + rlsPolicyCache.DeleteAPILevelRateLimitPolicies(org, environment, basePath) + } } // DeleteResourceLevelRateLimitPolicies delete the ratelimit xds cache -func DeleteResourceLevelRateLimitPolicies(resolveRatelimit dpv1alpha1.ResolveRateLimitAPIPolicy) { - var org = resolveRatelimit.Organization - var vhost = resolveRatelimit.Vhost - var basePath = resolveRatelimit.BasePath - var path = resolveRatelimit.Resources[0].Path - var method = resolveRatelimit.Resources[0].Method - rlsPolicyCache.DeleteResourceLevelRateLimitPolicies(org, vhost, basePath, path, method) +func DeleteResourceLevelRateLimitPolicies(resolveRatelimitPolicyList []dpv1alpha1.ResolveRateLimitAPIPolicy) { + + for _, resolveRatelimit := range resolveRatelimitPolicyList { + + if resolveRatelimit.Resources == nil || len(resolveRatelimit.Resources) == 0 { + continue + } + var org = resolveRatelimit.Organization + var environment = resolveRatelimit.Environment + var basePath = resolveRatelimit.BasePath + var path = resolveRatelimit.Resources[0].Path + var method = resolveRatelimit.Resources[0].Method + rlsPolicyCache.DeleteResourceLevelRateLimitPolicies(org, environment, basePath, path, method) + } } // DeleteCustomRateLimitPolicies delete the ratelimit xds cache diff --git a/common-controller/revive.toml b/common-controller/revive.toml index 7c070644da..d52be3ca30 100644 --- a/common-controller/revive.toml +++ b/common-controller/revive.toml @@ -8,7 +8,7 @@ warningCode = 0 [rule.context-as-argument] [rule.context-keys-type] [rule.dot-imports] -exclude = ["internal/operator/apis/dp/v1alpha1/webhook_suite_test.go", "internal/operator/controller/suite_test.go"] +exclude = ["internal/operator/api/dp/v1alpha1/webhook_suite_test.go", "internal/operator/controller/suite_test.go", "internal/operator/api/dp/v1alpha2/webhook_suite_test.go"] [rule.error-return] [rule.error-strings] [rule.error-naming] diff --git a/developer/resources/interceptor-service-open-api-v1.yaml b/developer/resources/interceptor-service-open-api-v1.yaml index 90400f53af..24dbbb5d6d 100644 --- a/developer/resources/interceptor-service-open-api-v1.yaml +++ b/developer/resources/interceptor-service-open-api-v1.yaml @@ -230,6 +230,9 @@ components: keyType: type: string example: PRODUCTION + environment: + type: string + example: Development InterceptorContext: title: Interceptor Context type: object diff --git a/devportal/devportal-domain-service/README.md b/devportal/devportal-domain-service/README.md index cd55ffad3a..e1c65ef424 100644 --- a/devportal/devportal-domain-service/README.md +++ b/devportal/devportal-domain-service/README.md @@ -1 +1,3 @@ -## Devportal Domain Service \ No newline at end of file +## Devportal Domain Service + +### Functionalities. \ No newline at end of file diff --git a/devportal/devportal-domain-service/docker/Dockerfile b/devportal/devportal-domain-service/docker/Dockerfile index 635f37e3d0..bf5b8e2dc8 100644 --- a/devportal/devportal-domain-service/docker/Dockerfile +++ b/devportal/devportal-domain-service/docker/Dockerfile @@ -2,6 +2,10 @@ FROM ubuntu:22.04 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' LC_ALL='en_US.UTF-8' +# Upgrade Ubuntu Dependencies +RUN apt-get update \ + && apt-get upgrade -y + # install JDK Dependencies RUN apt-get update \ && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends tzdata curl wget ca-certificates fontconfig locales \ diff --git a/gateway/enforcer/Dockerfile b/gateway/enforcer/Dockerfile index 3226f78b32..88a9c9fa89 100644 --- a/gateway/enforcer/Dockerfile +++ b/gateway/enforcer/Dockerfile @@ -18,6 +18,10 @@ FROM ubuntu:22.04 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' LC_ALL='en_US.UTF-8' +# Upgrade Ubuntu Dependencies +RUN apt-get update \ + && apt-get upgrade -y + # install JDK Dependencies RUN apt-get update \ && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends tzdata curl wget ca-certificates fontconfig locales \ diff --git a/gateway/enforcer/README.md b/gateway/enforcer/README.md index cfa8d0307b..29138cfa10 100644 --- a/gateway/enforcer/README.md +++ b/gateway/enforcer/README.md @@ -8,7 +8,7 @@ The following should be installed in your development machine. - [Gradle](https://gradle.org/install/) >= 7.5.1 version - [Docker](https://docs.docker.com/engine/install/ubuntu/) >= 17.03 version -- [Java](https://adoptium.net/installation/) >= 11-jdk version +- [Java](https://adoptium.net/installation/) >= 17-jdk version ## Setting up for debugging @@ -41,4 +41,4 @@ The following should be installed in your development machine. kubectl port-forward -n apk 5006:5006 ``` -4. Start debugging from port 5006 in IntelliJ IDEA. \ No newline at end of file +4. Start debugging from port 5006 in IntelliJ IDEA. diff --git a/gateway/enforcer/org.wso2.apk.enforcer.commons/src/main/java/org/wso2/apk/enforcer/commons/analytics/publishers/dto/ExtendedAPI.java b/gateway/enforcer/org.wso2.apk.enforcer.commons/src/main/java/org/wso2/apk/enforcer/commons/analytics/publishers/dto/ExtendedAPI.java index 9ab6877f2c..8ab5c77aaf 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer.commons/src/main/java/org/wso2/apk/enforcer/commons/analytics/publishers/dto/ExtendedAPI.java +++ b/gateway/enforcer/org.wso2.apk.enforcer.commons/src/main/java/org/wso2/apk/enforcer/commons/analytics/publishers/dto/ExtendedAPI.java @@ -22,7 +22,7 @@ */ public class ExtendedAPI extends API { private String organizationId; - + private String environmentId; private String apiContext; public String getOrganizationId() { @@ -40,4 +40,12 @@ public String getApiContext() { public void setApiContext(String apiContext) { this.apiContext = apiContext; } + + public String getEnvironmentId() { + return environmentId; + } + + public void setEnvironmentId(String environmentId) { + this.environmentId = environmentId; + } } diff --git a/gateway/enforcer/org.wso2.apk.enforcer.commons/src/main/java/org/wso2/apk/enforcer/commons/model/APIConfig.java b/gateway/enforcer/org.wso2.apk.enforcer.commons/src/main/java/org/wso2/apk/enforcer/commons/model/APIConfig.java index 3e9b5fc15e..789b514814 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer.commons/src/main/java/org/wso2/apk/enforcer/commons/model/APIConfig.java +++ b/gateway/enforcer/org.wso2.apk.enforcer.commons/src/main/java/org/wso2/apk/enforcer/commons/model/APIConfig.java @@ -53,6 +53,7 @@ public class APIConfig { private JWTConfigurationDto jwtConfigurationDto; private boolean systemAPI; private byte[] apiDefinition; + private String environment; /** * getApiType returns the API type. This could be one of the following. * HTTP, WS, WEBHOOK @@ -235,6 +236,14 @@ public JWTConfigurationDto getJwtConfigurationDto() { return jwtConfigurationDto; } + /** + * Returns the environment of the API. + * @return String. + */ + public String getEnvironment() { + return environment; + } + /** * Implements builder pattern to build an API Config object. */ @@ -262,6 +271,7 @@ public static class Builder { private boolean systemAPI; private byte[] apiDefinition; private JWTConfigurationDto jwtConfigurationDto; + private String environment; public Builder(String name) { this.name = name; } @@ -368,6 +378,10 @@ public Builder apiDefinition(byte[] apiDefinition) { this.apiDefinition = apiDefinition; return this; } + public Builder environment(String environment) { + this.environment = environment; + return this; + } public APIConfig build() { APIConfig apiConfig = new APIConfig(); apiConfig.name = this.name; @@ -392,6 +406,7 @@ public APIConfig build() { apiConfig.systemAPI = this.systemAPI; apiConfig.jwtConfigurationDto = this.jwtConfigurationDto; apiConfig.apiDefinition = this.apiDefinition; + apiConfig.environment = this.environment; return apiConfig; } } diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/analytics/AnalyticsFilter.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/analytics/AnalyticsFilter.java index f7c109d602..c4bffeac69 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/analytics/AnalyticsFilter.java +++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/analytics/AnalyticsFilter.java @@ -202,6 +202,11 @@ public void handleSuccessRequest(RequestContext requestContext) { endUserName == null ? APIConstants.END_USER_UNKNOWN : endUserName); requestContext.addMetadataToMap(MetadataConstants.API_CONTEXT_KEY, requestContext.getMatchedAPI().getBasePath()); + requestContext.addMetadataToMap(MetadataConstants.API_ENVIRONMENT, + requestContext.getMatchedAPI().getEnvironment() == null + ? APIConstants.DEFAULT_ENVIRONMENT_NAME + : requestContext.getMatchedAPI().getEnvironment()); + } finally { if (Utils.tracingEnabled()) { analyticsSpanScope.close(); @@ -280,7 +285,7 @@ private static AnalyticsEventPublisher loadAnalyticsPublisher(String className, logger.error("Error while loading the custom analytics publisher class.", ErrorDetails.errorLog(LoggingConstants.Severity.MAJOR, 5105), e); } catch (InstantiationException | IllegalAccessException | InvocationTargetException - | NoSuchMethodException e) { + | NoSuchMethodException e) { logger.error("Error while generating AnalyticsEventPublisherInstance from the class", ErrorDetails.errorLog(LoggingConstants.Severity.CRITICAL, 5106), e); } diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/analytics/ChoreoAnalyticsProvider.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/analytics/ChoreoAnalyticsProvider.java index 30e843e2a6..657bfe8340 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/analytics/ChoreoAnalyticsProvider.java +++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/analytics/ChoreoAnalyticsProvider.java @@ -118,6 +118,7 @@ public API getApi() { api.setApiCreatorTenantDomain(getValueAsString(fieldsMap, MetadataConstants.API_CREATOR_TENANT_DOMAIN_KEY)); api.setOrganizationId(getValueAsString(fieldsMap, MetadataConstants.API_ORGANIZATION_ID)); api.setApiContext(getValueAsString(fieldsMap, MetadataConstants.API_CONTEXT_KEY)); + api.setEnvironmentId(getValueAsString(fieldsMap, MetadataConstants.API_ENVIRONMENT)); return api; } diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/api/RestAPI.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/api/RestAPI.java index d89356f7f4..aaf33ad060 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/api/RestAPI.java +++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/api/RestAPI.java @@ -145,7 +145,7 @@ public String init(Api api) { .disableScopes(api.getDisableScopes()).trustStore(trustStore).organizationId(api.getOrganizationId()) .mtlsCertificateTiers(mtlsCertificateTiers).mutualSSL(mutualSSL).systemAPI(api.getSystemAPI()) .applicationSecurity(applicationSecurity).jwtConfigurationDto(jwtConfigurationDto) - .apiDefinition(apiDefinition).build(); + .apiDefinition(apiDefinition).environment(api.getEnvironment()).build(); initFilters(); return basePath; diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/constants/APIConstants.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/constants/APIConstants.java index d2e69757bc..539d2dfc4a 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/constants/APIConstants.java +++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/constants/APIConstants.java @@ -45,6 +45,7 @@ public class APIConstants { public static final String AUTHORIZATION_BEARER = "Bearer "; public static final String API_KEY_TYPE_PRODUCTION = "PRODUCTION"; public static final String API_KEY_TYPE_SANDBOX = "SANDBOX"; + public static final String DEFAULT_ENVIRONMENT_NAME = "Default"; public static final String AUTHORIZATION_HEADER_BASIC = "Basic"; public static final String API_SECURITY_OAUTH2 = "oauth2"; diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/constants/Constants.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/constants/Constants.java index 26d0ba0afd..a79f311089 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/constants/Constants.java +++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/constants/Constants.java @@ -76,4 +76,7 @@ since new lines in different OSs differ (Linux: \n, Windows: \r\n) */ public static final String PROP_CON_FACTORY = "connectionfactory.TopicConnectionFactory"; public static final String DEFAULT_DESTINATION_TYPE = "Topic"; public static final String DEFAULT_CON_FACTORY_JNDI_NAME = "TopicConnectionFactory"; + + // multi-env constants + public static final String DEFAULT_ALL_ENVIRONMENTS_TOKEN_ISSUER = "*"; } diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/constants/InterceptorConstants.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/constants/InterceptorConstants.java index b456a1972a..706efc52a7 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/constants/InterceptorConstants.java +++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/constants/InterceptorConstants.java @@ -42,6 +42,7 @@ public static class APIMetadataFields { public static final String API_VERSION = "apiVersion"; public static final String API_VHOST = "vhost"; public static final String API_ORGANIZATION_ID = "organizationId"; + public static final String ENVIRONMENT = "environment"; } } diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/constants/MetadataConstants.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/constants/MetadataConstants.java index 20f9aa86e4..d847bed15a 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/constants/MetadataConstants.java +++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/constants/MetadataConstants.java @@ -55,4 +55,6 @@ public class MetadataConstants { public static final String ERROR_CODE_KEY = "ErrorCode"; public static final String CHOREO_CONNECT_ENFORCER_REPLY = "apk-enforcer-reply"; public static final String RATELIMIT_WSO2_ORG_PREFIX = "customorg"; + public static final String API_ENVIRONMENT = WSO2_METADATA_PREFIX + "api-environment"; + } diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/Api.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/Api.java index 0a9c010ab9..51b7d871a5 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/Api.java +++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/Api.java @@ -34,6 +34,7 @@ private Api() { clientCertificates_ = java.util.Collections.emptyList(); mutualSSL_ = ""; apiDefinitionFile_ = com.google.protobuf.ByteString.EMPTY; + environment_ = ""; } @java.lang.Override @@ -189,6 +190,12 @@ private Api( apiDefinitionFile_ = input.readBytes(); break; } + case 218: { + java.lang.String s = input.readStringRequireUtf8(); + + environment_ = s; + break; + } default: { if (!parseUnknownField( input, unknownFields, extensionRegistry, tag)) { @@ -831,6 +838,44 @@ public com.google.protobuf.ByteString getApiDefinitionFile() { return apiDefinitionFile_; } + public static final int ENVIRONMENT_FIELD_NUMBER = 27; + private volatile java.lang.Object environment_; + /** + * string environment = 27; + * @return The environment. + */ + @java.lang.Override + public java.lang.String getEnvironment() { + java.lang.Object ref = environment_; + if (ref instanceof java.lang.String) { + return (java.lang.String) ref; + } else { + com.google.protobuf.ByteString bs = + (com.google.protobuf.ByteString) ref; + java.lang.String s = bs.toStringUtf8(); + environment_ = s; + return s; + } + } + /** + * string environment = 27; + * @return The bytes for environment. + */ + @java.lang.Override + public com.google.protobuf.ByteString + getEnvironmentBytes() { + java.lang.Object ref = environment_; + if (ref instanceof java.lang.String) { + com.google.protobuf.ByteString b = + com.google.protobuf.ByteString.copyFromUtf8( + (java.lang.String) ref); + environment_ = b; + return b; + } else { + return (com.google.protobuf.ByteString) ref; + } + } + private byte memoizedIsInitialized = -1; @java.lang.Override public final boolean isInitialized() { @@ -902,6 +947,9 @@ public void writeTo(com.google.protobuf.CodedOutputStream output) if (!apiDefinitionFile_.isEmpty()) { output.writeBytes(26, apiDefinitionFile_); } + if (!getEnvironmentBytes().isEmpty()) { + com.google.protobuf.GeneratedMessageV3.writeString(output, 27, environment_); + } unknownFields.writeTo(output); } @@ -976,6 +1024,9 @@ public int getSerializedSize() { size += com.google.protobuf.CodedOutputStream .computeBytesSize(26, apiDefinitionFile_); } + if (!getEnvironmentBytes().isEmpty()) { + size += com.google.protobuf.GeneratedMessageV3.computeStringSize(27, environment_); + } size += unknownFields.getSerializedSize(); memoizedSize = size; return size; @@ -1032,6 +1083,8 @@ public boolean equals(final java.lang.Object obj) { } if (!getApiDefinitionFile() .equals(other.getApiDefinitionFile())) return false; + if (!getEnvironment() + .equals(other.getEnvironment())) return false; if (!unknownFields.equals(other.unknownFields)) return false; return true; } @@ -1091,6 +1144,8 @@ public int hashCode() { } hash = (37 * hash) + APIDEFINITIONFILE_FIELD_NUMBER; hash = (53 * hash) + getApiDefinitionFile().hashCode(); + hash = (37 * hash) + ENVIRONMENT_FIELD_NUMBER; + hash = (53 * hash) + getEnvironment().hashCode(); hash = (29 * hash) + unknownFields.hashCode(); memoizedHashCode = hash; return hash; @@ -1280,6 +1335,8 @@ public Builder clear() { } apiDefinitionFile_ = com.google.protobuf.ByteString.EMPTY; + environment_ = ""; + return this; } @@ -1346,6 +1403,7 @@ public org.wso2.apk.enforcer.discovery.api.Api buildPartial() { result.backendJWTTokenInfo_ = backendJWTTokenInfoBuilder_.build(); } result.apiDefinitionFile_ = apiDefinitionFile_; + result.environment_ = environment_; onBuilt(); return result; } @@ -1508,6 +1566,10 @@ public Builder mergeFrom(org.wso2.apk.enforcer.discovery.api.Api other) { if (other.getApiDefinitionFile() != com.google.protobuf.ByteString.EMPTY) { setApiDefinitionFile(other.getApiDefinitionFile()); } + if (!other.getEnvironment().isEmpty()) { + environment_ = other.environment_; + onChanged(); + } this.mergeUnknownFields(other.unknownFields); onChanged(); return this; @@ -3217,6 +3279,82 @@ public Builder clearApiDefinitionFile() { onChanged(); return this; } + + private java.lang.Object environment_ = ""; + /** + * string environment = 27; + * @return The environment. + */ + public java.lang.String getEnvironment() { + java.lang.Object ref = environment_; + if (!(ref instanceof java.lang.String)) { + com.google.protobuf.ByteString bs = + (com.google.protobuf.ByteString) ref; + java.lang.String s = bs.toStringUtf8(); + environment_ = s; + return s; + } else { + return (java.lang.String) ref; + } + } + /** + * string environment = 27; + * @return The bytes for environment. + */ + public com.google.protobuf.ByteString + getEnvironmentBytes() { + java.lang.Object ref = environment_; + if (ref instanceof String) { + com.google.protobuf.ByteString b = + com.google.protobuf.ByteString.copyFromUtf8( + (java.lang.String) ref); + environment_ = b; + return b; + } else { + return (com.google.protobuf.ByteString) ref; + } + } + /** + * string environment = 27; + * @param value The environment to set. + * @return This builder for chaining. + */ + public Builder setEnvironment( + java.lang.String value) { + if (value == null) { + throw new NullPointerException(); + } + + environment_ = value; + onChanged(); + return this; + } + /** + * string environment = 27; + * @return This builder for chaining. + */ + public Builder clearEnvironment() { + + environment_ = getDefaultInstance().getEnvironment(); + onChanged(); + return this; + } + /** + * string environment = 27; + * @param value The bytes for environment to set. + * @return This builder for chaining. + */ + public Builder setEnvironmentBytes( + com.google.protobuf.ByteString value) { + if (value == null) { + throw new NullPointerException(); + } + checkByteStringIsUtf8(value); + + environment_ = value; + onChanged(); + return this; + } @java.lang.Override public final Builder setUnknownFields( final com.google.protobuf.UnknownFieldSet unknownFields) { diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/ApiOrBuilder.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/ApiOrBuilder.java index 891a11238a..9656c6f275 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/ApiOrBuilder.java +++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/ApiOrBuilder.java @@ -256,4 +256,16 @@ org.wso2.apk.enforcer.discovery.api.CertificateOrBuilder getClientCertificatesOr * @return The apiDefinitionFile. */ com.google.protobuf.ByteString getApiDefinitionFile(); + + /** + * string environment = 27; + * @return The environment. + */ + java.lang.String getEnvironment(); + /** + * string environment = 27; + * @return The bytes for environment. + */ + com.google.protobuf.ByteString + getEnvironmentBytes(); } diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/ApiProto.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/ApiProto.java index 9ea5a84357..485076d63f 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/ApiProto.java +++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/ApiProto.java @@ -32,7 +32,7 @@ public static void registerAllExtensions( "covery.api\032!wso2/discovery/api/Resource." + "proto\032$wso2/discovery/api/Certificate.pr" + "oto\032,wso2/discovery/api/BackendJWTTokenI" + - "nfo.proto\"\376\003\n\003Api\022\n\n\002id\030\001 \001(\t\022\r\n\005title\030\002" + + "nfo.proto\"\223\004\n\003Api\022\n\n\002id\030\001 \001(\t\022\r\n\005title\030\002" + " \001(\t\022\017\n\007version\030\003 \001(\t\022\017\n\007apiType\030\004 \001(\t\022\036" + "\n\026disableAuthentications\030\005 \001(\010\022\025\n\rdisabl" + "eScopes\030\006 \001(\010\022\017\n\007envType\030\007 \001(\t\022/\n\tresour" + @@ -45,10 +45,10 @@ public static void registerAllExtensions( "\030\020 \001(\010\022\021\n\tsystemAPI\030\030 \001(\010\022D\n\023backendJWTT" + "okenInfo\030\031 \001(\0132\'.wso2.discovery.api.Back" + "endJWTTokenInfo\022\031\n\021apiDefinitionFile\030\032 \001" + - "(\014Bp\n#org.wso2.apk.enforcer.discovery.ap" + - "iB\010ApiProtoP\001Z=github.com/envoyproxy/go-" + - "control-plane/wso2/discovery/api;apib\006pr" + - "oto3" + "(\014\022\023\n\013environment\030\033 \001(\tBp\n#org.wso2.apk." + + "enforcer.discovery.apiB\010ApiProtoP\001Z=gith" + + "ub.com/envoyproxy/go-control-plane/wso2/" + + "discovery/api;apib\006proto3" }; descriptor = com.google.protobuf.Descriptors.FileDescriptor .internalBuildGeneratedFileFrom(descriptorData, @@ -62,7 +62,7 @@ public static void registerAllExtensions( internal_static_wso2_discovery_api_Api_fieldAccessorTable = new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable( internal_static_wso2_discovery_api_Api_descriptor, - new java.lang.String[] { "Id", "Title", "Version", "ApiType", "DisableAuthentications", "DisableScopes", "EnvType", "Resources", "BasePath", "Tier", "ApiLifeCycleState", "Vhost", "OrganizationId", "ClientCertificates", "MutualSSL", "ApplicationSecurity", "SystemAPI", "BackendJWTTokenInfo", "ApiDefinitionFile", }); + new java.lang.String[] { "Id", "Title", "Version", "ApiType", "DisableAuthentications", "DisableScopes", "EnvType", "Resources", "BasePath", "Tier", "ApiLifeCycleState", "Vhost", "OrganizationId", "ClientCertificates", "MutualSSL", "ApplicationSecurity", "SystemAPI", "BackendJWTTokenInfo", "ApiDefinitionFile", "Environment", }); org.wso2.apk.enforcer.discovery.api.ResourceProto.getDescriptor(); org.wso2.apk.enforcer.discovery.api.CertificateProto.getDescriptor(); org.wso2.apk.enforcer.discovery.api.BackendJWTTokenInfoProto.getDescriptor(); diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/subscription/JWTIssuer.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/subscription/JWTIssuer.java index 7ed78a54c3..d36ddcc769 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/subscription/JWTIssuer.java +++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/subscription/JWTIssuer.java @@ -26,6 +26,7 @@ private JWTIssuer() { issuer_ = ""; consumerKeyClaim_ = ""; scopesClaim_ = ""; + environments_ = com.google.protobuf.LazyStringArrayList.EMPTY; } @java.lang.Override @@ -121,6 +122,15 @@ private JWTIssuer( claimMapping__.getKey(), claimMapping__.getValue()); break; } + case 74: { + java.lang.String s = input.readStringRequireUtf8(); + if (!((mutable_bitField0_ & 0x00000002) != 0)) { + environments_ = new com.google.protobuf.LazyStringArrayList(); + mutable_bitField0_ |= 0x00000002; + } + environments_.add(s); + break; + } default: { if (!parseUnknownField( input, unknownFields, extensionRegistry, tag)) { @@ -136,6 +146,9 @@ private JWTIssuer( throw new com.google.protobuf.InvalidProtocolBufferException( e).setUnfinishedMessage(this); } finally { + if (((mutable_bitField0_ & 0x00000002) != 0)) { + environments_ = environments_.getUnmodifiableView(); + } this.unknownFields = unknownFields.build(); makeExtensionsImmutable(); } @@ -500,6 +513,41 @@ public java.lang.String getClaimMappingOrThrow( return map.get(key); } + public static final int ENVIRONMENTS_FIELD_NUMBER = 9; + private com.google.protobuf.LazyStringList environments_; + /** + * repeated string environments = 9; + * @return A list containing the environments. + */ + public com.google.protobuf.ProtocolStringList + getEnvironmentsList() { + return environments_; + } + /** + * repeated string environments = 9; + * @return The count of environments. + */ + public int getEnvironmentsCount() { + return environments_.size(); + } + /** + * repeated string environments = 9; + * @param index The index of the element to return. + * @return The environments at the given index. + */ + public java.lang.String getEnvironments(int index) { + return environments_.get(index); + } + /** + * repeated string environments = 9; + * @param index The index of the value to return. + * @return The bytes of the environments at the given index. + */ + public com.google.protobuf.ByteString + getEnvironmentsBytes(int index) { + return environments_.getByteString(index); + } + private byte memoizedIsInitialized = -1; @java.lang.Override public final boolean isInitialized() { @@ -541,6 +589,9 @@ public void writeTo(com.google.protobuf.CodedOutputStream output) internalGetClaimMapping(), ClaimMappingDefaultEntryHolder.defaultEntry, 8); + for (int i = 0; i < environments_.size(); i++) { + com.google.protobuf.GeneratedMessageV3.writeString(output, 9, environments_.getRaw(i)); + } unknownFields.writeTo(output); } @@ -582,6 +633,14 @@ public int getSerializedSize() { size += com.google.protobuf.CodedOutputStream .computeMessageSize(8, claimMapping__); } + { + int dataSize = 0; + for (int i = 0; i < environments_.size(); i++) { + dataSize += computeStringSizeNoTag(environments_.getRaw(i)); + } + size += dataSize; + size += 1 * getEnvironmentsList().size(); + } size += unknownFields.getSerializedSize(); memoizedSize = size; return size; @@ -616,6 +675,8 @@ public boolean equals(final java.lang.Object obj) { .equals(other.getScopesClaim())) return false; if (!internalGetClaimMapping().equals( other.internalGetClaimMapping())) return false; + if (!getEnvironmentsList() + .equals(other.getEnvironmentsList())) return false; if (!unknownFields.equals(other.unknownFields)) return false; return true; } @@ -647,6 +708,10 @@ public int hashCode() { hash = (37 * hash) + CLAIMMAPPING_FIELD_NUMBER; hash = (53 * hash) + internalGetClaimMapping().hashCode(); } + if (getEnvironmentsCount() > 0) { + hash = (37 * hash) + ENVIRONMENTS_FIELD_NUMBER; + hash = (53 * hash) + getEnvironmentsList().hashCode(); + } hash = (29 * hash) + unknownFields.hashCode(); memoizedHashCode = hash; return hash; @@ -825,6 +890,8 @@ public Builder clear() { scopesClaim_ = ""; internalGetMutableClaimMapping().clear(); + environments_ = com.google.protobuf.LazyStringArrayList.EMPTY; + bitField0_ = (bitField0_ & ~0x00000002); return this; } @@ -865,6 +932,11 @@ public org.wso2.apk.enforcer.discovery.subscription.JWTIssuer buildPartial() { result.scopesClaim_ = scopesClaim_; result.claimMapping_ = internalGetClaimMapping(); result.claimMapping_.makeImmutable(); + if (((bitField0_ & 0x00000002) != 0)) { + environments_ = environments_.getUnmodifiableView(); + bitField0_ = (bitField0_ & ~0x00000002); + } + result.environments_ = environments_; onBuilt(); return result; } @@ -942,6 +1014,16 @@ public Builder mergeFrom(org.wso2.apk.enforcer.discovery.subscription.JWTIssuer } internalGetMutableClaimMapping().mergeFrom( other.internalGetClaimMapping()); + if (!other.environments_.isEmpty()) { + if (environments_.isEmpty()) { + environments_ = other.environments_; + bitField0_ = (bitField0_ & ~0x00000002); + } else { + ensureEnvironmentsIsMutable(); + environments_.addAll(other.environments_); + } + onChanged(); + } this.mergeUnknownFields(other.unknownFields); onChanged(); return this; @@ -1674,6 +1756,116 @@ public Builder putAllClaimMapping( .putAll(values); return this; } + + private com.google.protobuf.LazyStringList environments_ = com.google.protobuf.LazyStringArrayList.EMPTY; + private void ensureEnvironmentsIsMutable() { + if (!((bitField0_ & 0x00000002) != 0)) { + environments_ = new com.google.protobuf.LazyStringArrayList(environments_); + bitField0_ |= 0x00000002; + } + } + /** + * repeated string environments = 9; + * @return A list containing the environments. + */ + public com.google.protobuf.ProtocolStringList + getEnvironmentsList() { + return environments_.getUnmodifiableView(); + } + /** + * repeated string environments = 9; + * @return The count of environments. + */ + public int getEnvironmentsCount() { + return environments_.size(); + } + /** + * repeated string environments = 9; + * @param index The index of the element to return. + * @return The environments at the given index. + */ + public java.lang.String getEnvironments(int index) { + return environments_.get(index); + } + /** + * repeated string environments = 9; + * @param index The index of the value to return. + * @return The bytes of the environments at the given index. + */ + public com.google.protobuf.ByteString + getEnvironmentsBytes(int index) { + return environments_.getByteString(index); + } + /** + * repeated string environments = 9; + * @param index The index to set the value at. + * @param value The environments to set. + * @return This builder for chaining. + */ + public Builder setEnvironments( + int index, java.lang.String value) { + if (value == null) { + throw new NullPointerException(); + } + ensureEnvironmentsIsMutable(); + environments_.set(index, value); + onChanged(); + return this; + } + /** + * repeated string environments = 9; + * @param value The environments to add. + * @return This builder for chaining. + */ + public Builder addEnvironments( + java.lang.String value) { + if (value == null) { + throw new NullPointerException(); + } + ensureEnvironmentsIsMutable(); + environments_.add(value); + onChanged(); + return this; + } + /** + * repeated string environments = 9; + * @param values The environments to add. + * @return This builder for chaining. + */ + public Builder addAllEnvironments( + java.lang.Iterable values) { + ensureEnvironmentsIsMutable(); + com.google.protobuf.AbstractMessageLite.Builder.addAll( + values, environments_); + onChanged(); + return this; + } + /** + * repeated string environments = 9; + * @return This builder for chaining. + */ + public Builder clearEnvironments() { + environments_ = com.google.protobuf.LazyStringArrayList.EMPTY; + bitField0_ = (bitField0_ & ~0x00000002); + onChanged(); + return this; + } + /** + * repeated string environments = 9; + * @param value The bytes of the environments to add. + * @return This builder for chaining. + */ + public Builder addEnvironmentsBytes( + com.google.protobuf.ByteString value) { + if (value == null) { + throw new NullPointerException(); + } + checkByteStringIsUtf8(value); + ensureEnvironmentsIsMutable(); + environments_.add(value); + onChanged(); + return this; + } @java.lang.Override public final Builder setUnknownFields( final com.google.protobuf.UnknownFieldSet unknownFields) { diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/subscription/JWTIssuerOrBuilder.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/subscription/JWTIssuerOrBuilder.java index 84618a8ee3..421995fec5 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/subscription/JWTIssuerOrBuilder.java +++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/subscription/JWTIssuerOrBuilder.java @@ -127,4 +127,29 @@ java.lang.String getClaimMappingOrDefault( java.lang.String getClaimMappingOrThrow( java.lang.String key); + + /** + * repeated string environments = 9; + * @return A list containing the environments. + */ + java.util.List + getEnvironmentsList(); + /** + * repeated string environments = 9; + * @return The count of environments. + */ + int getEnvironmentsCount(); + /** + * repeated string environments = 9; + * @param index The index of the element to return. + * @return The environments at the given index. + */ + java.lang.String getEnvironments(int index); + /** + * repeated string environments = 9; + * @param index The index of the value to return. + * @return The bytes of the environments at the given index. + */ + com.google.protobuf.ByteString + getEnvironmentsBytes(int index); } diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/subscription/JWTIssuerProto.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/subscription/JWTIssuerProto.java index 52b7e4bfc8..705c0d9bc8 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/subscription/JWTIssuerProto.java +++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/subscription/JWTIssuerProto.java @@ -44,22 +44,23 @@ public static void registerAllExtensions( static { java.lang.String[] descriptorData = { "\n+wso2/discovery/subscription/jwtIssuer." + - "proto\022\033wso2.discovery.subscription\"\303\002\n\tJ" + + "proto\022\033wso2.discovery.subscription\"\331\002\n\tJ" + "WTIssuer\022\017\n\007eventId\030\001 \001(\t\022\014\n\004name\030\002 \001(\t\022" + "\024\n\014organization\030\003 \001(\t\022\016\n\006issuer\030\004 \001(\t\022=\n" + "\013certificate\030\005 \001(\0132(.wso2.discovery.subs" + "cription.Certificate\022\030\n\020consumerKeyClaim" + "\030\006 \001(\t\022\023\n\013scopesClaim\030\007 \001(\t\022N\n\014claimMapp" + "ing\030\010 \003(\01328.wso2.discovery.subscription." + - "JWTIssuer.ClaimMappingEntry\0323\n\021ClaimMapp" + - "ingEntry\022\013\n\003key\030\001 \001(\t\022\r\n\005value\030\002 \001(\t:\0028\001" + - "\"S\n\013Certificate\022\023\n\013certificate\030\001 \001(\t\022/\n\004" + - "jwks\030\002 \001(\0132!.wso2.discovery.subscription" + - ".JWKS\" \n\004JWKS\022\013\n\003url\030\001 \001(\t\022\013\n\003tls\030\002 \001(\tB" + - "\221\001\n,org.wso2.apk.enforcer.discovery.subs" + - "criptionB\016JWTIssuerProtoP\001ZOgithub.com/e" + - "nvoyproxy/go-control-plane/wso2/discover" + - "y/subscription;subscriptionb\006proto3" + "JWTIssuer.ClaimMappingEntry\022\024\n\014environme" + + "nts\030\t \003(\t\0323\n\021ClaimMappingEntry\022\013\n\003key\030\001 " + + "\001(\t\022\r\n\005value\030\002 \001(\t:\0028\001\"S\n\013Certificate\022\023\n" + + "\013certificate\030\001 \001(\t\022/\n\004jwks\030\002 \001(\0132!.wso2." + + "discovery.subscription.JWKS\" \n\004JWKS\022\013\n\003u" + + "rl\030\001 \001(\t\022\013\n\003tls\030\002 \001(\tB\221\001\n,org.wso2.apk.e" + + "nforcer.discovery.subscriptionB\016JWTIssue" + + "rProtoP\001ZOgithub.com/envoyproxy/go-contr" + + "ol-plane/wso2/discovery/subscription;sub" + + "scriptionb\006proto3" }; descriptor = com.google.protobuf.Descriptors.FileDescriptor .internalBuildGeneratedFileFrom(descriptorData, @@ -70,7 +71,7 @@ public static void registerAllExtensions( internal_static_wso2_discovery_subscription_JWTIssuer_fieldAccessorTable = new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable( internal_static_wso2_discovery_subscription_JWTIssuer_descriptor, - new java.lang.String[] { "EventId", "Name", "Organization", "Issuer", "Certificate", "ConsumerKeyClaim", "ScopesClaim", "ClaimMapping", }); + new java.lang.String[] { "EventId", "Name", "Organization", "Issuer", "Certificate", "ConsumerKeyClaim", "ScopesClaim", "ClaimMapping", "Environments", }); internal_static_wso2_discovery_subscription_JWTIssuer_ClaimMappingEntry_descriptor = internal_static_wso2_discovery_subscription_JWTIssuer_descriptor.getNestedTypes().get(0); internal_static_wso2_discovery_subscription_JWTIssuer_ClaimMappingEntry_fieldAccessorTable = new diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/models/APIInfo.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/models/APIInfo.java deleted file mode 100644 index ff99e8f58c..0000000000 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/models/APIInfo.java +++ /dev/null @@ -1,125 +0,0 @@ -/* - * Copyright (c) 2021, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. - * - * WSO2 LLC. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.wso2.apk.enforcer.models; - -import java.util.List; - -/** - * Model class for API Information - */ -public class APIInfo { - private Integer apiId = null; - private String provider = null; - private String name = null; - private String version = null; - private String context = null; - private String tier = null; - private String apiType = null; - private boolean isDefaultVersion = false; - private String apiUUID = null; - private String lcState = null; - private List subscriptions = null; - - public Integer getApiId() { - return apiId; - } - - public void setApiId(Integer apiId) { - this.apiId = apiId; - } - - public String getProvider() { - return provider; - } - - public void setProvider(String provider) { - this.provider = provider; - } - - public String getName() { - return name; - } - - public void setName(String name) { - this.name = name; - } - - public String getTier() { - return tier; - } - - public void setTier(String tier) { - this.tier = tier; - } - - public String getVersion() { - return version; - } - - public void setVersion(String version) { - this.version = version; - } - - public String getContext() { - return context; - } - - public void setContext(String context) { - this.context = context; - } - - public String getApiType() { - return apiType; - } - - public void setApiType(String apiType) { - this.apiType = apiType; - } - - public boolean isDefaultVersion() { - return isDefaultVersion; - } - - public void setDefaultVersion(boolean defaultVersion) { - isDefaultVersion = defaultVersion; - } - - public String getApiUUID() { - return apiUUID; - } - - public void setApiUUID(String apiUUID) { - this.apiUUID = apiUUID; - } - - public String getLcState() { - return lcState; - } - - public void setLcState(String lcState) { - this.lcState = lcState; - } - - public List getSubscriptions() { - return subscriptions; - } - - public void setSubscriptions(List subscriptions) { - this.subscriptions = subscriptions; - } -} diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/models/ApplicationInfo.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/models/ApplicationInfo.java deleted file mode 100644 index 1d7c3b45f5..0000000000 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/models/ApplicationInfo.java +++ /dev/null @@ -1,118 +0,0 @@ -/* - * Copyright (c) 2021, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. - * - * WSO2 LLC. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.wso2.apk.enforcer.models; - -import java.util.ArrayList; -import java.util.List; - -/** - * Model class for Application Information - */ -public class ApplicationInfo { - - private Integer id = null; - private String uuid; - private String name = null; - private Integer subId = null; - private String subName = null; - private String policy = null; - private String tokenType = null; - private String tenantDomain = null; - private List groupIds = new ArrayList<>(); - private String consumerKey = null; - - public Integer getId() { - return id; - } - - public void setId(Integer id) { - this.id = id; - } - - public String getUuid() { - return uuid; - } - - public void setUuid(String uuid) { - this.uuid = uuid; - } - - public String getName() { - return name; - } - - public void setName(String name) { - this.name = name; - } - - public Integer getSubId() { - return subId; - } - - public void setSubId(Integer subId) { - this.subId = subId; - } - - public String getSubName() { - return subName; - } - - public void setSubName(String subName) { - this.subName = subName; - } - - public String getPolicy() { - return policy; - } - - public void setPolicy(String policy) { - this.policy = policy; - } - - public String getTokenType() { - return tokenType; - } - - public void setTokenType(String tokenType) { - this.tokenType = tokenType; - } - - public String getTenantDomain() { - return tenantDomain; - } - - public void setTenantDomain(String tenantDomain) { - this.tenantDomain = tenantDomain; - } - - public List getGroupIds() { - return groupIds; - } - - public void setGroupIds(List groupIds) { - this.groupIds = groupIds; - } - - public String getConsumerKey() { - return consumerKey; - } - - public void setConsumerKey(String consumerKey) { - this.consumerKey = consumerKey; - } -} diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/models/ApplicationInfoList.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/models/ApplicationInfoList.java deleted file mode 100644 index 26554dd04f..0000000000 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/models/ApplicationInfoList.java +++ /dev/null @@ -1,46 +0,0 @@ -/* - * Copyright (c) 2021, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. - * - * WSO2 LLC. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.wso2.apk.enforcer.models; - -import java.util.ArrayList; -import java.util.List; - -/** - * Model class for Application Information list - */ -public class ApplicationInfoList { - - private Integer count = null; - private List list = new ArrayList<>(); - - public Integer getCount() { - return count; - } - - public void setCount(Integer count) { - this.count = count; - } - - public List getList() { - return list; - } - - public void setList(List list) { - this.list = list; - } -} diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/models/SubscriptionInfo.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/models/SubscriptionInfo.java deleted file mode 100644 index fead97b81b..0000000000 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/models/SubscriptionInfo.java +++ /dev/null @@ -1,90 +0,0 @@ -/* - * Copyright (c) 2021, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. - * - * WSO2 LLC. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.wso2.apk.enforcer.models; - -import java.io.Serializable; - -/** - * Model class for Subscription info - */ -public class SubscriptionInfo implements Serializable { - - private String subscriptionId = null; - private String policyId = null; - private String apiUUID = null; - private String appUUID = null; - private String subscriptionState = null; - private long timeStamp; - private ApplicationInfo applicationInfo = null; - - public String getSubscriptionId() { - return subscriptionId; - } - - public void setSubscriptionId(String subscriptionId) { - this.subscriptionId = subscriptionId; - } - - public String getPolicyId() { - return policyId; - } - - public void setPolicyId(String policyId) { - this.policyId = policyId; - } - - public String getApiUUID() { - return apiUUID; - } - - public void setApiUUID(String apiUUID) { - this.apiUUID = apiUUID; - } - - public String getAppUUID() { - return appUUID; - } - - public void setAppUUID(String appUUID) { - this.appUUID = appUUID; - } - - public String getSubscriptionState() { - return subscriptionState; - } - - public void setSubscriptionState(String subscriptionState) { - this.subscriptionState = subscriptionState; - } - - public long getTimeStamp() { - return timeStamp; - } - - public void setTimeStamp(long timeStamp) { - this.timeStamp = timeStamp; - } - - public ApplicationInfo getApplicationInfo() { - return applicationInfo; - } - - public void setApplicationInfo(ApplicationInfo applicationInfo) { - this.applicationInfo = applicationInfo; - } -} diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/AuthFilter.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/AuthFilter.java index 59701b92b0..0715006e4e 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/AuthFilter.java +++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/AuthFilter.java @@ -248,6 +248,8 @@ private void setInterceptorAPIMetadata(RequestContext requestContext) { Objects.toString(requestContext.getMatchedAPI().getVhost(), "")); requestContext.addMetadataToMap(InterceptorConstants.APIMetadataFields.API_ORGANIZATION_ID, Objects.toString(requestContext.getMatchedAPI().getOrganizationId(), "")); + requestContext.addMetadataToMap(InterceptorConstants.APIMetadataFields.ENVIRONMENT, + Objects.toString(requestContext.getMatchedAPI().getEnvironment(), "")); } private void populateRemoveAndProtectedAuthHeaders(RequestContext requestContext) { diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/jwt/JWTAuthenticator.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/jwt/JWTAuthenticator.java index fc22114132..6821c88b90 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/jwt/JWTAuthenticator.java +++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/jwt/JWTAuthenticator.java @@ -135,6 +135,7 @@ public AuthenticationContext authenticate(RequestContext requestContext) throws String envType = requestContext.getMatchedAPI().getEnvType(); String version = requestContext.getMatchedAPI().getVersion(); String organization = requestContext.getMatchedAPI().getOrganizationId(); + String environment = requestContext.getMatchedAPI().getEnvironment(); context = context + "/" + version; SignedJWTInfo signedJWTInfo; Scope decodeTokenHeaderSpanScope = null; @@ -177,7 +178,7 @@ public AuthenticationContext authenticate(RequestContext requestContext) throws } } - JWTValidationInfo validationInfo = getJwtValidationInfo(signedJWTInfo, jwtTokenIdentifier, organization); + JWTValidationInfo validationInfo = getJwtValidationInfo(signedJWTInfo, jwtTokenIdentifier, organization, environment); if (validationInfo != null) { if (validationInfo.isValid()) { // Validate token type @@ -502,7 +503,8 @@ private JSONObject validateSubscriptionFromClaim(String name, String version, JW return api; } - private JWTValidationInfo getJwtValidationInfo(SignedJWTInfo signedJWTInfo, String jti, String organization) throws APISecurityException { + private JWTValidationInfo getJwtValidationInfo(SignedJWTInfo signedJWTInfo, String jti, String organization, String environment) + throws APISecurityException { String jwtHeader = signedJWTInfo.getSignedJWT().getHeader().toString(); JWTValidationInfo jwtValidationInfo = null; @@ -530,7 +532,7 @@ private JWTValidationInfo getJwtValidationInfo(SignedJWTInfo signedJWTInfo, Stri if (jwtValidationInfo == null) { try { - jwtValidationInfo = JWTUtils.validateJWTToken(signedJWTInfo, organization); + jwtValidationInfo = JWTUtils.validateJWTToken(signedJWTInfo, organization, environment); signedJWTInfo.setValidationStatus(jwtValidationInfo.isValid() ? SignedJWTInfo.ValidationStatus.VALID : SignedJWTInfo.ValidationStatus.INVALID); if (isGatewayTokenCacheEnabled) { diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/subscription/SubscriptionDataStore.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/subscription/SubscriptionDataStore.java index 63c60300e3..371bf9c212 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/subscription/SubscriptionDataStore.java +++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/subscription/SubscriptionDataStore.java @@ -70,59 +70,13 @@ void addSubscriptionPolicies( void addApplicationKeyMappings( List applicationKeyMappingList); - /** - * Filter the API map according to the provided parameters - * @param name API Name - * @param context API Context - * @param version API Version - * @param uuid API UUID - * @return Matching list of apis. - */ - List getMatchingAPIs(String name, String context, String version, String uuid); - - /** - * Filter the API map according to the provided parameters - * - * @param context API Context - * @param version API Version - * @return Matching list of apis. - */ - API getMatchingAPI(String context, String version); - - /** - * Filter the applications map based on the criteria. - * @param name Application Name - * @param organizationID Application tenant domain/ organization id - * @param uuid Application uuid. - * @return List of applications which match the given parameters - */ - List getMatchingApplications(String name, String organizationID, String uuid); - - - /** - * Filter the application key mapping map based on provided parameters - * @param applicationUUID Application uuid - * @param consumerKey The application consumer key - * @return List of key mappings which match the given parameters - */ - List getMatchingKeyMapping(String applicationUUID, String consumerKey); - - - /** - * Filter the subscriptions map based on the provided parameters - * @param applicationUUID UUID of the application - * @param apiUUID UUID of the api - * @param state Subscription state - * @return A List of subscriptions which matches the given parameters - */ - List getMatchingSubscriptions(String applicationUUID, String apiUUID, String state); - void addJWTIssuers(List jwtIssuers); /** * Returns the JWTValidator based on Issuer * @param issuer issuer in JWT + * @param environment environment of the Issuer * @return JWTValidator Implementation */ - JWTValidator getJWTValidatorByIssuer(String issuer,String organization); + JWTValidator getJWTValidatorByIssuer(String issuer, String organization, String environment); } diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/subscription/SubscriptionDataStoreImpl.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/subscription/SubscriptionDataStoreImpl.java index 796f1cf401..f74061775d 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/subscription/SubscriptionDataStoreImpl.java +++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/subscription/SubscriptionDataStoreImpl.java @@ -25,6 +25,7 @@ import org.wso2.apk.enforcer.commons.dto.JWKSConfigurationDTO; import org.wso2.apk.enforcer.commons.exception.EnforcerException; import org.wso2.apk.enforcer.config.dto.ExtendedTokenIssuerDto; +import org.wso2.apk.enforcer.constants.Constants; import org.wso2.apk.enforcer.discovery.ApiListDiscoveryClient; import org.wso2.apk.enforcer.discovery.ApplicationDiscoveryClient; import org.wso2.apk.enforcer.discovery.ApplicationKeyMappingDiscoveryClient; @@ -146,7 +147,7 @@ public void addSubscriptions(List apisList) { for (APIs api : apisList) { API newApi = new API(); - //newApi.setApiId(Integer.parseInt(api.getApiId())); + // newApi.setApiId(Integer.parseInt(api.getApiId())); newApi.setApiName(api.getName()); newApi.setApiProvider(api.getProvider()); newApi.setApiType(api.getApiType()); @@ -205,8 +206,7 @@ public void addApplicationPolicies( Map newAppPolicyMap = new ConcurrentHashMap<>(); - for (org.wso2.apk.enforcer.discovery.subscription.ApplicationPolicy applicationPolicy : - applicationPolicyList) { + for (org.wso2.apk.enforcer.discovery.subscription.ApplicationPolicy applicationPolicy : applicationPolicyList) { ApplicationPolicy newApplicationPolicy = new ApplicationPolicy(); newApplicationPolicy.setId(applicationPolicy.getId()); newApplicationPolicy.setQuotaType(applicationPolicy.getQuotaType()); @@ -226,8 +226,7 @@ public void addSubscriptionPolicies( Map newSubscriptionPolicyMap = new ConcurrentHashMap<>(); - for (org.wso2.apk.enforcer.discovery.subscription.SubscriptionPolicy subscriptionPolicy : - subscriptionPolicyList) { + for (org.wso2.apk.enforcer.discovery.subscription.SubscriptionPolicy subscriptionPolicy : subscriptionPolicyList) { SubscriptionPolicy newSubscriptionPolicy = new SubscriptionPolicy(); newSubscriptionPolicy.setId(subscriptionPolicy.getId()); newSubscriptionPolicy.setQuotaType(subscriptionPolicy.getQuotaType()); @@ -250,11 +249,9 @@ public void addSubscriptionPolicies( public void addApplicationKeyMappings( List applicationKeyMappingList) { - Map newApplicationKeyMappingMap = - new ConcurrentHashMap<>(); + Map newApplicationKeyMappingMap = new ConcurrentHashMap<>(); - for (org.wso2.apk.enforcer.discovery.subscription.ApplicationKeyMapping applicationKeyMapping : - applicationKeyMappingList) { + for (org.wso2.apk.enforcer.discovery.subscription.ApplicationKeyMapping applicationKeyMapping : applicationKeyMappingList) { ApplicationKeyMapping mapping = new ApplicationKeyMapping(); mapping.setApplicationId(applicationKeyMapping.getApplicationId()); mapping.setApplicationUUID(applicationKeyMapping.getApplicationUUID()); @@ -270,118 +267,6 @@ public void addApplicationKeyMappings( this.applicationKeyMappingMap = newApplicationKeyMappingMap; } - @Override - public List getMatchingAPIs(String name, String context, String version, String uuid) { - - List apiList = new ArrayList<>(); - for (API api : apiMap.values()) { - boolean isNameMatching = true; - boolean isContextMatching = true; - boolean isVersionMatching = true; - boolean isUUIDMatching = true; - if (StringUtils.isNotEmpty(name)) { - isNameMatching = api.getApiName().contains(name); - } - if (StringUtils.isNotEmpty(context)) { - isContextMatching = api.getContext().equals(context); - } - if (StringUtils.isNotEmpty(version)) { - isVersionMatching = api.getApiVersion().equals(version); - } - if (StringUtils.isNotEmpty(uuid)) { - isUUIDMatching = api.getApiUUID().equals(uuid); - } - if (isNameMatching && isContextMatching && isVersionMatching && isUUIDMatching) { - apiList.add(api); - } - } - return apiList; - } - - @Override - public API getMatchingAPI(String context, String version) { - - for (API api : apiMap.values()) { - if (StringUtils.isNotEmpty(context) && StringUtils.isNotEmpty(version)) { - if (api.getContext().equals(context) && api.getApiVersion().equals(version)) { - return api; - } - } - } - return null; - } - - @Override - public List getMatchingApplications(String name, String organizationID, String uuid) { - - List applicationList = new ArrayList<>(); - for (Application application : applicationMap.values()) { - boolean isNameMatching = true; - boolean isOrgMatching = true; - boolean isUUIDMatching = true; - if (StringUtils.isNotEmpty(name)) { - isNameMatching = application.getName().contains(name); - } - if (StringUtils.isNotEmpty(organizationID)) { - isOrgMatching = application.getTenantDomain().equals(organizationID); - } - if (StringUtils.isNotEmpty(uuid)) { - isUUIDMatching = application.getUUID().equals(uuid); - } - if (isNameMatching && isOrgMatching && isUUIDMatching) { - applicationList.add(application); - } - } - return applicationList; - } - - @Override - public List getMatchingKeyMapping(String applicationUUID, String consumerKey) { - - List applicationKeyMappingList = new ArrayList<>(); - - for (ApplicationKeyMapping applicationKeyMapping : applicationKeyMappingMap.values()) { - boolean isConsumerKeyMatching = true; - boolean isAppUUIDMatching = true; - - if (StringUtils.isNotEmpty(applicationUUID)) { - isAppUUIDMatching = applicationKeyMapping.getApplicationUUID().equals(applicationUUID); - } - if (StringUtils.isNotEmpty(consumerKey)) { - isConsumerKeyMatching = applicationKeyMapping.getConsumerKey().equals(consumerKey); - } - if (isConsumerKeyMatching && isAppUUIDMatching) { - applicationKeyMappingList.add(applicationKeyMapping); - } - } - return applicationKeyMappingList; - } - - @Override - public List getMatchingSubscriptions(String applicationUUID, String apiUUID, String state) { - - List subscriptionList = new ArrayList<>(); - - for (Subscription subscription : subscriptionMap.values()) { - boolean isApiUUIDMatch = true; - boolean isAppUUIDMatch = true; - boolean isStateMatch = true; - if (StringUtils.isNotEmpty(applicationUUID)) { - isAppUUIDMatch = subscription.getAppUUID().equals(applicationUUID); - } - if (StringUtils.isNotEmpty(apiUUID)) { - isApiUUIDMatch = subscription.getApiUUID().equals(apiUUID); - } - if (StringUtils.isNotEmpty(state)) { - isStateMatch = subscription.getSubscriptionState().equals(state); - } - if (isApiUUIDMatch && isAppUUIDMatch && isStateMatch) { - subscriptionList.add(subscription); - } - } - return subscriptionList; - } - @Override public void addJWTIssuers(List jwtIssuers) { @@ -396,8 +281,8 @@ public void addJWTIssuers(List jwtIssuers) { if (StringUtils.isNotEmpty(certificate.getJwks().getUrl())) { JWKSConfigurationDTO jwksConfigurationDTO = new JWKSConfigurationDTO(); if (StringUtils.isNotEmpty(certificate.getJwks().getTls())) { - java.security.cert.Certificate tlsCertificate = - TLSUtils.getCertificateFromContent(certificate.getJwks().getTls()); + java.security.cert.Certificate tlsCertificate = TLSUtils + .getCertificateFromContent(certificate.getJwks().getTls()); jwksConfigurationDTO.setCertificate(tlsCertificate); } jwksConfigurationDTO.setUrl(certificate.getJwks().getUrl()); @@ -405,8 +290,8 @@ public void addJWTIssuers(List jwtIssuers) { tokenIssuerDto.setJwksConfigurationDTO(jwksConfigurationDTO); } if (StringUtils.isNotEmpty(certificate.getCertificate())) { - java.security.cert.Certificate signingCertificate = - TLSUtils.getCertificateFromContent(certificate.getCertificate()); + java.security.cert.Certificate signingCertificate = TLSUtils + .getCertificateFromContent(certificate.getCertificate()); tokenIssuerDto.setCertificate(signingCertificate); } Map claimMappingMap = jwtIssuer.getClaimMappingMap(); @@ -420,7 +305,13 @@ public void addJWTIssuers(List jwtIssuers) { if (jwtValidatorMap.containsKey(jwtIssuer.getOrganization())) { orgBasedJWTValidatorMap = jwtValidatorMap.get(jwtIssuer.getOrganization()); } - orgBasedJWTValidatorMap.put(jwtIssuer.getIssuer(), jwtValidator); + + List environments = getEnvironments(jwtIssuer); + for (String environment : environments) { + String mapKey = getMapKey(environment, jwtIssuer.getIssuer()); + orgBasedJWTValidatorMap.put(mapKey, jwtValidator); + } + jwtValidatorMap.put(jwtIssuer.getOrganization(), orgBasedJWTValidatorMap); this.jwtValidatorMap = jwtValidatorMap; } catch (EnforcerException | CertificateException | IOException e) { @@ -430,12 +321,43 @@ public void addJWTIssuers(List jwtIssuers) { } @Override - public JWTValidator getJWTValidatorByIssuer(String issuer, String organization) { + public JWTValidator getJWTValidatorByIssuer(String issuer, String organization, String environment) { Map orgBaseJWTValidators = jwtValidatorMap.get(organization); + if (orgBaseJWTValidators != null) { - return orgBaseJWTValidators.get(issuer); + + String mapKey = getMapKey(Constants.DEFAULT_ALL_ENVIRONMENTS_TOKEN_ISSUER, issuer); + JWTValidator jwtValidator = orgBaseJWTValidators.get(mapKey); + if (jwtValidator != null) { + return jwtValidator; + } + + mapKey = getMapKey(environment, issuer); + return orgBaseJWTValidators.get(mapKey); } + return null; } + + private List getEnvironments(JWTIssuer jwtIssuer) { + + List environmentsList = new ArrayList<>(); + int environmentCount = jwtIssuer.getEnvironmentsCount(); + + if (environmentCount > 0) { + for (int i = 0; i < environmentCount; i++) { + environmentsList.add(jwtIssuer.getEnvironments(i)); + } + } else { + environmentsList.add(Constants.DEFAULT_ALL_ENVIRONMENTS_TOKEN_ISSUER); + } + return environmentsList; + } + + private String getMapKey(String environment, String issuer) { + return environment + DELEM_PERIOD + issuer; + } + + } diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/util/JWTUtils.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/util/JWTUtils.java index db3513bb24..5c49713225 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/util/JWTUtils.java +++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/util/JWTUtils.java @@ -264,12 +264,12 @@ public static void updateApplicationNameForSubscriptionDisabledKM(APIKeyValidati apiKeyValidationInfoDTO.setApplicationTier(APIConstants.UNLIMITED_TIER); } - public static JWTValidationInfo validateJWTToken(SignedJWTInfo signedJWTInfo, String organization) throws EnforcerException { + public static JWTValidationInfo validateJWTToken(SignedJWTInfo signedJWTInfo, String organization, String environment) throws EnforcerException { JWTValidationInfo jwtValidationInfo = new JWTValidationInfo(); String issuer = signedJWTInfo.getJwtClaimsSet().getIssuer(); JWTValidator jwtValidator = SubscriptionDataStoreImpl.getInstance().getJWTValidatorByIssuer(issuer, - organization); + organization, environment); if (jwtValidator != null) { return jwtValidator.validateJWTToken(signedJWTInfo); } diff --git a/gateway/router/Dockerfile b/gateway/router/Dockerfile index 0ccf63df06..8474379e2a 100644 --- a/gateway/router/Dockerfile +++ b/gateway/router/Dockerfile @@ -13,7 +13,7 @@ # See the License for the specific language governing permissions and # limitations under the License. # ----------------------------------------------------------------------- -FROM envoyproxy/envoy:v1.27.0 +FROM envoyproxy/envoy:v1.27.1 LABEL maintainer="WSO2 Docker Maintainers " RUN apt-get update && apt-get upgrade -y && apt-get install -y curl diff --git a/gateway/router/resources/interceptor/lib/consts.lua b/gateway/router/resources/interceptor/lib/consts.lua index e3b94a3186..ea5b89bc70 100644 --- a/gateway/router/resources/interceptor/lib/consts.lua +++ b/gateway/router/resources/interceptor/lib/consts.lua @@ -52,7 +52,8 @@ INV_CONTEXT = { VHOST = "vhost", API_NAME = "apiName", API_VERSION = "apiVersion", - AUTH_CTX = "authenticationContext" + AUTH_CTX = "authenticationContext", + ENVIRONMENT = "environment" } -- keys of the payload to the auth context diff --git a/helm-charts/README.md b/helm-charts/README.md index 1431e7b49b..e7786dbbf5 100644 --- a/helm-charts/README.md +++ b/helm-charts/README.md @@ -40,6 +40,7 @@ A Helm chart for APK components | wso2.apk.idp.signing.secretName | string | `""` | IDP jwt signing certificate secret name | | wso2.apk.idp.signing.fileName | string | `""` | IDP jwt signing certificate file name | | wso2.apk.dp.enabled | bool | `true` | Enable the deployment of the Data Plane | +| wso2.apk.dp.environment.name | string | `Default` | Environment of the Data Plane | | wso2.apk.dp.gateway.listener.hostname | string | `"gw.wso2.com"` | Gateway Listener Hostname | | wso2.apk.dp.gateway.listener.secretName | string | `""` | Gateway Listener Certificate Secret Name | | wso2.apk.dp.gateway.listener.dns | list | `["*.gw.wso2.com","*.sandbox.gw.wso2.com","prod.gw.wso2.com"]` | DNS entries for gateway listener certificate | diff --git a/helm-charts/crds/dp.wso2.com_apis.yaml b/helm-charts/crds/dp.wso2.com_apis.yaml index 8a98f9e3a2..1da03bb326 100644 --- a/helm-charts/crds/dp.wso2.com_apis.yaml +++ b/helm-charts/crds/dp.wso2.com_apis.yaml @@ -184,6 +184,182 @@ spec: type: object type: object served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .spec.apiName + name: API Name + type: string + - jsonPath: .spec.apiVersion + name: Version + type: string + - jsonPath: .spec.basePath + name: BasePath + type: string + - jsonPath: .spec.organization + name: Organization + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha2 + schema: + openAPIV3Schema: + description: API is the Schema for the apis API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: APISpec defines the desired state of API + properties: + apiName: + description: APIName is the unique name of the API can be used to + uniquely identify an API. + maxLength: 60 + minLength: 1 + pattern: ^[^~!@#;:%^*()+={}|\<>"'',&$\[\]\/]*$ + type: string + apiProperties: + description: APIProperties denotes the custom properties of the API. + items: + description: Property holds key value pair of APIProperties + properties: + name: + type: string + value: + type: string + type: object + nullable: true + type: array + apiType: + description: APIType denotes the type of the API. Possible values + could be REST, GraphQL, Async + enum: + - REST + type: string + apiVersion: + description: APIVersion is the version number of the API. + maxLength: 30 + minLength: 1 + pattern: ^[^~!@#;:%^*()+={}|\<>"'',&/$\[\]\s+\/]+$ + type: string + basePath: + description: 'BasePath denotes the basepath of the API. e.g: /pet-store-api/1.0.6' + pattern: ^[/][a-zA-Z0-9~/_.-]*$ + type: string + definitionFileRef: + description: DefinitionFileRef contains the OpenAPI 3 or Swagger definition + of the API in a ConfigMap. + type: string + definitionPath: + default: /api-definition + description: DefinitionPath contains the path to expose the API definition. + minLength: 1 + type: string + environment: + description: Environment denotes the environment of the API. + nullable: true + type: string + isDefaultVersion: + description: IsDefaultVersion indicates whether this API version should + be used as a default API + type: boolean + organization: + description: Organization denotes the organization. related to the + API + type: string + production: + description: 'Production contains a list of references to HttpRoutes + of type HttpRoute. xref: https://github.com/kubernetes-sigs/gateway-api/blob/main/apis/v1beta1/httproute_types.go' + items: + description: EnvConfig contains the environment specific configuration + properties: + httpRouteRefs: + description: HTTPRouteRefs denotes the environment of the API. + items: + type: string + type: array + required: + - httpRouteRefs + type: object + maxItems: 1 + nullable: true + type: array + sandbox: + description: 'Sandbox contains a list of references to HttpRoutes + of type HttpRoute. xref: https://github.com/kubernetes-sigs/gateway-api/blob/main/apis/v1beta1/httproute_types.go' + items: + description: EnvConfig contains the environment specific configuration + properties: + httpRouteRefs: + description: HTTPRouteRefs denotes the environment of the API. + items: + type: string + type: array + required: + - httpRouteRefs + type: object + maxItems: 1 + nullable: true + type: array + systemAPI: + description: SystemAPI denotes if it is an internal system API. + type: boolean + required: + - apiName + - apiType + - apiVersion + - basePath + - definitionPath + type: object + status: + description: APIStatus defines the observed state of API + properties: + deploymentStatus: + description: DeploymentStatus denotes the deployment status of the + API + properties: + accepted: + description: Accepted represents whether the API is accepted or + not. + type: boolean + events: + description: Events contains a list of events related to the API. + items: + type: string + type: array + message: + description: Message represents a user friendly message that explains + the current state of the API. + type: string + status: + description: Status denotes the state of the API in its lifecycle. + Possible values could be Accepted, Invalid, Deploy etc. + type: string + transitionTime: + description: TransitionTime represents the last known transition + timestamp. + format: date-time + type: string + required: + - accepted + - status + - transitionTime + type: object + type: object + type: object + served: true storage: true subresources: status: {} diff --git a/helm-charts/crds/dp.wso2.com_tokenissuers.yaml b/helm-charts/crds/dp.wso2.com_tokenissuers.yaml index ed973f384a..df170450a5 100644 --- a/helm-charts/crds/dp.wso2.com_tokenissuers.yaml +++ b/helm-charts/crds/dp.wso2.com_tokenissuers.yaml @@ -57,7 +57,7 @@ spec: minLength: 1 type: string issuer: - description: Issuer denotes the issuer of the JWT Issuer. + description: Issuer denotes the issuer of the Token Issuer. minLength: 1 type: string name: @@ -67,7 +67,217 @@ spec: minLength: 1 type: string organization: - description: Organization denotes the organization of the JWT Issuer. + description: Organization denotes the organization of the Token Issuer. + minLength: 1 + type: string + scopesClaim: + description: ScopesClaim denotes the claim key of the scopes. + minLength: 1 + type: string + signatureValidation: + description: SignatureValidation denotes the signature validation + method of jwt + properties: + certificate: + description: Certificate denotes the certificate information + properties: + certificateInline: + description: CertificateInline is the Inline Certificate entry + type: string + configMapRef: + description: ConfigMapRef denotes the reference to the ConfigMap + that contains the Certificate + properties: + key: + description: Key of the secret or configmap + minLength: 1 + type: string + name: + description: Name of the secret or configmap + minLength: 1 + type: string + required: + - key + - name + type: object + secretRef: + description: SecretRef denotes the reference to the Secret + that contains the Certificate + properties: + key: + description: Key of the secret or configmap + minLength: 1 + type: string + name: + description: Name of the secret or configmap + minLength: 1 + type: string + required: + - key + - name + type: object + type: object + jwks: + description: JWKS denotes the JWKS endpoint information + properties: + tls: + description: TLS denotes the TLS configuration of the JWKS + endpoint + properties: + certificateInline: + description: CertificateInline is the Inline Certificate + entry + type: string + configMapRef: + description: ConfigMapRef denotes the reference to the + ConfigMap that contains the Certificate + properties: + key: + description: Key of the secret or configmap + minLength: 1 + type: string + name: + description: Name of the secret or configmap + minLength: 1 + type: string + required: + - key + - name + type: object + secretRef: + description: SecretRef denotes the reference to the Secret + that contains the Certificate + properties: + key: + description: Key of the secret or configmap + minLength: 1 + type: string + name: + description: Name of the secret or configmap + minLength: 1 + type: string + required: + - key + - name + type: object + type: object + url: + description: URL is the URL of the JWKS endpoint + type: string + required: + - url + type: object + type: object + targetRef: + description: TargetRef denotes the reference to the which gateway + it applies to + properties: + group: + description: Group is the group of the target resource. + maxLength: 253 + pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + type: string + kind: + description: Kind is kind of the target resource. + maxLength: 63 + minLength: 1 + pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ + type: string + name: + description: Name is the name of the target resource. + maxLength: 253 + minLength: 1 + type: string + namespace: + description: Namespace is the namespace of the referent. When + unspecified, the local namespace is inferred. Even when policy + targets a resource in a different namespace, it MUST only apply + to traffic originating from the same namespace as the policy. + maxLength: 63 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ + type: string + required: + - group + - kind + - name + type: object + required: + - consumerKeyClaim + - issuer + - name + - organization + - scopesClaim + - signatureValidation + type: object + status: + description: TokenIssuerStatus defines the observed state of TokenIssuer + type: object + type: object + served: true + storage: false + subresources: + status: {} + - name: v1alpha2 + schema: + openAPIV3Schema: + description: TokenIssuer is the Schema for the tokenissuers API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: TokenIssuerSpec defines the desired state of TokenIssuer + properties: + claimMappings: + description: ClaimMappings denotes the claim mappings of the jwt + items: + description: ClaimMapping defines the reference configuration + properties: + localClaim: + description: LocalClaim denotes the local claim + type: string + remoteClaim: + description: RemoteClaim denotes the remote claim + type: string + required: + - localClaim + - remoteClaim + type: object + type: array + consumerKeyClaim: + description: ConsumerKeyClaim denotes the claim key of the consumer + key. + minLength: 1 + type: string + environments: + description: Environments denotes the environments that are applicable + for the token issuer. + items: + type: string + nullable: true + type: array + issuer: + description: Issuer denotes the issuer of the Token Issuer. + minLength: 1 + type: string + name: + description: Name is the unique name of the Token Issuer in the Organization + defined . "Organization/Name" can be used to uniquely identify an + Issuer. + minLength: 1 + type: string + organization: + description: Organization denotes the organization of the Token Issuer. minLength: 1 type: string scopesClaim: diff --git a/helm-charts/templates/control-plane/admin-ds/admin-domain-api-backend.yaml b/helm-charts/templates/control-plane/admin-ds/admin-domain-api-backend.yaml index d006c7e3b5..54cd6b3771 100644 --- a/helm-charts/templates/control-plane/admin-ds/admin-domain-api-backend.yaml +++ b/helm-charts/templates/control-plane/admin-ds/admin-domain-api-backend.yaml @@ -20,6 +20,7 @@ metadata: name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend namespace: {{ .Release.Namespace }} spec: + basePath: "/api/admin" services: - host: {{ template "apk-helm.resource.prefix" . }}-admin-ds-service.{{ .Release.Namespace }} port: 9443 diff --git a/helm-charts/templates/control-plane/admin-ds/admin-domain-api-httproute-1.yaml b/helm-charts/templates/control-plane/admin-ds/admin-domain-api-httproute-1.yaml index aa1176effd..230fe45b05 100644 --- a/helm-charts/templates/control-plane/admin-ds/admin-domain-api-httproute-1.yaml +++ b/helm-charts/templates/control-plane/admin-ds/admin-domain-api-httproute-1.yaml @@ -25,250 +25,191 @@ metadata: spec: hostnames: - "{{ .Values.wso2.apk.listener.hostname | default "api.am.wso2.com"}}" + parentRefs: + - group: "gateway.networking.k8s.io" + kind: "Gateway" + name: "default" + sectionName: "httpslistener" rules: - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/policies/search" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/policies/search" - backendRefs: + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/application-rate-plans" - method: "GET" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/deny-policies/\\1" type: "ReplaceFullPath" - replaceFullPath: "/api/admin/application-rate-plans" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-2 + type: "ExtensionRef" + matches: + - method: "GET" + path: type: "RegularExpression" - value: "/api/admin/application-rate-plans" - method: "POST" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/application-rate-plans" - backendRefs: + value: "/deny-policies/(.*)" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/application-rate-plans/(.*)" - method: "GET" + weight: 1 filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/deny-policies/\\1" type: "ReplaceFullPath" - replaceFullPath: "/api/admin/application-rate-plans/\\1" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-2 + type: "ExtensionRef" + matches: + - method: "DELETE" + path: type: "RegularExpression" - value: "/api/admin/application-rate-plans/(.*)" - method: "PUT" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/application-rate-plans/\\1" - backendRefs: + value: "/deny-policies/(.*)" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/application-rate-plans/(.*)" - method: "DELETE" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/deny-policies/\\1" type: "ReplaceFullPath" - replaceFullPath: "/api/admin/application-rate-plans/\\1" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-2 + type: "ExtensionRef" + matches: + - method: "PATCH" + path: type: "RegularExpression" - value: "/api/admin/business-plans" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/business-plans" - backendRefs: + value: "/deny-policies/(.*)" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/business-plans" - method: "POST" filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/business-plans" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-2 + type: "ExtensionRef" + matches: + - method: "GET" + path: type: "RegularExpression" - value: "/api/admin/business-plans/(.*)" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/business-plans/\\1" - backendRefs: + value: "/deny-policies" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/business-plans/(.*)" - method: "PUT" filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/business-plans/\\1" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-2 + type: "ExtensionRef" + matches: + - method: "POST" + path: type: "RegularExpression" - value: "/api/admin/business-plans/(.*)" - method: "DELETE" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/business-plans/\\1" - backendRefs: + value: "/deny-policies" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/throttling/policies/advanced" - method: "GET" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/applications/\\1" type: "ReplaceFullPath" - replaceFullPath: "/api/admin/throttling/policies/advanced" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-3 + type: "ExtensionRef" + matches: + - method: "GET" + path: type: "RegularExpression" - value: "/api/admin/throttling/policies/advanced" - method: "POST" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/throttling/policies/advanced" - backendRefs: + value: "/applications/(.*)" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/throttling/policies/advanced/(.*)" - method: "GET" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/applications/\\1" type: "ReplaceFullPath" - replaceFullPath: "/api/admin/throttling/policies/advanced/\\1" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-3 + type: "ExtensionRef" + matches: + - method: "DELETE" + path: type: "RegularExpression" - value: "/api/admin/throttling/policies/advanced/(.*)" - method: "PUT" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/throttling/policies/advanced/\\1" - backendRefs: + value: "/applications/(.*)" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/throttling/policies/advanced/(.*)" - method: "DELETE" filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/throttling/policies/advanced/\\1" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - parentRefs: - - group: "gateway.networking.k8s.io" - kind: "Gateway" - name: "default" - sectionName: "httpslistener" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-3 + type: "ExtensionRef" + matches: + - method: "GET" + path: + type: "RegularExpression" + value: "/applications" {{- end -}} diff --git a/helm-charts/templates/control-plane/admin-ds/admin-domain-api-httproute-2.yaml b/helm-charts/templates/control-plane/admin-ds/admin-domain-api-httproute-2.yaml index a6b1c14003..0b3cadd49b 100644 --- a/helm-charts/templates/control-plane/admin-ds/admin-domain-api-httproute-2.yaml +++ b/helm-charts/templates/control-plane/admin-ds/admin-domain-api-httproute-2.yaml @@ -25,250 +25,191 @@ metadata: spec: hostnames: - "{{ .Values.wso2.apk.listener.hostname | default "api.am.wso2.com"}}" + parentRefs: + - group: "gateway.networking.k8s.io" + kind: "Gateway" + name: "default" + sectionName: "httpslistener" rules: - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/throttling/policies/export" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/throttling/policies/export" - backendRefs: + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/throttling/policies/import" - method: "POST" + weight: 1 filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/environments/\\1" type: "ReplaceFullPath" - replaceFullPath: "/api/admin/throttling/policies/import" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-4 + type: "ExtensionRef" + matches: + - method: "PUT" + path: type: "RegularExpression" - value: "/api/admin/policies/search" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/policies/search" - backendRefs: + value: "/environments/(.*)" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/application-rate-plans" - method: "GET" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/environments/\\1" type: "ReplaceFullPath" - replaceFullPath: "/api/admin/application-rate-plans" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-4 + type: "ExtensionRef" + matches: + - method: "DELETE" + path: type: "RegularExpression" - value: "/api/admin/application-rate-plans" - method: "POST" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/application-rate-plans" - backendRefs: + value: "/environments/(.*)" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/application-rate-plans/(.*)" - method: "GET" filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/application-rate-plans/\\1" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-4 + type: "ExtensionRef" + matches: + - method: "GET" + path: type: "RegularExpression" - value: "/api/admin/application-rate-plans/(.*)" - method: "PUT" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/application-rate-plans/\\1" - backendRefs: + value: "/environments" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/application-rate-plans/(.*)" - method: "DELETE" filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/application-rate-plans/\\1" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-4 + type: "ExtensionRef" + matches: + - method: "POST" + path: type: "RegularExpression" - value: "/api/admin/business-plans" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/business-plans" - backendRefs: + value: "/environments" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/business-plans" - method: "POST" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/applications/\\1/change-owner" type: "ReplaceFullPath" - replaceFullPath: "/api/admin/business-plans" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-3 + type: "ExtensionRef" + matches: + - method: "POST" + path: type: "RegularExpression" - value: "/api/admin/business-plans/(.*)" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/business-plans/\\1" - backendRefs: + value: "/applications/(.*)/change-owner" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/business-plans/(.*)" - method: "PUT" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/api-categories/\\1" type: "ReplaceFullPath" - replaceFullPath: "/api/admin/business-plans/\\1" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-5 + type: "ExtensionRef" + matches: + - method: "PUT" + path: type: "RegularExpression" - value: "/api/admin/business-plans/(.*)" - method: "DELETE" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/business-plans/\\1" - backendRefs: + value: "/api-categories/(.*)" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/throttling/policies/advanced" - method: "GET" filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/throttling/policies/advanced" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-5 + type: "ExtensionRef" + matches: + - method: "GET" + path: type: "RegularExpression" - value: "/api/admin/throttling/policies/advanced" - method: "POST" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/throttling/policies/advanced" - backendRefs: + value: "/api-categories" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/throttling/policies/advanced/(.*)" - method: "GET" filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/throttling/policies/advanced/\\1" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - parentRefs: - - group: "gateway.networking.k8s.io" - kind: "Gateway" - name: "default" - sectionName: "httpslistener" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-5 + type: "ExtensionRef" + matches: + - method: "POST" + path: + type: "RegularExpression" + value: "/api-categories" {{- end -}} diff --git a/helm-charts/templates/control-plane/admin-ds/admin-domain-api-httproute-3.yaml b/helm-charts/templates/control-plane/admin-ds/admin-domain-api-httproute-3.yaml index f4578a1124..3214a12e40 100644 --- a/helm-charts/templates/control-plane/admin-ds/admin-domain-api-httproute-3.yaml +++ b/helm-charts/templates/control-plane/admin-ds/admin-domain-api-httproute-3.yaml @@ -25,250 +25,180 @@ metadata: spec: hostnames: - "{{ .Values.wso2.apk.listener.hostname | default "api.am.wso2.com"}}" + parentRefs: + - group: "gateway.networking.k8s.io" + kind: "Gateway" + name: "default" + sectionName: "httpslistener" rules: - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/throttling/policies/advanced/(.*)" - method: "PUT" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/throttling/policies/advanced/\\1" - backendRefs: + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/throttling/policies/advanced/(.*)" - method: "DELETE" filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/throttling/policies/advanced/\\1" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-7 + type: "ExtensionRef" + matches: + - method: "GET" + path: type: "RegularExpression" - value: "/api/admin/throttling/policies/export" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/throttling/policies/export" - backendRefs: + value: "/organizations" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/throttling/policies/import" - method: "POST" filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/throttling/policies/import" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-7 + type: "ExtensionRef" + matches: + - method: "POST" + path: type: "RegularExpression" - value: "/api/admin/deny-policies" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/deny-policies" - backendRefs: + value: "/organizations" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/deny-policies" - method: "POST" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/key-managers/\\1" type: "ReplaceFullPath" - replaceFullPath: "/api/admin/deny-policies" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-6 + type: "ExtensionRef" + matches: + - method: "GET" + path: type: "RegularExpression" - value: "/api/admin/deny-policies/(.*)" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/deny-policies/\\1" - backendRefs: + value: "/key-managers/(.*)" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/deny-policies/(.*)" - method: "DELETE" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/key-managers/\\1" type: "ReplaceFullPath" - replaceFullPath: "/api/admin/deny-policies/\\1" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-6 + type: "ExtensionRef" + matches: + - method: "PUT" + path: type: "RegularExpression" - value: "/api/admin/deny-policies/(.*)" - method: "PATCH" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/deny-policies/\\1" - backendRefs: + value: "/key-managers/(.*)" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/applications" - method: "GET" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/key-managers/\\1" type: "ReplaceFullPath" - replaceFullPath: "/api/admin/applications" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-6 + type: "ExtensionRef" + matches: + - method: "DELETE" + path: type: "RegularExpression" - value: "/api/admin/applications/(.*)" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/applications/\\1" - backendRefs: + value: "/key-managers/(.*)" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/applications/(.*)" - method: "DELETE" filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/applications/\\1" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-6 + type: "ExtensionRef" + matches: + - method: "GET" + path: type: "RegularExpression" - value: "/api/admin/applications/(.*)/change-owner" - method: "POST" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/applications/\\1/change-owner" - backendRefs: + value: "/key-managers" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/environments" - method: "GET" filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/environments" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-6 + type: "ExtensionRef" + matches: + - method: "POST" + path: type: "RegularExpression" - value: "/api/admin/environments" - method: "POST" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/environments" - backendRefs: + value: "/key-managers" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/environments/(.*)" - method: "PUT" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/api-categories/\\1" type: "ReplaceFullPath" - replaceFullPath: "/api/admin/environments/\\1" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - parentRefs: - - group: "gateway.networking.k8s.io" - kind: "Gateway" - name: "default" - sectionName: "httpslistener" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-5 + type: "ExtensionRef" + matches: + - method: "DELETE" + path: + type: "RegularExpression" + value: "/api-categories/(.*)" {{- end -}} diff --git a/helm-charts/templates/control-plane/admin-ds/admin-domain-api-httproute-4.yaml b/helm-charts/templates/control-plane/admin-ds/admin-domain-api-httproute-4.yaml index 84d4fea43c..1175bb7ae0 100644 --- a/helm-charts/templates/control-plane/admin-ds/admin-domain-api-httproute-4.yaml +++ b/helm-charts/templates/control-plane/admin-ds/admin-domain-api-httproute-4.yaml @@ -25,250 +25,125 @@ metadata: spec: hostnames: - "{{ .Values.wso2.apk.listener.hostname | default "api.am.wso2.com"}}" + parentRefs: + - group: "gateway.networking.k8s.io" + kind: "Gateway" + name: "default" + sectionName: "httpslistener" rules: - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/environments/(.*)" - method: "DELETE" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/environments/\\1" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/bot-detection-data" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/bot-detection-data" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/monetization/publish-usage" - method: "POST" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/monetization/publish-usage" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/monetization/publish-usage/status" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/monetization/publish-usage/status" - backendRefs: + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/workflows" - method: "GET" filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/workflows" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-8 + type: "ExtensionRef" + matches: + - method: "POST" + path: type: "RegularExpression" - value: "/api/admin/workflows/(.*)" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/workflows/\\1" - backendRefs: + value: "/workflows/update-workflow-status" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/workflows/update-workflow-status" - method: "POST" filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/workflows/update-workflow-status" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-8 + type: "ExtensionRef" + matches: + - method: "GET" + path: type: "RegularExpression" - value: "/api/admin/tenant-info/(.*)" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/tenant-info/\\1" - backendRefs: + value: "/workflows" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/custom-urls/(.*)" - method: "GET" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/organizations/\\1" type: "ReplaceFullPath" - replaceFullPath: "/api/admin/custom-urls/\\1" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-7 + type: "ExtensionRef" + matches: + - method: "GET" + path: type: "RegularExpression" - value: "/api/admin/api-categories" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/api-categories" - backendRefs: + value: "/organizations/(.*)" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/api-categories" - method: "POST" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/organizations/\\1" type: "ReplaceFullPath" - replaceFullPath: "/api/admin/api-categories" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-7 + type: "ExtensionRef" + matches: + - method: "PUT" + path: type: "RegularExpression" - value: "/api/admin/api-categories/(.*)" - method: "PUT" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/api-categories/\\1" - backendRefs: + value: "/organizations/(.*)" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/api-categories/(.*)" - method: "DELETE" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/organizations/\\1" type: "ReplaceFullPath" - replaceFullPath: "/api/admin/api-categories/\\1" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-7 + type: "ExtensionRef" + matches: + - method: "DELETE" + path: type: "RegularExpression" - value: "/api/admin/settings" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/settings" - backendRefs: + value: "/organizations/(.*)" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/system-scopes/(.*)" - method: "GET" filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/system-scopes/\\1" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-7 + type: "ExtensionRef" + matches: + - method: "GET" + path: type: "RegularExpression" - value: "/api/admin/system-scopes" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/system-scopes" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - parentRefs: - - group: "gateway.networking.k8s.io" - kind: "Gateway" - name: "default" - sectionName: "httpslistener" + value: "/organization-info" {{- end -}} diff --git a/helm-charts/templates/control-plane/admin-ds/admin-domain-api-httproute-5.yaml b/helm-charts/templates/control-plane/admin-ds/admin-domain-api-httproute-5.yaml deleted file mode 100644 index c0bd4acf17..0000000000 --- a/helm-charts/templates/control-plane/admin-ds/admin-domain-api-httproute-5.yaml +++ /dev/null @@ -1,259 +0,0 @@ -# Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com) All Rights Reserved. -# -# WSO2 LLC. licenses this file to you under the Apache License, -# Version 2.0 (the "License"); you may not use this file except -# in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. -{{- if .Values.wso2.apk.cp.enabled }} -apiVersion: "gateway.networking.k8s.io/v1beta1" -kind: "HTTPRoute" -metadata: - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-httproute-5 - namespace: {{ .Release.Namespace }} - labels: - api-name: "admin-domain-service" - api-version: "1.0.0" -spec: - hostnames: - - "{{ .Values.wso2.apk.listener.hostname | default "api.am.wso2.com"}}" - rules: - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/system-scopes" - method: "PUT" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/system-scopes" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/system-scopes/role-aliases" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/system-scopes/role-aliases" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/system-scopes/role-aliases" - method: "PUT" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/system-scopes/role-aliases" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/roles/(.*)" - method: "HEAD" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/roles/\\1" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/tenant-theme" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/tenant-theme" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/tenant-theme" - method: "PUT" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/tenant-theme" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/tenant-config" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/tenant-config" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/tenant-config" - method: "PUT" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/tenant-config" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/tenant-config-schema" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/tenant-config-schema" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/key-managers" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/key-managers" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/key-managers" - method: "POST" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/key-managers" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/key-managers/(.*)" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/key-managers/\\1" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/key-managers/(.*)" - method: "PUT" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/key-managers/\\1" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/key-managers/(.*)" - method: "DELETE" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/key-managers/\\1" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/admin/key-managers/discover" - method: "POST" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/admin/key-managers/discover" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - parentRefs: - - group: "gateway.networking.k8s.io" - kind: "Gateway" - name: "default" - sectionName: "httpslistener" -{{- end -}} diff --git a/helm-charts/templates/control-plane/admin-ds/admin-domain-api-httproute-6.yaml b/helm-charts/templates/control-plane/admin-ds/admin-domain-api-scope-1.yaml similarity index 50% rename from helm-charts/templates/control-plane/admin-ds/admin-domain-api-httproute-6.yaml rename to helm-charts/templates/control-plane/admin-ds/admin-domain-api-scope-1.yaml index f51bdec15d..a22f99f842 100644 --- a/helm-charts/templates/control-plane/admin-ds/admin-domain-api-httproute-6.yaml +++ b/helm-charts/templates/control-plane/admin-ds/admin-domain-api-scope-1.yaml @@ -14,37 +14,16 @@ # specific language governing permissions and limitations # under the License. {{- if .Values.wso2.apk.cp.enabled }} -apiVersion: "gateway.networking.k8s.io/v1beta1" -kind: "HTTPRoute" +apiVersion: dp.wso2.com/v1alpha1 +kind: Scope metadata: - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-httproute-6 - namespace: {{ .Release.Namespace }} labels: api-name: "admin-domain-service" api-version: "1.0.0" + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-1 + namespace: {{ .Release.Namespace }} + uid: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-1-uid spec: - hostnames: - - "{{ .Values.wso2.apk.listener.hostname | default "api.am.wso2.com"}}" - rules: - - matches: - - path: - type: "PathPrefix" - value: "/api/admin/organizations" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - - matches: - - path: - type: "Exact" - value: "/api/admin/organization-info" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-backend - parentRefs: - - group: "gateway.networking.k8s.io" - kind: "Gateway" - name: "default" - sectionName: "httpslistener" + names: + - apk:admin {{- end -}} diff --git a/helm-charts/templates/control-plane/admin-ds/admin-domain-api-scope-2.yaml b/helm-charts/templates/control-plane/admin-ds/admin-domain-api-scope-2.yaml new file mode 100644 index 0000000000..899f5479b0 --- /dev/null +++ b/helm-charts/templates/control-plane/admin-ds/admin-domain-api-scope-2.yaml @@ -0,0 +1,30 @@ + +# Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com) All Rights Reserved. +# +# WSO2 LLC. licenses this file to you under the Apache License, +# Version 2.0 (the "License"); you may not use this file except +# in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +{{- if .Values.wso2.apk.cp.enabled }} +apiVersion: dp.wso2.com/v1alpha1 +kind: Scope +metadata: + labels: + api-name: "admin-domain-service" + api-version: "1.0.0" + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-2 + namespace: {{ .Release.Namespace }} + uid: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-2-uid +spec: + names: + - apk:deny_manage +{{- end -}} diff --git a/helm-charts/templates/control-plane/admin-ds/admin-domain-api-scope-3.yaml b/helm-charts/templates/control-plane/admin-ds/admin-domain-api-scope-3.yaml new file mode 100644 index 0000000000..f7a451a0d4 --- /dev/null +++ b/helm-charts/templates/control-plane/admin-ds/admin-domain-api-scope-3.yaml @@ -0,0 +1,30 @@ + +# Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com) All Rights Reserved. +# +# WSO2 LLC. licenses this file to you under the Apache License, +# Version 2.0 (the "License"); you may not use this file except +# in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +{{- if .Values.wso2.apk.cp.enabled }} +apiVersion: dp.wso2.com/v1alpha1 +kind: Scope +metadata: + labels: + api-name: "admin-domain-service" + api-version: "1.0.0" + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-3 + namespace: {{ .Release.Namespace }} + uid: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-3-uid +spec: + names: + - apk:application_manage +{{- end -}} diff --git a/helm-charts/templates/control-plane/admin-ds/admin-domain-api-scope-4.yaml b/helm-charts/templates/control-plane/admin-ds/admin-domain-api-scope-4.yaml new file mode 100644 index 0000000000..e119e9f05d --- /dev/null +++ b/helm-charts/templates/control-plane/admin-ds/admin-domain-api-scope-4.yaml @@ -0,0 +1,30 @@ + +# Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com) All Rights Reserved. +# +# WSO2 LLC. licenses this file to you under the Apache License, +# Version 2.0 (the "License"); you may not use this file except +# in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +{{- if .Values.wso2.apk.cp.enabled }} +apiVersion: dp.wso2.com/v1alpha1 +kind: Scope +metadata: + labels: + api-name: "admin-domain-service" + api-version: "1.0.0" + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-4 + namespace: {{ .Release.Namespace }} + uid: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-4-uid +spec: + names: + - apk:environment_manage +{{- end -}} diff --git a/helm-charts/templates/control-plane/admin-ds/admin-domain-api-scope-5.yaml b/helm-charts/templates/control-plane/admin-ds/admin-domain-api-scope-5.yaml new file mode 100644 index 0000000000..334a653126 --- /dev/null +++ b/helm-charts/templates/control-plane/admin-ds/admin-domain-api-scope-5.yaml @@ -0,0 +1,30 @@ + +# Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com) All Rights Reserved. +# +# WSO2 LLC. licenses this file to you under the Apache License, +# Version 2.0 (the "License"); you may not use this file except +# in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +{{- if .Values.wso2.apk.cp.enabled }} +apiVersion: dp.wso2.com/v1alpha1 +kind: Scope +metadata: + labels: + api-name: "admin-domain-service" + api-version: "1.0.0" + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-5 + namespace: {{ .Release.Namespace }} + uid: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-5-uid +spec: + names: + - apk:category_manage +{{- end -}} diff --git a/helm-charts/templates/control-plane/admin-ds/admin-domain-api-scope-6.yaml b/helm-charts/templates/control-plane/admin-ds/admin-domain-api-scope-6.yaml new file mode 100644 index 0000000000..4471308a1f --- /dev/null +++ b/helm-charts/templates/control-plane/admin-ds/admin-domain-api-scope-6.yaml @@ -0,0 +1,30 @@ + +# Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com) All Rights Reserved. +# +# WSO2 LLC. licenses this file to you under the Apache License, +# Version 2.0 (the "License"); you may not use this file except +# in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +{{- if .Values.wso2.apk.cp.enabled }} +apiVersion: dp.wso2.com/v1alpha1 +kind: Scope +metadata: + labels: + api-name: "admin-domain-service" + api-version: "1.0.0" + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-6 + namespace: {{ .Release.Namespace }} + uid: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-6-uid +spec: + names: + - apk:keymanager_manage +{{- end -}} diff --git a/helm-charts/templates/control-plane/admin-ds/admin-domain-api-scope-7.yaml b/helm-charts/templates/control-plane/admin-ds/admin-domain-api-scope-7.yaml new file mode 100644 index 0000000000..0e46c97d4e --- /dev/null +++ b/helm-charts/templates/control-plane/admin-ds/admin-domain-api-scope-7.yaml @@ -0,0 +1,30 @@ + +# Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com) All Rights Reserved. +# +# WSO2 LLC. licenses this file to you under the Apache License, +# Version 2.0 (the "License"); you may not use this file except +# in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +{{- if .Values.wso2.apk.cp.enabled }} +apiVersion: dp.wso2.com/v1alpha1 +kind: Scope +metadata: + labels: + api-name: "admin-domain-service" + api-version: "1.0.0" + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-7 + namespace: {{ .Release.Namespace }} + uid: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-7-uid +spec: + names: + - apk:organization_manage +{{- end -}} diff --git a/helm-charts/templates/control-plane/admin-ds/admin-domain-api-scope-8.yaml b/helm-charts/templates/control-plane/admin-ds/admin-domain-api-scope-8.yaml new file mode 100644 index 0000000000..352059478d --- /dev/null +++ b/helm-charts/templates/control-plane/admin-ds/admin-domain-api-scope-8.yaml @@ -0,0 +1,30 @@ + +# Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com) All Rights Reserved. +# +# WSO2 LLC. licenses this file to you under the Apache License, +# Version 2.0 (the "License"); you may not use this file except +# in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +{{- if .Values.wso2.apk.cp.enabled }} +apiVersion: dp.wso2.com/v1alpha1 +kind: Scope +metadata: + labels: + api-name: "admin-domain-service" + api-version: "1.0.0" + name: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-8 + namespace: {{ .Release.Namespace }} + uid: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-8-uid +spec: + names: + - apk:workflow_manage +{{- end -}} diff --git a/helm-charts/templates/control-plane/admin-ds/admin-domain-api.yaml b/helm-charts/templates/control-plane/admin-ds/admin-domain-api.yaml index f4389a4b5b..ea704186f8 100644 --- a/helm-charts/templates/control-plane/admin-ds/admin-domain-api.yaml +++ b/helm-charts/templates/control-plane/admin-ds/admin-domain-api.yaml @@ -22,6 +22,7 @@ metadata: labels: api-name: "admin-domain-service" api-version: "1.0.0" + uid: {{ template "apk-helm.resource.prefix" . }}-admin-ds-api-uid spec: apiName: "admin-domain-service" apiType: "REST" @@ -34,7 +35,5 @@ spec: - {{ template "apk-helm.resource.prefix" . }}-admin-ds-httproute-2 - {{ template "apk-helm.resource.prefix" . }}-admin-ds-httproute-3 - {{ template "apk-helm.resource.prefix" . }}-admin-ds-httproute-4 - - {{ template "apk-helm.resource.prefix" . }}-admin-ds-httproute-5 - - {{ template "apk-helm.resource.prefix" . }}-admin-ds-httproute-6 systemAPI: true {{- end -}} diff --git a/helm-charts/templates/control-plane/backoffice-ds/backoffice-domain-api-backend.yaml b/helm-charts/templates/control-plane/backoffice-ds/backoffice-domain-api-backend.yaml index 553a45313b..e0128eb7e5 100644 --- a/helm-charts/templates/control-plane/backoffice-ds/backoffice-domain-api-backend.yaml +++ b/helm-charts/templates/control-plane/backoffice-ds/backoffice-domain-api-backend.yaml @@ -20,6 +20,7 @@ metadata: name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-backend namespace: {{ .Release.Namespace }} spec: + basePath: "/api/backoffice" services: - host: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-service.{{ .Release.Namespace }} port: 9443 diff --git a/helm-charts/templates/control-plane/backoffice-ds/backoffice-domain-api-httproute-1.yaml b/helm-charts/templates/control-plane/backoffice-ds/backoffice-domain-api-httproute-1.yaml index 80fad600a5..5fb15b29f0 100644 --- a/helm-charts/templates/control-plane/backoffice-ds/backoffice-domain-api-httproute-1.yaml +++ b/helm-charts/templates/control-plane/backoffice-ds/backoffice-domain-api-httproute-1.yaml @@ -25,220 +25,210 @@ metadata: spec: hostnames: - "{{ .Values.wso2.apk.listener.hostname | default "api.am.wso2.com"}}" + parentRefs: + - group: "gateway.networking.k8s.io" + kind: "Gateway" + name: "default" + sectionName: "httpslistener" rules: - - matches: - - path: - type: "RegularExpression" - value: "/api/backoffice/apis" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/backoffice/apis" - backendRefs: + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/backoffice/apis/(.*)" - method: "GET" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/apis/\\1/thumbnail" type: "ReplaceFullPath" - replaceFullPath: "/api/backoffice/apis/\\1" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-2 + type: "ExtensionRef" + matches: + - method: "GET" + path: type: "RegularExpression" - value: "/api/backoffice/apis/(.*)" - method: "PUT" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/backoffice/apis/\\1" - backendRefs: + value: "/apis/(.*)/thumbnail" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/backoffice/apis/(.*)/definition" - method: "GET" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/apis/\\1/thumbnail" type: "ReplaceFullPath" - replaceFullPath: "/api/backoffice/apis/\\1/definition" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-3 + type: "ExtensionRef" + matches: + - method: "PUT" + path: type: "RegularExpression" - value: "/api/backoffice/apis/(.*)/resource-paths" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/backoffice/apis/\\1/resource-paths" - backendRefs: + value: "/apis/(.*)/thumbnail" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/backoffice/apis/(.*)/thumbnail" - method: "GET" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/apis/\\1/documents" type: "ReplaceFullPath" - replaceFullPath: "/api/backoffice/apis/\\1/thumbnail" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-2 + type: "ExtensionRef" + matches: + - method: "GET" + path: type: "RegularExpression" - value: "/api/backoffice/apis/(.*)/thumbnail" - method: "PUT" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/backoffice/apis/\\1/thumbnail" - backendRefs: + value: "/apis/(.*)/documents" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/backoffice/apis/(.*)/documents" - method: "GET" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/apis/\\1/documents" type: "ReplaceFullPath" - replaceFullPath: "/api/backoffice/apis/\\1/documents" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-3 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-4 + type: "ExtensionRef" + matches: + - method: "POST" + path: type: "RegularExpression" - value: "/api/backoffice/apis/(.*)/documents" - method: "POST" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/backoffice/apis/\\1/documents" - backendRefs: + value: "/apis/(.*)/documents" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/backoffice/apis/(.*)/documents/(.*)" - method: "GET" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/apis/\\1/definition" type: "ReplaceFullPath" - replaceFullPath: "/api/backoffice/apis/\\1/documents/\\2" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-2 + type: "ExtensionRef" + matches: + - method: "GET" + path: type: "RegularExpression" - value: "/api/backoffice/apis/(.*)/documents/(.*)" - method: "PUT" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/backoffice/apis/\\1/documents/\\2" - backendRefs: + value: "/apis/(.*)/definition" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/backoffice/apis/(.*)/documents/(.*)" - method: "DELETE" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/apis/\\1" type: "ReplaceFullPath" - replaceFullPath: "/api/backoffice/apis/\\1/documents/\\2" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-2 + type: "ExtensionRef" + matches: + - method: "GET" + path: type: "RegularExpression" - value: "/api/backoffice/apis/(.*)/documents/(.*)/content" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/backoffice/apis/\\1/documents/\\2/content" - backendRefs: + value: "/apis/(.*)" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/backoffice/apis/(.*)/documents/(.*)/content" - method: "POST" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/apis/\\1" type: "ReplaceFullPath" - replaceFullPath: "/api/backoffice/apis/\\1/documents/\\2/content" - backendRefs: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-3 + type: "ExtensionRef" + matches: + - method: "PUT" + path: + type: "RegularExpression" + value: "/apis/(.*)" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-backend - parentRefs: - - group: "gateway.networking.k8s.io" - kind: "Gateway" - name: "default" - sectionName: "httpslistener" + filters: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-2 + type: "ExtensionRef" + matches: + - method: "GET" + path: + type: "RegularExpression" + value: "/apis" {{- end -}} diff --git a/helm-charts/templates/control-plane/backoffice-ds/backoffice-domain-api-httproute-2.yaml b/helm-charts/templates/control-plane/backoffice-ds/backoffice-domain-api-httproute-2.yaml index 6e15e42039..7f3ef64d8b 100644 --- a/helm-charts/templates/control-plane/backoffice-ds/backoffice-domain-api-httproute-2.yaml +++ b/helm-charts/templates/control-plane/backoffice-ds/backoffice-domain-api-httproute-2.yaml @@ -25,100 +25,230 @@ metadata: spec: hostnames: - "{{ .Values.wso2.apk.listener.hostname | default "api.am.wso2.com"}}" + parentRefs: + - group: "gateway.networking.k8s.io" + kind: "Gateway" + name: "default" + sectionName: "httpslistener" rules: - - matches: - - path: - type: "RegularExpression" - value: "/api/backoffice/apis/(.*)/comments" - method: "GET" + - backendRefs: + - group: dp.wso2.com + kind: Backend + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-backend filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/apis/\\1/documents/\\2/content" type: "ReplaceFullPath" - replaceFullPath: "/api/backoffice/apis/\\1/comments" - backendRefs: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-2 + type: "ExtensionRef" + matches: + - method: "GET" + path: + type: "RegularExpression" + value: "/apis/(.*)/documents/(.*)/content" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/backoffice/apis/(.*)/comments" - method: "POST" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/apis/\\1/documents/\\2/content" type: "ReplaceFullPath" - replaceFullPath: "/api/backoffice/apis/\\1/comments" - backendRefs: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-3 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-4 + type: "ExtensionRef" + matches: + - method: "POST" + path: + type: "RegularExpression" + value: "/apis/(.*)/documents/(.*)/content" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/backoffice/apis/(.*)/comments/(.*)" - method: "GET" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/apis/\\1/documents/\\2" type: "ReplaceFullPath" - replaceFullPath: "/api/backoffice/apis/\\1/comments/\\2" - backendRefs: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-2 + type: "ExtensionRef" + matches: + - method: "GET" + path: + type: "RegularExpression" + value: "/apis/(.*)/documents/(.*)" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/backoffice/apis/(.*)/comments/(.*)" - method: "DELETE" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/apis/\\1/documents/\\2" type: "ReplaceFullPath" - replaceFullPath: "/api/backoffice/apis/\\1/comments/\\2" - backendRefs: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-3 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-4 + type: "ExtensionRef" + matches: + - method: "PUT" + path: + type: "RegularExpression" + value: "/apis/(.*)/documents/(.*)" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/backoffice/apis/(.*)/comments/(.*)" - method: "PATCH" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/apis/\\1/documents/\\2" type: "ReplaceFullPath" - replaceFullPath: "/api/backoffice/apis/\\1/comments/\\2" - backendRefs: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-3 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-4 + type: "ExtensionRef" + matches: + - method: "DELETE" + path: + type: "RegularExpression" + value: "/apis/(.*)/documents/(.*)" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-backend - - matches: - - path: + filters: + - type: "URLRewrite" + urlRewrite: + path: + replaceFullPath: "/apis/\\1/comments/\\2" + type: "ReplaceFullPath" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-2 + type: "ExtensionRef" + matches: + - method: "GET" + path: type: "RegularExpression" - value: "/api/backoffice/apis/(.*)/comments/(.*)/replies" - method: "GET" + value: "/apis/(.*)/comments/(.*)" + - backendRefs: + - group: dp.wso2.com + kind: Backend + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-backend filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/apis/\\1/comments" type: "ReplaceFullPath" - replaceFullPath: "/api/backoffice/apis/\\1/comments/\\2/replies" - backendRefs: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-2 + type: "ExtensionRef" + matches: + - method: "GET" + path: + type: "RegularExpression" + value: "/apis/(.*)/comments" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-backend - parentRefs: - - group: "gateway.networking.k8s.io" - kind: "Gateway" - name: "default" - sectionName: "httpslistener" + filters: + - type: "URLRewrite" + urlRewrite: + path: + replaceFullPath: "/apis/\\1/comments" + type: "ReplaceFullPath" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-3 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-5 + type: "ExtensionRef" + matches: + - method: "POST" + path: + type: "RegularExpression" + value: "/apis/(.*)/comments" {{- end -}} diff --git a/helm-charts/templates/control-plane/backoffice-ds/backoffice-domain-api-httproute-3.yaml b/helm-charts/templates/control-plane/backoffice-ds/backoffice-domain-api-httproute-3.yaml index 27b1e89749..0291b74171 100644 --- a/helm-charts/templates/control-plane/backoffice-ds/backoffice-domain-api-httproute-3.yaml +++ b/helm-charts/templates/control-plane/backoffice-ds/backoffice-domain-api-httproute-3.yaml @@ -25,175 +25,211 @@ metadata: spec: hostnames: - "{{ .Values.wso2.apk.listener.hostname | default "api.am.wso2.com"}}" + parentRefs: + - group: "gateway.networking.k8s.io" + kind: "Gateway" + name: "default" + sectionName: "httpslistener" rules: - - matches: - - path: - type: "RegularExpression" - value: "/api/backoffice/subscriptions" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/backoffice/subscriptions" - backendRefs: + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/backoffice/subscriptions/(.*)/subscriber-info" - method: "GET" filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/backoffice/subscriptions/\\1/subscriber-info" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-3 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-6 + type: "ExtensionRef" + matches: + - method: "POST" + path: type: "RegularExpression" - value: "/api/backoffice/subscriptions/block-subscription" - method: "POST" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/backoffice/subscriptions/block-subscription" - backendRefs: + value: "/subscriptions/unblock-subscription" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/backoffice/subscriptions/unblock-subscription" - method: "POST" filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/backoffice/subscriptions/unblock-subscription" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-3 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-6 + type: "ExtensionRef" + matches: + - method: "POST" + path: type: "RegularExpression" - value: "/api/backoffice/usage-plans" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/backoffice/usage-plans" - backendRefs: + value: "/subscriptions/block-subscription" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/backoffice/search" - method: "GET" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/subscriptions/\\1/subscriber-info" type: "ReplaceFullPath" - replaceFullPath: "/api/backoffice/search" - backendRefs: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-2 + type: "ExtensionRef" + matches: + - method: "GET" + path: + type: "RegularExpression" + value: "/subscriptions/(.*)/subscriber-info" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/backoffice/settings" - method: "GET" filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/backoffice/settings" - backendRefs: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-2 + type: "ExtensionRef" + matches: + - method: "GET" + path: + type: "RegularExpression" + value: "/subscriptions" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/backoffice/api-categories" - method: "GET" filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/backoffice/api-categories" - backendRefs: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-2 + type: "ExtensionRef" + matches: + - method: "GET" + path: + type: "RegularExpression" + value: "/search" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/backoffice/apis/change-lifecycle" - method: "POST" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/apis/\\1/comments/\\2/replies" type: "ReplaceFullPath" - replaceFullPath: "/api/backoffice/apis/change-lifecycle" - backendRefs: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-2 + type: "ExtensionRef" + matches: + - method: "GET" + path: + type: "RegularExpression" + value: "/apis/(.*)/comments/(.*)/replies" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/backoffice/apis/(.*)/lifecycle-history" - method: "GET" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/apis/\\1/comments/\\2" type: "ReplaceFullPath" - replaceFullPath: "/api/backoffice/apis/\\1/lifecycle-history" - backendRefs: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-5 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-3 + type: "ExtensionRef" + matches: + - method: "PUT" + path: + type: "RegularExpression" + value: "/apis/(.*)/comments/(.*)" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/backoffice/apis/(.*)/lifecycle-state" - method: "GET" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/apis/\\1/comments/\\2" type: "ReplaceFullPath" - replaceFullPath: "/api/backoffice/apis/\\1/lifecycle-state" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-backend - parentRefs: - - group: "gateway.networking.k8s.io" - kind: "Gateway" - name: "default" - sectionName: "httpslistener" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-5 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-3 + type: "ExtensionRef" + matches: + - method: "DELETE" + path: + type: "RegularExpression" + value: "/apis/(.*)/comments/(.*)" {{- end -}} + diff --git a/helm-charts/templates/control-plane/backoffice-ds/backoffice-domain-api-httproute-4.yaml b/helm-charts/templates/control-plane/backoffice-ds/backoffice-domain-api-httproute-4.yaml new file mode 100644 index 0000000000..daa53fe4ef --- /dev/null +++ b/helm-charts/templates/control-plane/backoffice-ds/backoffice-domain-api-httproute-4.yaml @@ -0,0 +1,124 @@ +# Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com) All Rights Reserved. +# +# WSO2 LLC. licenses this file to you under the Apache License, +# Version 2.0 (the "License"); you may not use this file except +# in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +{{- if .Values.wso2.apk.cp.enabled }} +apiVersion: "gateway.networking.k8s.io/v1beta1" +kind: "HTTPRoute" +metadata: + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-httproute-4 + namespace: {{ .Release.Namespace }} + labels: + api-name: "backoffice-domain-service" + api-version: "1.0.0" +spec: + hostnames: + - "{{ .Values.wso2.apk.listener.hostname | default "api.am.wso2.com"}}" + parentRefs: + - group: "gateway.networking.k8s.io" + kind: "Gateway" + name: "default" + sectionName: "httpslistener" + rules: + - backendRefs: + - group: dp.wso2.com + kind: Backend + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-backend + filters: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-3 + type: "ExtensionRef" + matches: + - method: "POST" + path: + type: "RegularExpression" + value: "/apis/change-lifecycle" + - backendRefs: + - group: dp.wso2.com + kind: Backend + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-backend + filters: + - type: "URLRewrite" + urlRewrite: + path: + replaceFullPath: "/apis/\\1/lifecycle-state" + type: "ReplaceFullPath" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-2 + type: "ExtensionRef" + matches: + - method: "GET" + path: + type: "RegularExpression" + value: "/apis/(.*)/lifecycle-state" + - backendRefs: + - group: dp.wso2.com + kind: Backend + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-backend + filters: + - type: "URLRewrite" + urlRewrite: + path: + replaceFullPath: "/apis/\\1/lifecycle-history" + type: "ReplaceFullPath" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-2 + type: "ExtensionRef" + matches: + - method: "GET" + path: + type: "RegularExpression" + value: "/apis/(.*)/lifecycle-history" + - backendRefs: + - group: dp.wso2.com + kind: Backend + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-backend + filters: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-1 + type: "ExtensionRef" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-2 + type: "ExtensionRef" + matches: + - method: "GET" + path: + type: "RegularExpression" + value: "/api-categories" +{{- end -}} diff --git a/helm-charts/templates/control-plane/backoffice-ds/backoffice-domain-api-scope-1.yaml b/helm-charts/templates/control-plane/backoffice-ds/backoffice-domain-api-scope-1.yaml new file mode 100644 index 0000000000..b02cc1f9a7 --- /dev/null +++ b/helm-charts/templates/control-plane/backoffice-ds/backoffice-domain-api-scope-1.yaml @@ -0,0 +1,29 @@ +# Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com) All Rights Reserved. +# +# WSO2 LLC. licenses this file to you under the Apache License, +# Version 2.0 (the "License"); you may not use this file except +# in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +{{- if .Values.wso2.apk.cp.enabled }} +apiVersion: dp.wso2.com/v1alpha1 +kind: Scope +metadata: + labels: + api-name: "backoffice-domain-service" + api-version: "1.0.0" + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-1 + namespace: {{ .Release.Namespace }} + uid: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-1-uid +spec: + names: + - apk:backoffice_admin +{{- end -}} diff --git a/helm-charts/templates/control-plane/backoffice-ds/backoffice-domain-api-scope-2.yaml b/helm-charts/templates/control-plane/backoffice-ds/backoffice-domain-api-scope-2.yaml new file mode 100644 index 0000000000..7b52d4ea56 --- /dev/null +++ b/helm-charts/templates/control-plane/backoffice-ds/backoffice-domain-api-scope-2.yaml @@ -0,0 +1,29 @@ +# Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com) All Rights Reserved. +# +# WSO2 LLC. licenses this file to you under the Apache License, +# Version 2.0 (the "License"); you may not use this file except +# in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +{{- if .Values.wso2.apk.cp.enabled }} +apiVersion: dp.wso2.com/v1alpha1 +kind: Scope +metadata: + labels: + api-name: "backoffice-domain-service" + api-version: "1.0.0" + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-2 + namespace: {{ .Release.Namespace }} + uid: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-2-uid +spec: + names: + - apk:api_view +{{- end -}} diff --git a/helm-charts/templates/control-plane/backoffice-ds/backoffice-domain-api-scope-3.yaml b/helm-charts/templates/control-plane/backoffice-ds/backoffice-domain-api-scope-3.yaml new file mode 100644 index 0000000000..446c248570 --- /dev/null +++ b/helm-charts/templates/control-plane/backoffice-ds/backoffice-domain-api-scope-3.yaml @@ -0,0 +1,29 @@ +# Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com) All Rights Reserved. +# +# WSO2 LLC. licenses this file to you under the Apache License, +# Version 2.0 (the "License"); you may not use this file except +# in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +{{- if .Values.wso2.apk.cp.enabled }} +apiVersion: dp.wso2.com/v1alpha1 +kind: Scope +metadata: + labels: + api-name: "backoffice-domain-service" + api-version: "1.0.0" + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-3 + namespace: {{ .Release.Namespace }} + uid: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-3-uid +spec: + names: + - apk:api_publish +{{- end -}} diff --git a/helm-charts/templates/control-plane/backoffice-ds/backoffice-domain-api-scope-4.yaml b/helm-charts/templates/control-plane/backoffice-ds/backoffice-domain-api-scope-4.yaml new file mode 100644 index 0000000000..9253a63141 --- /dev/null +++ b/helm-charts/templates/control-plane/backoffice-ds/backoffice-domain-api-scope-4.yaml @@ -0,0 +1,29 @@ +# Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com) All Rights Reserved. +# +# WSO2 LLC. licenses this file to you under the Apache License, +# Version 2.0 (the "License"); you may not use this file except +# in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +{{- if .Values.wso2.apk.cp.enabled }} +apiVersion: dp.wso2.com/v1alpha1 +kind: Scope +metadata: + labels: + api-name: "backoffice-domain-service" + api-version: "1.0.0" + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-4 + namespace: {{ .Release.Namespace }} + uid: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-4-uid +spec: + names: + - apk:document_manage +{{- end -}} diff --git a/helm-charts/templates/control-plane/backoffice-ds/backoffice-domain-api-scope-5.yaml b/helm-charts/templates/control-plane/backoffice-ds/backoffice-domain-api-scope-5.yaml new file mode 100644 index 0000000000..141fa58458 --- /dev/null +++ b/helm-charts/templates/control-plane/backoffice-ds/backoffice-domain-api-scope-5.yaml @@ -0,0 +1,29 @@ +# Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com) All Rights Reserved. +# +# WSO2 LLC. licenses this file to you under the Apache License, +# Version 2.0 (the "License"); you may not use this file except +# in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +{{- if .Values.wso2.apk.cp.enabled }} +apiVersion: dp.wso2.com/v1alpha1 +kind: Scope +metadata: + labels: + api-name: "backoffice-domain-service" + api-version: "1.0.0" + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-5 + namespace: {{ .Release.Namespace }} + uid: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-5-uid +spec: + names: + - apk:comment_write +{{- end -}} diff --git a/helm-charts/templates/control-plane/backoffice-ds/backoffice-domain-api-scope-6.yaml b/helm-charts/templates/control-plane/backoffice-ds/backoffice-domain-api-scope-6.yaml new file mode 100644 index 0000000000..a181edde9d --- /dev/null +++ b/helm-charts/templates/control-plane/backoffice-ds/backoffice-domain-api-scope-6.yaml @@ -0,0 +1,29 @@ +# Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com) All Rights Reserved. +# +# WSO2 LLC. licenses this file to you under the Apache License, +# Version 2.0 (the "License"); you may not use this file except +# in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +{{- if .Values.wso2.apk.cp.enabled }} +apiVersion: dp.wso2.com/v1alpha1 +kind: Scope +metadata: + labels: + api-name: "backoffice-domain-service" + api-version: "1.0.0" + name: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-6 + namespace: {{ .Release.Namespace }} + uid: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-scope-6-uid +spec: + names: + - apk:subscription_manage +{{- end -}} diff --git a/helm-charts/templates/control-plane/backoffice-ds/backoffice-domain-api.yaml b/helm-charts/templates/control-plane/backoffice-ds/backoffice-domain-api.yaml index c9a380c0f1..63d9499942 100644 --- a/helm-charts/templates/control-plane/backoffice-ds/backoffice-domain-api.yaml +++ b/helm-charts/templates/control-plane/backoffice-ds/backoffice-domain-api.yaml @@ -23,6 +23,7 @@ metadata: labels: api-name: "backoffice-domain-service" api-version: "1.0.0" + uid: {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-api-uid spec: apiName: "Backoffice Domain API" apiType: "REST" @@ -34,5 +35,6 @@ spec: - {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-httproute-1 - {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-httproute-2 - {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-httproute-3 + - {{ template "apk-helm.resource.prefix" . }}-backoffice-ds-httproute-4 systemAPI: true {{- end -}} diff --git a/helm-charts/templates/control-plane/devportal-ds/devportal-domain-api-backend.yaml b/helm-charts/templates/control-plane/devportal-ds/devportal-domain-api-backend.yaml index ee1cc538f7..a875486fbf 100644 --- a/helm-charts/templates/control-plane/devportal-ds/devportal-domain-api-backend.yaml +++ b/helm-charts/templates/control-plane/devportal-ds/devportal-domain-api-backend.yaml @@ -20,6 +20,7 @@ metadata: name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend namespace: {{ .Release.Namespace }} spec: + basePath: "/api/devportal" services: - host: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-service.{{ .Release.Namespace }} port: 9443 diff --git a/helm-charts/templates/control-plane/devportal-ds/devportal-domain-api-httproute-1.yaml b/helm-charts/templates/control-plane/devportal-ds/devportal-domain-api-httproute-1.yaml index b6df5ced3f..1334210a20 100644 --- a/helm-charts/templates/control-plane/devportal-ds/devportal-domain-api-httproute-1.yaml +++ b/helm-charts/templates/control-plane/devportal-ds/devportal-domain-api-httproute-1.yaml @@ -25,190 +25,124 @@ metadata: spec: hostnames: - "{{ .Values.wso2.apk.listener.hostname | default "api.am.wso2.com"}}" + parentRefs: + - group: "gateway.networking.k8s.io" + kind: "Gateway" + name: "default" + sectionName: "httpslistener" rules: - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/apis" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/apis" - backendRefs: + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/apis/(.*)" - method: "GET" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/apis/\\1/thumbnail" type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/apis/\\1" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: + matches: + - method: "GET" + path: type: "RegularExpression" - value: "/api/devportal/apis/(.*)/definition" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/apis/\\1/definition" - backendRefs: + value: "/apis/(.*)/thumbnail" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/apis/(.*)/sdks/(.*)" - method: "GET" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/apis/\\1/sdks/\\2" type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/apis/\\1/sdks/\\2" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: + matches: + - method: "GET" + path: type: "RegularExpression" - value: "/api/devportal/apis/(.*)/documents" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/apis/\\1/documents" - backendRefs: + value: "/apis/(.*)/sdks/(.*)" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/apis/(.*)/documents/(.*)" - method: "GET" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/apis/\\1/documents/\\2/content" type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/apis/\\1/documents/\\2" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: + matches: + - method: "GET" + path: type: "RegularExpression" - value: "/api/devportal/apis/(.*)/documents/(.*)/content" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/apis/\\1/documents/\\2/content" - backendRefs: + value: "/apis/(.*)/documents/(.*)/content" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/apis/(.*)/thumbnail" - method: "GET" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/apis/\\1/documents/\\2" type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/apis/\\1/thumbnail" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: + matches: + - method: "GET" + path: type: "RegularExpression" - value: "/api/devportal/apis/(.*)/ratings" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/apis/\\1/ratings" - backendRefs: + value: "/apis/(.*)/documents/(.*)" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/apis/(.*)/user-rating" - method: "GET" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/apis/\\1/documents" type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/apis/\\1/user-rating" - backendRefs: + matches: + - method: "GET" + path: + type: "RegularExpression" + value: "/apis/(.*)/documents" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/apis/(.*)/user-rating" - method: "PUT" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/apis/\\1/definition" type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/apis/\\1/user-rating" - backendRefs: + matches: + - method: "GET" + path: + type: "RegularExpression" + value: "/apis/(.*)/definition" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/apis/(.*)/user-rating" - method: "DELETE" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/apis/\\1" type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/apis/\\1/user-rating" - backendRefs: + matches: + - method: "GET" + path: + type: "RegularExpression" + value: "/apis/(.*)" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - parentRefs: - - group: "gateway.networking.k8s.io" - kind: "Gateway" - name: "default" - sectionName: "httpslistener" + matches: + - method: "GET" + path: + type: "RegularExpression" + value: "/apis" {{- end -}} diff --git a/helm-charts/templates/control-plane/devportal-ds/devportal-domain-api-httproute-2.yaml b/helm-charts/templates/control-plane/devportal-ds/devportal-domain-api-httproute-2.yaml index 6c2b054cff..c4e94af4e5 100644 --- a/helm-charts/templates/control-plane/devportal-ds/devportal-domain-api-httproute-2.yaml +++ b/helm-charts/templates/control-plane/devportal-ds/devportal-domain-api-httproute-2.yaml @@ -25,235 +25,140 @@ metadata: spec: hostnames: - "{{ .Values.wso2.apk.listener.hostname | default "api.am.wso2.com"}}" + parentRefs: + - group: "gateway.networking.k8s.io" + kind: "Gateway" + name: "default" + sectionName: "httpslistener" rules: - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/apis/(.*)/comments" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/apis/\\1/comments" - backendRefs: + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/apis/(.*)/comments" - method: "POST" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/apis/\\1/user-rating" type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/apis/\\1/comments" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-scope-1 + type: "ExtensionRef" + matches: + - method: "GET" + path: type: "RegularExpression" - value: "/api/devportal/apis/(.*)/comments/(.*)" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/apis/\\1/comments/\\2" - backendRefs: + value: "/apis/(.*)/user-rating" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/apis/(.*)/comments/(.*)" - method: "DELETE" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/apis/\\1/user-rating" type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/apis/\\1/comments/\\2" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: + matches: + - method: "PUT" + path: type: "RegularExpression" - value: "/api/devportal/apis/(.*)/comments/(.*)" - method: "PATCH" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/apis/\\1/comments/\\2" - backendRefs: + value: "/apis/(.*)/user-rating" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/apis/(.*)/comments/(.*)/replies" - method: "GET" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/apis/\\1/user-rating" type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/apis/\\1/comments/\\2/replies" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: + matches: + - method: "DELETE" + path: type: "RegularExpression" - value: "/api/devportal/apis/(.*)/topics" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/apis/\\1/topics" - backendRefs: + value: "/apis/(.*)/user-rating" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/apis/(.*)/subscription-policies" - method: "GET" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/apis/\\1/ratings" type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/apis/\\1/subscription-policies" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: + matches: + - method: "GET" + path: type: "RegularExpression" - value: "/api/devportal/tenants" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/tenants" - backendRefs: + value: "/apis/(.*)/ratings" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/recommendations" - method: "GET" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/apis/\\1/comments/\\2" type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/recommendations" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: + matches: + - method: "GET" + path: type: "RegularExpression" - value: "/api/devportal/api-categories" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/api-categories" - backendRefs: + value: "/apis/(.*)/comments/(.*)" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/key-managers" - method: "GET" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/apis/\\1/comments/\\2" type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/key-managers" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-scope-1 + type: "ExtensionRef" + matches: + - method: "DELETE" + path: type: "RegularExpression" - value: "/api/devportal/apis/(.*)/graphql-policies/complexity" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/apis/\\1/graphql-policies/complexity" - backendRefs: + value: "/apis/(.*)/comments/(.*)" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/apis/(.*)/graphql-policies/complexity/types" - method: "GET" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/apis/\\1/comments" type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/apis/\\1/graphql-policies/complexity/types" - backendRefs: + matches: + - method: "GET" + path: + type: "RegularExpression" + value: "/apis/(.*)/comments" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/me/change-password" - method: "POST" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/apis/\\1/comments" type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/me/change-password" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - parentRefs: - - group: "gateway.networking.k8s.io" - kind: "Gateway" - name: "default" - sectionName: "httpslistener" + matches: + - method: "POST" + path: + type: "RegularExpression" + value: "/apis/(.*)/comments" {{- end -}} diff --git a/helm-charts/templates/control-plane/devportal-ds/devportal-domain-api-httproute-3.yaml b/helm-charts/templates/control-plane/devportal-ds/devportal-domain-api-httproute-3.yaml index b3c6520a94..e567f72c00 100644 --- a/helm-charts/templates/control-plane/devportal-ds/devportal-domain-api-httproute-3.yaml +++ b/helm-charts/templates/control-plane/devportal-ds/devportal-domain-api-httproute-3.yaml @@ -25,205 +25,155 @@ metadata: spec: hostnames: - "{{ .Values.wso2.apk.listener.hostname | default "api.am.wso2.com"}}" + parentRefs: + - group: "gateway.networking.k8s.io" + kind: "Gateway" + name: "default" + sectionName: "httpslistener" rules: - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/applications" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/applications" - backendRefs: + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/applications" - method: "POST" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/applications/\\1/generate-keys" type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/applications" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-scope-1 + type: "ExtensionRef" + matches: + - method: "POST" + path: type: "RegularExpression" - value: "/api/devportal/applications/(.*)" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/applications/\\1" - backendRefs: + value: "/applications/(.*)/generate-keys" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/applications/(.*)" - method: "PUT" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/applications/\\1" type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/applications/\\1" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-scope-1 + type: "ExtensionRef" + matches: + - method: "GET" + path: type: "RegularExpression" - value: "/api/devportal/applications/(.*)" - method: "DELETE" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/applications/\\1" - backendRefs: + value: "/applications/(.*)" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/applications/(.*)/generate-keys" - method: "POST" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/applications/\\1" type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/applications/\\1/generate-keys" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-scope-1 + type: "ExtensionRef" + matches: + - method: "PUT" + path: type: "RegularExpression" - value: "/api/devportal/applications/(.*)/map-keys" - method: "POST" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/applications/\\1/map-keys" - backendRefs: + value: "/applications/(.*)" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/applications/(.*)/keys" - method: "GET" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/applications/\\1" type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/applications/\\1/keys" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-scope-1 + type: "ExtensionRef" + matches: + - method: "DELETE" + path: type: "RegularExpression" - value: "/api/devportal/applications/(.*)/keys/(.*)" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/applications/\\1/keys/\\2" - backendRefs: + value: "/applications/(.*)" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/applications/(.*)/keys/(.*)" - method: "PUT" filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/applications/\\1/keys/\\2" - backendRefs: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-scope-1 + type: "ExtensionRef" + matches: + - method: "GET" + path: + type: "RegularExpression" + value: "/applications" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/applications/(.*)/keys/(.*)/regenerate-secret" - method: "POST" filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/applications/\\1/keys/\\2/regenerate-secret" - backendRefs: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-scope-1 + type: "ExtensionRef" + matches: + - method: "POST" + path: + type: "RegularExpression" + value: "/applications" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/applications/(.*)/keys/(.*)/clean-up" - method: "POST" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/apis/\\1/comments/\\2/replies" type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/applications/\\1/keys/\\2/clean-up" - backendRefs: + matches: + - method: "GET" + path: + type: "RegularExpression" + value: "/apis/(.*)/comments/(.*)/replies" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/applications/(.*)/keys/(.*)/generate-token" - method: "POST" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/apis/\\1/comments/\\2" type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/applications/\\1/keys/\\2/generate-token" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - parentRefs: - - group: "gateway.networking.k8s.io" - kind: "Gateway" - name: "default" - sectionName: "httpslistener" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-scope-1 + type: "ExtensionRef" + matches: + - method: "PATCH" + path: + type: "RegularExpression" + value: "/apis/(.*)/comments/(.*)" {{- end -}} diff --git a/helm-charts/templates/control-plane/devportal-ds/devportal-domain-api-httproute-4.yaml b/helm-charts/templates/control-plane/devportal-ds/devportal-domain-api-httproute-4.yaml index 581e50e636..e94aca1e18 100644 --- a/helm-charts/templates/control-plane/devportal-ds/devportal-domain-api-httproute-4.yaml +++ b/helm-charts/templates/control-plane/devportal-ds/devportal-domain-api-httproute-4.yaml @@ -25,160 +25,170 @@ metadata: spec: hostnames: - "{{ .Values.wso2.apk.listener.hostname | default "api.am.wso2.com"}}" + parentRefs: + - group: "gateway.networking.k8s.io" + kind: "Gateway" + name: "default" + sectionName: "httpslistener" rules: - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/applications/(.*)/oauth-keys" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/applications/\\1/oauth-keys" - backendRefs: + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/applications/(.*)/oauth-keys/(.*)" - method: "GET" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/applications/\\1/oauth-keys/\\2/regenerate-secret" type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/applications/\\1/oauth-keys/\\2" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-scope-1 + type: "ExtensionRef" + matches: + - method: "POST" + path: type: "RegularExpression" - value: "/api/devportal/applications/(.*)/oauth-keys/(.*)" - method: "PUT" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/applications/\\1/oauth-keys/\\2" - backendRefs: + value: "/applications/(.*)/oauth-keys/(.*)/regenerate-secret" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/applications/(.*)/oauth-keys/(.*)/regenerate-secret" - method: "POST" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/applications/\\1/oauth-keys/\\2/generate-token" type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/applications/\\1/oauth-keys/\\2/regenerate-secret" - backendRefs: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-scope-1 + type: "ExtensionRef" + matches: + - method: "POST" + path: + type: "RegularExpression" + value: "/applications/(.*)/oauth-keys/(.*)/generate-token" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/applications/(.*)/oauth-keys/(.*)/clean-up" - method: "POST" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/applications/\\1/oauth-keys/\\2/clean-up" type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/applications/\\1/oauth-keys/\\2/clean-up" - backendRefs: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-scope-1 + type: "ExtensionRef" + matches: + - method: "POST" + path: + type: "RegularExpression" + value: "/applications/(.*)/oauth-keys/(.*)/clean-up" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/applications/(.*)/oauth-keys/(.*)/generate-token" - method: "POST" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/applications/\\1/oauth-keys/\\2" type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/applications/\\1/oauth-keys/\\2/generate-token" - backendRefs: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-scope-1 + type: "ExtensionRef" + matches: + - method: "GET" + path: + type: "RegularExpression" + value: "/applications/(.*)/oauth-keys/(.*)" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/applications/(.*)/api-keys/(.*)/generate" - method: "POST" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/applications/\\1/oauth-keys/\\2" type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/applications/\\1/api-keys/\\2/generate" - backendRefs: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-scope-1 + type: "ExtensionRef" + matches: + - method: "PUT" + path: + type: "RegularExpression" + value: "/applications/(.*)/oauth-keys/(.*)" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/applications/(.*)/api-keys/(.*)/revoke" - method: "POST" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/applications/\\1/oauth-keys" type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/applications/\\1/api-keys/\\2/revoke" - backendRefs: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-scope-1 + type: "ExtensionRef" + matches: + - method: "GET" + path: + type: "RegularExpression" + value: "/applications/(.*)/oauth-keys" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/applications/export" - method: "GET" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/applications/\\1/map-keys" type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/applications/export" - backendRefs: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-scope-1 + type: "ExtensionRef" + matches: + - method: "POST" + path: + type: "RegularExpression" + value: "/applications/(.*)/map-keys" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/applications/import" - method: "POST" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/applications/\\1/api-keys/\\2/generate" type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/applications/import" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - parentRefs: - - group: "gateway.networking.k8s.io" - kind: "Gateway" - name: "default" - sectionName: "httpslistener" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-scope-1 + type: "ExtensionRef" + matches: + - method: "POST" + path: + type: "RegularExpression" + value: "/applications/(.*)/api-keys/(.*)/generate" {{- end -}} diff --git a/helm-charts/templates/control-plane/devportal-ds/devportal-domain-api-httproute-5.yaml b/helm-charts/templates/control-plane/devportal-ds/devportal-domain-api-httproute-5.yaml index c644bdfe83..0e7a0af214 100644 --- a/helm-charts/templates/control-plane/devportal-ds/devportal-domain-api-httproute-5.yaml +++ b/helm-charts/templates/control-plane/devportal-ds/devportal-domain-api-httproute-5.yaml @@ -25,250 +25,150 @@ metadata: spec: hostnames: - "{{ .Values.wso2.apk.listener.hostname | default "api.am.wso2.com"}}" + parentRefs: + - group: "gateway.networking.k8s.io" + kind: "Gateway" + name: "default" + sectionName: "httpslistener" rules: - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/subscriptions" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/subscriptions" - backendRefs: + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/subscriptions" - method: "POST" filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/subscriptions" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-scope-1 + type: "ExtensionRef" + matches: + - method: "POST" + path: type: "RegularExpression" - value: "/api/devportal/subscriptions/multiple" - method: "POST" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/subscriptions/multiple" - backendRefs: + value: "/subscriptions/multiple" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/subscriptions/(.*)/additionalInfo" - method: "GET" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/subscriptions/\\1/additionalInfo" type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/subscriptions/\\1/additionalInfo" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: + matches: + - method: "GET" + path: type: "RegularExpression" - value: "/api/devportal/subscriptions/(.*)" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/subscriptions/\\1" - backendRefs: + value: "/subscriptions/(.*)/additionalInfo" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/subscriptions/(.*)" - method: "PUT" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/subscriptions/\\1" type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/subscriptions/\\1" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-scope-1 + type: "ExtensionRef" + matches: + - method: "GET" + path: type: "RegularExpression" - value: "/api/devportal/subscriptions/(.*)" - method: "DELETE" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/subscriptions/\\1" - backendRefs: + value: "/subscriptions/(.*)" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/subscriptions/(.*)/usage" - method: "GET" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/subscriptions/\\1" type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/subscriptions/\\1/usage" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-scope-1 + type: "ExtensionRef" + matches: + - method: "PUT" + path: type: "RegularExpression" - value: "/api/devportal/throttling-policies/(.*)" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/throttling-policies/\\1" - backendRefs: + value: "/subscriptions/(.*)" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/throttling-policies/(.*)/(.*)" - method: "GET" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/subscriptions/\\1" type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/throttling-policies/\\1/\\2" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-scope-1 + type: "ExtensionRef" + matches: + - method: DELETE + path: type: "RegularExpression" - value: "/api/devportal/tags" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/tags" - backendRefs: + value: "/subscriptions/(.*)" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/search" - method: "GET" filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/search" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-scope-1 + type: "ExtensionRef" + matches: + - method: "GET" + path: type: "RegularExpression" - value: "/api/devportal/sdk-gen/languages" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/sdk-gen/languages" - backendRefs: + value: "/subscriptions" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/webhooks/subscriptions" - method: "GET" filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/webhooks/subscriptions" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-scope-1 + type: "ExtensionRef" + matches: + - method: "POST" + path: type: "RegularExpression" - value: "/api/devportal/settings" - method: "GET" - filters: - - type: "URLRewrite" - urlRewrite: - path: - type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/settings" - backendRefs: + value: "/subscriptions" + - backendRefs: - group: dp.wso2.com kind: Backend name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - - matches: - - path: - type: "RegularExpression" - value: "/api/devportal/settings/application-attributes" - method: "GET" filters: - type: "URLRewrite" urlRewrite: path: + replaceFullPath: "/applications/\\1/api-keys/\\2/revoke" type: "ReplaceFullPath" - replaceFullPath: "/api/devportal/settings/application-attributes" - backendRefs: - - group: dp.wso2.com - kind: Backend - name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend - parentRefs: - - group: "gateway.networking.k8s.io" - kind: "Gateway" - name: "default" - sectionName: "httpslistener" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-scope-1 + type: "ExtensionRef" + matches: + - method: "POST" + path: + type: "RegularExpression" + value: "/applications/(.*)/api-keys/(.*)/revoke" {{- end -}} diff --git a/helm-charts/templates/control-plane/devportal-ds/devportal-domain-api-httproute-6.yaml b/helm-charts/templates/control-plane/devportal-ds/devportal-domain-api-httproute-6.yaml new file mode 100644 index 0000000000..931b8dd5f5 --- /dev/null +++ b/helm-charts/templates/control-plane/devportal-ds/devportal-domain-api-httproute-6.yaml @@ -0,0 +1,102 @@ +# Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com) All Rights Reserved. +# +# WSO2 LLC. licenses this file to you under the Apache License, +# Version 2.0 (the "License"); you may not use this file except +# in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +{{- if .Values.wso2.apk.cp.enabled }} +apiVersion: "gateway.networking.k8s.io/v1beta1" +kind: "HTTPRoute" +metadata: + name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-httproute-6 + namespace: {{ .Release.Namespace }} + labels: + api-name: "devportal-domain-service" + api-version: "1.0.0" +spec: + hostnames: + - "{{ .Values.wso2.apk.listener.hostname | default "api.am.wso2.com"}}" + parentRefs: + - group: "gateway.networking.k8s.io" + kind: "Gateway" + name: "default" + sectionName: "httpslistener" + rules: + - backendRefs: + - group: dp.wso2.com + kind: Backend + name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend + filters: + - type: "URLRewrite" + urlRewrite: + path: + replaceFullPath: "/subscriptions/\\1/usage" + type: "ReplaceFullPath" + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-scope-1 + type: "ExtensionRef" + matches: + - method: "GET" + path: + type: "RegularExpression" + value: "/subscriptions/(.*)/usage" + - backendRefs: + - group: dp.wso2.com + kind: Backend + name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend + matches: + - method: "GET" + path: + type: "RegularExpression" + value: "/search" + - backendRefs: + - group: dp.wso2.com + kind: Backend + name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend + filters: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-scope-1 + type: "ExtensionRef" + matches: + - method: "GET" + path: + type: "RegularExpression" + value: "/sdk-gen/languages" + - backendRefs: + - group: dp.wso2.com + kind: Backend + name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend + filters: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-scope-1 + type: "ExtensionRef" + matches: + - method: "GET" + path: + type: "RegularExpression" + value: "/key-managers" + - backendRefs: + - group: dp.wso2.com + kind: Backend + name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-backend + matches: + - method: "GET" + path: + type: "RegularExpression" + value: "/api-categories" +{{- end -}} diff --git a/helm-charts/templates/control-plane/devportal-ds/devportal-domain-api-scope-1.yaml b/helm-charts/templates/control-plane/devportal-ds/devportal-domain-api-scope-1.yaml new file mode 100644 index 0000000000..26814ba9a5 --- /dev/null +++ b/helm-charts/templates/control-plane/devportal-ds/devportal-domain-api-scope-1.yaml @@ -0,0 +1,29 @@ +# Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com) All Rights Reserved. +# +# WSO2 LLC. licenses this file to you under the Apache License, +# Version 2.0 (the "License"); you may not use this file except +# in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +{{- if .Values.wso2.apk.cp.enabled }} +apiVersion: dp.wso2.com/v1alpha1 +kind: Scope +metadata: + labels: + api-name: "devportal-domain-service" + api-version: "1.0.0" + name: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-scope-1 + namespace: {{ .Release.Namespace }} + uid: {{ template "apk-helm.resource.prefix" . }}-devportal-ds-scope-1-uid +spec: + names: + - apk:subscribe +{{- end -}} diff --git a/helm-charts/templates/control-plane/devportal-ds/devportal-domain-api.yaml b/helm-charts/templates/control-plane/devportal-ds/devportal-domain-api.yaml index 7b9c994e3d..e3eedfd25c 100644 --- a/helm-charts/templates/control-plane/devportal-ds/devportal-domain-api.yaml +++ b/helm-charts/templates/control-plane/devportal-ds/devportal-domain-api.yaml @@ -35,5 +35,6 @@ spec: - {{ template "apk-helm.resource.prefix" . }}-devportal-ds-httproute-3 - {{ template "apk-helm.resource.prefix" . }}-devportal-ds-httproute-4 - {{ template "apk-helm.resource.prefix" . }}-devportal-ds-httproute-5 + - {{ template "apk-helm.resource.prefix" . }}-devportal-ds-httproute-6 systemAPI: true {{- end -}} diff --git a/helm-charts/templates/data-plane/config-deployer/config-deploy-api-create-scope.yaml b/helm-charts/templates/data-plane/config-deployer/config-deploy-api-create-scope.yaml new file mode 100644 index 0000000000..670af7a7dc --- /dev/null +++ b/helm-charts/templates/data-plane/config-deployer/config-deploy-api-create-scope.yaml @@ -0,0 +1,28 @@ + +# Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com) All Rights Reserved. +# +# WSO2 LLC. licenses this file to you under the Apache License, +# Version 2.0 (the "License"); you may not use this file except +# in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +{{- if and .Values.wso2.apk.dp.enabled .Values.wso2.apk.dp.configdeployer.enabled }} +apiVersion: dp.wso2.com/v1alpha1 +kind: Scope +metadata: + labels: + managed-by: "apk" + name: {{ template "apk-helm.resource.prefix" . }}-api-create-scope + namespace: {{ .Release.Namespace }} +spec: + names: + - apk:api_create +{{- end -}} diff --git a/helm-charts/templates/data-plane/config-deployer/config-deploy-api-route.yaml b/helm-charts/templates/data-plane/config-deployer/config-deploy-api-route.yaml index c3fb37b2d7..2a242bb00e 100644 --- a/helm-charts/templates/data-plane/config-deployer/config-deploy-api-route.yaml +++ b/helm-charts/templates/data-plane/config-deployer/config-deploy-api-route.yaml @@ -34,6 +34,12 @@ spec: - group: "dp.wso2.com" kind: "Backend" name: "{{ template "apk-helm.resource.prefix" . }}-config-deployer-ds-backend" + filters: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-api-create-scope + type: ExtensionRef - matches: - path: type: "RegularExpression" @@ -43,6 +49,12 @@ spec: - group: "dp.wso2.com" kind: "Backend" name: "{{ template "apk-helm.resource.prefix" . }}-config-deployer-ds-backend" + filters: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-api-create-scope + type: ExtensionRef parentRefs: - group: "gateway.networking.k8s.io" kind: "Gateway" diff --git a/helm-charts/templates/data-plane/gateway-components/common-controller/webhook/adapter-mutating-webhook-config.yaml b/helm-charts/templates/data-plane/gateway-components/common-controller/webhook/adapter-mutating-webhook-config.yaml index 605b5e3a9f..f8a52b7412 100644 --- a/helm-charts/templates/data-plane/gateway-components/common-controller/webhook/adapter-mutating-webhook-config.yaml +++ b/helm-charts/templates/data-plane/gateway-components/common-controller/webhook/adapter-mutating-webhook-config.yaml @@ -29,14 +29,14 @@ webhooks: service: name: {{ template "apk-helm.resource.prefix" . }}-common-controller-service namespace: {{ .Release.Namespace }} - path: /mutate-dp-wso2-com-v1alpha1-api + path: /mutate-dp-wso2-com-v1alpha2-api failurePolicy: Fail name: mapi.kb.io rules: - apiGroups: - dp.wso2.com apiVersions: - - v1alpha1 + - v1alpha2 operations: - CREATE - UPDATE diff --git a/helm-charts/templates/data-plane/gateway-components/common-controller/webhook/adapter-validation-webhook-config.yaml b/helm-charts/templates/data-plane/gateway-components/common-controller/webhook/adapter-validation-webhook-config.yaml index b80e610650..a91d741997 100644 --- a/helm-charts/templates/data-plane/gateway-components/common-controller/webhook/adapter-validation-webhook-config.yaml +++ b/helm-charts/templates/data-plane/gateway-components/common-controller/webhook/adapter-validation-webhook-config.yaml @@ -49,14 +49,14 @@ webhooks: service: name: {{ template "apk-helm.resource.prefix" . }}-common-controller-service namespace: {{ .Release.Namespace }} - path: /validate-dp-wso2-com-v1alpha1-api + path: /validate-dp-wso2-com-v1alpha2-api failurePolicy: Fail name: vapi.kb.io rules: - apiGroups: - dp.wso2.com apiVersions: - - v1alpha1 + - v1alpha2 operations: - CREATE - UPDATE diff --git a/helm-charts/templates/data-plane/gateway-components/common-log-conf.yaml b/helm-charts/templates/data-plane/gateway-components/common-log-conf.yaml index 6690fe4a90..a066b50593 100644 --- a/helm-charts/templates/data-plane/gateway-components/common-log-conf.yaml +++ b/helm-charts/templates/data-plane/gateway-components/common-log-conf.yaml @@ -7,6 +7,9 @@ metadata: data: config.toml: | [commoncontroller] + {{- if and .Values.wso2.apk.dp.environment .Values.wso2.apk.dp.environment.name }} + environment = "{{ .Values.wso2.apk.dp.environment.name }}" + {{- end }} [commoncontroller.server] label = "ratelimiter" {{ if and .Values.wso2.apk.dp.commonController.configs .Values.wso2.apk.dp.commonController.configs.apiNamespaces }} diff --git a/helm-charts/templates/data-plane/gateway-components/log-conf.yaml b/helm-charts/templates/data-plane/gateway-components/log-conf.yaml index e42fb2599f..50130ba183 100644 --- a/helm-charts/templates/data-plane/gateway-components/log-conf.yaml +++ b/helm-charts/templates/data-plane/gateway-components/log-conf.yaml @@ -7,6 +7,9 @@ metadata: data: config.toml: | [adapter] + {{- if and .Values.wso2.apk.dp.environment .Values.wso2.apk.dp.environment.name }} + environment = "{{ .Values.wso2.apk.dp.environment.name }}" + {{- end }} {{ if and .Values.wso2.apk.dp.adapter.configs .Values.wso2.apk.dp.adapter.configs.apiNamespaces }} [adapter.operator] namespaces = [{{ include "commaJoinedQuotedList" .Values.wso2.apk.dp.adapter.configs.apiNamespaces}}] diff --git a/helm-charts/values.yaml.template b/helm-charts/values.yaml.template index cf4260912e..3ad58a31e0 100644 --- a/helm-charts/values.yaml.template +++ b/helm-charts/values.yaml.template @@ -243,6 +243,9 @@ wso2: dp: # -- Enable the deployment of the Data Plane enabled: true + environment: + # -- Environment Name of the Data Plane + name: "Development" gateway: listener: # -- Gateway Listener Hostname diff --git a/idp/idp-domain-service/README.md b/idp/idp-domain-service/README.md new file mode 100644 index 0000000000..27a7fd5eea --- /dev/null +++ b/idp/idp-domain-service/README.md @@ -0,0 +1,7 @@ +## IDP Domain Service + +# Functionalities. + +1. Generate Token. +2. Generate Token with scopes. +3. DCR. diff --git a/idp/idp-domain-service/docker/Dockerfile b/idp/idp-domain-service/docker/Dockerfile index adce6889ed..6f8406c822 100644 --- a/idp/idp-domain-service/docker/Dockerfile +++ b/idp/idp-domain-service/docker/Dockerfile @@ -22,6 +22,10 @@ FROM ubuntu:22.04 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' LC_ALL='en_US.UTF-8' +# Upgrade Ubuntu Dependencies +RUN apt-get update \ + && apt-get upgrade -y + # install JDK Dependencies RUN apt-get update \ && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends tzdata curl wget ca-certificates fontconfig locales \ diff --git a/libs.versions.toml b/libs.versions.toml index 725ac1d32e..88be8dcdb3 100644 --- a/libs.versions.toml +++ b/libs.versions.toml @@ -156,14 +156,14 @@ log4j = "2.19.0" mapstruct = "1.5.3.Final" minidev = "2.4.9" moandjiezana = "0.7.2" -netty = "4.1.94.Final" +netty = "4.1.100.Final" nimbus = "7.9.0.wso2v1" okhttp = "4.9.3.wso2v1" okio = "2.8.0.wso2v1" opentelemetry = "1.24.0" opentelemetry-jaeger-thrift = "1.24.0" opentelemetry-semconv = "1.24.0-alpha" -org-json = "20230227" +org-json = "20231013" postgresql = "42.5.0" snakeyaml = "2.0" sun = "1.5.3" diff --git a/ratelimiter/Dockerfile b/ratelimiter/Dockerfile index fe0e6045d8..741532a778 100644 --- a/ratelimiter/Dockerfile +++ b/ratelimiter/Dockerfile @@ -14,7 +14,7 @@ # limitations under the License. # ----------------------------------------------------------------------- -FROM envoyproxy/ratelimit:965f0bc8 +FROM envoyproxy/ratelimit:624a5893 LABEL maintainer="WSO2 Docker Maintainers " RUN apk update && apk upgrade --no-cache @@ -34,6 +34,7 @@ ENV GRPC_PORT=8091 ENV USE_STATSD=false ENV LOG_LEVEL=INFO ENV LOCAL_CACHE_SIZE_IN_BYTES=1024000 +ENV STOP_CACHE_KEY_INCREMENT_WHEN_OVERLIMIT=true ENV GRPC_SERVER_USE_TLS=true ENV GRPC_SERVER_TLS_KEY=/home/wso2/security/keystore/ratelimiter.key diff --git a/runtime/config-deployer-service/README.md b/runtime/config-deployer-service/README.md index 69804a11dd..ccd625cc73 100644 --- a/runtime/config-deployer-service/README.md +++ b/runtime/config-deployer-service/README.md @@ -1,9 +1,8 @@ ## Config Deployer Service - # Functionalities. -1. Generate APK configuration (api.apk-conf) from given definition. +1. Generate APK configuration (api.apk-conf) from given OAS definition. 2. Generate K8s artifacts from given definition and APK configuration file. 3. Deploy API into Gateway getting from APK configuration and definition. 4. Undeploy API from Gateway. diff --git a/runtime/config-deployer-service/ballerina/APIClient.bal b/runtime/config-deployer-service/ballerina/APIClient.bal index 1203e32010..9957370064 100644 --- a/runtime/config-deployer-service/ballerina/APIClient.bal +++ b/runtime/config-deployer-service/ballerina/APIClient.bal @@ -164,10 +164,16 @@ public class APIClient { //todo: need to implement vhost feature Vhost[] globalVhosts = vhosts; string[] hosts = []; + string environment = apkConf.environment ?: ""; + string orgAndEnv = organization.name; + if environment != "" { + orgAndEnv = string:concat(orgAndEnv, "-", environment); + } + foreach Vhost vhost in globalVhosts { if vhost.'type == endpointType { foreach string host in vhost.hosts { - hosts.push(string:concat(organization.name, ".", host)); + hosts.push(string:concat(orgAndEnv, ".", host)); } } } @@ -387,7 +393,8 @@ public class APIClient { basePath: self.returnFullBasePath(apkConf.basePath, apkConf.'version), isDefaultVersion: apkConf.defaultVersion, organization: organization.name, - definitionPath: apkConf.definitionPath + definitionPath: apkConf.definitionPath, + environment: apkConf.environment } }; model:ConfigMap? definition = apiArtifact?.definition; diff --git a/runtime/config-deployer-service/ballerina/ConfigGenreatorClient.bal b/runtime/config-deployer-service/ballerina/ConfigGenreatorClient.bal index da7df6fcae..b5033d528c 100644 --- a/runtime/config-deployer-service/ballerina/ConfigGenreatorClient.bal +++ b/runtime/config-deployer-service/ballerina/ConfigGenreatorClient.bal @@ -124,7 +124,7 @@ public class ConfigGeneratorClient { } return e909044(); } - public isolated function getGeneratedK8sResources(http:Request request,commons:Organization organization) returns http:Response|BadRequestError|InternalServerErrorError|commons:APKError { + public isolated function getGeneratedK8sResources(http:Request request, commons:Organization organization) returns http:Response|BadRequestError|InternalServerErrorError|commons:APKError { GenerateK8sResourcesBody body = {}; do { mime:Entity[] payload = check request.getBodyParts(); @@ -142,7 +142,7 @@ public class ConfigGeneratorClient { } } APIClient apiclient = new (); - model:APIArtifact apiArtifact = check apiclient.prepareArtifact(body.apkConfiguration, body.definitionFile,organization); + model:APIArtifact apiArtifact = check apiclient.prepareArtifact(body.apkConfiguration, body.definitionFile, organization); [string, string] zipName = check self.zipAPIArtifact(apiArtifact.uniqueId, apiArtifact); http:Response response = new; response.setFileAsPayload(zipName[1]); @@ -219,10 +219,8 @@ public class ConfigGeneratorClient { } private isolated function storeFile(string jsonString, string fileName, string? directroy = ()) returns error? { string fullPath = directroy ?: ""; - if jsonString is string { - fullPath = fullPath + file:pathSeparator + fileName + ".yaml"; - _ = check io:fileWriteString(fullPath, jsonString); - } + fullPath = fullPath + file:pathSeparator + fileName + ".yaml"; + _ = check io:fileWriteString(fullPath, jsonString); } private isolated function zipDirectory(string zipfileName, string directoryPath) returns [string, string]|error { diff --git a/runtime/config-deployer-service/ballerina/K8sClient.bal b/runtime/config-deployer-service/ballerina/K8sClient.bal index d673b97f3b..744b282545 100644 --- a/runtime/config-deployer-service/ballerina/K8sClient.bal +++ b/runtime/config-deployer-service/ballerina/K8sClient.bal @@ -56,7 +56,7 @@ isolated function getConfigMapValueFromNameAndNamespace(string name, string name } isolated function deleteAPICR(string name, string namespace) returns http:Response|http:ClientError { - string endpoint = "/apis/dp.wso2.com/v1alpha1/namespaces/" + namespace + "/apis/" + name; + string endpoint = "/apis/dp.wso2.com/v1alpha2/namespaces/" + namespace + "/apis/" + name; return k8sApiServerEp->delete(endpoint, targetType = http:Response); } @@ -99,12 +99,12 @@ isolated function deleteConfigMap(string name, string namespace) returns http:Re } isolated function deployAPICR(model:API api, string namespace) returns http:Response|http:ClientError { - string endpoint = "/apis/dp.wso2.com/v1alpha1/namespaces/" + namespace + "/apis"; + string endpoint = "/apis/dp.wso2.com/v1alpha2/namespaces/" + namespace + "/apis"; return k8sApiServerEp->post(endpoint, api, targetType = http:Response); } isolated function updateAPICR(model:API api, string namespace) returns http:Response|http:ClientError { - string endpoint = "/apis/dp.wso2.com/v1alpha1/namespaces/" + namespace + "/apis/" + api.metadata.name; + string endpoint = "/apis/dp.wso2.com/v1alpha2/namespaces/" + namespace + "/apis/" + api.metadata.name; return k8sApiServerEp->put(endpoint, api, targetType = http:Response); } @@ -129,7 +129,7 @@ isolated function updateHttpRoute(model:Httproute httproute, string namespace) r } public isolated function getK8sAPIByNameAndNamespace(string name, string namespace) returns model:API?|commons:APKError { - string endpoint = "/apis/dp.wso2.com/v1alpha1/namespaces/" + namespace + "/apis/" + name; + string endpoint = "/apis/dp.wso2.com/v1alpha2/namespaces/" + namespace + "/apis/" + name; do { http:Response response = check k8sApiServerEp->get(endpoint); if response.statusCode == 200 { diff --git a/runtime/config-deployer-service/ballerina/modules/model/API.bal b/runtime/config-deployer-service/ballerina/modules/model/API.bal index 1e9dd20fa8..b0510e5403 100644 --- a/runtime/config-deployer-service/ballerina/modules/model/API.bal +++ b/runtime/config-deployer-service/ballerina/modules/model/API.bal @@ -18,7 +18,7 @@ public type API record { string kind = "API"; - string apiVersion = "dp.wso2.com/v1alpha1"; + string apiVersion = "dp.wso2.com/v1alpha2"; Metadata metadata; APISpec spec; APIStatus? status = (); @@ -32,6 +32,7 @@ public type APISpec record {| string organization; boolean isDefaultVersion?; string definitionFileRef?; + string environment?; string definitionPath?; EnvConfig[]|() production = (); EnvConfig[]|() sandbox = (); @@ -61,7 +62,7 @@ public type EnvConfig record { }; public type APIList record { - string apiVersion = "dp.wso2.com/v1alpha1"; + string apiVersion = "dp.wso2.com/v1alpha2"; string kind = "APIList"; API[] items; ListMeta metadata; diff --git a/runtime/config-deployer-service/ballerina/modules/org.wso2.apk.config.model/API.bal b/runtime/config-deployer-service/ballerina/modules/org.wso2.apk.config.model/API.bal index 15e992070a..0728ee0eb6 100644 --- a/runtime/config-deployer-service/ballerina/modules/org.wso2.apk.config.model/API.bal +++ b/runtime/config-deployer-service/ballerina/modules/org.wso2.apk.config.model/API.bal @@ -63,6 +63,13 @@ public distinct class API { return java:toString(org_wso2_apk_config_model_API_getEndpoint(self.jObj)) ?: ""; } + # The function that maps to the `getEnvironment` method of `org.wso2.apk.config.model.API`. + # + # + return - The `string` value returning from the Java mapping. + public isolated function getEnvironment() returns string { + return java:toString(org_wso2_apk_config_model_API_getEnvironment(self.jObj)) ?: ""; + } + # The function that maps to the `getGraphQLSchema` method of `org.wso2.apk.config.model.API`. # # + return - The `string` value returning from the Java mapping. @@ -162,6 +169,13 @@ public distinct class API { org_wso2_apk_config_model_API_setEndpoint(self.jObj, java:fromString(arg0)); } + # The function that maps to the `setEnvironment` method of `org.wso2.apk.config.model.API`. + # + # + arg0 - The `string` value required to map with the Java method parameter. + public function setEnvironment(string arg0) { + org_wso2_apk_config_model_API_setEnvironment(self.jObj, java:fromString(arg0)); + } + # The function that maps to the `setGraphQLSchema` method of `org.wso2.apk.config.model.API`. # # + arg0 - The `string` value required to map with the Java method parameter. @@ -302,6 +316,12 @@ isolated function org_wso2_apk_config_model_API_getEndpoint(handle receiver) ret paramTypes: [] } external; +isolated function org_wso2_apk_config_model_API_getEnvironment(handle receiver) returns handle = @java:Method { + name: "getEnvironment", + 'class: "org.wso2.apk.config.model.API", + paramTypes: [] +} external; + function org_wso2_apk_config_model_API_getGraphQLSchema(handle receiver) returns handle = @java:Method { name: "getGraphQLSchema", 'class: "org.wso2.apk.config.model.API", @@ -380,6 +400,12 @@ function org_wso2_apk_config_model_API_setEndpoint(handle receiver, handle arg0) paramTypes: ["java.lang.String"] } external; +function org_wso2_apk_config_model_API_setEnvironment(handle receiver, handle arg0) = @java:Method { + name: "setEnvironment", + 'class: "org.wso2.apk.config.model.API", + paramTypes: ["java.lang.String"] +} external; + function org_wso2_apk_config_model_API_setGraphQLSchema(handle receiver, handle arg0) = @java:Method { name: "setGraphQLSchema", 'class: "org.wso2.apk.config.model.API", diff --git a/runtime/config-deployer-service/ballerina/resources/apk-conf-schema.yaml b/runtime/config-deployer-service/ballerina/resources/apk-conf-schema.yaml index dea5ae8ebb..74345b1565 100644 --- a/runtime/config-deployer-service/ballerina/resources/apk-conf-schema.yaml +++ b/runtime/config-deployer-service/ballerina/resources/apk-conf-schema.yaml @@ -45,6 +45,10 @@ components: type: boolean description: | Is this the default version of the API + environment: + type: string + description: | + Environment of the API endpointConfigurations: $ref: "#/components/schemas/EndpointConfigurations" operations: diff --git a/runtime/config-deployer-service/ballerina/resources/artifact-deployer-api.yaml b/runtime/config-deployer-service/ballerina/resources/artifact-deployer-api.yaml index 28c5134a16..07ea7b8d8f 100644 --- a/runtime/config-deployer-service/ballerina/resources/artifact-deployer-api.yaml +++ b/runtime/config-deployer-service/ballerina/resources/artifact-deployer-api.yaml @@ -13,6 +13,9 @@ paths: tags: - APIs summary: Deploy API + security: + - OAuth2Security: + - apk:api_create description: | operationId: deployAPI requestBody: @@ -54,6 +57,9 @@ paths: tags: - APIs summary: Undeploy API + security: + - OAuth2Security: + - apk:api_create description: | operationId: undeployAPI parameters: @@ -132,3 +138,12 @@ components: schema: type: string default: application/json + securitySchemes: + OAuth2Security: + type: oauth2 + flows: + password: + tokenUrl: https://localhost:9095/oauth2/token + scopes: + openid: Authorize access to user details + apk:api_create: Deploy and Undeploy APIs diff --git a/runtime/config-deployer-service/ballerina/tests/APIClientTest.bal b/runtime/config-deployer-service/ballerina/tests/APIClientTest.bal index e76b001651..b1857323d3 100644 --- a/runtime/config-deployer-service/ballerina/tests/APIClientTest.bal +++ b/runtime/config-deployer-service/ballerina/tests/APIClientTest.bal @@ -139,7 +139,6 @@ public function testInterceptorConfigGenerationFromAPKConf() returns error? { test:assertEquals(apiArtifact.interceptorServices.length(), 2, "Required Interceptor services not defined"); foreach model:InterceptorService interceptorService in apiArtifact.interceptorServices { - test:assertTrue(interceptorService is model:InterceptorService); string interceptorName = interceptorService.metadata.name; model:InterceptorReference interceptorReference = {name: interceptorName}; if (interceptorName.startsWith("request-interceptor")) { @@ -573,6 +572,85 @@ public function testAPIKeyAndJWTEnable() returns error? { } } +@test:Config {} +public function testEnvironmentGenerationFromAPKConf() returns error? { + + GenerateK8sResourcesBody body = {}; + body.apkConfiguration = {fileName: "multiEnv.apk-conf", fileContent: check io:fileReadBytes("./tests/resources/multiEnv.apk-conf")}; + body.definitionFile = {fileName: "api.yaml", fileContent: check io:fileReadBytes("./tests/resources/api.yaml")}; + body.apiType = "REST"; + APIClient apiClient = new; + + model:APIArtifact apiArtifact = check apiClient.prepareArtifact(body.apkConfiguration, body.definitionFile, organization); + model:API? api = apiArtifact.api; + + if api is model:API { + model:APISpec apiSpec = api.spec; + + if apiSpec.environment != () { + test:assertEquals(apiSpec.environment, "dev", "Environment of the API is not equal to expected environment"); + } else { + test:assertFail("Environment of the API should not be nil"); + } + + } else { + test:assertFail("API is not equal to expected API Config"); + } + + model:Httproute[] productionRoutes = apiArtifact.productionRoute; + foreach var route in productionRoutes { + test:assertEquals(route.spec.hostnames, ["default-dev.gw.wso2.com"], "Production endpoint vhost mismatch"); + } + +} + +@test:Config {} +public function testBasicAPIFromAPKConf() returns error? { + + string apiType = "REST"; + GenerateK8sResourcesBody body = {}; + body.apkConfiguration = {fileName: "basicAPI.apk-conf", fileContent: check io:fileReadBytes("./tests/resources/basicAPI.apk-conf")}; + body.definitionFile = {fileName: "api.yaml", fileContent: check io:fileReadBytes("./tests/resources/api.yaml")}; + body.apiType = apiType; + APIClient apiClient = new; + + model:APIArtifact apiArtifact = check apiClient.prepareArtifact(body.apkConfiguration, body.definitionFile, organization); + model:API? api = apiArtifact.api; + + if api is model:API { + model:APISpec apiSpec = api.spec; + + string? definitionFileRef = apiSpec.definitionFileRef; + if definitionFileRef is string && definitionFileRef == "" { + test:assertFail("Definition file ref is not equal to expected definition file ref"); + } + + test:assertEquals(apiSpec.apiType, apiType, "API type is not equal to expected API type"); + + if apiSpec.isDefaultVersion == () { + test:assertFail("The field isDefaultVersion of the API should not be nil"); + } + test:assertFalse(apiSpec.isDefaultVersion, "The field isDefaultVersion of the API should be false"); + + if apiSpec.systemAPI != () { + test:assertFail("The field systemAPI of the API should be nil"); + } + + if apiSpec.environment != () { + test:assertFail("Environment of the API should be nil"); + } + + } else { + test:assertFail("API is not equal to expected API Config"); + } + + model:Httproute[] productionRoutes = apiArtifact.productionRoute; + foreach var route in productionRoutes { + test:assertEquals(route.spec.hostnames, ["default.gw.wso2.com"], "Production endpoint vhost mismatch"); + } + +} + public function APIToAPKConfDataProvider() returns map<[runtimeModels:API, APKConf]>|error { runtimeModels:API api = runtimeModels:newAPI1(); api.setName("testAPI"); diff --git a/runtime/config-deployer-service/ballerina/tests/resources/apk-schema.json b/runtime/config-deployer-service/ballerina/tests/resources/apk-schema.json index 84f322ea61..c4128641f3 100644 --- a/runtime/config-deployer-service/ballerina/tests/resources/apk-schema.json +++ b/runtime/config-deployer-service/ballerina/tests/resources/apk-schema.json @@ -43,6 +43,10 @@ "type": "boolean", "description": "Is this the default version of the API" }, + "environment": { + "type": "string", + "description": "Environment of the API" + }, "endpointConfigurations": { "$ref": "#/schemas/EndpointConfigurations", "description": "Configuration for different endpoints of the API." diff --git a/runtime/config-deployer-service/ballerina/tests/resources/basicAPI.apk-conf b/runtime/config-deployer-service/ballerina/tests/resources/basicAPI.apk-conf new file mode 100644 index 0000000000..f6f67c635c --- /dev/null +++ b/runtime/config-deployer-service/ballerina/tests/resources/basicAPI.apk-conf @@ -0,0 +1,15 @@ +name: api1 +version: 1.0.0 +basePath: /api1/1.0.0 +type: REST +endpointConfigurations: + production: + endpoint: http://backend.test-apk.svc.cluster.local:80 + sandbox: + endpoint: http://backend.test-apk.svc.cluster.local:80 +operations: +- target: /get + verb: GET + secured: false +- target: /get + verb: POST diff --git a/runtime/config-deployer-service/ballerina/tests/resources/multiEnv.apk-conf b/runtime/config-deployer-service/ballerina/tests/resources/multiEnv.apk-conf new file mode 100644 index 0000000000..76e27b9b37 --- /dev/null +++ b/runtime/config-deployer-service/ballerina/tests/resources/multiEnv.apk-conf @@ -0,0 +1,17 @@ +name: api1 +version: 1.0.0 +basePath: /api1/1.0.0 +type: REST +defaultVersion: true +environment: dev +endpointConfigurations: + production: + endpoint: http://backend.test-apk.svc.cluster.local:80 + sandbox: + endpoint: http://backend.test-apk.svc.cluster.local:80 +operations: +- target: /get + verb: GET + secured: false +- target: /get + verb: POST diff --git a/runtime/config-deployer-service/ballerina/types.bal b/runtime/config-deployer-service/ballerina/types.bal index 4eb6dcceb6..6699de307d 100644 --- a/runtime/config-deployer-service/ballerina/types.bal +++ b/runtime/config-deployer-service/ballerina/types.bal @@ -211,6 +211,8 @@ public type APKConf record { string definitionPath?; # Is this the default version of the API boolean defaultVersion = false; + # Environment of the API + string environment?; EndpointConfigurations endpointConfigurations?; APKOperations[] operations?; APIOperationPolicies apiPolicies?; diff --git a/runtime/config-deployer-service/docker/Dockerfile b/runtime/config-deployer-service/docker/Dockerfile index 2cba56ae93..82f8ba2aa2 100644 --- a/runtime/config-deployer-service/docker/Dockerfile +++ b/runtime/config-deployer-service/docker/Dockerfile @@ -3,6 +3,10 @@ FROM ubuntu:22.04 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' LC_ALL='en_US.UTF-8' +# Upgrade Ubuntu Dependencies +RUN apt-get update \ + && apt-get upgrade -y + # install JDK Dependencies RUN apt-get update \ && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends tzdata curl wget ca-certificates fontconfig locales \ diff --git a/runtime/config-deployer-service/docker/config-deployer/conf/apk-schema.json b/runtime/config-deployer-service/docker/config-deployer/conf/apk-schema.json index e62515efb4..ffedf045ca 100644 --- a/runtime/config-deployer-service/docker/config-deployer/conf/apk-schema.json +++ b/runtime/config-deployer-service/docker/config-deployer/conf/apk-schema.json @@ -43,6 +43,10 @@ "type": "boolean", "description": "Is this the default version of the API" }, + "environment": { + "type": "string", + "description": "Environment of the API" + }, "endpointConfigurations": { "$ref": "#/schemas/EndpointConfigurations", "description": "Configuration for different endpoints of the API." diff --git a/runtime/config-deployer-service/java/src/main/java/org/wso2/apk/config/model/API.java b/runtime/config-deployer-service/java/src/main/java/org/wso2/apk/config/model/API.java index b8fc70f0ac..e8060a6588 100644 --- a/runtime/config-deployer-service/java/src/main/java/org/wso2/apk/config/model/API.java +++ b/runtime/config-deployer-service/java/src/main/java/org/wso2/apk/config/model/API.java @@ -14,6 +14,7 @@ public class API { private String[] scopes; private String graphQLSchema; private String swaggerDefinition; + private String environment; public String getType() { return type; @@ -107,4 +108,12 @@ public void setEndpoint(String endpoint) { this.endpoint = endpoint; } + + public String getEnvironment() { + return environment; + } + + public void setEnvironment(String environment) { + this.environment = environment; + } } diff --git a/runtime/runtime-ui/schema/apk-schema.json b/runtime/runtime-ui/schema/apk-schema.json index 84f322ea61..c4128641f3 100644 --- a/runtime/runtime-ui/schema/apk-schema.json +++ b/runtime/runtime-ui/schema/apk-schema.json @@ -43,6 +43,10 @@ "type": "boolean", "description": "Is this the default version of the API" }, + "environment": { + "type": "string", + "description": "Environment of the API" + }, "endpointConfigurations": { "$ref": "#/schemas/EndpointConfigurations", "description": "Configuration for different endpoints of the API." diff --git a/test/cucumber-tests/CRs/artifacts.yaml b/test/cucumber-tests/CRs/artifacts.yaml index a6d401c523..c947f850dd 100644 --- a/test/cucumber-tests/CRs/artifacts.yaml +++ b/test/cucumber-tests/CRs/artifacts.yaml @@ -578,6 +578,54 @@ spec: kind: Gateway name: default --- +kind: TokenIssuer +apiVersion: dp.wso2.com/v1alpha2 +metadata: + name: multi-env-token-issuer-all-envs + namespace: apk-integration-test +spec: + consumerKeyClaim: azp + issuer: https://idp1.com + name: idp-all-env + organization: org3 + scopesClaim: scope + environments: + - "*" + signatureValidation: + jwks: + url: "http://dynamic-backend-service:8080/idp1/jwks" + claimMappings: + - remoteClaim: "organization" + localClaim: "x-wso2-organization" + targetRef: + group: gateway.networking.k8s.io + kind: Gateway + name: default +--- +kind: TokenIssuer +apiVersion: dp.wso2.com/v1alpha2 +metadata: + name: multi-env-token-issuer-dev-env + namespace: apk-integration-test +spec: + consumerKeyClaim: azp + issuer: https://idp1.com + name: idp-dev-only + organization: org4 + scopesClaim: scope + environments: + - "dev" + signatureValidation: + jwks: + url: "http://dynamic-backend-service:8080/idp1/jwks" + claimMappings: + - remoteClaim: "organization" + localClaim: "x-wso2-organization" + targetRef: + group: gateway.networking.k8s.io + kind: Gateway + name: default +--- # We have removed the Envoy admin interface port from our helm gateway service yaml. So we need this one here. apiVersion: v1 kind: Service diff --git a/test/cucumber-tests/scripts/setup-hosts.sh b/test/cucumber-tests/scripts/setup-hosts.sh index 74c899b929..4ebf9f1cd5 100644 --- a/test/cucumber-tests/scripts/setup-hosts.sh +++ b/test/cucumber-tests/scripts/setup-hosts.sh @@ -16,6 +16,13 @@ sudo echo "$IP api.am.wso2.com" | sudo tee -a /etc/hosts sudo echo "$IP default.gw.wso2.com" | sudo tee -a /etc/hosts sudo echo "$IP org1.gw.wso2.com" | sudo tee -a /etc/hosts sudo echo "$IP org2.gw.wso2.com" | sudo tee -a /etc/hosts +sudo echo "$IP org3.gw.wso2.com" | sudo tee -a /etc/hosts +sudo echo "$IP org4.gw.wso2.com" | sudo tee -a /etc/hosts sudo echo "$IP default.sandbox.gw.wso2.com" | sudo tee -a /etc/hosts +sudo echo "$IP default-dev.gw.wso2.com" | sudo tee -a /etc/hosts +sudo echo "$IP default-qa.gw.wso2.com" | sudo tee -a /etc/hosts +sudo echo "$IP org3-qa.gw.wso2.com" | sudo tee -a /etc/hosts +sudo echo "$IP org4-qa.gw.wso2.com" | sudo tee -a /etc/hosts +sudo echo "$IP org4-dev.gw.wso2.com" | sudo tee -a /etc/hosts sudo echo "255.255.255.255 broadcasthost" | sudo tee -a /etc/hosts sudo echo "::1 localhost" | sudo tee -a /etc/hosts diff --git a/test/cucumber-tests/src/test/java/org/wso2/apk/integration/api/BaseSteps.java b/test/cucumber-tests/src/test/java/org/wso2/apk/integration/api/BaseSteps.java index 4938e8534d..1ba9414be6 100644 --- a/test/cucumber-tests/src/test/java/org/wso2/apk/integration/api/BaseSteps.java +++ b/test/cucumber-tests/src/test/java/org/wso2/apk/integration/api/BaseSteps.java @@ -323,6 +323,19 @@ public void iHaveValidSubscription() throws Exception { headers.put(Constants.REQUEST_HEADERS.HOST, Constants.DEFAULT_IDP_HOST); headers.put(Constants.REQUEST_HEADERS.AUTHORIZATION, "Basic NDVmMWM1YzgtYTkyZS0xMWVkLWFmYTEtMDI0MmFjMTIwMDAyOjRmYmQ2MmVjLWE5MmUtMTFlZC1hZmExLTAyNDJhYzEyMDAwMg=="); + HttpResponse httpResponse = httpClient.doPost(Utils.getTokenEndpointURL(), headers, "grant_type=client_credentials&scope=" + Constants.API_CREATE_SCOPE, + Constants.CONTENT_TYPES.APPLICATION_X_WWW_FORM_URLENCODED); + sharedContext.setAccessToken(Utils.extractToken(httpResponse)); + sharedContext.addStoreValue("accessToken", sharedContext.getAccessToken()); + } + + @Given("I have a valid subscription without api deploy permission") + public void iHaveValidSubscriptionWithAPICreateScope() throws Exception { + + Map headers = new HashMap<>(); + headers.put(Constants.REQUEST_HEADERS.HOST, Constants.DEFAULT_IDP_HOST); + headers.put(Constants.REQUEST_HEADERS.AUTHORIZATION, "Basic NDVmMWM1YzgtYTkyZS0xMWVkLWFmYTEtMDI0MmFjMTIwMDAyOjRmYmQ2MmVjLWE5MmUtMTFlZC1hZmExLTAyNDJhYzEyMDAwMg=="); + HttpResponse httpResponse = httpClient.doPost(Utils.getTokenEndpointURL(), headers, "grant_type=client_credentials", Constants.CONTENT_TYPES.APPLICATION_X_WWW_FORM_URLENCODED); sharedContext.setAccessToken(Utils.extractToken(httpResponse)); diff --git a/test/cucumber-tests/src/test/java/org/wso2/apk/integration/api/JWTGeneratorSteps.java b/test/cucumber-tests/src/test/java/org/wso2/apk/integration/api/JWTGeneratorSteps.java index d211cb974e..dffad65113 100644 --- a/test/cucumber-tests/src/test/java/org/wso2/apk/integration/api/JWTGeneratorSteps.java +++ b/test/cucumber-tests/src/test/java/org/wso2/apk/integration/api/JWTGeneratorSteps.java @@ -23,6 +23,8 @@ import java.util.Date; import java.util.UUID; +import org.wso2.apk.integration.utils.Constants; + public class JWTGeneratorSteps { private final SharedContext sharedContext; @@ -47,7 +49,7 @@ public void generateTokenFromIdp1(String kid) throws IOException, CertificateExc .expirationTime(new Date(new Date().getTime() + 60 * 1000)) .jwtID(UUID.randomUUID().toString()) .claim("azp", UUID.randomUUID().toString()) - .claim("scope", "default") + .claim("scope", Constants.API_CREATE_SCOPE) .build(); SignedJWT signedJWT = new SignedJWT( new JWSHeader.Builder(JWSAlgorithm.RS256).keyID(kid).build(), @@ -74,7 +76,7 @@ public void generateTokenFromIdp1WithOrganization(String organization) throws IO .expirationTime(new Date(new Date().getTime() + 60 * 1000)) .jwtID(UUID.randomUUID().toString()) .claim("azp", UUID.randomUUID().toString()) - .claim("scope", "default") + .claim("scope", Constants.API_CREATE_SCOPE) .claim("organization", organization) .build(); SignedJWT signedJWT = new SignedJWT( diff --git a/test/cucumber-tests/src/test/java/org/wso2/apk/integration/utils/Constants.java b/test/cucumber-tests/src/test/java/org/wso2/apk/integration/utils/Constants.java index fb04807f74..8c543c8b03 100644 --- a/test/cucumber-tests/src/test/java/org/wso2/apk/integration/utils/Constants.java +++ b/test/cucumber-tests/src/test/java/org/wso2/apk/integration/utils/Constants.java @@ -27,6 +27,7 @@ public class Constants { public static final String DEFAULT_API_DEPLOYER = "api/deployer/1.0.0/"; public static final String ACCESS_TOKEN = "accessToken"; public static final String EMPTY_STRING = ""; + public static final String API_CREATE_SCOPE = "apk:api_create"; public static final String SPACE_STRING = " "; public static final String SUBSCRIPTION_BASIC_AUTH_TOKEN = "Basic NDVmMWM1YzgtYTkyZS0xMWVkLWFmYTEtMDI0MmFjMTIwMDAyOjRmYmQ2MmVjLWE5MmUtMTFlZC1hZmExLTAyNDJhYzEyMDAwMg=="; diff --git a/test/cucumber-tests/src/test/resources/artifacts/apk-confs/multi-env/employees_conf.yaml b/test/cucumber-tests/src/test/resources/artifacts/apk-confs/multi-env/employees_conf.yaml new file mode 100644 index 0000000000..190a9fd331 --- /dev/null +++ b/test/cucumber-tests/src/test/resources/artifacts/apk-confs/multi-env/employees_conf.yaml @@ -0,0 +1,27 @@ +--- +name: "EmployeeServiceAPIDev" +basePath: "/withoutenv" +version: "3.14" +id: "without-env-api" +type: "REST" +defaultVersion: false +endpointConfigurations: + production: + endpoint: "http://backend:80/anything" +operations: + - target: "/employee" + verb: "GET" + secured: true + scopes: [] + - target: "/employee" + verb: "POST" + secured: true + scopes: [] + - target: "/employee/{employeeId}" + verb: "PUT" + secured: true + scopes: [] + - target: "/employee/{employeeId}" + verb: "DELETE" + secured: true + scopes: [] diff --git a/test/cucumber-tests/src/test/resources/artifacts/apk-confs/multi-env/employees_conf_dev.yaml b/test/cucumber-tests/src/test/resources/artifacts/apk-confs/multi-env/employees_conf_dev.yaml new file mode 100644 index 0000000000..be7d92970c --- /dev/null +++ b/test/cucumber-tests/src/test/resources/artifacts/apk-confs/multi-env/employees_conf_dev.yaml @@ -0,0 +1,28 @@ +--- +name: "EmployeeServiceAPIDev" +basePath: "/multienv" +version: "3.14" +id: "multi-env-dev-api" +type: "REST" +defaultVersion: false +environment: "dev" +endpointConfigurations: + production: + endpoint: "http://backend:80/anything" +operations: + - target: "/employee" + verb: "GET" + secured: true + scopes: [] + - target: "/employee" + verb: "POST" + secured: true + scopes: [] + - target: "/employee/{employeeId}" + verb: "PUT" + secured: true + scopes: [] + - target: "/employee/{employeeId}" + verb: "DELETE" + secured: true + scopes: [] diff --git a/test/cucumber-tests/src/test/resources/artifacts/apk-confs/multi-env/employees_conf_qa.yaml b/test/cucumber-tests/src/test/resources/artifacts/apk-confs/multi-env/employees_conf_qa.yaml new file mode 100644 index 0000000000..7d6c9512ab --- /dev/null +++ b/test/cucumber-tests/src/test/resources/artifacts/apk-confs/multi-env/employees_conf_qa.yaml @@ -0,0 +1,28 @@ +--- +name: "EmployeeServiceAPIQA" +basePath: "/multienv" +version: "3.14" +id: "multi-env-qa-api" +type: "REST" +defaultVersion: false +environment: "qa" +endpointConfigurations: + production: + endpoint: "http://backend:80/anything" +operations: + - target: "/employee" + verb: "GET" + secured: true + scopes: [] + - target: "/employee" + verb: "POST" + secured: true + scopes: [] + - target: "/employee/{employeeId}" + verb: "PUT" + secured: true + scopes: [] + - target: "/employee/{employeeId}" + verb: "DELETE" + secured: true + scopes: [] diff --git a/test/cucumber-tests/src/test/resources/artifacts/apk-confs/simple_rl_conf.yaml b/test/cucumber-tests/src/test/resources/artifacts/apk-confs/simple_rl_conf.yaml index 5d489245e3..afcde354c5 100644 --- a/test/cucumber-tests/src/test/resources/artifacts/apk-confs/simple_rl_conf.yaml +++ b/test/cucumber-tests/src/test/resources/artifacts/apk-confs/simple_rl_conf.yaml @@ -8,6 +8,8 @@ defaultVersion: false endpointConfigurations: production: endpoint: "http://backend:80/anything" + sandbox: + endpoint: "http://backend:80/anything" operations: - target: "/employee" verb: "GET" diff --git a/test/cucumber-tests/src/test/resources/artifacts/apk-confs/simple_rl_resource_conf.yaml b/test/cucumber-tests/src/test/resources/artifacts/apk-confs/simple_rl_resource_conf.yaml index a5ca777455..33ec6a9517 100644 --- a/test/cucumber-tests/src/test/resources/artifacts/apk-confs/simple_rl_resource_conf.yaml +++ b/test/cucumber-tests/src/test/resources/artifacts/apk-confs/simple_rl_resource_conf.yaml @@ -8,6 +8,8 @@ defaultVersion: false endpointConfigurations: production: endpoint: "http://backend:80/anything" + sandbox: + endpoint: "http://backend:80/anything" operations: - target: "/employee" verb: "GET" diff --git a/test/cucumber-tests/src/test/resources/tests/api/CustomRatelimit.feature b/test/cucumber-tests/src/test/resources/tests/api/CustomRatelimit.feature index 682618418a..5b7c0ecea3 100644 --- a/test/cucumber-tests/src/test/resources/tests/api/CustomRatelimit.feature +++ b/test/cucumber-tests/src/test/resources/tests/api/CustomRatelimit.feature @@ -61,9 +61,9 @@ Feature: Custom ratelimit # Request 9 - for org_id descriptor And I send "GET" request to "https://default.gw.wso2.com:9095/test-custom-ratelimit/employee" with body "" Then the response status code should be 200 -# Request 10 - for org_id descriptor TODO Once the ratelimitter bug is fixed this should return a 200 +# Request 10 - for org_id descriptor And I send "GET" request to "https://default.gw.wso2.com:9095/test-custom-ratelimit/employee" with body "" - Then the response status code should be 429 + Then the response status code should be 200 # Request 11 - for org_id descriptor And I send "GET" request to "https://default.gw.wso2.com:9095/test-custom-ratelimit/employee" with body "" Then the response status code should be 429 diff --git a/test/cucumber-tests/src/test/resources/tests/api/MultiEnvironment.feature b/test/cucumber-tests/src/test/resources/tests/api/MultiEnvironment.feature new file mode 100644 index 0000000000..7c49dd524b --- /dev/null +++ b/test/cucumber-tests/src/test/resources/tests/api/MultiEnvironment.feature @@ -0,0 +1,117 @@ +Feature: Deploy APIs in multiple environments + Scenario: Deploying an API without specifing an Environment and token issuer has no environments. + Given The system is ready + And I have a valid subscription + When I use the APK Conf file "artifacts/apk-confs/multi-env/employees_conf.yaml" + And the definition file "artifacts/definitions/employees_api.json" + And make the API deployment request + Then the response status code should be 200 + Then I set headers + |Authorization|bearer ${accessToken}| + And I send "GET" request to "https://default.gw.wso2.com:9095/withoutenv/3.14/employee/" with body "" + And I eventually receive 200 response code, not accepting + |429| + When I undeploy the API whose ID is "without-env-api" + Then the response status code should be 202 + + Scenario: Deploying an API without specifing an Environment and token issuer has all(*) environments. + Given The system is ready + And I have a valid token for organization "org3" + When I use the APK Conf file "artifacts/apk-confs/multi-env/employees_conf.yaml" + And the definition file "artifacts/definitions/employees_api.json" + And make the API deployment request for organization "org3" + Then the response status code should be 200 + Then I set headers + |Authorization|bearer ${org3}| + And I send "GET" request to "https://org3.gw.wso2.com:9095/withoutenv/3.14/employee/" with body "" + And I eventually receive 200 response code, not accepting + |429| + When I undeploy the API whose ID is "without-env-api" and organization "org3" + Then the response status code should be 202 + + Scenario: Deploying an API without specifing an Environment and token issuer has only dev environment. + Given The system is ready + And I have a valid token for organization "org4" + When I use the APK Conf file "artifacts/apk-confs/multi-env/employees_conf.yaml" + And the definition file "artifacts/definitions/employees_api.json" + And make the API deployment request for organization "org4" + Then the response status code should be 200 + Then I set headers + |Authorization|bearer ${org4}| + And I send "GET" request to "https://org4.gw.wso2.com:9095/withoutenv/3.14/employee/" with body "" + And I eventually receive 401 response code, not accepting + |200| + When I undeploy the API whose ID is "without-env-api" and organization "org4" + Then the response status code should be 202 + + Scenario: Deploying APIs in Dev and QA environments and token issuer has no environments. + Given The system is ready + And I have a valid subscription + When I use the APK Conf file "artifacts/apk-confs/multi-env/employees_conf_dev.yaml" + And the definition file "artifacts/definitions/employees_api.json" + And make the API deployment request + Then the response status code should be 200 + Then I set headers + |Authorization|bearer ${accessToken}| + And I send "GET" request to "https://default-dev.gw.wso2.com:9095/multienv/3.14/employee/" with body "" + And I eventually receive 200 response code, not accepting + |429| + When I use the APK Conf file "artifacts/apk-confs/multi-env/employees_conf_qa.yaml" + And the definition file "artifacts/definitions/employees_api.json" + And make the API deployment request + Then the response status code should be 200 + Then I set headers + |Authorization|bearer ${accessToken}| + And I send "GET" request to "https://default-qa.gw.wso2.com:9095/multienv/3.14/employee/" with body "" + And I eventually receive 200 response code, not accepting + |429| + When I undeploy the API whose ID is "multi-env-dev-api" + Then the response status code should be 202 + When I undeploy the API whose ID is "multi-env-qa-api" + Then the response status code should be 202 + + Scenario: Deploying an API in QA environment and token issuer has all(*) environments. + Given The system is ready + And I have a valid token for organization "org3" + When I use the APK Conf file "artifacts/apk-confs/multi-env/employees_conf_qa.yaml" + And the definition file "artifacts/definitions/employees_api.json" + And make the API deployment request for organization "org3" + Then the response status code should be 200 + Then I set headers + |Authorization|bearer ${org3}| + And I send "GET" request to "https://org3-qa.gw.wso2.com:9095/multienv/3.14/employee/" with body "" + And I eventually receive 200 response code, not accepting + |401| + When I undeploy the API whose ID is "multi-env-qa-api" and organization "org3" + Then the response status code should be 202 + + Scenario: Deploying an API in QA environment and token issuer has only Dev environment. + Given The system is ready + And I have a valid token for organization "org4" + When I use the APK Conf file "artifacts/apk-confs/multi-env/employees_conf_qa.yaml" + And the definition file "artifacts/definitions/employees_api.json" + And make the API deployment request for organization "org4" + Then the response status code should be 200 + Then I set headers + |Authorization|bearer ${org4}| + And I send "GET" request to "https://org4-qa.gw.wso2.com:9095/multienv/3.14/employee/" with body "" + And I eventually receive 401 response code, not accepting + |200| + When I undeploy the API whose ID is "multi-env-qa-api" and organization "org4" + Then the response status code should be 202 + + Scenario: Deploying an API in Dev environment and token issuer has only Dev environment. + Given The system is ready + And I have a valid token for organization "org4" + When I use the APK Conf file "artifacts/apk-confs/multi-env/employees_conf_dev.yaml" + And the definition file "artifacts/definitions/employees_api.json" + And make the API deployment request for organization "org4" + Then the response status code should be 200 + Then I set headers + |Authorization|bearer ${org4}| + And I send "GET" request to "https://org4-dev.gw.wso2.com:9095/multienv/3.14/employee/" with body "" + And I eventually receive 200 response code, not accepting + |401| + When I undeploy the API whose ID is "multi-env-dev-api" and organization "org4" + Then the response status code should be 202 + \ No newline at end of file diff --git a/test/cucumber-tests/src/test/resources/tests/api/SimpleRateLimit.feature b/test/cucumber-tests/src/test/resources/tests/api/SimpleRateLimit.feature index c1556eb130..7b88660c50 100644 --- a/test/cucumber-tests/src/test/resources/tests/api/SimpleRateLimit.feature +++ b/test/cucumber-tests/src/test/resources/tests/api/SimpleRateLimit.feature @@ -15,6 +15,8 @@ Feature: Test simple rate limit feature |401| And I send "GET" request to "https://default.gw.wso2.com:9095/simple-rl/3.14/employee/" with body "" Then the response status code should be 429 + And I send "GET" request to "https://default.sandbox.gw.wso2.com:9095/simple-rl/3.14/employee/" with body "" + Then the response status code should be 429 Scenario: Test simple rate limit api level for unsecured api Given The system is ready @@ -48,6 +50,12 @@ Feature: Test simple rate limit feature |401| And I send "POST" request to "https://default.gw.wso2.com:9095/simple-rl-r/3.14/employee/" with body "" Then the response status code should be 429 + And I send "POST" request to "https://default.sandbox.gw.wso2.com:9095/simple-rl-r/3.14/employee/" with body "" + And I eventually receive 200 response code, not accepting + |429| + |401| + And I send "POST" request to "https://default.sandbox.gw.wso2.com:9095/simple-rl-r/3.14/employee/" with body "" + Then the response status code should be 429 And I wait for next minute And I send "GET" request to "https://default.gw.wso2.com:9095/simple-rl-r/3.14/employee/" with body "" Then the response status code should be 200 diff --git a/test/cucumber-tests/src/test/resources/tests/api/deployment.feature b/test/cucumber-tests/src/test/resources/tests/api/deployment.feature index 1827a5b30c..56e2ef2605 100644 --- a/test/cucumber-tests/src/test/resources/tests/api/deployment.feature +++ b/test/cucumber-tests/src/test/resources/tests/api/deployment.feature @@ -1,4 +1,12 @@ Feature: API Deployment + Scenario: Deploying an API without api create scope + Given The system is ready + And I have a valid subscription without api deploy permission + When I use the APK Conf file "artifacts/apk-confs/cors_API.apk-conf" + And the definition file "artifacts/definitions/cors_api.yaml" + And make the API deployment request + Then the response status code should be 403 + Scenario: Deploying an API Given The system is ready And I have a valid subscription @@ -17,6 +25,12 @@ Feature: API Deployment Then the response status code should be 400 And the response body should contain |"#/corsConfiguration/corsConfigurationEnabled: expected type: Boolean, found: String"| + + Scenario Outline: Undeploy an API without api create scope + Given The system is ready + And I have a valid subscription without api deploy permission + When I undeploy the API whose ID is "" + Then the response status code should be 403 Scenario Outline: Undeploy an API Given The system is ready diff --git a/test/interceptor-backend/ballerina/types.bal b/test/interceptor-backend/ballerina/types.bal index 76ebe5010b..70a90892da 100644 --- a/test/interceptor-backend/ballerina/types.bal +++ b/test/interceptor-backend/ballerina/types.bal @@ -142,6 +142,7 @@ public type InvocationContext record { string prodClusterName?; string sandClusterName?; string apiProperties?; + string environment?; InvocationContext_authenticationContext authenticationContext?; };