Kuadrant · didierofrivia · Oct 2, 2024 · Sep 23, 2024 · Sep 23, 2024 · Sep 23, 2024
diff --git a/controllers/envoygateway_wasm_controller.go b/controllers/envoygateway_wasm_controller.go
@@ -135,7 +135,7 @@ func (r *EnvoyGatewayWasmReconciler) desiredEnvoyExtensionPolicy(
 		return nil, err
 	}
 
-	if config == nil || len(config.RateLimitPolicies) == 0 {
+	if config == nil || len(config.Policies) == 0 {
 		logger.V(1).Info("config is empty. EnvoyExtensionPolicy will be deleted if it exists")
 		utils.TagObjectToDelete(envoyPolicy)
 		return envoyPolicy, nil

diff --git a/controllers/rate_limiting_istio_wasmplugin_controller.go b/controllers/rate_limiting_istio_wasmplugin_controller.go
@@ -132,7 +132,7 @@ func (r *RateLimitingIstioWASMPluginReconciler) desiredRateLimitingWASMPlugin(ct
 		return nil, err
 	}
 
-	if pluginConfig == nil || len(pluginConfig.RateLimitPolicies) == 0 {
+	if pluginConfig == nil || len(pluginConfig.Policies) == 0 {
 		logger.V(1).Info("pluginConfig is empty. Wasmplugin will be deleted if it exists")
 		utils.TagObjectToDelete(wasmPlugin)
 		return wasmPlugin, nil

diff --git a/doc/development.md b/doc/development.md
@@ -248,6 +248,7 @@ Multiple controller integration tests are defined
 | `github.com/kuadrant/kuadrant-operator/tests/gatewayapi` | no gateway provider. GatewayAPI CRDs, Kuadrant API and Kuadrant dependencies. | `make local-gatewayapi-env-setup` | `make test-gatewayapi-env-integration` |
 | `github.com/kuadrant/kuadrant-operator/controllers` | at least one gatewayapi provider. It can be any: istio, envoygateway, ...  | `make local-env-setup GATEWAYAPI_PROVIDER=[istio \| envoygateway]` (Default *istio*) | `make test-integration GATEWAYAPI_PROVIDER=[istio \| envoygateway]` (Default *istio*) |
 | `github.com/kuadrant/kuadrant-operator/tests/istio` | GatewayAPI CRDs, Istio, Kuadrant API and Kuadrant dependencies.  | `make local-env-setup GATEWAYAPI_PROVIDER=istio` | `make test-istio-env-integration` |
+| `github.com/kuadrant/kuadrant-operator/tests/envoygateway` | GatewayAPI CRDs, EnvoyGateway, Kuadrant API and Kuadrant dependencies.  | `make local-env-setup GATEWAYAPI_PROVIDER=envoygateway` | `make test-envoygateway-env-integration` |
 
 ### Lint tests
 

diff --git a/go.mod b/go.mod
@@ -35,6 +35,7 @@ require (
 	sigs.k8s.io/controller-runtime v0.18.4
 	sigs.k8s.io/external-dns v0.14.0
 	sigs.k8s.io/gateway-api v1.1.0
+	sigs.k8s.io/yaml v1.4.0
 )
 
 require (
@@ -183,7 +184,6 @@ require (
 	sigs.k8s.io/kustomize/api v0.17.2 // indirect
 	sigs.k8s.io/kustomize/kyaml v0.17.1 // indirect
 	sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
-	sigs.k8s.io/yaml v1.4.0 // indirect
 )
 
 replace maistra.io/istio-operator => github.com/maistra/istio-operator v0.0.0-20240217080932-98753cb28cd7

diff --git a/pkg/rlptools/wasm/types.go b/pkg/rlptools/wasm/types.go
@@ -1,6 +1,7 @@
 package wasm
 
 import (
+	"bytes"
 	"encoding/json"
 	"errors"
 
@@ -39,14 +40,49 @@
 	Key   string `json:"key"`
 }
 
-// TODO implement one of constraint
-// Precisely one of "static", "selector" must be set.
-type DataItem struct {
-	// +optional
-	Static *StaticSpec `json:"static,omitempty"`
+type Static struct {
+	Static StaticSpec `json:"static"`
+}
 
-	// +optional
-	Selector *SelectorSpec `json:"selector,omitempty"`
+type Selector struct {
+	Selector SelectorSpec `json:"selector"`
+}
+
+type DataType struct {
+	Value interface{}
+}
+
+func (d *DataType) UnmarshalJSON(data []byte) error {
+	// Precisely one of "static", "selector" must be set.
+	types := []interface{}{
+		&Static{},
+		&Selector{},
+	}
+
+	var err error
+
+	for idx := range types {
+		dec := json.NewDecoder(bytes.NewReader(data))
+		dec.DisallowUnknownFields() // Force errors
+		err = dec.Decode(types[idx])
+		if err == nil {
+			d.Value = types[idx]
+			return nil
+		}
+	}
+
+	return err
+}
+
+func (d *DataType) MarshalJSON() ([]byte, error) {
+	switch val := d.Value.(type) {
+	case *Static:
+		return json.Marshal(val)
+	case *Selector:
+		return json.Marshal(val)
+	default:
+		return nil, errors.New("DataType.Value has unknown type")
+	}
 }
 
 type PatternOperator kuadrantv1beta2.WhenConditionOperator
@@ -65,32 +101,49 @@
 	Value string `json:"value"`
 }
 
-// Condition defines traffic matching rules
 type Condition struct {
-	// All the expressions defined must match to match this condition
+	// All the expressions defined must match to match this rule
 	// +optional
 	AllOf []PatternExpression `json:"allOf,omitempty"`
 }
 
-// Rule defines one rate limit configuration. When conditions are met,
-// it uses `data` section to generate one RLS descriptor.
+// Rule defines conditions that are evaluated using patter expressions.
+// The rule evaluates to true when all the pattern expressions are evaluated to true.
 type Rule struct {
+	// Top level conditions for the rule. At least one of the conditions must be met.
+	// Empty conditions evaluate to true, so actions will be invoked.
 	// +optional
 	Conditions []Condition `json:"conditions,omitempty"`
-	// +optional
-	Data []DataItem `json:"data,omitempty"`
+
+	// Actions defines which extensions will be invoked when any of the top level conditions match.
+	Actions []Action `json:"actions"`
 }
 
-type RateLimitPolicy struct {
+type Policy struct {
 	Name      string   `json:"name"`
-	Domain    string   `json:"domain"`
-	Service   string   `json:"service"`
 	Hostnames []string `json:"hostnames"`
 
+	// Rules includes top level conditions and actions to be invoked
 	// +optional
 	Rules []Rule `json:"rules,omitempty"`
 }
 
+type Action struct {
+	Scope         string `json:"scope"`
+	ExtensionName string `json:"extension"`
+
+	// +optional
+	Data []DataType `json:"data,omitempty"`
+}
+
+// +kubebuilder:validation:Enum:=ratelimit;auth
+type ExtensionType string
+
+const (
+	RateLimitExtensionType ExtensionType = "ratelimit"
+	AuthExtensionType      ExtensionType = "auth"
+)
+
 // +kubebuilder:validation:Enum:=deny;allow
 type FailureModeType string
 
@@ -99,9 +152,19 @@
 	FailureModeAllow FailureModeType = "allow"
 )
 
+type Extension struct {
+	Endpoint    string          `json:"endpoint"`
+	FailureMode FailureModeType `json:"failureMode"`
+	Type        ExtensionType   `json:"type"`
+}
+
+type LimitadorExtension struct {
+	Endpoint string `json:"endpoint"`
+}
+
 type Config struct {
-	FailureMode       FailureModeType   `json:"failureMode"`
-	RateLimitPolicies []RateLimitPolicy `json:"rateLimitPolicies"`
+	Extensions map[string]Extension `json:"extensions"`
+	Policies   []Policy             `json:"policies"`
 }
 
 func (w *Config) ToStruct() (*_struct.Struct, error) {