feat: custom filter config (#347)

* feat: custom filter config

Signed-off-by: Lin Yang <[email protected]>

* fix: rbac

Signed-off-by: Lin Yang <[email protected]>

---------

Signed-off-by: Lin Yang <[email protected]>

charts/fsm/templates/fsm-rbac.yaml

@@ -156,13 +156,13 @@ rules:
 
   # GatewayAPI Extension
   - apiGroups: [ "extension.gateway.flomesh.io" ]
-    resources: [ "filters", "filterdefinitions", "listenerfilters", "circuitbreakers", "faultinjections", "ratelimits", "httplogs", "metrics", "zipkins" ]
+    resources: [ "filters", "filterdefinitions", "listenerfilters", "circuitbreakers", "faultinjections", "ratelimits", "httplogs", "metrics", "zipkins", "filterconfigs" ]
     verbs: [ "get", "list", "watch", "create", "update", "patch", "delete" ]
   - apiGroups: [ "extension.gateway.flomesh.io" ]
-    resources: [ "filters/finalizers", "filterdefinitions/finalizers", "listenerfilters/finalizers", "circuitbreakers/finalizers", "faultinjections/finalizers", "ratelimits/finalizers", "httplogs/finalizers", "metrics/finalizers", "zipkins/finalizers" ]
+    resources: [ "filters/finalizers", "filterdefinitions/finalizers", "listenerfilters/finalizers", "circuitbreakers/finalizers", "faultinjections/finalizers", "ratelimits/finalizers", "httplogs/finalizers", "metrics/finalizers", "zipkins/finalizers", "filterconfigs/finalizers" ]
     verbs: [ "update" ]
   - apiGroups: [ "extension.gateway.flomesh.io" ]
-    resources: [ "filters/status", "filterdefinitions/status", "listenerfilters/status", "circuitbreakers/status", "faultinjections/status", "ratelimits/status", "httplogs/status", "metrics/status", "zipkins/status" ]
+    resources: [ "filters/status", "filterdefinitions/status", "listenerfilters/status", "circuitbreakers/status", "faultinjections/status", "ratelimits/status", "httplogs/status", "metrics/status", "zipkins/status", "filterconfigs/status" ]
     verbs: [ "get", "patch", "update" ]
 
   # PolicyAttachment

cmd/fsm-bootstrap/crds/extension.gateway.flomesh.io_filterconfigs.yaml

@@ -0,0 +1,142 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.15.0
+  labels:
+    app.kubernetes.io/name: flomesh.io
+  name: filterconfigs.extension.gateway.flomesh.io
+spec:
+  group: extension.gateway.flomesh.io
+  names:
+    categories:
+    - gateway-api
+    kind: FilterConfig
+    listKind: FilterConfigList
+    plural: filterconfigs
+    singular: filterconfig
+  scope: Namespaced
+  versions:
+  - additionalPrinterColumns:
+    - jsonPath: .metadata.creationTimestamp
+      name: Age
+      type: date
+    name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        description: FilterConfig provides a way to configure filters for HTTP/HTTPS/GRPC/GRPCS/TCP
+          protocols
+        properties:
+          apiVersion:
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+            type: string
+          kind:
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: Spec defines the desired state of FilterConfig.
+            properties:
+              config:
+                description: Config is the filter configuration in YAML format
+                minLength: 1
+                type: string
+            required:
+            - config
+            type: object
+          status:
+            description: Status defines the current state of FilterConfig.
+            properties:
+              conditions:
+                description: Conditions describes the status of the FilterConfig with
+                  respect to the given Ancestor.
+                items:
+                  description: "Condition contains details for one aspect of the current
+                    state of this API Resource.\n---\nThis struct is intended for
+                    direct use as an array at the field path .status.conditions.  For
+                    example,\n\n\n\ttype FooStatus struct{\n\t    // Represents the
+                    observations of a foo's current state.\n\t    // Known .status.conditions.type
+                    are: \"Available\", \"Progressing\", and \"Degraded\"\n\t    //
+                    +patchMergeKey=type\n\t    // +patchStrategy=merge\n\t    // +listType=map\n\t
+                    \   // +listMapKey=type\n\t    Conditions []metav1.Condition `json:\"conditions,omitempty\"
+                    patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
+                    \   // other fields\n\t}"
+                  properties:
+                    lastTransitionTime:
+                      description: |-
+                        lastTransitionTime is the last time the condition transitioned from one status to another.
+                        This should be when the underlying condition changed.  If that is not known, then using the time when the API field changed is acceptable.
+                      format: date-time
+                      type: string
+                    message:
+                      description: |-
+                        message is a human readable message indicating details about the transition.
+                        This may be an empty string.
+                      maxLength: 32768
+                      type: string
+                    observedGeneration:
+                      description: |-
+                        observedGeneration represents the .metadata.generation that the condition was set based upon.
+                        For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
+                        with respect to the current state of the instance.
+                      format: int64
+                      minimum: 0
+                      type: integer
+                    reason:
+                      description: |-
+                        reason contains a programmatic identifier indicating the reason for the condition's last transition.
+                        Producers of specific condition types may define expected values and meanings for this field,
+                        and whether the values are considered a guaranteed API.
+                        The value should be a CamelCase string.
+                        This field may not be empty.
+                      maxLength: 1024
+                      minLength: 1
+                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+                      type: string
+                    status:
+                      description: status of the condition, one of True, False, Unknown.
+                      enum:
+                      - "True"
+                      - "False"
+                      - Unknown
+                      type: string
+                    type:
+                      description: |-
+                        type of condition in CamelCase or in foo.example.com/CamelCase.
+                        ---
+                        Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
+                        useful (see .node.status.conditions), the ability to deconflict is important.
+                        The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
+                      maxLength: 316
+                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+                      type: string
+                  required:
+                  - lastTransitionTime
+                  - message
+                  - reason
+                  - status
+                  - type
+                  type: object
+                maxItems: 8
+                minItems: 1
+                type: array
+                x-kubernetes-list-map-keys:
+                - type
+                x-kubernetes-list-type: map
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}

pkg/announcements/types.go

@@ -647,6 +647,17 @@ const (
 
 	// --
 
+	// FilterConfigAdded is the type of announcement emitted when we observe an addition of filterconfigs.extension.gateway.flomesh.io
+	FilterConfigAdded Kind = "filterconfig-added"
+
+	// FilterConfigDeleted the type of announcement emitted when we observe a deletion of filterconfigs.extension.gateway.flomesh.io
+	FilterConfigDeleted Kind = "filterconfig-deleted"
+
+	// FilterConfigUpdated is the type of announcement emitted when we observe an update to filterconfigs.extension.gateway.flomesh.io
+	FilterConfigUpdated Kind = "filterconfig-updated"
+
+	// --
+
 	// GatewayHTTPLogAdded is the type of announcement emitted when we observe an addition of httplogs.extension.gateway.flomesh.io
 	GatewayHTTPLogAdded Kind = "gatewayhttplog-added"
 

pkg/apis/extension/v1alpha1/filterconfig.go

@@ -0,0 +1,55 @@
+package v1alpha1
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// FilterConfigSpec defines the desired state of FilterConfig
+type FilterConfigSpec struct {
+	// +kube:validation:Required
+	// +kubebuilder:validation:MinLength=1
+	// Config is the filter configuration in YAML format
+	Config string `json:"config"`
+}
+
+// FilterConfig provides a way to configure filters for HTTP/HTTPS/GRPC/GRPCS/TCP protocols
+// +genclient
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+// +kubebuilder:storageversion
+// +kubebuilder:object:root=true
+// +kubebuilder:subresource:status
+// +kubebuilder:resource:scope=Namespaced,categories=gateway-api
+// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp`
+// +kubebuilder:metadata:labels={app.kubernetes.io/name=flomesh.io}
+type FilterConfig struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	// Spec defines the desired state of FilterConfig.
+	Spec FilterConfigSpec `json:"spec,omitempty"`
+
+	// Status defines the current state of FilterConfig.
+	Status FilterConfigStatus `json:"status,omitempty"`
+}
+
+// FilterConfigStatus defines the common attributes that all filters should include within
+// their status.
+type FilterConfigStatus struct {
+	// Conditions describes the status of the FilterConfig with respect to the given Ancestor.
+	//
+	// +listType=map
+	// +listMapKey=type
+	// +kubebuilder:validation:MinItems=1
+	// +kubebuilder:validation:MaxItems=8
+	Conditions []metav1.Condition `json:"conditions,omitempty"`
+}
+
+// +kubebuilder:object:root=true
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// FilterConfigList contains a list of FilterConfig
+type FilterConfigList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []FilterConfig `json:"items"`
+}

pkg/constants/constants.go

@@ -435,6 +435,9 @@ const (
 	// GatewayAPIExtensionFilterDefinitionKind is the kind name of Filter used in Gateway API
 	GatewayAPIExtensionFilterDefinitionKind = "FilterDefinition"
 
+	// GatewayAPIExtensionFilterConfigKind is the kind name of FilterConfig used in Gateway API
+	GatewayAPIExtensionFilterConfigKind = "FilterConfig"
+
 	// KubernetesServiceKind is the kind name of Service used in Kubernetes Core API
 	KubernetesServiceKind = "Service"