RLP v1beta2 (#230)

* rpl v2 CRD

* RLP CRD v2: WhenConditionOperator only eq and neq

* controller-gen paths for v1beta2 as well

* minor enhancement about logging only in debug mode

* rlp v1beta2 controller

* WASM plugin configuration object v2

* bundle update

* fixup! bundle update

* fix tests

* WASMPlugin update to camel case

* fix integration tests

* wasm types moved to a common package

* different selectors share type: ContextSelector

---------

Co-authored-by: Eguzki Astiz Lezaun <eastizle@redhat.com>

* [rlp-v2] WasmPlugin reconciliation  (#204)

* reconciliation of route selectors for RLPs targeting HTTPRoutes

* Change `common.Contains(slice []string, target string)` to any comparable type (using generics)
* Define a `common.HTTPRouteRuleSelector` type that checks whether a `HTTPRouteMatch` selects a `HTTPRouteRule` or not
* Define a `rlptools.HTTPRouteRulesFromRouteSelector` function that returns all rules from a HTTPRoute that a route selector selects (using `common.HTTPRouteRuleSelector`)
* Modify `rlptools.conditionsFromLimit` to use `rlptools.HTTPRouteRulesFromRouteSelector` and generate wasm conditions for each combination of selected route rule match and hostname
* Ensure all generated route conditions include a pattern for the hostnames (route selectors’, HTTPRoute’s or Gateway’s)
* Ensure all generated route conditions include the user-defined `when` conditions

* add tests for generating a wasmplugin config out of a complex httproute and complex ratelimitpolicy

The httproute declares 2 rules and 2 hostnames.

The RLP declares 2 limits:
- one limit declares one counter, targets one of the httprouterules, for one hostname only, with an additional 'when' condition and counter qualifier;
- the other limit declares 2 counters, targets the other httprouterule, for all hostnames, and states no additional 'when' condition nor counter qualifier.

* generate wasm rules only for routeSelector-filtered hostnames that belong to the targeted route

* fix: pattern expression for hostnames with the right operator - introduces 'endswith' pattern operator

* fix: compute wasm rules only for the applicable hostnames

Passes a list of hostnames into the call to the function that generates the wasm rules for a given RLP, notoriously to compute the conditions when to apply each limit. The list of hostnames is the domain intersection between the hostnames specified in the HTTPRoute and its parent gateway for which the wasm config is being built. The route selection considers this as a boundary, so it doesn’t generate rules for the wrong gateway/hostname.

Fixes the computation of conditions when no HTTPRouteRule matches the route selectors.

* do not generate wasm condition patterns for the hostname when all apply

* do not repeat RLPs for each hostname within the wasm config

* `rlptools.HTTPRouteRulesFromRouteSelector` moved to `api/v1beta2/route_selectors.go` along with the `RouteSelector` type itself

+ no longer injecting a separate list of hostnames for avoiding building wasm rules for hostnames that do not apply, as this did not seem to belong to the route selector logic anyway.

* reconciliation of route selectors for RLPs targeting Gateways

Get all HTTPRoutes that are children of the Gateway and call the generation of the set of wasm rules (conditions and data for each limit) for each HTTPRoute

* match the gateway hostnames instead of the httproute ones when building the wasm rules for rlps that target a gateway

* refactor: make HTTPRouteRuleSelector.Selects return sooner if the HTTP method does not match

* refactor: ensure wasm rule conditions are generated out of selected HTTPRouteRules in the same order as the selectors select the rules

* Prevent the usage of routeSelectors in RLPs that target a Gateway

* do not generate conditions for gateway policy wasm rules from httproutes that have a rlp of its own and avoid building wasmplugins when there are no rules to apply

* avoid adding rlps without any rules to the wasm config

* fix: do not use gateway name nor host in the RL domain

Fixes the reconciliation of the Limitador CR, pairing it with the reconciled wasm config (WasmPlugin CR), so
- rate limit definitions won't be duplicated in the Limitador CR;
- limits can be defined crossing gateways and hostnames and yet be treated as the same limit in Limitador (case of simple RLPs that target HTTPRoutes with multiple Gateway parent refs)

* Limit names in the Limitador conditions and RL request data generated in the format: limit.<limit-name>__<hash>, where <limit-name> is sanitised to include only characters allowed by Limitador for the identifiers and <hash> is generated out of the original limit name to avoid breaking uniqueness of the name after sanitisation.

* fix: missing rebase changes & update istio deps

For some reason after rebase, there is some dependency issue. This was fixed by updating the istio dep to https://github.com/istio/istio/releases/tag/1.17.5

* fix: lint issues

* refactor: lint change for CountersAsStringList() and deleteLimits()

Co-authored-by: Guilherme Cassolato <guicassolato@gmail.com>

---------

Co-authored-by: Eguzki Astiz Lezaun <eastizle@redhat.com>
Co-authored-by: Guilherme Cassolato <guicassolato@gmail.com>
Co-authored-by: KevFan <chfan@redhat.com>

Makefile

@@ -230,8 +230,8 @@ act: $(ACT) ## Download act locally if necessary.
 
 .PHONY: manifests
 manifests: controller-gen ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects.
-	$(CONTROLLER_GEN) crd webhook paths="./api/v1beta1" output:crd:artifacts:config=config/crd/bases
-	$(CONTROLLER_GEN) rbac:roleName=manager-role paths="./..."
+	$(CONTROLLER_GEN) crd paths="./api/v1beta1;./api/v1beta2" output:crd:artifacts:config=config/crd/bases
+	$(CONTROLLER_GEN) rbac:roleName=manager-role webhook paths="./..."
 
 .PHONY: dependencies-manifests
 dependencies-manifests: export AUTHORINO_OPERATOR_GITREF := $(AUTHORINO_OPERATOR_GITREF)