Skip to content

Commit

Permalink
Integrate AuthConfig's v1beta3 changes in AuthPolicy (#971)
Browse files Browse the repository at this point in the history
* Use AuthConfig v1beta3

Signed-off-by: Adam Cattermole <[email protected]>

* Update to use CEL predicates when present

Signed-off-by: Adam Cattermole <[email protected]>

* Handle PathMatchExact case

Signed-off-by: Adam Cattermole <[email protected]>

* Update bundle manifests

Signed-off-by: Adam Cattermole <[email protected]>

* Update helm manifests

Signed-off-by: Adam Cattermole <[email protected]>

* Update tests to use routeRuleCondition Predicates

Signed-off-by: Adam Cattermole <[email protected]>

---------

Signed-off-by: Adam Cattermole <[email protected]>
  • Loading branch information
adam-cattermole authored Nov 5, 2024
1 parent 0d304ad commit 3b8e313
Show file tree
Hide file tree
Showing 26 changed files with 1,250 additions and 553 deletions.
8 changes: 4 additions & 4 deletions api/v1beta1/topology.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ package v1beta1

import (
authorinooperatorv1beta1 "github.com/kuadrant/authorino-operator/api/v1beta1"
authorinov1beta2 "github.com/kuadrant/authorino/api/v1beta2"
authorinov1beta3 "github.com/kuadrant/authorino/api/v1beta3"
limitadorv1alpha1 "github.com/kuadrant/limitador-operator/api/v1alpha1"
"github.com/kuadrant/policy-machinery/controller"
"github.com/kuadrant/policy-machinery/machinery"
Expand All @@ -15,12 +15,12 @@ var (
KuadrantGroupKind = schema.GroupKind{Group: GroupVersion.Group, Kind: "Kuadrant"}
LimitadorGroupKind = schema.GroupKind{Group: limitadorv1alpha1.GroupVersion.Group, Kind: "Limitador"}
AuthorinoGroupKind = schema.GroupKind{Group: authorinooperatorv1beta1.GroupVersion.Group, Kind: "Authorino"}
AuthConfigGroupKind = schema.GroupKind{Group: authorinov1beta2.GroupVersion.Group, Kind: "AuthConfig"}
AuthConfigGroupKind = schema.GroupKind{Group: authorinov1beta3.GroupVersion.Group, Kind: "AuthConfig"}

KuadrantsResource = GroupVersion.WithResource("kuadrants")
LimitadorsResource = limitadorv1alpha1.GroupVersion.WithResource("limitadors")
AuthorinosResource = authorinooperatorv1beta1.GroupVersion.WithResource("authorinos")
AuthConfigsResource = authorinov1beta2.GroupVersion.WithResource("authconfigs")
AuthConfigsResource = authorinov1beta3.GroupVersion.WithResource("authconfigs")

AuthConfigHTTPRouteRuleAnnotation = machinery.HTTPRouteRuleGroupKind.String()
)
Expand Down Expand Up @@ -86,7 +86,7 @@ func LinkHTTPRouteRuleToAuthConfig(objs controller.Store) machinery.LinkFunc {
To: AuthConfigGroupKind,
Func: func(child machinery.Object) []machinery.Object {
return lo.FilterMap(httpRouteRules, func(httpRouteRule *machinery.HTTPRouteRule, _ int) (machinery.Object, bool) {
authConfig := child.(*controller.RuntimeObject).Object.(*authorinov1beta2.AuthConfig)
authConfig := child.(*controller.RuntimeObject).Object.(*authorinov1beta3.AuthConfig)
annotations := authConfig.GetAnnotations()
return httpRouteRule, annotations != nil && annotations[AuthConfigHTTPRouteRuleAnnotation] == httpRouteRule.GetLocator()
})
Expand Down
24 changes: 12 additions & 12 deletions api/v1beta3/authpolicy_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ import (

"github.com/go-logr/logr"
"github.com/google/go-cmp/cmp"
authorinov1beta2 "github.com/kuadrant/authorino/api/v1beta2"
authorinov1beta3 "github.com/kuadrant/authorino/api/v1beta3"
"github.com/kuadrant/policy-machinery/machinery"
"github.com/samber/lo"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
Expand Down Expand Up @@ -431,7 +431,7 @@ type AuthSchemeSpec struct {
}

type MergeablePatternExpressions struct {
authorinov1beta2.PatternExpressions `json:"allOf"`
authorinov1beta3.PatternExpressions `json:"allOf"`
Source string `json:"-"`
}

Expand All @@ -443,7 +443,7 @@ func (r *MergeablePatternExpressions) WithSource(source string) kuadrantv1.Merge
}

type MergeablePatternExpressionOrRef struct {
authorinov1beta2.PatternExpressionOrRef `json:",inline"`
authorinov1beta3.PatternExpressionOrRef `json:",inline"`
Source string `json:"-"`
}

Expand All @@ -456,7 +456,7 @@ func (r *MergeablePatternExpressionOrRef) WithSource(source string) kuadrantv1.M
func (r *MergeablePatternExpressionOrRef) ToWhenConditions(namedPatterns map[string]MergeablePatternExpressions) []WhenCondition {
if ref := r.PatternRef.Name; ref != "" {
if pattern, ok := namedPatterns[ref]; ok {
return lo.Map(pattern.PatternExpressions, func(p authorinov1beta2.PatternExpression, _ int) WhenCondition {
return lo.Map(pattern.PatternExpressions, func(p authorinov1beta3.PatternExpression, _ int) WhenCondition {
return WhenCondition{
Selector: ContextSelector(p.Selector),
Operator: WhenConditionOperator(p.Operator),
Expand All @@ -467,7 +467,7 @@ func (r *MergeablePatternExpressionOrRef) ToWhenConditions(namedPatterns map[str
}

if allOf := r.All; len(allOf) > 0 {
return lo.Map(allOf, func(p authorinov1beta2.UnstructuredPatternExpressionOrRef, _ int) WhenCondition {
return lo.Map(allOf, func(p authorinov1beta3.UnstructuredPatternExpressionOrRef, _ int) WhenCondition {
return WhenCondition{
Selector: ContextSelector(p.Selector),
Operator: WhenConditionOperator(p.Operator),
Expand All @@ -488,7 +488,7 @@ func (r *MergeablePatternExpressionOrRef) ToWhenConditions(namedPatterns map[str
}

type MergeableAuthenticationSpec struct {
authorinov1beta2.AuthenticationSpec `json:",inline"`
authorinov1beta3.AuthenticationSpec `json:",inline"`
Source string `json:"-"`
}

Expand All @@ -500,7 +500,7 @@ func (r *MergeableAuthenticationSpec) WithSource(source string) kuadrantv1.Merge
}

type MergeableMetadataSpec struct {
authorinov1beta2.MetadataSpec `json:",inline"`
authorinov1beta3.MetadataSpec `json:",inline"`
Source string `json:"-"`
}

Expand All @@ -512,7 +512,7 @@ func (r *MergeableMetadataSpec) WithSource(source string) kuadrantv1.MergeableRu
}

type MergeableAuthorizationSpec struct {
authorinov1beta2.AuthorizationSpec `json:",inline"`
authorinov1beta3.AuthorizationSpec `json:",inline"`
Source string `json:"-"`
}

Expand Down Expand Up @@ -544,7 +544,7 @@ type MergeableResponseSpec struct {
}

type MergeableDenyWithSpec struct {
authorinov1beta2.DenyWithSpec `json:",inline"`
authorinov1beta3.DenyWithSpec `json:",inline"`
Source string `json:"-"`
}

Expand All @@ -564,7 +564,7 @@ type MergeableWrappedSuccessResponseSpec struct {
}

type MergeableHeaderSuccessResponseSpec struct {
authorinov1beta2.HeaderSuccessResponseSpec `json:",inline"`
authorinov1beta3.HeaderSuccessResponseSpec `json:",inline"`
Source string `json:"-"`
}

Expand All @@ -576,7 +576,7 @@ func (r *MergeableHeaderSuccessResponseSpec) WithSource(source string) kuadrantv
}

type MergeableSuccessResponseSpec struct {
authorinov1beta2.SuccessResponseSpec `json:",inline"`
authorinov1beta3.SuccessResponseSpec `json:",inline"`
Source string `json:"-"`
}

Expand All @@ -588,7 +588,7 @@ func (r *MergeableSuccessResponseSpec) WithSource(source string) kuadrantv1.Merg
}

type MergeableCallbackSpec struct {
authorinov1beta2.CallbackSpec `json:",inline"`
authorinov1beta3.CallbackSpec `json:",inline"`
Source string `json:"-"`
}

Expand Down
4 changes: 2 additions & 2 deletions api/v1beta3/ratelimitpolicy_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -32,8 +32,8 @@ import (
const (
EqualOperator WhenConditionOperator = "eq"
NotEqualOperator WhenConditionOperator = "neq"
StartsWithOperator WhenConditionOperator = "startswith"
EndsWithOperator WhenConditionOperator = "endswith"
StartsWithOperator WhenConditionOperator = "startsWith"
EndsWithOperator WhenConditionOperator = "endsWith"
IncludeOperator WhenConditionOperator = "incl"
ExcludeOperator WhenConditionOperator = "excl"
MatchesOperator WhenConditionOperator = "matches"
Expand Down
4 changes: 2 additions & 2 deletions api/v1beta3/zz_generated.deepcopy.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading

0 comments on commit 3b8e313

Please sign in to comment.