diff --git a/.github/workflows/operator-integration-test.yml b/.github/workflows/operator-integration-test.yml index 163ea182d0..15e85cc322 100644 --- a/.github/workflows/operator-integration-test.yml +++ b/.github/workflows/operator-integration-test.yml @@ -1114,7 +1114,7 @@ jobs: API_READY="" for i in $(seq 1 60); do API_STATUS=$(curl -s -o /tmp/subscription-precheck-body.txt -w "%{http_code}" -u admin:admin \ - "http://localhost:9090/api/management/v0.9/rest-apis/hello-sub-api" || true) + "http://localhost:9090/api/management/v1alpha2/rest-apis/hello-sub-api" || true) if [ "${API_STATUS}" = "200" ]; then API_READY="yes" echo "hello-sub-api is resolvable via management API" diff --git a/cli/it/resources/gateway/sample-api.yaml b/cli/it/resources/gateway/sample-api.yaml index a80df9dcb1..3b628ac622 100644 --- a/cli/it/resources/gateway/sample-api.yaml +++ b/cli/it/resources/gateway/sample-api.yaml @@ -17,7 +17,7 @@ # -------------------------------------------------------------------- # Sample API definition for CLI integration tests -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: petstore-api-v1.0 diff --git a/cli/it/resources/gateway/sample-mcp-config.yaml b/cli/it/resources/gateway/sample-mcp-config.yaml index aa5439b776..05aad97ff9 100644 --- a/cli/it/resources/gateway/sample-mcp-config.yaml +++ b/cli/it/resources/gateway/sample-mcp-config.yaml @@ -17,7 +17,7 @@ # -------------------------------------------------------------------- # Sample MCP configuration for CLI integration tests -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Mcp metadata: name: test-mcp-v1.0 diff --git a/cli/src/cmd/gateway/restapi/apikey/create.go b/cli/src/cmd/gateway/restapi/apikey/create.go index d1c80f02f6..809e08bbbd 100644 --- a/cli/src/cmd/gateway/restapi/apikey/create.go +++ b/cli/src/cmd/gateway/restapi/apikey/create.go @@ -47,7 +47,7 @@ ap gateway rest-api api-key create --file api-key.yaml ap gateway rest-api api-key create -f api-key.json # The file is an ApiKey custom resource, e.g.: -# apiVersion: gateway.api-platform.wso2.com/v1alpha1 +# apiVersion: gateway.api-platform.wso2.com/v1alpha2 # kind: ApiKey # metadata: # name: petstore-key-acme diff --git a/cli/src/cmd/gateway/subscription/create.go b/cli/src/cmd/gateway/subscription/create.go index 37eb69d841..47c059cd77 100644 --- a/cli/src/cmd/gateway/subscription/create.go +++ b/cli/src/cmd/gateway/subscription/create.go @@ -41,7 +41,7 @@ ap gateway subscription create --file subscription.yaml ap gateway subscription create -f subscription.json # The file is a Subscription custom resource, e.g.: -# apiVersion: gateway.api-platform.wso2.com/v1alpha1 +# apiVersion: gateway.api-platform.wso2.com/v1alpha2 # kind: Subscription # metadata: # name: petstore-acme-bronze diff --git a/cli/src/cmd/gateway/subscriptionplan/create.go b/cli/src/cmd/gateway/subscriptionplan/create.go index ce669fe5d6..efce94cbb8 100644 --- a/cli/src/cmd/gateway/subscriptionplan/create.go +++ b/cli/src/cmd/gateway/subscriptionplan/create.go @@ -41,7 +41,7 @@ ap gateway subscription-plan create --file subscription-plan.yaml ap gateway subscription-plan create -f subscription-plan.json # The file is a SubscriptionPlan custom resource, e.g.: -# apiVersion: gateway.api-platform.wso2.com/v1alpha1 +# apiVersion: gateway.api-platform.wso2.com/v1alpha2 # kind: SubscriptionPlan # metadata: # name: bronze-1k-per-min diff --git a/cli/src/internal/gateway/cr_test.go b/cli/src/internal/gateway/cr_test.go index e29bcca638..763466a19b 100644 --- a/cli/src/internal/gateway/cr_test.go +++ b/cli/src/internal/gateway/cr_test.go @@ -34,7 +34,7 @@ func writeTempCR(t *testing.T, name, content string) string { } func TestParseResourceCR_ValidYAML(t *testing.T) { - path := writeTempCR(t, "plan.yaml", `apiVersion: gateway.api-platform.wso2.com/v1alpha1 + path := writeTempCR(t, "plan.yaml", `apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: SubscriptionPlan metadata: name: bronze-1k-per-min diff --git a/cli/src/internal/mcp/generator.go b/cli/src/internal/mcp/generator.go index 2e5c12ff93..44e4c63711 100644 --- a/cli/src/internal/mcp/generator.go +++ b/cli/src/internal/mcp/generator.go @@ -421,7 +421,7 @@ func generateMCPConfigFile(url string, toolsResult ToolsResult, } mcp := gwmodels.MCPProxyConfiguration{ - ApiVersion: gwmodels.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: gwmodels.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: gwmodels.MCPProxyConfigurationKindMcp, Metadata: gwmodels.Metadata{ Name: "Generated-MCP-v1.0", diff --git a/docs/rest-apis/gateway/README.md b/docs/rest-apis/gateway/README.md index 6a0347d564..c618d26816 100644 --- a/docs/rest-apis/gateway/README.md +++ b/docs/rest-apis/gateway/README.md @@ -4,8 +4,8 @@ REST API for managing API configurations in the WSO2 API Platform Gateway. Base URLs: -* http://localhost:9090/api/management/v0.9 -* http://gateway-controller:9090/api/management/v0.9 +* http://localhost:9090/api/management/v1alpha2 +* http://gateway-controller:9090/api/management/v1alpha2 ## Table of Contents diff --git a/docs/rest-apis/gateway/certificate-management.md b/docs/rest-apis/gateway/certificate-management.md index e566e6ecf8..b5de209864 100644 --- a/docs/rest-apis/gateway/certificate-management.md +++ b/docs/rest-apis/gateway/certificate-management.md @@ -12,7 +12,7 @@ Manage custom TLS certificates for HTTPS upstream verification ```shell -curl -X GET http://localhost:9090/api/management/v0.9/certificates \ +curl -X GET http://localhost:9090/api/management/v1alpha2/certificates \ -u {username}:{password} \ -H 'Accept: application/json' @@ -71,7 +71,7 @@ Required roles: `admin`, `developer` ```shell -curl -X POST http://localhost:9090/api/management/v0.9/certificates \ +curl -X POST http://localhost:9090/api/management/v1alpha2/certificates \ -u {username}:{password} \ -H 'Content-Type: application/json' \ -H 'Accept: application/json' \ @@ -140,7 +140,7 @@ Required roles: `admin`, `developer` ```shell -curl -X DELETE http://localhost:9090/api/management/v0.9/certificates/{id} \ +curl -X DELETE http://localhost:9090/api/management/v1alpha2/certificates/{id} \ -u {username}:{password} \ -H 'Accept: application/json' @@ -203,7 +203,7 @@ Status Code **200** ```shell -curl -X POST http://localhost:9090/api/management/v0.9/certificates/reload \ +curl -X POST http://localhost:9090/api/management/v1alpha2/certificates/reload \ -u {username}:{password} \ -H 'Accept: application/json' diff --git a/docs/rest-apis/gateway/llm-provider-management.md b/docs/rest-apis/gateway/llm-provider-management.md index cff61b0bcb..d2d09a10be 100644 --- a/docs/rest-apis/gateway/llm-provider-management.md +++ b/docs/rest-apis/gateway/llm-provider-management.md @@ -12,7 +12,7 @@ CRUD operations for LLM Provider configurations ```shell -curl -X POST http://localhost:9090/api/management/v0.9/llm-providers \ +curl -X POST http://localhost:9090/api/management/v1alpha2/llm-providers \ -u {username}:{password} \ -H 'Content-Type: application/json' \ -H 'Accept: application/json' \ @@ -26,7 +26,7 @@ Add a new LLM provider to the Gateway. A provider defines how to interact with a ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "LlmProvider", "metadata": { "name": "wso2-openai-provider" @@ -92,7 +92,7 @@ Required roles: `admin` ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "LlmProvider", "metadata": { "name": "wso2-openai-provider" @@ -163,7 +163,7 @@ Required roles: `admin` ```shell -curl -X GET http://localhost:9090/api/management/v0.9/llm-providers \ +curl -X GET http://localhost:9090/api/management/v1alpha2/llm-providers \ -u {username}:{password} \ -H 'Accept: application/json' @@ -207,7 +207,7 @@ Required roles: `admin`, `developer` "count": 2, "providers": [ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "LlmProvider", "metadata": { "name": "wso2-openai-provider" @@ -339,7 +339,20 @@ Status Code **200** |»»»»» exceptions|[[RouteException](schemas.md#schemarouteexception)]|false|none|Path exceptions to the access control mode| |»»»»»» path|string|true|none|Path pattern| |»»»»»» methods|[string]|true|none|HTTP methods| -|»»»» policies|[[LLMPolicy](schemas.md#schemallmpolicy)]|false|none|List of policies applied only to this operation (overrides or adds to API-level policies)| +|»»»» globalPolicies|[[Policy](schemas.md#schemapolicy)]|false|none|Global (api-level) policies applied across ALL operations as one shared scope, evaluated before operation-level policies.| +|»»»»» name|string|true|none|Name of the policy| +|»»»»» version|string|true|none|Version of the policy. Only major-only version is allowed (e.g., v0, v1). Full semantic version (e.g., v1.0.0) is not accepted and will be rejected. The Gateway Controller resolves the major version to the single matching full version installed in the gateway image.| +|»»»»» executionCondition|string|false|none|Expression controlling conditional execution of the policy| +|»»»»» params|object|false|none|Arbitrary parameters for the policy (free-form key/value structure)| +|»»»» operationPolicies|[[OperationPolicy](schemas.md#schemaoperationpolicy)]|false|none|Operation-level policies scoped to specific paths/methods, evaluated after global policies.| +|»»»»» name|string|true|none|none| +|»»»»» version|string|true|none|none| +|»»»»» executionCondition|string|false|none|Expression controlling conditional execution of the policy| +|»»»»» paths|[[OperationPolicyPath](schemas.md#schemaoperationpolicypath)]|true|none|none| +|»»»»»» path|string|true|none|none| +|»»»»»» methods|[string]|true|none|none| +|»»»»»» params|object|true|none|JSON Schema describing the parameters accepted by this policy. This itself is a JSON Schema document.| +|»»»» policies|[[LLMPolicy](schemas.md#schemallmpolicy)]|false|none|DEPRECATED - use operationPolicies. Still honoured (treated identically to operationPolicies).| |»»»»» name|string|true|none|none| |»»»»» version|string|true|none|none| |»»»»» paths|[[LLMPolicyPath](schemas.md#schemallmpolicypath)]|true|none|none| @@ -364,7 +377,7 @@ Status Code **200** |Property|Value| |---|---| -|apiVersion|gateway.api-platform.wso2.com/v1alpha1| +|apiVersion|gateway.api-platform.wso2.com/v1alpha2| |kind|LlmProvider| |hostRewrite|auto| |hostRewrite|manual| @@ -386,7 +399,7 @@ Status Code **200** ```shell -curl -X GET http://localhost:9090/api/management/v0.9/llm-providers/{id} \ +curl -X GET http://localhost:9090/api/management/v1alpha2/llm-providers/{id} \ -u {username}:{password} \ -H 'Accept: application/json' @@ -415,7 +428,7 @@ Required roles: `admin`, `developer` ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "LlmProvider", "metadata": { "name": "wso2-openai-provider" @@ -485,7 +498,7 @@ Required roles: `admin`, `developer` ```shell -curl -X PUT http://localhost:9090/api/management/v0.9/llm-providers/{id} \ +curl -X PUT http://localhost:9090/api/management/v1alpha2/llm-providers/{id} \ -u {username}:{password} \ -H 'Content-Type: application/json' \ -H 'Accept: application/json' \ @@ -499,7 +512,7 @@ Update an existing LLM provider in the Gateway. ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "LlmProvider", "metadata": { "name": "wso2-openai-provider" @@ -566,7 +579,7 @@ Required roles: `admin` ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "LlmProvider", "metadata": { "name": "wso2-openai-provider" @@ -637,7 +650,7 @@ Required roles: `admin` ```shell -curl -X DELETE http://localhost:9090/api/management/v0.9/llm-providers/{id} \ +curl -X DELETE http://localhost:9090/api/management/v1alpha2/llm-providers/{id} \ -u {username}:{password} \ -H 'Accept: application/json' @@ -700,7 +713,7 @@ Status Code **200** ```shell -curl -X POST http://localhost:9090/api/management/v0.9/llm-providers/{id}/api-keys \ +curl -X POST http://localhost:9090/api/management/v1alpha2/llm-providers/{id}/api-keys \ -u {username}:{password} \ -H 'Content-Type: application/json' \ -H 'Accept: application/json' \ @@ -777,7 +790,7 @@ Required roles: `admin`, `consumer` ```shell -curl -X GET http://localhost:9090/api/management/v0.9/llm-providers/{id}/api-keys \ +curl -X GET http://localhost:9090/api/management/v1alpha2/llm-providers/{id}/api-keys \ -u {username}:{password} \ -H 'Accept: application/json' @@ -842,7 +855,7 @@ Required roles: `admin`, `consumer` ```shell -curl -X POST http://localhost:9090/api/management/v0.9/llm-providers/{id}/api-keys/{apiKeyName}/regenerate \ +curl -X POST http://localhost:9090/api/management/v1alpha2/llm-providers/{id}/api-keys/{apiKeyName}/regenerate \ -u {username}:{password} \ -H 'Content-Type: application/json' \ -H 'Accept: application/json' \ @@ -917,7 +930,7 @@ Required roles: `admin`, `consumer` ```shell -curl -X PUT http://localhost:9090/api/management/v0.9/llm-providers/{id}/api-keys/{apiKeyName} \ +curl -X PUT http://localhost:9090/api/management/v1alpha2/llm-providers/{id}/api-keys/{apiKeyName} \ -u {username}:{password} \ -H 'Content-Type: application/json' \ -H 'Accept: application/json' \ @@ -995,7 +1008,7 @@ Required roles: `admin`, `consumer` ```shell -curl -X DELETE http://localhost:9090/api/management/v0.9/llm-providers/{id}/api-keys/{apiKeyName} \ +curl -X DELETE http://localhost:9090/api/management/v1alpha2/llm-providers/{id}/api-keys/{apiKeyName} \ -u {username}:{password} \ -H 'Accept: application/json' diff --git a/docs/rest-apis/gateway/llm-provider-template-management.md b/docs/rest-apis/gateway/llm-provider-template-management.md index d884343a9a..5acf9d24f1 100644 --- a/docs/rest-apis/gateway/llm-provider-template-management.md +++ b/docs/rest-apis/gateway/llm-provider-template-management.md @@ -12,7 +12,7 @@ CRUD operations for LLM Provider Template configurations ```shell -curl -X POST http://localhost:9090/api/management/v0.9/llm-provider-templates \ +curl -X POST http://localhost:9090/api/management/v1alpha2/llm-provider-templates \ -u {username}:{password} \ -H 'Content-Type: application/json' \ -H 'Accept: application/json' \ @@ -26,7 +26,7 @@ Add a new LLM provider template to the Gateway. A template defines token trackin ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "LlmProviderTemplate", "metadata": { "name": "openai-template" @@ -82,7 +82,7 @@ Required roles: `admin` ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "LlmProviderTemplate", "metadata": { "name": "openai-template" @@ -141,7 +141,7 @@ Required roles: `admin` ```shell -curl -X GET http://localhost:9090/api/management/v0.9/llm-provider-templates \ +curl -X GET http://localhost:9090/api/management/v1alpha2/llm-provider-templates \ -u {username}:{password} \ -H 'Accept: application/json' @@ -174,7 +174,7 @@ Required roles: `admin` "count": 3, "templates": [ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "LlmProviderTemplate", "metadata": { "name": "openai-template" @@ -282,7 +282,7 @@ Status Code **200** |Property|Value| |---|---| -|apiVersion|gateway.api-platform.wso2.com/v1alpha1| +|apiVersion|gateway.api-platform.wso2.com/v1alpha2| |kind|LlmProviderTemplate| |location|payload| |location|header| @@ -301,7 +301,7 @@ Status Code **200** ```shell -curl -X GET http://localhost:9090/api/management/v0.9/llm-provider-templates/{id} \ +curl -X GET http://localhost:9090/api/management/v1alpha2/llm-provider-templates/{id} \ -u {username}:{password} \ -H 'Accept: application/json' @@ -330,7 +330,7 @@ Required roles: `admin` ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "LlmProviderTemplate", "metadata": { "name": "openai-template" @@ -388,7 +388,7 @@ Required roles: `admin` ```shell -curl -X PUT http://localhost:9090/api/management/v0.9/llm-provider-templates/{id} \ +curl -X PUT http://localhost:9090/api/management/v1alpha2/llm-provider-templates/{id} \ -u {username}:{password} \ -H 'Content-Type: application/json' \ -H 'Accept: application/json' \ @@ -402,7 +402,7 @@ Update an existing LLM provider template in the Gateway. ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "LlmProviderTemplate", "metadata": { "name": "openai-template" @@ -459,7 +459,7 @@ Required roles: `admin` ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "LlmProviderTemplate", "metadata": { "name": "openai-template" @@ -518,7 +518,7 @@ Required roles: `admin` ```shell -curl -X DELETE http://localhost:9090/api/management/v0.9/llm-provider-templates/{id} \ +curl -X DELETE http://localhost:9090/api/management/v1alpha2/llm-provider-templates/{id} \ -u {username}:{password} \ -H 'Accept: application/json' diff --git a/docs/rest-apis/gateway/llm-proxy-management.md b/docs/rest-apis/gateway/llm-proxy-management.md index a24ee354ab..f54738d43f 100644 --- a/docs/rest-apis/gateway/llm-proxy-management.md +++ b/docs/rest-apis/gateway/llm-proxy-management.md @@ -12,7 +12,7 @@ CRUD operations for LLM Proxy configurations ```shell -curl -X POST http://localhost:9090/api/management/v0.9/llm-proxies \ +curl -X POST http://localhost:9090/api/management/v1alpha2/llm-proxies \ -u {username}:{password} \ -H 'Content-Type: application/json' \ -H 'Accept: application/json' \ @@ -26,7 +26,7 @@ Add a new LLM proxy to the Gateway. A proxy defines how to interact with an LLM ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "LlmProxy", "metadata": { "name": "openai-proxy" @@ -64,7 +64,7 @@ Required roles: `admin`, `developer` ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "LlmProxy", "metadata": { "name": "openai-proxy" @@ -107,7 +107,7 @@ Required roles: `admin`, `developer` ```shell -curl -X GET http://localhost:9090/api/management/v0.9/llm-proxies \ +curl -X GET http://localhost:9090/api/management/v1alpha2/llm-proxies \ -u {username}:{password} \ -H 'Accept: application/json' @@ -151,7 +151,7 @@ Required roles: `admin`, `developer` "count": 2, "proxies": [ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "LlmProxy", "metadata": { "name": "openai-proxy" @@ -218,7 +218,20 @@ Status Code **200** |»»»»»» type|string|true|none|none| |»»»»»» header|string|false|none|none| |»»»»»» value|string|false|none|none| -|»»»» policies|[[LLMPolicy](schemas.md#schemallmpolicy)]|false|none|List of policies applied only to this operation (overrides or adds to API-level policies)| +|»»»» globalPolicies|[[Policy](schemas.md#schemapolicy)]|false|none|Global (api-level) policies applied across ALL operations as one shared scope, evaluated before operation-level policies.| +|»»»»» name|string|true|none|Name of the policy| +|»»»»» version|string|true|none|Version of the policy. Only major-only version is allowed (e.g., v0, v1). Full semantic version (e.g., v1.0.0) is not accepted and will be rejected. The Gateway Controller resolves the major version to the single matching full version installed in the gateway image.| +|»»»»» executionCondition|string|false|none|Expression controlling conditional execution of the policy| +|»»»»» params|object|false|none|Arbitrary parameters for the policy (free-form key/value structure)| +|»»»» operationPolicies|[[OperationPolicy](schemas.md#schemaoperationpolicy)]|false|none|Operation-level policies scoped to specific paths/methods, evaluated after global policies.| +|»»»»» name|string|true|none|none| +|»»»»» version|string|true|none|none| +|»»»»» executionCondition|string|false|none|Expression controlling conditional execution of the policy| +|»»»»» paths|[[OperationPolicyPath](schemas.md#schemaoperationpolicypath)]|true|none|none| +|»»»»»» path|string|true|none|none| +|»»»»»» methods|[string]|true|none|none| +|»»»»»» params|object|true|none|JSON Schema describing the parameters accepted by this policy. This itself is a JSON Schema document.| +|»»»» policies|[[LLMPolicy](schemas.md#schemallmpolicy)]|false|none|DEPRECATED - use operationPolicies. Still honoured (treated identically to operationPolicies).| |»»»»» name|string|true|none|none| |»»»»» version|string|true|none|none| |»»»»» paths|[[LLMPolicyPath](schemas.md#schemallmpolicypath)]|true|none|none| @@ -243,7 +256,7 @@ Status Code **200** |Property|Value| |---|---| -|apiVersion|gateway.api-platform.wso2.com/v1alpha1| +|apiVersion|gateway.api-platform.wso2.com/v1alpha2| |kind|LlmProxy| |type|api-key| |deploymentState|deployed| @@ -261,7 +274,7 @@ Status Code **200** ```shell -curl -X GET http://localhost:9090/api/management/v0.9/llm-proxies/{id} \ +curl -X GET http://localhost:9090/api/management/v1alpha2/llm-proxies/{id} \ -u {username}:{password} \ -H 'Accept: application/json' @@ -290,7 +303,7 @@ Required roles: `admin`, `developer` ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "LlmProxy", "metadata": { "name": "openai-proxy" @@ -332,7 +345,7 @@ Required roles: `admin`, `developer` ```shell -curl -X PUT http://localhost:9090/api/management/v0.9/llm-proxies/{id} \ +curl -X PUT http://localhost:9090/api/management/v1alpha2/llm-proxies/{id} \ -u {username}:{password} \ -H 'Content-Type: application/json' \ -H 'Accept: application/json' \ @@ -346,7 +359,7 @@ Update an existing LLM proxy in the Gateway. ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "LlmProxy", "metadata": { "name": "openai-proxy" @@ -385,7 +398,7 @@ Required roles: `admin`, `developer` ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "LlmProxy", "metadata": { "name": "openai-proxy" @@ -428,7 +441,7 @@ Required roles: `admin`, `developer` ```shell -curl -X DELETE http://localhost:9090/api/management/v0.9/llm-proxies/{id} \ +curl -X DELETE http://localhost:9090/api/management/v1alpha2/llm-proxies/{id} \ -u {username}:{password} \ -H 'Accept: application/json' @@ -491,7 +504,7 @@ Status Code **200** ```shell -curl -X POST http://localhost:9090/api/management/v0.9/llm-proxies/{id}/api-keys \ +curl -X POST http://localhost:9090/api/management/v1alpha2/llm-proxies/{id}/api-keys \ -u {username}:{password} \ -H 'Content-Type: application/json' \ -H 'Accept: application/json' \ @@ -568,7 +581,7 @@ Required roles: `admin`, `consumer` ```shell -curl -X GET http://localhost:9090/api/management/v0.9/llm-proxies/{id}/api-keys \ +curl -X GET http://localhost:9090/api/management/v1alpha2/llm-proxies/{id}/api-keys \ -u {username}:{password} \ -H 'Accept: application/json' @@ -633,7 +646,7 @@ Required roles: `admin`, `consumer` ```shell -curl -X POST http://localhost:9090/api/management/v0.9/llm-proxies/{id}/api-keys/{apiKeyName}/regenerate \ +curl -X POST http://localhost:9090/api/management/v1alpha2/llm-proxies/{id}/api-keys/{apiKeyName}/regenerate \ -u {username}:{password} \ -H 'Content-Type: application/json' \ -H 'Accept: application/json' \ @@ -708,7 +721,7 @@ Required roles: `admin`, `consumer` ```shell -curl -X PUT http://localhost:9090/api/management/v0.9/llm-proxies/{id}/api-keys/{apiKeyName} \ +curl -X PUT http://localhost:9090/api/management/v1alpha2/llm-proxies/{id}/api-keys/{apiKeyName} \ -u {username}:{password} \ -H 'Content-Type: application/json' \ -H 'Accept: application/json' \ @@ -786,7 +799,7 @@ Required roles: `admin`, `consumer` ```shell -curl -X DELETE http://localhost:9090/api/management/v0.9/llm-proxies/{id}/api-keys/{apiKeyName} \ +curl -X DELETE http://localhost:9090/api/management/v1alpha2/llm-proxies/{id}/api-keys/{apiKeyName} \ -u {username}:{password} \ -H 'Accept: application/json' diff --git a/docs/rest-apis/gateway/mcp-proxy-management.md b/docs/rest-apis/gateway/mcp-proxy-management.md index 7d4bedcb42..9ed7a2411d 100644 --- a/docs/rest-apis/gateway/mcp-proxy-management.md +++ b/docs/rest-apis/gateway/mcp-proxy-management.md @@ -12,7 +12,7 @@ CRUD operations for MCPProxies ```shell -curl -X POST http://localhost:9090/api/management/v0.9/mcp-proxies \ +curl -X POST http://localhost:9090/api/management/v1alpha2/mcp-proxies \ -u {username}:{password} \ -H 'Content-Type: application/json' \ -H 'Accept: application/json' \ @@ -26,7 +26,7 @@ Add a new MCPProxy to the Gateway. ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "Mcp", "metadata": { "name": "everything-mcp-v1.0" @@ -67,7 +67,7 @@ Required roles: `admin`, `developer` ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "Mcp", "metadata": { "name": "everything-mcp-v1.0" @@ -113,7 +113,7 @@ Required roles: `admin`, `developer` ```shell -curl -X GET http://localhost:9090/api/management/v0.9/mcp-proxies \ +curl -X GET http://localhost:9090/api/management/v1alpha2/mcp-proxies \ -u {username}:{password} \ -H 'Accept: application/json' @@ -156,7 +156,7 @@ Required roles: `admin`, `developer` "count": 5, "mcpProxies": [ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "Mcp", "metadata": { "name": "everything-mcp-v1.0" @@ -303,7 +303,7 @@ Status Code **200** |Property|Value| |---|---| -|apiVersion|gateway.api-platform.wso2.com/v1alpha1| +|apiVersion|gateway.api-platform.wso2.com/v1alpha2| |kind|Mcp| |hostRewrite|auto| |hostRewrite|manual| @@ -323,7 +323,7 @@ Status Code **200** ```shell -curl -X GET http://localhost:9090/api/management/v0.9/mcp-proxies/{id} \ +curl -X GET http://localhost:9090/api/management/v1alpha2/mcp-proxies/{id} \ -u {username}:{password} \ -H 'Accept: application/json' @@ -356,7 +356,7 @@ Required roles: `admin`, `developer` ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "Mcp", "metadata": { "name": "everything-mcp-v1.0" @@ -401,7 +401,7 @@ Required roles: `admin`, `developer` ```shell -curl -X PUT http://localhost:9090/api/management/v0.9/mcp-proxies/{id} \ +curl -X PUT http://localhost:9090/api/management/v1alpha2/mcp-proxies/{id} \ -u {username}:{password} \ -H 'Content-Type: application/json' \ -H 'Accept: application/json' \ @@ -415,7 +415,7 @@ Update an existing MCPProxy in the Gateway. ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "Mcp", "metadata": { "name": "everything-mcp-v1.0" @@ -461,7 +461,7 @@ Required roles: `admin`, `developer` ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "Mcp", "metadata": { "name": "everything-mcp-v1.0" @@ -507,7 +507,7 @@ Required roles: `admin`, `developer` ```shell -curl -X DELETE http://localhost:9090/api/management/v0.9/mcp-proxies/{id} \ +curl -X DELETE http://localhost:9090/api/management/v1alpha2/mcp-proxies/{id} \ -u {username}:{password} \ -H 'Accept: application/json' diff --git a/docs/rest-apis/gateway/rest-api-management.md b/docs/rest-apis/gateway/rest-api-management.md index 8598357a37..6c6d713207 100644 --- a/docs/rest-apis/gateway/rest-api-management.md +++ b/docs/rest-apis/gateway/rest-api-management.md @@ -12,7 +12,7 @@ CRUD operations for Rest APIs ```shell -curl -X POST http://localhost:9090/api/management/v0.9/rest-apis \ +curl -X POST http://localhost:9090/api/management/v1alpha2/rest-apis \ -u {username}:{password} \ -H 'Content-Type: application/json' \ -H 'Accept: application/json' \ @@ -26,7 +26,7 @@ Add a new RestAPI to the Gateway. ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "RestApi", "metadata": { "name": "reading-list-api-v1.0" @@ -111,7 +111,7 @@ Required roles: `admin`, `developer` ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "RestApi", "metadata": { "name": "reading-list-api-v1.0" @@ -201,7 +201,7 @@ Required roles: `admin`, `developer` ```shell -curl -X GET http://localhost:9090/api/management/v0.9/rest-apis \ +curl -X GET http://localhost:9090/api/management/v1alpha2/rest-apis \ -u {username}:{password} \ -H 'Accept: application/json' @@ -244,7 +244,7 @@ Required roles: `admin`, `developer` "count": 5, "apis": [ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "RestApi", "metadata": { "name": "reading-list-api-v1.0" @@ -413,7 +413,7 @@ Status Code **200** |Property|Value| |---|---| -|apiVersion|gateway.api-platform.wso2.com/v1alpha1| +|apiVersion|gateway.api-platform.wso2.com/v1alpha2| |kind|RestApi| |hostRewrite|auto| |hostRewrite|manual| @@ -439,7 +439,7 @@ Status Code **200** ```shell -curl -X GET http://localhost:9090/api/management/v0.9/rest-apis/{id} \ +curl -X GET http://localhost:9090/api/management/v1alpha2/rest-apis/{id} \ -u {username}:{password} \ -H 'Accept: application/json' @@ -472,7 +472,7 @@ Required roles: `admin`, `developer` ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "RestApi", "metadata": { "name": "reading-list-api-v1.0" @@ -561,7 +561,7 @@ Required roles: `admin`, `developer` ```shell -curl -X PUT http://localhost:9090/api/management/v0.9/rest-apis/{id} \ +curl -X PUT http://localhost:9090/api/management/v1alpha2/rest-apis/{id} \ -u {username}:{password} \ -H 'Content-Type: application/json' \ -H 'Accept: application/json' \ @@ -575,7 +575,7 @@ Update an existing RestAPI in the Gateway. ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "RestApi", "metadata": { "name": "reading-list-api-v1.0" @@ -665,7 +665,7 @@ Required roles: `admin`, `developer` ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "RestApi", "metadata": { "name": "reading-list-api-v1.0" @@ -755,7 +755,7 @@ Required roles: `admin`, `developer` ```shell -curl -X DELETE http://localhost:9090/api/management/v0.9/rest-apis/{id} \ +curl -X DELETE http://localhost:9090/api/management/v1alpha2/rest-apis/{id} \ -u {username}:{password} \ -H 'Accept: application/json' @@ -822,7 +822,7 @@ Status Code **200** ```shell -curl -X POST http://localhost:9090/api/management/v0.9/rest-apis/{id}/api-keys \ +curl -X POST http://localhost:9090/api/management/v1alpha2/rest-apis/{id}/api-keys \ -u {username}:{password} \ -H 'Content-Type: application/json' \ -H 'Accept: application/json' \ @@ -902,7 +902,7 @@ Required roles: `admin`, `consumer` ```shell -curl -X GET http://localhost:9090/api/management/v0.9/rest-apis/{id}/api-keys \ +curl -X GET http://localhost:9090/api/management/v1alpha2/rest-apis/{id}/api-keys \ -u {username}:{password} \ -H 'Accept: application/json' @@ -971,7 +971,7 @@ Required roles: `admin`, `consumer` ```shell -curl -X POST http://localhost:9090/api/management/v0.9/rest-apis/{id}/api-keys/{apiKeyName}/regenerate \ +curl -X POST http://localhost:9090/api/management/v1alpha2/rest-apis/{id}/api-keys/{apiKeyName}/regenerate \ -u {username}:{password} \ -H 'Content-Type: application/json' \ -H 'Accept: application/json' \ @@ -1052,7 +1052,7 @@ Required roles: `admin`, `consumer` ```shell -curl -X PUT http://localhost:9090/api/management/v0.9/rest-apis/{id}/api-keys/{apiKeyName} \ +curl -X PUT http://localhost:9090/api/management/v1alpha2/rest-apis/{id}/api-keys/{apiKeyName} \ -u {username}:{password} \ -H 'Content-Type: application/json' \ -H 'Accept: application/json' \ @@ -1135,7 +1135,7 @@ Required roles: `admin`, `consumer` ```shell -curl -X DELETE http://localhost:9090/api/management/v0.9/rest-apis/{id}/api-keys/{apiKeyName} \ +curl -X DELETE http://localhost:9090/api/management/v1alpha2/rest-apis/{id}/api-keys/{apiKeyName} \ -u {username}:{password} \ -H 'Accept: application/json' @@ -1195,7 +1195,7 @@ Required roles: `admin`, `consumer` ```shell -curl -X POST http://localhost:9090/api/management/v0.9/subscription-plans \ +curl -X POST http://localhost:9090/api/management/v1alpha2/subscription-plans \ -u {username}:{password} \ -H 'Content-Type: application/json' \ -H 'Accept: application/json' \ @@ -1273,7 +1273,7 @@ Required roles: `admin`, `developer` ```shell -curl -X GET http://localhost:9090/api/management/v0.9/subscription-plans \ +curl -X GET http://localhost:9090/api/management/v1alpha2/subscription-plans \ -u {username}:{password} \ -H 'Accept: application/json' @@ -1332,7 +1332,7 @@ Required roles: `admin`, `developer` ```shell -curl -X GET http://localhost:9090/api/management/v0.9/subscription-plans/{planId} \ +curl -X GET http://localhost:9090/api/management/v1alpha2/subscription-plans/{planId} \ -u {username}:{password} \ -H 'Accept: application/json' @@ -1393,7 +1393,7 @@ Required roles: `admin`, `developer` ```shell -curl -X PUT http://localhost:9090/api/management/v0.9/subscription-plans/{planId} \ +curl -X PUT http://localhost:9090/api/management/v1alpha2/subscription-plans/{planId} \ -u {username}:{password} \ -H 'Content-Type: application/json' \ -H 'Accept: application/json' \ @@ -1471,7 +1471,7 @@ Required roles: `admin`, `developer` ```shell -curl -X DELETE http://localhost:9090/api/management/v0.9/subscription-plans/{planId} \ +curl -X DELETE http://localhost:9090/api/management/v1alpha2/subscription-plans/{planId} \ -u {username}:{password} \ -H 'Accept: application/json' @@ -1529,7 +1529,7 @@ Required roles: `admin`, `developer` ```shell -curl -X POST http://localhost:9090/api/management/v0.9/subscriptions \ +curl -X POST http://localhost:9090/api/management/v1alpha2/subscriptions \ -u {username}:{password} \ -H 'Content-Type: application/json' \ -H 'Accept: application/json' \ @@ -1607,7 +1607,7 @@ Required roles: `admin`, `developer` ```shell -curl -X GET http://localhost:9090/api/management/v0.9/subscriptions \ +curl -X GET http://localhost:9090/api/management/v1alpha2/subscriptions \ -u {username}:{password} \ -H 'Accept: application/json' @@ -1682,7 +1682,7 @@ Required roles: `admin`, `developer` ```shell -curl -X GET http://localhost:9090/api/management/v0.9/subscriptions/{subscriptionId} \ +curl -X GET http://localhost:9090/api/management/v1alpha2/subscriptions/{subscriptionId} \ -u {username}:{password} \ -H 'Accept: application/json' @@ -1743,7 +1743,7 @@ Required roles: `admin`, `developer` ```shell -curl -X PUT http://localhost:9090/api/management/v0.9/subscriptions/{subscriptionId} \ +curl -X PUT http://localhost:9090/api/management/v1alpha2/subscriptions/{subscriptionId} \ -u {username}:{password} \ -H 'Content-Type: application/json' \ -H 'Accept: application/json' \ @@ -1815,7 +1815,7 @@ Required roles: `admin`, `developer` ```shell -curl -X DELETE http://localhost:9090/api/management/v0.9/subscriptions/{subscriptionId} \ +curl -X DELETE http://localhost:9090/api/management/v1alpha2/subscriptions/{subscriptionId} \ -u {username}:{password} \ -H 'Accept: application/json' diff --git a/docs/rest-apis/gateway/schemas.md b/docs/rest-apis/gateway/schemas.md index c1bc42b32a..3d92184d0e 100644 --- a/docs/rest-apis/gateway/schemas.md +++ b/docs/rest-apis/gateway/schemas.md @@ -46,7 +46,7 @@ Server-managed lifecycle information for a resource ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "RestApi", "metadata": { "name": "reading-list-api-v1.0" @@ -124,7 +124,7 @@ Server-managed lifecycle information for a resource |Property|Value| |---|---| -|apiVersion|gateway.api-platform.wso2.com/v1alpha1| +|apiVersion|gateway.api-platform.wso2.com/v1alpha2| |kind|RestApi|

RestAPI

@@ -136,7 +136,7 @@ Server-managed lifecycle information for a resource ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "RestApi", "metadata": { "name": "reading-list-api-v1.0" @@ -232,7 +232,7 @@ and ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebSubApi", "metadata": { "name": "github-events-v1.0" @@ -269,7 +269,7 @@ and |Property|Value| |---|---| -|apiVersion|gateway.api-platform.wso2.com/v1alpha1| +|apiVersion|gateway.api-platform.wso2.com/v1alpha2| |kind|WebSubApi|

WebSubAPI

@@ -281,7 +281,7 @@ and ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebSubApi", "metadata": { "name": "github-events-v1.0" @@ -1064,7 +1064,7 @@ Channel (topic/event stream) definition for async APIs. ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebBrokerApi", "metadata": { "name": "stock-trading-v1.0" @@ -1135,7 +1135,7 @@ Channel (topic/event stream) definition for async APIs. |Property|Value| |---|---| -|apiVersion|gateway.api-platform.wso2.com/v1alpha1| +|apiVersion|gateway.api-platform.wso2.com/v1alpha2| |kind|WebBrokerApi|

WebBrokerApi

@@ -1147,7 +1147,7 @@ Channel (topic/event stream) definition for async APIs. ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebBrokerApi", "metadata": { "name": "stock-trading-v1.0" @@ -2167,7 +2167,7 @@ Details of an API key ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "Mcp", "metadata": { "name": "everything-mcp-v1.0" @@ -2201,7 +2201,7 @@ Details of an API key |Property|Value| |---|---| -|apiVersion|gateway.api-platform.wso2.com/v1alpha1| +|apiVersion|gateway.api-platform.wso2.com/v1alpha2| |kind|Mcp|

MCPProxyConfiguration

@@ -2213,7 +2213,7 @@ Details of an API key ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "Mcp", "metadata": { "name": "everything-mcp-v1.0" @@ -2522,7 +2522,7 @@ continued ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "LlmProviderTemplate", "metadata": { "name": "openai-template" @@ -2571,7 +2571,7 @@ continued |Property|Value| |---|---| -|apiVersion|gateway.api-platform.wso2.com/v1alpha1| +|apiVersion|gateway.api-platform.wso2.com/v1alpha2| |kind|LlmProviderTemplate|

LLMProviderTemplate

@@ -2583,7 +2583,7 @@ continued ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "LlmProviderTemplate", "metadata": { "name": "openai-template" @@ -2859,7 +2859,7 @@ and ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "LlmProvider", "metadata": { "name": "wso2-openai-provider" @@ -2918,7 +2918,7 @@ and |Property|Value| |---|---| -|apiVersion|gateway.api-platform.wso2.com/v1alpha1| +|apiVersion|gateway.api-platform.wso2.com/v1alpha2| |kind|LlmProvider|

LLMProviderConfiguration

@@ -2930,7 +2930,7 @@ and ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "LlmProvider", "metadata": { "name": "wso2-openai-provider" @@ -3033,7 +3033,15 @@ and } ] }, - "policies": [ + "globalPolicies": [ + { + "name": "cors", + "version": "v1", + "executionCondition": "request.metadata[authenticated] != true", + "params": {} + } + ], + "operationPolicies": [ { "name": "llm-cost-based-ratelimit", "version": "v1", @@ -3081,7 +3089,9 @@ continued |Name|Type|Required|Restrictions|Description| |---|---|---|---|---| |accessControl|[LLMAccessControl](#schemallmaccesscontrol)|true|none|none| -|policies|[[LLMPolicy](#schemallmpolicy)]|false|none|List of policies applied only to this operation (overrides or adds to API-level policies)| +|globalPolicies|[[Policy](#schemapolicy)]|false|none|Global (api-level) policies applied across ALL operations as one shared scope, evaluated before operation-level policies.| +|operationPolicies|[[OperationPolicy](#schemaoperationpolicy)]|false|none|Operation-level policies scoped to specific paths/methods, evaluated after global policies.| +|policies|[[LLMPolicy](#schemallmpolicy)]|false|none|DEPRECATED - use operationPolicies. Still honoured (treated identically to operationPolicies).| |deploymentState|string|false|none|Desired deployment state - 'deployed' (default) or 'undeployed'. When set to 'undeployed', the LLM Provider is removed from router traffic but configuration and policies are preserved for potential redeployment.| #### Enumerated Values @@ -3298,6 +3308,66 @@ continued |methods|[string]|true|none|none| |params|object|true|none|JSON Schema describing the parameters accepted by this policy. This itself is a JSON Schema document.| +

OperationPolicy

+ + + + + + +```json +{ + "name": "token-based-ratelimit", + "version": "v1", + "executionCondition": "string", + "paths": [ + { + "path": "/chat/completions", + "methods": [ + "string" + ], + "params": {} + } + ] +} + +``` + +### Properties + +|Name|Type|Required|Restrictions|Description| +|---|---|---|---|---| +|name|string|true|none|none| +|version|string|true|none|none| +|executionCondition|string|false|none|Expression controlling conditional execution of the policy| +|paths|[[OperationPolicyPath](#schemaoperationpolicypath)]|true|none|none| + +

OperationPolicyPath

+ + + + + + +```json +{ + "path": "/chat/completions", + "methods": [ + "string" + ], + "params": {} +} + +``` + +### Properties + +|Name|Type|Required|Restrictions|Description| +|---|---|---|---|---| +|path|string|true|none|none| +|methods|[string]|true|none|none| +|params|object|true|none|JSON Schema describing the parameters accepted by this policy. This itself is a JSON Schema document.| +

LLMProxyConfigurationRequest

@@ -3307,7 +3377,7 @@ continued ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "LlmProxy", "metadata": { "name": "openai-proxy" @@ -3338,7 +3408,7 @@ continued |Property|Value| |---|---| -|apiVersion|gateway.api-platform.wso2.com/v1alpha1| +|apiVersion|gateway.api-platform.wso2.com/v1alpha2| |kind|LlmProxy|

LLMProxyConfiguration

@@ -3350,7 +3420,7 @@ continued ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "LlmProxy", "metadata": { "name": "openai-proxy" @@ -3411,6 +3481,30 @@ and "value": "string" } }, + "globalPolicies": [ + { + "name": "cors", + "version": "v1", + "executionCondition": "request.metadata[authenticated] != true", + "params": {} + } + ], + "operationPolicies": [ + { + "name": "token-based-ratelimit", + "version": "v1", + "executionCondition": "string", + "paths": [ + { + "path": "/chat/completions", + "methods": [ + "string" + ], + "params": {} + } + ] + } + ], "policies": [ { "name": "llm-cost-based-ratelimit", @@ -3440,7 +3534,9 @@ and |context|string|false|none|Base path for all API routes (must start with /, no trailing slash)| |vhost|string|false|none|Virtual host name used for routing. Supports standard domain names, subdomains, or wildcard domains. Must follow RFC-compliant hostname rules. Wildcards are only allowed in the left-most label (e.g., *.example.com).| |provider|[LLMProxyProvider](#schemallmproxyprovider)|true|none|none| -|policies|[[LLMPolicy](#schemallmpolicy)]|false|none|List of policies applied only to this operation (overrides or adds to API-level policies)| +|globalPolicies|[[Policy](#schemapolicy)]|false|none|Global (api-level) policies applied across ALL operations as one shared scope, evaluated before operation-level policies.| +|operationPolicies|[[OperationPolicy](#schemaoperationpolicy)]|false|none|Operation-level policies scoped to specific paths/methods, evaluated after global policies.| +|policies|[[LLMPolicy](#schemallmpolicy)]|false|none|DEPRECATED - use operationPolicies. Still honoured (treated identically to operationPolicies).| |deploymentState|string|false|none|Desired deployment state - 'deployed' (default) or 'undeployed'. When set to 'undeployed', the LLM Proxy is removed from router traffic but configuration and policies are preserved for potential redeployment.| #### Enumerated Values @@ -3459,7 +3555,7 @@ and ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "Secret", "metadata": { "name": "database-password" @@ -3486,7 +3582,7 @@ and |Property|Value| |---|---| -|apiVersion|gateway.api-platform.wso2.com/v1alpha1| +|apiVersion|gateway.api-platform.wso2.com/v1alpha2| |kind|Secret|

SecretConfiguration

@@ -3498,7 +3594,7 @@ and ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "Secret", "metadata": { "name": "database-password" @@ -3592,7 +3688,7 @@ and ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "Secret", "metadata": { "name": "database-password" @@ -3623,7 +3719,7 @@ and |Property|Value| |---|---| -|apiVersion|gateway.api-platform.wso2.com/v1alpha1| +|apiVersion|gateway.api-platform.wso2.com/v1alpha2| |kind|Secret|

CertificateUploadRequest

@@ -3762,6 +3858,127 @@ and |totalCount|integer|false|none|Total number of API keys| |status|string|false|none|none| +

WebhookSecretCreationRequest

+ + + + + + +```json +{ + "displayName": "GitHub Webhook" +} + +``` + +### Properties + +|Name|Type|Required|Restrictions|Description| +|---|---|---|---|---| +|displayName|string|true|none|Human-readable label for this secret (used to derive the immutable name slug).| + +

WebhookSecretInfo

+ + + + + + +```json +{ + "name": "github-webhook", + "displayName": "GitHub Webhook", + "status": "active", + "createdAt": "2026-06-01T10:00:00Z", + "updatedAt": "2026-06-01T10:00:00Z" +} + +``` + +Metadata for an HMAC secret. The plaintext value is never included. + +### Properties + +|Name|Type|Required|Restrictions|Description| +|---|---|---|---|---| +|name|string|false|none|URL-safe slug (immutable, used as path parameter for regenerate/delete).| +|displayName|string|false|none|Human-readable label.| +|status|string|false|none|none| +|createdAt|string(date-time)|false|none|none| +|updatedAt|string(date-time)|false|none|none| + +#### Enumerated Values + +|Property|Value| +|---|---| +|status|active| +|status|revoked| + +

WebhookSecretCreationResponse

+ + + + + + +```json +{ + "status": "success", + "message": "Webhook secret generated successfully", + "secret": "whsec_1a2b3c4d5e6f7a8b9c0d1e2f3a4b5c6d7e8f9a0b1c2d3e4f5a6b7c8d9e0f1a2b", + "webhookSecret": { + "name": "github-webhook", + "displayName": "GitHub Webhook", + "status": "active", + "createdAt": "2026-06-01T10:00:00Z", + "updatedAt": "2026-06-01T10:00:00Z" + } +} + +``` + +### Properties + +|Name|Type|Required|Restrictions|Description| +|---|---|---|---|---| +|status|string|true|none|none| +|message|string|true|none|none| +|secret|string|true|none|The generated plaintext secret value (whsec_ prefix + 64 hex chars).
Returned exactly once — store it immediately as it will not be retrievable again.| +|webhookSecret|[WebhookSecretInfo](#schemawebhooksecretinfo)|false|none|Metadata for an HMAC secret. The plaintext value is never included.| + +

WebhookSecretListResponse

+ + + + + + +```json +{ + "status": "success", + "totalCount": 2, + "secrets": [ + { + "name": "github-webhook", + "displayName": "GitHub Webhook", + "status": "active", + "createdAt": "2026-06-01T10:00:00Z", + "updatedAt": "2026-06-01T10:00:00Z" + } + ] +} + +``` + +### Properties + +|Name|Type|Required|Restrictions|Description| +|---|---|---|---|---| +|status|string|false|none|none| +|totalCount|integer|false|none|Total number of active secrets for this API| +|secrets|[[WebhookSecretInfo](#schemawebhooksecretinfo)]|false|none|[Metadata for an HMAC secret. The plaintext value is never included.]| +

SecretListResponse

@@ -3775,7 +3992,7 @@ and "count": 5, "secrets": [ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "Secret", "metadata": { "name": "database-password" @@ -3838,7 +4055,7 @@ Id and optional timestamps. Not the full ResourceStatus model (no `state` or ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "Secret", "metadata": { "name": "database-password" @@ -3872,7 +4089,7 @@ POST/PUT /secrets response. `spec.value` is not returned; see SecretConfiguratio |Property|Value| |---|---| -|apiVersion|gateway.api-platform.wso2.com/v1alpha1| +|apiVersion|gateway.api-platform.wso2.com/v1alpha2| |kind|Secret|

SecretConfigurationResponseRetrieved

@@ -3884,7 +4101,7 @@ POST/PUT /secrets response. `spec.value` is not returned; see SecretConfiguratio ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "Secret", "metadata": { "name": "database-password" @@ -3919,5 +4136,5 @@ GET /secrets/{id} response including decrypted `spec.value`. |Property|Value| |---|---| -|apiVersion|gateway.api-platform.wso2.com/v1alpha1| +|apiVersion|gateway.api-platform.wso2.com/v1alpha2| |kind|Secret| diff --git a/docs/rest-apis/gateway/secrets-management.md b/docs/rest-apis/gateway/secrets-management.md index 7b0cafd060..3e5a51a514 100644 --- a/docs/rest-apis/gateway/secrets-management.md +++ b/docs/rest-apis/gateway/secrets-management.md @@ -12,7 +12,7 @@ CRUD operations for Secrets ```shell -curl -X GET http://localhost:9090/api/management/v0.9/secrets \ +curl -X GET http://localhost:9090/api/management/v1alpha2/secrets \ -u {username}:{password} \ -H 'Accept: application/json' @@ -40,7 +40,7 @@ Required roles: `admin` "count": 5, "secrets": [ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "Secret", "metadata": { "name": "database-password" @@ -76,7 +76,7 @@ Required roles: `admin` ```shell -curl -X POST http://localhost:9090/api/management/v0.9/secrets \ +curl -X POST http://localhost:9090/api/management/v1alpha2/secrets \ -u {username}:{password} \ -H 'Content-Type: application/json' \ -H 'Accept: application/json' \ @@ -91,7 +91,7 @@ The value is encrypted using the primary encryption provider before persistence. ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "Secret", "metadata": { "name": "database-password" @@ -125,7 +125,7 @@ Required roles: `admin` ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "Secret", "metadata": { "name": "database-password" @@ -177,7 +177,7 @@ Required roles: `admin` ```shell -curl -X GET http://localhost:9090/api/management/v0.9/secrets/{id} \ +curl -X GET http://localhost:9090/api/management/v1alpha2/secrets/{id} \ -u {username}:{password} \ -H 'Accept: application/json' @@ -208,7 +208,7 @@ Required roles: `admin` ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "Secret", "metadata": { "name": "database-password" @@ -260,7 +260,7 @@ Required roles: `admin` ```shell -curl -X PUT http://localhost:9090/api/management/v0.9/secrets/{id} \ +curl -X PUT http://localhost:9090/api/management/v1alpha2/secrets/{id} \ -u {username}:{password} \ -H 'Content-Type: application/json' \ -H 'Accept: application/json' \ @@ -276,7 +276,7 @@ to newer keys during updates. Old secrets remain readable via the provider chain ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "Secret", "metadata": { "name": "database-password" @@ -311,7 +311,7 @@ Required roles: `admin` ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "Secret", "metadata": { "name": "database-password" @@ -363,7 +363,7 @@ Required roles: `admin` ```shell -curl -X DELETE http://localhost:9090/api/management/v0.9/secrets/{id} \ +curl -X DELETE http://localhost:9090/api/management/v1alpha2/secrets/{id} \ -u {username}:{password} \ -H 'Accept: application/json' diff --git a/docs/rest-apis/gateway/webbroker-api-management.md b/docs/rest-apis/gateway/webbroker-api-management.md index 87caaa42a9..6a60c6e38d 100644 --- a/docs/rest-apis/gateway/webbroker-api-management.md +++ b/docs/rest-apis/gateway/webbroker-api-management.md @@ -10,7 +10,7 @@ ```shell -curl -X POST http://localhost:9090/api/management/v0.9/webbroker-apis \ +curl -X POST http://localhost:9090/api/management/v1alpha2/webbroker-apis \ -u {username}:{password} \ -H 'Content-Type: application/json' \ -H 'Accept: application/json' \ @@ -24,7 +24,7 @@ Add a new WebBrokerAPI to the Gateway. WebBrokerAPI provides bidirectional strea ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebBrokerApi", "metadata": { "name": "stock-trading-v1.0" @@ -102,7 +102,7 @@ Required roles: `admin`, `developer` ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebBrokerApi", "metadata": { "name": "stock-trading-v1.0" @@ -185,7 +185,7 @@ Required roles: `admin`, `developer` ```shell -curl -X GET http://localhost:9090/api/management/v0.9/webbroker-apis \ +curl -X GET http://localhost:9090/api/management/v1alpha2/webbroker-apis \ -u {username}:{password} \ -H 'Accept: application/json' @@ -227,7 +227,7 @@ Required roles: `admin`, `developer` "count": 3, "apis": [ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebBrokerApi", "metadata": { "name": "stock-trading-v1.0" @@ -374,7 +374,7 @@ Status Code **200** |Property|Value| |---|---| -|apiVersion|gateway.api-platform.wso2.com/v1alpha1| +|apiVersion|gateway.api-platform.wso2.com/v1alpha2| |kind|WebBrokerApi| |deploymentState|deployed| |deploymentState|undeployed| @@ -391,7 +391,7 @@ Status Code **200** ```shell -curl -X GET http://localhost:9090/api/management/v0.9/webbroker-apis/{id} \ +curl -X GET http://localhost:9090/api/management/v1alpha2/webbroker-apis/{id} \ -u {username}:{password} \ -H 'Accept: application/json' @@ -424,7 +424,7 @@ Required roles: `admin`, `developer` ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebBrokerApi", "metadata": { "name": "stock-trading-v1.0" @@ -506,7 +506,7 @@ Required roles: `admin`, `developer` ```shell -curl -X DELETE http://localhost:9090/api/management/v0.9/webbroker-apis/{id} \ +curl -X DELETE http://localhost:9090/api/management/v1alpha2/webbroker-apis/{id} \ -u {username}:{password} \ -H 'Accept: application/json' @@ -573,7 +573,7 @@ Status Code **200** ```shell -curl -X POST http://localhost:9090/api/management/v0.9/webbroker-apis/{id}/api-keys \ +curl -X POST http://localhost:9090/api/management/v1alpha2/webbroker-apis/{id}/api-keys \ -u {username}:{password} \ -H 'Content-Type: application/json' \ -H 'Accept: application/json' \ @@ -650,7 +650,7 @@ Required roles: `admin`, `consumer` ```shell -curl -X GET http://localhost:9090/api/management/v0.9/webbroker-apis/{id}/api-keys \ +curl -X GET http://localhost:9090/api/management/v1alpha2/webbroker-apis/{id}/api-keys \ -u {username}:{password} \ -H 'Accept: application/json' @@ -715,7 +715,7 @@ Required roles: `admin`, `consumer` ```shell -curl -X POST http://localhost:9090/api/management/v0.9/webbroker-apis/{id}/api-keys/{apiKeyName}/regenerate \ +curl -X POST http://localhost:9090/api/management/v1alpha2/webbroker-apis/{id}/api-keys/{apiKeyName}/regenerate \ -u {username}:{password} \ -H 'Content-Type: application/json' \ -H 'Accept: application/json' \ @@ -790,7 +790,7 @@ Required roles: `admin`, `consumer` ```shell -curl -X PUT http://localhost:9090/api/management/v0.9/webbroker-apis/{id}/api-keys/{apiKeyName} \ +curl -X PUT http://localhost:9090/api/management/v1alpha2/webbroker-apis/{id}/api-keys/{apiKeyName} \ -u {username}:{password} \ -H 'Content-Type: application/json' \ -H 'Accept: application/json' \ @@ -870,7 +870,7 @@ Required roles: `admin`, `consumer` ```shell -curl -X DELETE http://localhost:9090/api/management/v0.9/webbroker-apis/{id}/api-keys/{apiKeyName} \ +curl -X DELETE http://localhost:9090/api/management/v1alpha2/webbroker-apis/{id}/api-keys/{apiKeyName} \ -u {username}:{password} \ -H 'Accept: application/json' diff --git a/docs/rest-apis/gateway/websub-api-management.md b/docs/rest-apis/gateway/websub-api-management.md index 91cf39fcb0..80d07e8a49 100644 --- a/docs/rest-apis/gateway/websub-api-management.md +++ b/docs/rest-apis/gateway/websub-api-management.md @@ -10,7 +10,7 @@ ```shell -curl -X POST http://localhost:9090/api/management/v0.9/websub-apis \ +curl -X POST http://localhost:9090/api/management/v1alpha2/websub-apis \ -u {username}:{password} \ -H 'Content-Type: application/json' \ -H 'Accept: application/json' \ @@ -24,7 +24,7 @@ Add a new WebSubAPI to the Gateway. ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebSubApi", "metadata": { "name": "github-events-v1.0" @@ -68,7 +68,7 @@ Required roles: `admin`, `developer` ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebSubApi", "metadata": { "name": "github-events-v1.0" @@ -117,7 +117,7 @@ Required roles: `admin`, `developer` ```shell -curl -X GET http://localhost:9090/api/management/v0.9/websub-apis \ +curl -X GET http://localhost:9090/api/management/v1alpha2/websub-apis \ -u {username}:{password} \ -H 'Accept: application/json' @@ -160,7 +160,7 @@ Required roles: `admin`, `developer` "count": 5, "apis": [ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebSubApi", "metadata": { "name": "github-events-v1.0" @@ -263,7 +263,7 @@ Status Code **200** |Property|Value| |---|---| -|apiVersion|gateway.api-platform.wso2.com/v1alpha1| +|apiVersion|gateway.api-platform.wso2.com/v1alpha2| |kind|WebSubApi| |deploymentState|deployed| |deploymentState|undeployed| @@ -280,7 +280,7 @@ Status Code **200** ```shell -curl -X POST http://localhost:9090/api/management/v0.9/websub-apis/{id}/api-keys \ +curl -X POST http://localhost:9090/api/management/v1alpha2/websub-apis/{id}/api-keys \ -u {username}:{password} \ -H 'Content-Type: application/json' \ -H 'Accept: application/json' \ @@ -357,7 +357,7 @@ Required roles: `admin`, `consumer` ```shell -curl -X GET http://localhost:9090/api/management/v0.9/websub-apis/{id}/api-keys \ +curl -X GET http://localhost:9090/api/management/v1alpha2/websub-apis/{id}/api-keys \ -u {username}:{password} \ -H 'Accept: application/json' @@ -422,7 +422,7 @@ Required roles: `admin`, `consumer` ```shell -curl -X POST http://localhost:9090/api/management/v0.9/websub-apis/{id}/api-keys/{apiKeyName}/regenerate \ +curl -X POST http://localhost:9090/api/management/v1alpha2/websub-apis/{id}/api-keys/{apiKeyName}/regenerate \ -u {username}:{password} \ -H 'Content-Type: application/json' \ -H 'Accept: application/json' \ @@ -497,7 +497,7 @@ Required roles: `admin`, `consumer` ```shell -curl -X PUT http://localhost:9090/api/management/v0.9/websub-apis/{id}/api-keys/{apiKeyName} \ +curl -X PUT http://localhost:9090/api/management/v1alpha2/websub-apis/{id}/api-keys/{apiKeyName} \ -u {username}:{password} \ -H 'Content-Type: application/json' \ -H 'Accept: application/json' \ @@ -575,7 +575,7 @@ Required roles: `admin`, `consumer` ```shell -curl -X DELETE http://localhost:9090/api/management/v0.9/websub-apis/{id}/api-keys/{apiKeyName} \ +curl -X DELETE http://localhost:9090/api/management/v1alpha2/websub-apis/{id}/api-keys/{apiKeyName} \ -u {username}:{password} \ -H 'Accept: application/json' @@ -629,7 +629,7 @@ Required roles: `admin`, `consumer` ```shell -curl -X GET http://localhost:9090/api/management/v0.9/websub-apis/{id} \ +curl -X GET http://localhost:9090/api/management/v1alpha2/websub-apis/{id} \ -u {username}:{password} \ -H 'Accept: application/json' @@ -662,7 +662,7 @@ Required roles: `admin`, `developer` ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebSubApi", "metadata": { "name": "github-events-v1.0" @@ -710,7 +710,7 @@ Required roles: `admin`, `developer` ```shell -curl -X PUT http://localhost:9090/api/management/v0.9/websub-apis/{id} \ +curl -X PUT http://localhost:9090/api/management/v1alpha2/websub-apis/{id} \ -u {username}:{password} \ -H 'Content-Type: application/json' \ -H 'Accept: application/json' \ @@ -724,7 +724,7 @@ Update an existing WebSubAPI in the Gateway. ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebSubApi", "metadata": { "name": "github-events-v1.0" @@ -773,7 +773,7 @@ Required roles: `admin`, `developer` ```json { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebSubApi", "metadata": { "name": "github-events-v1.0" @@ -822,7 +822,7 @@ Required roles: `admin`, `developer` ```shell -curl -X DELETE http://localhost:9090/api/management/v0.9/websub-apis/{id} \ +curl -X DELETE http://localhost:9090/api/management/v1alpha2/websub-apis/{id} \ -u {username}:{password} \ -H 'Accept: application/json' diff --git a/event-gateway/it/features/webbroker-api-management.feature b/event-gateway/it/features/webbroker-api-management.feature index 20ee6477c4..00c6a5449a 100644 --- a/event-gateway/it/features/webbroker-api-management.feature +++ b/event-gateway/it/features/webbroker-api-management.feature @@ -31,7 +31,7 @@ Feature: WebBroker API Management When I create a WebBroker API with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebBrokerApi", "metadata": { "name": "wb-create-test-v1.0" }, "spec": { @@ -76,7 +76,7 @@ Feature: WebBroker API Management When I create a WebBroker API with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebBrokerApi", "metadata": { "name": "wb-auth-test-v1.0" }, "spec": { @@ -127,7 +127,7 @@ Feature: WebBroker API Management When I create a WebBroker API with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebBrokerApi", "metadata": { "name": "wb-list-test-v1.0" }, "spec": { @@ -173,7 +173,7 @@ Feature: WebBroker API Management When I create a WebBroker API with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebBrokerApi", "metadata": { "name": "wb-get-test-v1.0" }, "spec": { @@ -225,7 +225,7 @@ Feature: WebBroker API Management When I create a WebBroker API with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebBrokerApi", "metadata": { "name": "wb-delete-test-v1.0" }, "spec": { diff --git a/event-gateway/it/features/webbroker-e2e.feature b/event-gateway/it/features/webbroker-e2e.feature index 1e18c6d94e..ecf00fca5a 100644 --- a/event-gateway/it/features/webbroker-e2e.feature +++ b/event-gateway/it/features/webbroker-e2e.feature @@ -38,7 +38,7 @@ Feature: WebBroker End-to-End Flow When I create a WebBroker API with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebBrokerApi", "metadata": { "name": "stock-trading-conn-v1.0" }, "spec": { @@ -91,7 +91,7 @@ Feature: WebBroker End-to-End Flow When I create a WebBroker API with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebBrokerApi", "metadata": { "name": "stock-trading-echo-v1.0" }, "spec": { @@ -148,7 +148,7 @@ Feature: WebBroker End-to-End Flow When I create a WebBroker API with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebBrokerApi", "metadata": { "name": "stock-trading-pprod-v1.0" }, "spec": { @@ -203,7 +203,7 @@ Feature: WebBroker End-to-End Flow When I create a WebBroker API with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebBrokerApi", "metadata": { "name": "stock-trading-pcons-v1.0" }, "spec": { @@ -261,7 +261,7 @@ Feature: WebBroker End-to-End Flow When I create a WebBroker API with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebBrokerApi", "metadata": { "name": "stock-trading-auth-rej-v1.0" }, "spec": { @@ -315,7 +315,7 @@ Feature: WebBroker End-to-End Flow When I create a WebBroker API with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebBrokerApi", "metadata": { "name": "stock-trading-auth-ok-v1.0" }, "spec": { diff --git a/event-gateway/it/features/websub-api-management.feature b/event-gateway/it/features/websub-api-management.feature index cee602a27c..dfaa5af2c6 100644 --- a/event-gateway/it/features/websub-api-management.feature +++ b/event-gateway/it/features/websub-api-management.feature @@ -31,7 +31,7 @@ Feature: WebSub API Management When I create a WebSub API with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebSubApi", "metadata": { "name": "repo-watcher-v1-0" @@ -62,7 +62,7 @@ Feature: WebSub API Management When I create a WebSub API with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebSubApi", "metadata": { "name": "secure-events-v1-0" @@ -107,7 +107,7 @@ Feature: WebSub API Management When I create a WebSub API with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebSubApi", "metadata": { "name": "list-test-v1-0" }, "spec": { @@ -137,7 +137,7 @@ Feature: WebSub API Management When I create a WebSub API with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebSubApi", "metadata": { "name": "get-test-v1-0" }, "spec": { @@ -174,7 +174,7 @@ Feature: WebSub API Management When I create a WebSub API with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebSubApi", "metadata": { "name": "update-test-v1-0" }, "spec": { @@ -192,7 +192,7 @@ Feature: WebSub API Management When I update the WebSub API "update-test-v1-0" with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebSubApi", "metadata": { "name": "update-test-v1-0" }, "spec": { @@ -228,7 +228,7 @@ Feature: WebSub API Management When I create a WebSub API with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebSubApi", "metadata": { "name": "delete-test-v1-0" }, "spec": { diff --git a/event-gateway/it/features/websub-e2e.feature b/event-gateway/it/features/websub-e2e.feature index a334c84a75..c0f31f5af6 100644 --- a/event-gateway/it/features/websub-e2e.feature +++ b/event-gateway/it/features/websub-e2e.feature @@ -31,7 +31,7 @@ Feature: WebSub End-to-End Flow When I create a WebSub API with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebSubApi", "metadata": { "name": "e2e-subscribe-v1-0" }, "spec": { @@ -59,7 +59,7 @@ Feature: WebSub End-to-End Flow When I create a WebSub API with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebSubApi", "metadata": { "name": "e2e-auth-v1-0" }, "spec": { @@ -99,7 +99,7 @@ Feature: WebSub End-to-End Flow When I create a WebSub API with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebSubApi", "metadata": { "name": "e2e-unknown-topic-v1-0" }, "spec": { @@ -129,7 +129,7 @@ Feature: WebSub End-to-End Flow When I create a WebSub API with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebSubApi", "metadata": { "name": "e2e-publish-v1-0" }, "spec": { @@ -157,7 +157,7 @@ Feature: WebSub End-to-End Flow When I create a WebSub API with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebSubApi", "metadata": { "name": "e2e-bad-topic-v1-0" }, "spec": { @@ -188,7 +188,7 @@ Feature: WebSub End-to-End Flow When I create a WebSub API with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebSubApi", "metadata": { "name": "e2e-full-v1-0" }, "spec": { @@ -235,7 +235,7 @@ Feature: WebSub End-to-End Flow When I create a WebSub API with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebSubApi", "metadata": { "name": "e2e-unsub-v1-0" }, "spec": { diff --git a/event-gateway/it/features/websub-webhook-secrets.feature b/event-gateway/it/features/websub-webhook-secrets.feature index 8e673dc4f0..f2a5f5c17a 100644 --- a/event-gateway/it/features/websub-webhook-secrets.feature +++ b/event-gateway/it/features/websub-webhook-secrets.feature @@ -31,7 +31,7 @@ Feature: WebSub API Webhook Secret Management When I create a WebSub API with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebSubApi", "metadata": { "name": "secret-create-v1-0" }, "spec": { @@ -65,7 +65,7 @@ Feature: WebSub API Webhook Secret Management When I create a WebSub API with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebSubApi", "metadata": { "name": "secret-list-v1-0" }, "spec": { @@ -102,7 +102,7 @@ Feature: WebSub API Webhook Secret Management When I create a WebSub API with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebSubApi", "metadata": { "name": "secret-regen-v1-0" }, "spec": { @@ -139,7 +139,7 @@ Feature: WebSub API Webhook Secret Management When I create a WebSub API with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebSubApi", "metadata": { "name": "secret-del-v1-0" }, "spec": { @@ -183,7 +183,7 @@ Feature: WebSub API Webhook Secret Management When I create a WebSub API with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebSubApi", "metadata": { "name": "secret-dup-v1-0" }, "spec": { @@ -215,7 +215,7 @@ Feature: WebSub API Webhook Secret Management When I create a WebSub API with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebSubApi", "metadata": { "name": "secret-regen-404-v1-0" }, "spec": { @@ -243,7 +243,7 @@ Feature: WebSub API Webhook Secret Management When I create a WebSub API with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebSubApi", "metadata": { "name": "secret-del-404-v1-0" }, "spec": { @@ -273,7 +273,7 @@ Feature: WebSub API Webhook Secret Management When I create a WebSub API with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebSubApi", "metadata": { "name": "hmac-valid-v1-0" }, "spec": { @@ -320,7 +320,7 @@ Feature: WebSub API Webhook Secret Management When I create a WebSub API with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebSubApi", "metadata": { "name": "hmac-reject-v1-0" }, "spec": { @@ -367,7 +367,7 @@ Feature: WebSub API Webhook Secret Management When I create a WebSub API with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebSubApi", "metadata": { "name": "hmac-regen-v1-0" }, "spec": { @@ -421,7 +421,7 @@ Feature: WebSub API Webhook Secret Management When I create a WebSub API with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "WebSubApi", "metadata": { "name": "hmac-deleted-v1-0" }, "spec": { diff --git a/event-gateway/it/state.go b/event-gateway/it/state.go index 33ec33ac69..27687b8e42 100644 --- a/event-gateway/it/state.go +++ b/event-gateway/it/state.go @@ -45,7 +45,7 @@ const ( WebhookListenerPort = "8090" // GatewayManagementAPIBasePath is the base path for the management REST API. - GatewayManagementAPIBasePath = "/api/management/v0.9" + GatewayManagementAPIBasePath = "/api/management/v1alpha2" ) // AuthUser holds credentials for a test user. diff --git a/event-gateway/spec/postman/Control Plane.postman_collection.json b/event-gateway/spec/postman/Control Plane.postman_collection.json index 581139baf7..6dfa4cd70f 100644 --- a/event-gateway/spec/postman/Control Plane.postman_collection.json +++ b/event-gateway/spec/postman/Control Plane.postman_collection.json @@ -29,7 +29,7 @@ "header": [], "body": { "mode": "raw", - "raw": "{\r\n \"apiVersion\": \"gateway.api-platform.wso2.com/v1alpha1\",\r\n \"kind\": \"WebSubApi\",\r\n \"metadata\": {\r\n \"name\": \"repo-watcher-v1-0\"\r\n },\r\n \"spec\": {\r\n \"displayName\": \"repo-watcher\",\r\n \"version\": \"v1.0\",\r\n \"context\": \"/repos\",\r\n \"allChannelPolicies\": {\r\n \"on_subscription\": [\r\n {\r\n \"name\": \"api-key-auth\",\r\n \"version\": \"v1\",\r\n \"params\": {\r\n \"in\": \"header\",\r\n \"name\": \"X-API-Key\"\r\n }\r\n }\r\n ],\r\n \"on_unsubscription\": [\r\n {\r\n \"name\": \"api-key-auth\",\r\n \"version\": \"v1\",\r\n \"params\": {\r\n \"in\": \"header\",\r\n \"name\": \"X-API-Key\"\r\n }\r\n }\r\n ],\r\n \"on_message_received\": [\r\n {\r\n \"name\": \"hmac-signature-validation\",\r\n \"version\": \"v1\",\r\n \"params\": {\r\n \"header\": \"X-Hub-Signature-256\",\r\n \"secret\": \"your-publisher-webhook-secret\",\r\n \"algorithm\": \"sha256\"\r\n }\r\n }\r\n ],\r\n \"on_message_delivery\": [\r\n {\r\n \"name\": \"hmac-sign-messages\",\r\n \"version\": \"v1\",\r\n \"params\": {\r\n \"header\": \"X-Hub-Signature-256\",\r\n \"secret\": \"your-publisher-webhook-secret\",\r\n \"algorithm\": \"sha256\"\r\n }\r\n }\r\n ]\r\n },\r\n \"channelPolicies\": {\r\n \"issues\": {\r\n \"on_subscription\": [\r\n {\r\n \"name\": \"rbac\",\r\n \"version\": \"v1\",\r\n \"params\": {\r\n \"allowedRoles\": [\r\n \"admin\",\r\n \"issue-manager\"\r\n ]\r\n }\r\n }\r\n ],\r\n \"on_message_received\": [],\r\n \"on_message_delivery\": []\r\n },\r\n \"pull-requests\": {\r\n \"on_subscription\": [\r\n {\r\n \"name\": \"rbac\",\r\n \"version\": \"v1\",\r\n \"params\": {\r\n \"allowedRoles\": [\r\n \"admin\",\r\n \"developer\"\r\n ]\r\n }\r\n }\r\n ],\r\n \"on_message_received\": [],\r\n \"on_message_delivery\": []\r\n }\r\n },\r\n \"deploymentState\": \"deployed\"\r\n }\r\n}\r\n", + "raw": "{\r\n \"apiVersion\": \"gateway.api-platform.wso2.com/v1alpha2\",\r\n \"kind\": \"WebSubApi\",\r\n \"metadata\": {\r\n \"name\": \"repo-watcher-v1-0\"\r\n },\r\n \"spec\": {\r\n \"displayName\": \"repo-watcher\",\r\n \"version\": \"v1.0\",\r\n \"context\": \"/repos\",\r\n \"allChannelPolicies\": {\r\n \"on_subscription\": [\r\n {\r\n \"name\": \"api-key-auth\",\r\n \"version\": \"v1\",\r\n \"params\": {\r\n \"in\": \"header\",\r\n \"name\": \"X-API-Key\"\r\n }\r\n }\r\n ],\r\n \"on_unsubscription\": [\r\n {\r\n \"name\": \"api-key-auth\",\r\n \"version\": \"v1\",\r\n \"params\": {\r\n \"in\": \"header\",\r\n \"name\": \"X-API-Key\"\r\n }\r\n }\r\n ],\r\n \"on_message_received\": [\r\n {\r\n \"name\": \"hmac-signature-validation\",\r\n \"version\": \"v1\",\r\n \"params\": {\r\n \"header\": \"X-Hub-Signature-256\",\r\n \"secret\": \"your-publisher-webhook-secret\",\r\n \"algorithm\": \"sha256\"\r\n }\r\n }\r\n ],\r\n \"on_message_delivery\": [\r\n {\r\n \"name\": \"hmac-sign-messages\",\r\n \"version\": \"v1\",\r\n \"params\": {\r\n \"header\": \"X-Hub-Signature-256\",\r\n \"secret\": \"your-publisher-webhook-secret\",\r\n \"algorithm\": \"sha256\"\r\n }\r\n }\r\n ]\r\n },\r\n \"channelPolicies\": {\r\n \"issues\": {\r\n \"on_subscription\": [\r\n {\r\n \"name\": \"rbac\",\r\n \"version\": \"v1\",\r\n \"params\": {\r\n \"allowedRoles\": [\r\n \"admin\",\r\n \"issue-manager\"\r\n ]\r\n }\r\n }\r\n ],\r\n \"on_message_received\": [],\r\n \"on_message_delivery\": []\r\n },\r\n \"pull-requests\": {\r\n \"on_subscription\": [\r\n {\r\n \"name\": \"rbac\",\r\n \"version\": \"v1\",\r\n \"params\": {\r\n \"allowedRoles\": [\r\n \"admin\",\r\n \"developer\"\r\n ]\r\n }\r\n }\r\n ],\r\n \"on_message_received\": [],\r\n \"on_message_delivery\": []\r\n }\r\n },\r\n \"deploymentState\": \"deployed\"\r\n }\r\n}\r\n", "options": { "raw": { "language": "json" @@ -37,7 +37,7 @@ } }, "url": { - "raw": "http://{{host}}/api/management/v0.9/websub-apis", + "raw": "http://{{host}}/api/management/v1alpha2/websub-apis", "protocol": "http", "host": [ "{{host}}" @@ -45,7 +45,7 @@ "path": [ "api", "management", - "v0.9", + "v1alpha2", "websub-apis" ] } @@ -73,7 +73,7 @@ "method": "GET", "header": [], "url": { - "raw": "http://{{host}}/api/management/v0.9/websub-apis/repo-watcher-v1-0", + "raw": "http://{{host}}/api/management/v1alpha2/websub-apis/repo-watcher-v1-0", "protocol": "http", "host": [ "{{host}}" @@ -81,7 +81,7 @@ "path": [ "api", "management", - "v0.9", + "v1alpha2", "websub-apis", "repo-watcher-v1-0" ] @@ -111,7 +111,7 @@ "header": [], "body": { "mode": "raw", - "raw": "{\r\n \"apiVersion\": \"gateway.api-platform.wso2.com/v1alpha1\",\r\n \"kind\": \"WebSubApi\",\r\n \"metadata\": {\r\n \"name\": \"repo-watcher-v1-0\"\r\n },\r\n \"spec\": {\r\n \"displayName\": \"repo-watcher\",\r\n \"version\": \"v1.0\",\r\n \"context\": \"/repos\",\r\n \"receiver\": {\r\n \"policies\": [\r\n {\r\n \"name\": \"hmac-signature-validation\",\r\n \"version\": \"v1\",\r\n \"params\": {\r\n \"header\": \"X-Hub-Signature-256\",\r\n \"secret\": \"your-publisher-webhook-secret\",\r\n \"algorithm\": \"sha256\"\r\n }\r\n }\r\n ]\r\n },\r\n \"hub\": {\r\n \"policies\": [\r\n {\r\n \"name\": \"api-key-auth\",\r\n \"version\": \"v1\",\r\n \"params\": {\r\n \"in\": \"header\",\r\n \"name\": \"X-API-Key\"\r\n }\r\n }\r\n ],\r\n \"channels\": [\r\n {\r\n \"name\": \"issues\",\r\n \"policies\": [\r\n {\r\n \"name\": \"rbac\",\r\n \"version\": \"v1\",\r\n \"params\": {\r\n \"allowedRoles\": [\r\n \"admin\",\r\n \"issue-manager\"\r\n ]\r\n }\r\n }\r\n ]\r\n },\r\n {\r\n \"name\": \"pull-requests\",\r\n \"policies\": [\r\n {\r\n \"name\": \"rbac\",\r\n \"version\": \"v1\",\r\n \"params\": {\r\n \"allowedRoles\": [\r\n \"admin\",\r\n \"developer\"\r\n ]\r\n }\r\n }\r\n ]\r\n },\r\n {\r\n \"name\": \"releases\",\r\n \"policies\": [\r\n {\r\n \"name\": \"rbac\",\r\n \"version\": \"v1\",\r\n \"params\": {\r\n \"allowedRoles\": [\r\n \"admin\"\r\n ]\r\n }\r\n }\r\n ]\r\n }\r\n ]\r\n },\r\n \"deploymentState\": \"deployed\"\r\n }\r\n}\r\n", + "raw": "{\r\n \"apiVersion\": \"gateway.api-platform.wso2.com/v1alpha2\",\r\n \"kind\": \"WebSubApi\",\r\n \"metadata\": {\r\n \"name\": \"repo-watcher-v1-0\"\r\n },\r\n \"spec\": {\r\n \"displayName\": \"repo-watcher\",\r\n \"version\": \"v1.0\",\r\n \"context\": \"/repos\",\r\n \"receiver\": {\r\n \"policies\": [\r\n {\r\n \"name\": \"hmac-signature-validation\",\r\n \"version\": \"v1\",\r\n \"params\": {\r\n \"header\": \"X-Hub-Signature-256\",\r\n \"secret\": \"your-publisher-webhook-secret\",\r\n \"algorithm\": \"sha256\"\r\n }\r\n }\r\n ]\r\n },\r\n \"hub\": {\r\n \"policies\": [\r\n {\r\n \"name\": \"api-key-auth\",\r\n \"version\": \"v1\",\r\n \"params\": {\r\n \"in\": \"header\",\r\n \"name\": \"X-API-Key\"\r\n }\r\n }\r\n ],\r\n \"channels\": [\r\n {\r\n \"name\": \"issues\",\r\n \"policies\": [\r\n {\r\n \"name\": \"rbac\",\r\n \"version\": \"v1\",\r\n \"params\": {\r\n \"allowedRoles\": [\r\n \"admin\",\r\n \"issue-manager\"\r\n ]\r\n }\r\n }\r\n ]\r\n },\r\n {\r\n \"name\": \"pull-requests\",\r\n \"policies\": [\r\n {\r\n \"name\": \"rbac\",\r\n \"version\": \"v1\",\r\n \"params\": {\r\n \"allowedRoles\": [\r\n \"admin\",\r\n \"developer\"\r\n ]\r\n }\r\n }\r\n ]\r\n },\r\n {\r\n \"name\": \"releases\",\r\n \"policies\": [\r\n {\r\n \"name\": \"rbac\",\r\n \"version\": \"v1\",\r\n \"params\": {\r\n \"allowedRoles\": [\r\n \"admin\"\r\n ]\r\n }\r\n }\r\n ]\r\n }\r\n ]\r\n },\r\n \"deploymentState\": \"deployed\"\r\n }\r\n}\r\n", "options": { "raw": { "language": "json" @@ -119,7 +119,7 @@ } }, "url": { - "raw": "http://{{host}}/api/management/v0.9/websub-apis/repo-watcher-v1-0", + "raw": "http://{{host}}/api/management/v1alpha2/websub-apis/repo-watcher-v1-0", "protocol": "http", "host": [ "{{host}}" @@ -127,7 +127,7 @@ "path": [ "api", "management", - "v0.9", + "v1alpha2", "websub-apis", "repo-watcher-v1-0" ] @@ -156,7 +156,7 @@ "method": "DELETE", "header": [], "url": { - "raw": "http://{{host}}/api/management/v0.9/websub-apis/repo-watcher-v1-0", + "raw": "http://{{host}}/api/management/v1alpha2/websub-apis/repo-watcher-v1-0", "protocol": "http", "host": [ "{{host}}" @@ -164,7 +164,7 @@ "path": [ "api", "management", - "v0.9", + "v1alpha2", "websub-apis", "repo-watcher-v1-0" ] @@ -193,7 +193,7 @@ "method": "GET", "header": [], "url": { - "raw": "http://{{host}}/api/management/v0.9/websub-apis", + "raw": "http://{{host}}/api/management/v1alpha2/websub-apis", "protocol": "http", "host": [ "{{host}}" @@ -201,7 +201,7 @@ "path": [ "api", "management", - "v0.9", + "v1alpha2", "websub-apis" ] } diff --git a/gateway/build-manifest.yaml b/gateway/build-manifest.yaml index 3787d4e44d..04b15d733f 100644 --- a/gateway/build-manifest.yaml +++ b/gateway/build-manifest.yaml @@ -7,7 +7,7 @@ policies: version: v1.0.1 gomodule: github.com/wso2/gateway-controllers/policies/analytics-header-filter@v1 - name: api-key-auth - version: v1.0.3 + version: v1.0.4 gomodule: github.com/wso2/gateway-controllers/policies/api-key-auth@v1 - name: aws-bedrock-guardrail version: v1.0.2 @@ -16,7 +16,7 @@ policies: version: v1.0.2 gomodule: github.com/wso2/gateway-controllers/policies/azure-content-safety-content-moderation@v1 - name: basic-auth - version: v1.0.1 + version: v1.0.2 gomodule: github.com/wso2/gateway-controllers/policies/basic-auth@v1 - name: basic-ratelimit version: v1.0.2 @@ -43,7 +43,7 @@ policies: version: v1.0.2 gomodule: github.com/wso2/gateway-controllers/policies/json-xml-mediator@v1 - name: jwt-auth - version: v1.0.4 + version: v1.0.5 gomodule: github.com/wso2/gateway-controllers/policies/jwt-auth@v1 - name: llm-cost version: v1.0.3 @@ -112,7 +112,7 @@ policies: version: v1.0.2 gomodule: github.com/wso2/gateway-controllers/policies/sentence-count-guardrail@v1 - name: set-headers - version: v1.0.1 + version: v1.1.0 gomodule: github.com/wso2/gateway-controllers/policies/set-headers@v1 - name: subscription-validation version: v1.0.2 diff --git a/gateway/examples/api-key.yaml b/gateway/examples/api-key.yaml index ae9eaf8623..12b9ccb586 100644 --- a/gateway/examples/api-key.yaml +++ b/gateway/examples/api-key.yaml @@ -16,7 +16,7 @@ # # The optional spec.apiKey lets clients ship pre-generated keys; omit the # field to let the gateway-controller generate the value on POST. -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: ApiKey metadata: name: petstore-key-acme diff --git a/gateway/examples/basic-ratelimit-demo-api.yaml b/gateway/examples/basic-ratelimit-demo-api.yaml index 20a00a5e17..d0da7b6e9e 100644 --- a/gateway/examples/basic-ratelimit-demo-api.yaml +++ b/gateway/examples/basic-ratelimit-demo-api.yaml @@ -19,7 +19,7 @@ # This example demonstrates various rate limiting configurations # See the documentation at: https://github.com/wso2/gateway-controllers/blob/main/docs/README.md -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ecommerce-api-v1 diff --git a/gateway/examples/certificate.yaml b/gateway/examples/certificate.yaml index ab832b3a81..87cf8ad86e 100644 --- a/gateway/examples/certificate.yaml +++ b/gateway/examples/certificate.yaml @@ -11,7 +11,7 @@ # A Certificate uploads a PEM-encoded TLS certificate to the gateway. The # gateway-controller assigns a UUID id on first upload that the operator # persists to .status.id; the CR then becomes immutable on the gateway side. -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Certificate metadata: name: example-upstream-ca diff --git a/gateway/examples/llm-provider-template.yaml b/gateway/examples/llm-provider-template.yaml index 141073ee95..c2ed210a37 100644 --- a/gateway/examples/llm-provider-template.yaml +++ b/gateway/examples/llm-provider-template.yaml @@ -16,7 +16,7 @@ # under the License. # -------------------------------------------------------------------- -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: my-llm-provider-template diff --git a/gateway/examples/llm-provider.yaml b/gateway/examples/llm-provider.yaml index 7b4b8a7686..35c776dd92 100644 --- a/gateway/examples/llm-provider.yaml +++ b/gateway/examples/llm-provider.yaml @@ -16,7 +16,7 @@ # under the License. # -------------------------------------------------------------------- -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: my-llm-provider diff --git a/gateway/examples/llm-proxy.yaml b/gateway/examples/llm-proxy.yaml index fa3b6d5c02..295c75dfda 100644 --- a/gateway/examples/llm-proxy.yaml +++ b/gateway/examples/llm-proxy.yaml @@ -16,7 +16,7 @@ # under the License. # -------------------------------------------------------------------- -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProxy metadata: name: wso2con-assistant diff --git a/gateway/examples/managed-secret.yaml b/gateway/examples/managed-secret.yaml index c7cf77ed89..ac03271831 100644 --- a/gateway/examples/managed-secret.yaml +++ b/gateway/examples/managed-secret.yaml @@ -19,7 +19,7 @@ # A ManagedSecret pushes a secret into the gateway-controller secret store. # Use either an inline value (good for demos) or valueFrom (recommended for # production: keeps the plaintext in a Kubernetes Secret). -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: ManagedSecret metadata: name: openai-api-key diff --git a/gateway/examples/mcp-proxy.yaml b/gateway/examples/mcp-proxy.yaml index ac7d84bba9..71058ce618 100644 --- a/gateway/examples/mcp-proxy.yaml +++ b/gateway/examples/mcp-proxy.yaml @@ -16,7 +16,7 @@ # under the License. # -------------------------------------------------------------------- -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Mcp metadata: name: everything-mcp-v1.0 diff --git a/gateway/examples/petstore-api.yaml b/gateway/examples/petstore-api.yaml index 5a8281e712..8c9fcf3384 100644 --- a/gateway/examples/petstore-api.yaml +++ b/gateway/examples/petstore-api.yaml @@ -16,7 +16,7 @@ # under the License. # -------------------------------------------------------------------- -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: petstore-api-v1.0 diff --git a/gateway/examples/reading-list-v1.json b/gateway/examples/reading-list-v1.json index 0b58fd27e3..b81b18ec30 100644 --- a/gateway/examples/reading-list-v1.json +++ b/gateway/examples/reading-list-v1.json @@ -1,5 +1,5 @@ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "RestApi", "metadata": { "name": "reading-list-v1" diff --git a/gateway/examples/sample-echo-api.yaml b/gateway/examples/sample-echo-api.yaml index 895f93c02e..562bf5d9a3 100644 --- a/gateway/examples/sample-echo-api.yaml +++ b/gateway/examples/sample-echo-api.yaml @@ -20,7 +20,7 @@ # Used by the `gateway-debug` agent skill to reproduce issues with # minimal moving parts. -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: sample-echo-v1 diff --git a/gateway/examples/subscription-plan.yaml b/gateway/examples/subscription-plan.yaml index fc1f754d29..60786b3338 100644 --- a/gateway/examples/subscription-plan.yaml +++ b/gateway/examples/subscription-plan.yaml @@ -12,7 +12,7 @@ # subscriptions. The gateway-controller assigns a UUID id on first POST # which the operator persists to .status.id and uses for subsequent # update/delete calls. -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: SubscriptionPlan metadata: name: bronze-1k-per-min diff --git a/gateway/examples/subscription.yaml b/gateway/examples/subscription.yaml index d8f1a7a8f5..20aaf7cbc2 100644 --- a/gateway/examples/subscription.yaml +++ b/gateway/examples/subscription.yaml @@ -13,7 +13,7 @@ # stored in the CR; the operator forwards it to the gateway which only # persists its hash. The gateway-issued UUID is recorded in .status.id and # used for subsequent update/delete calls. -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Subscription metadata: name: petstore-acme-bronze diff --git a/gateway/gateway-controller/api/management-openapi.yaml b/gateway/gateway-controller/api/management-openapi.yaml index 47c58fffb4..50bb13db35 100644 --- a/gateway/gateway-controller/api/management-openapi.yaml +++ b/gateway/gateway-controller/api/management-openapi.yaml @@ -7,9 +7,9 @@ info: contact: name: WSO2 API Platform Team servers: - - url: http://localhost:9090/api/management/v0.9 + - url: http://localhost:9090/api/management/v1alpha2 description: Local development - - url: http://gateway-controller:9090/api/management/v0.9 + - url: http://gateway-controller:9090/api/management/v1alpha2 description: Docker/Kubernetes deployment security: @@ -3659,7 +3659,7 @@ paths: created: summary: Successful creation value: - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Secret metadata: name: database-password @@ -3732,7 +3732,7 @@ paths: success: summary: Successful retrieval value: - apiVersion: "gateway.api-platform.wso2.com/v1alpha1" + apiVersion: "gateway.api-platform.wso2.com/v1alpha2" kind: "Secret" metadata: name: "database-password" @@ -3793,7 +3793,7 @@ paths: updated: summary: Successful update value: - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Secret metadata: name: database-password @@ -3919,9 +3919,9 @@ components: apiVersion: type: string description: API specification version - example: gateway.api-platform.wso2.com/v1alpha1 + example: gateway.api-platform.wso2.com/v1alpha2 enum: - - gateway.api-platform.wso2.com/v1alpha1 + - gateway.api-platform.wso2.com/v1alpha2 kind: type: string description: API type @@ -3933,7 +3933,7 @@ components: spec: $ref: '#/components/schemas/APIConfigData' example: - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: reading-list-api-v1.0 @@ -3980,7 +3980,7 @@ components: allOf: - $ref: '#/components/schemas/ResourceStatus' example: - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: reading-list-api-v1.0 @@ -4032,9 +4032,9 @@ components: apiVersion: type: string description: API specification version - example: gateway.api-platform.wso2.com/v1alpha1 + example: gateway.api-platform.wso2.com/v1alpha2 enum: - - gateway.api-platform.wso2.com/v1alpha1 + - gateway.api-platform.wso2.com/v1alpha2 kind: type: string description: API type @@ -4046,7 +4046,7 @@ components: spec: $ref: '#/components/schemas/WebhookAPIData' example: - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: WebSubApi metadata: name: github-events-v1.0 @@ -4071,7 +4071,7 @@ components: allOf: - $ref: '#/components/schemas/ResourceStatus' example: - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: WebSubApi metadata: name: github-events-v1.0 @@ -4544,9 +4544,9 @@ components: apiVersion: type: string description: API specification version - example: gateway.api-platform.wso2.com/v1alpha1 + example: gateway.api-platform.wso2.com/v1alpha2 enum: - - gateway.api-platform.wso2.com/v1alpha1 + - gateway.api-platform.wso2.com/v1alpha2 kind: type: string description: API type @@ -4558,7 +4558,7 @@ components: spec: $ref: '#/components/schemas/WebBrokerApiData' example: - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: WebBrokerApi metadata: name: stock-trading-v1.0 @@ -4607,7 +4607,7 @@ components: allOf: - $ref: '#/components/schemas/ResourceStatus' example: - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: WebBrokerApi metadata: name: stock-trading-v1.0 @@ -5225,9 +5225,9 @@ components: apiVersion: type: string description: MCP Proxy specification version - example: gateway.api-platform.wso2.com/v1alpha1 + example: gateway.api-platform.wso2.com/v1alpha2 enum: - - gateway.api-platform.wso2.com/v1alpha1 + - gateway.api-platform.wso2.com/v1alpha2 kind: type: string description: MCP Proxy type @@ -5239,7 +5239,7 @@ components: spec: $ref: "#/components/schemas/MCPProxyConfigData" example: - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Mcp metadata: name: everything-mcp-v1.0 @@ -5265,7 +5265,7 @@ components: allOf: - $ref: '#/components/schemas/ResourceStatus' example: - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Mcp metadata: name: everything-mcp-v1.0 @@ -5476,9 +5476,9 @@ components: apiVersion: type: string description: Template specification version - example: gateway.api-platform.wso2.com/v1alpha1 + example: gateway.api-platform.wso2.com/v1alpha2 enum: - - gateway.api-platform.wso2.com/v1alpha1 + - gateway.api-platform.wso2.com/v1alpha2 kind: type: string description: Template kind @@ -5490,7 +5490,7 @@ components: spec: $ref: '#/components/schemas/LLMProviderTemplateData' example: - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: openai-template @@ -5526,7 +5526,7 @@ components: allOf: - $ref: '#/components/schemas/ResourceStatus' example: - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: openai-template @@ -5643,9 +5643,9 @@ components: apiVersion: type: string description: Provider specification version - example: gateway.api-platform.wso2.com/v1alpha1 + example: gateway.api-platform.wso2.com/v1alpha2 enum: - - gateway.api-platform.wso2.com/v1alpha1 + - gateway.api-platform.wso2.com/v1alpha2 kind: type: string description: Provider kind @@ -5657,7 +5657,7 @@ components: spec: $ref: '#/components/schemas/LLMProviderConfigData' example: - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: wso2-openai-provider @@ -5693,7 +5693,7 @@ components: allOf: - $ref: '#/components/schemas/ResourceStatus' example: - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: wso2-openai-provider @@ -5773,9 +5773,20 @@ components: - $ref: "#/components/schemas/UpstreamAuth" accessControl: $ref: '#/components/schemas/LLMAccessControl' + globalPolicies: + type: array + description: Global (api-level) policies applied across ALL operations as one shared scope, evaluated before operation-level policies. + items: + $ref: "#/components/schemas/Policy" + operationPolicies: + type: array + description: Operation-level policies scoped to specific paths/methods, evaluated after global policies. + items: + $ref: "#/components/schemas/OperationPolicy" policies: + deprecated: true type: array - description: List of policies applied only to this operation (overrides or adds to API-level policies) + description: DEPRECATED - use operationPolicies. Still honoured (treated identically to operationPolicies). items: $ref: "#/components/schemas/LLMPolicy" deploymentState: @@ -5904,6 +5915,47 @@ components: description: JSON Schema describing the parameters accepted by this policy. This itself is a JSON Schema document. additionalProperties: true + OperationPolicy: + type: object + required: + - name + - version + - paths + properties: + name: + type: string + example: token-based-ratelimit + version: + type: string + example: v1 + executionCondition: + type: string + description: Expression controlling conditional execution of the policy + paths: + type: array + items: + $ref: '#/components/schemas/OperationPolicyPath' + + OperationPolicyPath: + type: object + required: + - path + - methods + - params + properties: + path: + type: string + example: /chat/completions + methods: + type: array + items: + type: string + description: "HTTP method: GET, POST, PUT, DELETE, PATCH, OPTIONS, HEAD, or * for all" + params: + type: object + description: JSON Schema describing the parameters accepted by this policy. This itself is a JSON Schema document. + additionalProperties: true + LLMProxyConfigurationRequest: type: object required: @@ -5915,9 +5967,9 @@ components: apiVersion: type: string description: Proxy specification version - example: gateway.api-platform.wso2.com/v1alpha1 + example: gateway.api-platform.wso2.com/v1alpha2 enum: - - gateway.api-platform.wso2.com/v1alpha1 + - gateway.api-platform.wso2.com/v1alpha2 kind: type: string description: Proxy kind @@ -5929,7 +5981,7 @@ components: spec: $ref: '#/components/schemas/LLMProxyConfigData' example: - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProxy metadata: name: openai-proxy @@ -5952,7 +6004,7 @@ components: allOf: - $ref: '#/components/schemas/ResourceStatus' example: - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProxy metadata: name: openai-proxy @@ -6009,9 +6061,20 @@ components: example: "api.openai.com" provider: $ref: '#/components/schemas/LLMProxyProvider' + globalPolicies: + type: array + description: Global (api-level) policies applied across ALL operations as one shared scope, evaluated before operation-level policies. + items: + $ref: "#/components/schemas/Policy" + operationPolicies: + type: array + description: Operation-level policies scoped to specific paths/methods, evaluated after global policies. + items: + $ref: "#/components/schemas/OperationPolicy" policies: + deprecated: true type: array - description: List of policies applied only to this operation (overrides or adds to API-level policies) + description: DEPRECATED - use operationPolicies. Still honoured (treated identically to operationPolicies). items: $ref: "#/components/schemas/LLMPolicy" deploymentState: @@ -6032,9 +6095,9 @@ components: apiVersion: type: string description: Secret specification version - example: gateway.api-platform.wso2.com/v1alpha1 + example: gateway.api-platform.wso2.com/v1alpha2 enum: - - gateway.api-platform.wso2.com/v1alpha1 + - gateway.api-platform.wso2.com/v1alpha2 kind: type: string @@ -6049,7 +6112,7 @@ components: spec: $ref: "#/components/schemas/SecretConfigData" example: - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Secret metadata: name: database-password @@ -6074,7 +6137,7 @@ components: allOf: - $ref: "#/components/schemas/ResourceStatus" example: - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Secret metadata: name: database-password @@ -6147,9 +6210,9 @@ components: apiVersion: type: string description: Secret specification version - example: gateway.api-platform.wso2.com/v1alpha1 + example: gateway.api-platform.wso2.com/v1alpha2 enum: - - gateway.api-platform.wso2.com/v1alpha1 + - gateway.api-platform.wso2.com/v1alpha2 kind: type: string @@ -6170,7 +6233,7 @@ components: allOf: - $ref: "#/components/schemas/ResourceStatus" example: - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Secret metadata: name: database-password @@ -6401,7 +6464,7 @@ components: properties: apiVersion: type: string - enum: [ gateway.api-platform.wso2.com/v1alpha1 ] + enum: [ gateway.api-platform.wso2.com/v1alpha2 ] kind: type: string enum: [ Secret ] @@ -6412,7 +6475,7 @@ components: status: $ref: '#/components/schemas/SecretResourceServiceStatus' example: - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Secret metadata: name: database-password @@ -6437,7 +6500,7 @@ components: properties: apiVersion: type: string - enum: [ gateway.api-platform.wso2.com/v1alpha1 ] + enum: [ gateway.api-platform.wso2.com/v1alpha2 ] kind: type: string enum: [ Secret ] @@ -6448,7 +6511,7 @@ components: status: $ref: '#/components/schemas/SecretResourceServiceStatus' example: - apiVersion: "gateway.api-platform.wso2.com/v1alpha1" + apiVersion: "gateway.api-platform.wso2.com/v1alpha2" kind: "Secret" metadata: name: "database-password" diff --git a/gateway/gateway-controller/cmd/controller/main.go b/gateway/gateway-controller/cmd/controller/main.go index 199b766025..4a35ec4ada 100644 --- a/gateway/gateway-controller/cmd/controller/main.go +++ b/gateway/gateway-controller/cmd/controller/main.go @@ -49,7 +49,7 @@ import ( // These must stay in sync with the `servers.url` values in the OpenAPI specs // (api/management-openapi.yaml and api/admin-openapi.yaml). const ( - managementAPIBasePath = "/api/management/v0.9" + managementAPIBasePath = "/api/management/v1alpha2" adminAPIBasePath = "/api/admin/v0.9" ) diff --git a/gateway/gateway-controller/default-llm-provider-templates/anthropic-template.yaml b/gateway/gateway-controller/default-llm-provider-templates/anthropic-template.yaml index f127c81dba..4a5e5f6187 100644 --- a/gateway/gateway-controller/default-llm-provider-templates/anthropic-template.yaml +++ b/gateway/gateway-controller/default-llm-provider-templates/anthropic-template.yaml @@ -16,7 +16,7 @@ # under the License. # -------------------------------------------------------------------- -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: anthropic diff --git a/gateway/gateway-controller/default-llm-provider-templates/awsbedrock-template.yaml b/gateway/gateway-controller/default-llm-provider-templates/awsbedrock-template.yaml index 55bed7371c..cbe936475c 100644 --- a/gateway/gateway-controller/default-llm-provider-templates/awsbedrock-template.yaml +++ b/gateway/gateway-controller/default-llm-provider-templates/awsbedrock-template.yaml @@ -16,7 +16,7 @@ # under the License. # -------------------------------------------------------------------- -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: awsbedrock diff --git a/gateway/gateway-controller/default-llm-provider-templates/azureaifoundry-template.yaml b/gateway/gateway-controller/default-llm-provider-templates/azureaifoundry-template.yaml index 9b4f92a941..5cf1da4d6b 100644 --- a/gateway/gateway-controller/default-llm-provider-templates/azureaifoundry-template.yaml +++ b/gateway/gateway-controller/default-llm-provider-templates/azureaifoundry-template.yaml @@ -16,7 +16,7 @@ # under the License. # -------------------------------------------------------------------- -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: azureai-foundry diff --git a/gateway/gateway-controller/default-llm-provider-templates/azureopenai-template.yaml b/gateway/gateway-controller/default-llm-provider-templates/azureopenai-template.yaml index add8f3b82f..73ca16222d 100644 --- a/gateway/gateway-controller/default-llm-provider-templates/azureopenai-template.yaml +++ b/gateway/gateway-controller/default-llm-provider-templates/azureopenai-template.yaml @@ -16,7 +16,7 @@ # under the License. # -------------------------------------------------------------------- -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: azure-openai diff --git a/gateway/gateway-controller/default-llm-provider-templates/gemini-template.yaml b/gateway/gateway-controller/default-llm-provider-templates/gemini-template.yaml index 0311e1465f..c1b5301ef3 100644 --- a/gateway/gateway-controller/default-llm-provider-templates/gemini-template.yaml +++ b/gateway/gateway-controller/default-llm-provider-templates/gemini-template.yaml @@ -16,7 +16,7 @@ # under the License. # -------------------------------------------------------------------- -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: gemini diff --git a/gateway/gateway-controller/default-llm-provider-templates/mistral-template.yaml b/gateway/gateway-controller/default-llm-provider-templates/mistral-template.yaml index abc74b379e..fa2b61a0e6 100644 --- a/gateway/gateway-controller/default-llm-provider-templates/mistral-template.yaml +++ b/gateway/gateway-controller/default-llm-provider-templates/mistral-template.yaml @@ -16,7 +16,7 @@ # under the License. # -------------------------------------------------------------------- -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: mistralai diff --git a/gateway/gateway-controller/default-llm-provider-templates/openai-template.yaml b/gateway/gateway-controller/default-llm-provider-templates/openai-template.yaml index 9a8ce3340f..81960fa8da 100644 --- a/gateway/gateway-controller/default-llm-provider-templates/openai-template.yaml +++ b/gateway/gateway-controller/default-llm-provider-templates/openai-template.yaml @@ -16,7 +16,7 @@ # under the License. # -------------------------------------------------------------------- -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: openai diff --git a/gateway/gateway-controller/pkg/api/handlers/handlers_test.go b/gateway/gateway-controller/pkg/api/handlers/handlers_test.go index 1cb12649ca..8eb637be0f 100644 --- a/gateway/gateway-controller/pkg/api/handlers/handlers_test.go +++ b/gateway/gateway-controller/pkg/api/handlers/handlers_test.go @@ -1144,7 +1144,7 @@ func createTestContextWithHeader(method, path string, body []byte, headers map[s // createTestStoredConfig creates a test stored config func createTestStoredConfig(id, name, version, context string) *models.StoredConfig { apiConfig := api.RestAPI{ - ApiVersion: api.RestAPIApiVersion(api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1), + ApiVersion: api.RestAPIApiVersion(api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2), Kind: api.RestAPIKindRestApi, Metadata: api.Metadata{ Name: id, @@ -1188,7 +1188,7 @@ func createLLMTemplateBody(t *testing.T, handle, displayName string) []byte { t.Helper() template := api.LLMProviderTemplate{ - ApiVersion: api.LLMProviderTemplateApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.LLMProviderTemplateApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.LLMProviderTemplateKindLlmProviderTemplate, Metadata: api.Metadata{ Name: handle, @@ -1207,7 +1207,7 @@ func createTestRestAPIRequestBody(t *testing.T, handle, displayName, version, co t.Helper() apiConfig := api.RestAPI{ - ApiVersion: api.RestAPIApiVersion(api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1), + ApiVersion: api.RestAPIApiVersion(api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2), Kind: api.RestAPIKindRestApi, Metadata: api.Metadata{ Name: handle, @@ -1243,7 +1243,7 @@ func createTestMCPRequestBody(t *testing.T, handle, displayName, version, contex upstreamURL := "http://backend.example.com" mcpConfig := api.MCPProxyConfiguration{ - ApiVersion: api.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.MCPProxyConfigurationKindMcp, Metadata: api.Metadata{ Name: handle, @@ -1274,7 +1274,7 @@ func createTestMCPStoredConfig(t *testing.T, id, handle, displayName, version, c DisplayName: displayName, Version: version, SourceConfiguration: api.MCPProxyConfiguration{ - ApiVersion: api.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.MCPProxyConfigurationKindMcp, Metadata: api.Metadata{ Name: handle, @@ -1773,7 +1773,7 @@ func TestUpdateRestAPINotFound(t *testing.T) { server := createTestAPIServer() body := []byte(`{ - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "RestApi", "metadata": {"name": "nonexistent"}, "spec": { @@ -1918,7 +1918,7 @@ func TestUpdateLLMProviderTemplateWithDBAndEventHub(t *testing.T) { template := &models.StoredLLMProviderTemplate{ UUID: "template-update-id", Configuration: api.LLMProviderTemplate{ - ApiVersion: api.LLMProviderTemplateApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.LLMProviderTemplateApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.LLMProviderTemplateKindLlmProviderTemplate, Metadata: api.Metadata{ Name: "openai", @@ -1967,7 +1967,7 @@ func TestDeleteLLMProviderTemplateWithDBAndEventHub(t *testing.T) { template := &models.StoredLLMProviderTemplate{ UUID: "template-delete-id", Configuration: api.LLMProviderTemplate{ - ApiVersion: api.LLMProviderTemplateApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.LLMProviderTemplateApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.LLMProviderTemplateKindLlmProviderTemplate, Metadata: api.Metadata{ Name: "openai", @@ -2889,7 +2889,7 @@ func TestGetLLMProviderByIdFound(t *testing.T) { mockDB := server.db.(*MockStorage) providerConfig := api.LLMProviderConfiguration{ - ApiVersion: api.LLMProviderConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.LLMProviderConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.LLMProviderConfigurationKindLlmProvider, Metadata: api.Metadata{ Name: "test-llm-provider", @@ -2929,7 +2929,7 @@ func TestGetLLMProviderByIdFoundInDBWithoutStore(t *testing.T) { mockDB := server.db.(*MockStorage) providerConfig := api.LLMProviderConfiguration{ - ApiVersion: api.LLMProviderConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.LLMProviderConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.LLMProviderConfigurationKindLlmProvider, Metadata: api.Metadata{ Name: "test-llm-provider", @@ -2969,7 +2969,7 @@ func TestGetLLMProxyByIdFound(t *testing.T) { mockDB := server.db.(*MockStorage) proxyConfig := api.LLMProxyConfiguration{ - ApiVersion: api.LLMProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.LLMProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.LLMProxyConfigurationKindLlmProxy, Metadata: api.Metadata{ Name: "test-llm-proxy-handle", @@ -3009,7 +3009,7 @@ func TestGetLLMProviderByIdWithDeployedAt(t *testing.T) { deployedAt := time.Now() providerConfig := api.LLMProviderConfiguration{ - ApiVersion: api.LLMProviderConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.LLMProviderConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.LLMProviderConfigurationKindLlmProvider, Metadata: api.Metadata{ Name: "test-llm-provider", @@ -3059,7 +3059,7 @@ func TestGetLLMProxyByIdWithDeployedAt(t *testing.T) { deployedAt := time.Now() proxyConfig := api.LLMProxyConfiguration{ - ApiVersion: api.LLMProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.LLMProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.LLMProxyConfigurationKindLlmProxy, Metadata: api.Metadata{ Name: "test-llm-proxy-handle", @@ -3138,7 +3138,7 @@ func TestDeleteLLMProviderWithDBAndEventHub(t *testing.T) { DisplayName: "test-llm", Version: "v1.0.0", SourceConfiguration: api.LLMProviderConfiguration{ - ApiVersion: api.LLMProviderConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.LLMProviderConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.LLMProviderConfigurationKindLlmProvider, Metadata: api.Metadata{ Name: "test-llm-provider", @@ -3209,7 +3209,7 @@ func TestDeleteLLMProxyWithDBAndEventHub(t *testing.T) { DisplayName: "test-llm-proxy", Version: "v1.0.0", SourceConfiguration: api.LLMProxyConfiguration{ - ApiVersion: api.LLMProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.LLMProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.LLMProxyConfigurationKindLlmProxy, Metadata: api.Metadata{ Name: "test-llm-proxy", diff --git a/gateway/gateway-controller/pkg/api/handlers/list_operations_test.go b/gateway/gateway-controller/pkg/api/handlers/list_operations_test.go index c745a23802..146fbb3159 100644 --- a/gateway/gateway-controller/pkg/api/handlers/list_operations_test.go +++ b/gateway/gateway-controller/pkg/api/handlers/list_operations_test.go @@ -265,7 +265,7 @@ func TestListLLMProvidersWithData(t *testing.T) { DesiredState: "deployed", Origin: models.OriginGatewayAPI, SourceConfiguration: api.LLMProviderConfiguration{ - ApiVersion: api.LLMProviderConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.LLMProviderConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.LLMProviderConfigurationKindLlmProvider, Metadata: api.Metadata{ Name: "openai-provider", @@ -332,7 +332,7 @@ func TestListLLMProxiesWithData(t *testing.T) { DesiredState: "deployed", Origin: models.OriginGatewayAPI, SourceConfiguration: api.LLMProxyConfiguration{ - ApiVersion: api.LLMProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.LLMProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.LLMProxyConfigurationKindLlmProxy, Metadata: api.Metadata{ Name: "0000-llm-proxy-1-0000-000000000000", diff --git a/gateway/gateway-controller/pkg/api/handlers/policy_ordering_test.go b/gateway/gateway-controller/pkg/api/handlers/policy_ordering_test.go index e1ffb61e4b..836a5c7d16 100644 --- a/gateway/gateway-controller/pkg/api/handlers/policy_ordering_test.go +++ b/gateway/gateway-controller/pkg/api/handlers/policy_ordering_test.go @@ -199,7 +199,7 @@ func TestPolicyOrderingDeterministic(t *testing.T) { } apiCfg := api.RestAPI{ - ApiVersion: api.RestAPIApiVersion(api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1), + ApiVersion: api.RestAPIApiVersion(api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2), Kind: api.RestAPIKindRestApi, Spec: specData, } @@ -278,7 +278,7 @@ func TestMultipleOperationsIndependentPolicies(t *testing.T) { } apiCfg := api.RestAPI{ - ApiVersion: api.RestAPIApiVersion(api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1), + ApiVersion: api.RestAPIApiVersion(api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2), Kind: api.RestAPIKindRestApi, Spec: api.APIConfigData{ DisplayName: "test-api", @@ -424,7 +424,7 @@ func TestPolicyOrderingConsistency(t *testing.T) { } apiCfg := api.RestAPI{ - ApiVersion: api.RestAPIApiVersion(api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1), + ApiVersion: api.RestAPIApiVersion(api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2), Kind: api.RestAPIKindRestApi, Spec: api.APIConfigData{ DisplayName: "test-api", diff --git a/gateway/gateway-controller/pkg/api/handlers/resource_response.go b/gateway/gateway-controller/pkg/api/handlers/resource_response.go index 9e290345e3..a3835b83e5 100644 --- a/gateway/gateway-controller/pkg/api/handlers/resource_response.go +++ b/gateway/gateway-controller/pkg/api/handlers/resource_response.go @@ -195,7 +195,7 @@ func buildSecretResourceResponse(secret *models.Secret, includeValue bool) any { status["updatedAt"] = secret.UpdatedAt } return map[string]any{ - "apiVersion": string(api.SecretConfigurationRequestApiVersionGatewayApiPlatformWso2Comv1alpha1), + "apiVersion": string(api.SecretConfigurationRequestApiVersionGatewayApiPlatformWso2Comv1alpha2), "kind": string(api.SecretConfigurationRequestKindSecret), "metadata": map[string]any{"name": secret.Handle}, "spec": spec, @@ -217,7 +217,7 @@ func buildSecretMetaResourceResponse(meta models.SecretMeta) any { status["updatedAt"] = meta.UpdatedAt } return map[string]any{ - "apiVersion": string(api.SecretConfigurationRequestApiVersionGatewayApiPlatformWso2Comv1alpha1), + "apiVersion": string(api.SecretConfigurationRequestApiVersionGatewayApiPlatformWso2Comv1alpha2), "kind": string(api.SecretConfigurationRequestKindSecret), "metadata": map[string]any{"name": meta.Handle}, "spec": map[string]any{"displayName": meta.DisplayName}, diff --git a/gateway/gateway-controller/pkg/api/management/generated.go b/gateway/gateway-controller/pkg/api/management/generated.go index 4543d15129..acda0b4760 100644 --- a/gateway/gateway-controller/pkg/api/management/generated.go +++ b/gateway/gateway-controller/pkg/api/management/generated.go @@ -114,7 +114,7 @@ const ( // Defines values for LLMProviderConfigurationApiVersion. const ( - LLMProviderConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1 LLMProviderConfigurationApiVersion = "gateway.api-platform.wso2.com/v1alpha1" + LLMProviderConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2 LLMProviderConfigurationApiVersion = "gateway.api-platform.wso2.com/v1alpha2" ) // Defines values for LLMProviderConfigurationKind. @@ -124,7 +124,7 @@ const ( // Defines values for LLMProviderConfigurationRequestApiVersion. const ( - LLMProviderConfigurationRequestApiVersionGatewayApiPlatformWso2Comv1alpha1 LLMProviderConfigurationRequestApiVersion = "gateway.api-platform.wso2.com/v1alpha1" + LLMProviderConfigurationRequestApiVersionGatewayApiPlatformWso2Comv1alpha2 LLMProviderConfigurationRequestApiVersion = "gateway.api-platform.wso2.com/v1alpha2" ) // Defines values for LLMProviderConfigurationRequestKind. @@ -134,7 +134,7 @@ const ( // Defines values for LLMProviderTemplateApiVersion. const ( - LLMProviderTemplateApiVersionGatewayApiPlatformWso2Comv1alpha1 LLMProviderTemplateApiVersion = "gateway.api-platform.wso2.com/v1alpha1" + LLMProviderTemplateApiVersionGatewayApiPlatformWso2Comv1alpha2 LLMProviderTemplateApiVersion = "gateway.api-platform.wso2.com/v1alpha2" ) // Defines values for LLMProviderTemplateKind. @@ -144,7 +144,7 @@ const ( // Defines values for LLMProviderTemplateRequestApiVersion. const ( - LLMProviderTemplateRequestApiVersionGatewayApiPlatformWso2Comv1alpha1 LLMProviderTemplateRequestApiVersion = "gateway.api-platform.wso2.com/v1alpha1" + LLMProviderTemplateRequestApiVersionGatewayApiPlatformWso2Comv1alpha2 LLMProviderTemplateRequestApiVersion = "gateway.api-platform.wso2.com/v1alpha2" ) // Defines values for LLMProviderTemplateRequestKind. @@ -160,7 +160,7 @@ const ( // Defines values for LLMProxyConfigurationApiVersion. const ( - LLMProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1 LLMProxyConfigurationApiVersion = "gateway.api-platform.wso2.com/v1alpha1" + LLMProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2 LLMProxyConfigurationApiVersion = "gateway.api-platform.wso2.com/v1alpha2" ) // Defines values for LLMProxyConfigurationKind. @@ -170,7 +170,7 @@ const ( // Defines values for LLMProxyConfigurationRequestApiVersion. const ( - LLMProxyConfigurationRequestApiVersionGatewayApiPlatformWso2Comv1alpha1 LLMProxyConfigurationRequestApiVersion = "gateway.api-platform.wso2.com/v1alpha1" + LLMProxyConfigurationRequestApiVersionGatewayApiPlatformWso2Comv1alpha2 LLMProxyConfigurationRequestApiVersion = "gateway.api-platform.wso2.com/v1alpha2" ) // Defines values for LLMProxyConfigurationRequestKind. @@ -202,7 +202,7 @@ const ( // Defines values for MCPProxyConfigurationApiVersion. const ( - MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1 MCPProxyConfigurationApiVersion = "gateway.api-platform.wso2.com/v1alpha1" + MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2 MCPProxyConfigurationApiVersion = "gateway.api-platform.wso2.com/v1alpha2" ) // Defines values for MCPProxyConfigurationKind. @@ -212,7 +212,7 @@ const ( // Defines values for MCPProxyConfigurationRequestApiVersion. const ( - MCPProxyConfigurationRequestApiVersionGatewayApiPlatformWso2Comv1alpha1 MCPProxyConfigurationRequestApiVersion = "gateway.api-platform.wso2.com/v1alpha1" + MCPProxyConfigurationRequestApiVersionGatewayApiPlatformWso2Comv1alpha2 MCPProxyConfigurationRequestApiVersion = "gateway.api-platform.wso2.com/v1alpha2" ) // Defines values for MCPProxyConfigurationRequestKind. @@ -239,7 +239,7 @@ const ( // Defines values for RestAPIApiVersion. const ( - RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1 RestAPIApiVersion = "gateway.api-platform.wso2.com/v1alpha1" + RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2 RestAPIApiVersion = "gateway.api-platform.wso2.com/v1alpha2" ) // Defines values for RestAPIKind. @@ -249,7 +249,7 @@ const ( // Defines values for RestAPIRequestApiVersion. const ( - RestAPIRequestApiVersionGatewayApiPlatformWso2Comv1alpha1 RestAPIRequestApiVersion = "gateway.api-platform.wso2.com/v1alpha1" + RestAPIRequestApiVersionGatewayApiPlatformWso2Comv1alpha2 RestAPIRequestApiVersion = "gateway.api-platform.wso2.com/v1alpha2" ) // Defines values for RestAPIRequestKind. @@ -268,7 +268,7 @@ const ( // Defines values for SecretConfigurationRequestApiVersion. const ( - SecretConfigurationRequestApiVersionGatewayApiPlatformWso2Comv1alpha1 SecretConfigurationRequestApiVersion = "gateway.api-platform.wso2.com/v1alpha1" + SecretConfigurationRequestApiVersionGatewayApiPlatformWso2Comv1alpha2 SecretConfigurationRequestApiVersion = "gateway.api-platform.wso2.com/v1alpha2" ) // Defines values for SecretConfigurationRequestKind. @@ -278,7 +278,7 @@ const ( // Defines values for SecretConfigurationResponseCreateUpdateApiVersion. const ( - SecretConfigurationResponseCreateUpdateApiVersionGatewayApiPlatformWso2Comv1alpha1 SecretConfigurationResponseCreateUpdateApiVersion = "gateway.api-platform.wso2.com/v1alpha1" + SecretConfigurationResponseCreateUpdateApiVersionGatewayApiPlatformWso2Comv1alpha2 SecretConfigurationResponseCreateUpdateApiVersion = "gateway.api-platform.wso2.com/v1alpha2" ) // Defines values for SecretConfigurationResponseCreateUpdateKind. @@ -288,7 +288,7 @@ const ( // Defines values for SecretConfigurationResponseRetrievedApiVersion. const ( - SecretConfigurationResponseRetrievedApiVersionGatewayApiPlatformWso2Comv1alpha1 SecretConfigurationResponseRetrievedApiVersion = "gateway.api-platform.wso2.com/v1alpha1" + SecretConfigurationResponseRetrievedApiVersionGatewayApiPlatformWso2Comv1alpha2 SecretConfigurationResponseRetrievedApiVersion = "gateway.api-platform.wso2.com/v1alpha2" ) // Defines values for SecretConfigurationResponseRetrievedKind. @@ -298,7 +298,7 @@ const ( // Defines values for SecretListItemApiVersion. const ( - SecretListItemApiVersionGatewayApiPlatformWso2Comv1alpha1 SecretListItemApiVersion = "gateway.api-platform.wso2.com/v1alpha1" + SecretListItemApiVersionGatewayApiPlatformWso2Comv1alpha2 SecretListItemApiVersion = "gateway.api-platform.wso2.com/v1alpha2" ) // Defines values for SecretListItemKind. @@ -374,7 +374,7 @@ const ( // Defines values for WebBrokerApiApiVersion. const ( - WebBrokerApiApiVersionGatewayApiPlatformWso2Comv1alpha1 WebBrokerApiApiVersion = "gateway.api-platform.wso2.com/v1alpha1" + WebBrokerApiApiVersionGatewayApiPlatformWso2Comv1alpha2 WebBrokerApiApiVersion = "gateway.api-platform.wso2.com/v1alpha2" ) // Defines values for WebBrokerApiKind. @@ -390,7 +390,7 @@ const ( // Defines values for WebBrokerApiRequestApiVersion. const ( - WebBrokerApiRequestApiVersionGatewayApiPlatformWso2Comv1alpha1 WebBrokerApiRequestApiVersion = "gateway.api-platform.wso2.com/v1alpha1" + WebBrokerApiRequestApiVersionGatewayApiPlatformWso2Comv1alpha2 WebBrokerApiRequestApiVersion = "gateway.api-platform.wso2.com/v1alpha2" ) // Defines values for WebBrokerApiRequestKind. @@ -400,7 +400,7 @@ const ( // Defines values for WebSubAPIApiVersion. const ( - WebSubAPIApiVersionGatewayApiPlatformWso2Comv1alpha1 WebSubAPIApiVersion = "gateway.api-platform.wso2.com/v1alpha1" + WebSubAPIApiVersionGatewayApiPlatformWso2Comv1alpha2 WebSubAPIApiVersion = "gateway.api-platform.wso2.com/v1alpha2" ) // Defines values for WebSubAPIKind. @@ -410,7 +410,7 @@ const ( // Defines values for WebSubAPIRequestApiVersion. const ( - WebSubAPIRequestApiVersionGatewayApiPlatformWso2Comv1alpha1 WebSubAPIRequestApiVersion = "gateway.api-platform.wso2.com/v1alpha1" + WebSubAPIRequestApiVersionGatewayApiPlatformWso2Comv1alpha2 WebSubAPIRequestApiVersion = "gateway.api-platform.wso2.com/v1alpha2" ) // Defines values for WebSubAPIRequestKind. @@ -763,7 +763,14 @@ type LLMProviderConfigData struct { // DisplayName Human-readable LLM Provider name DisplayName string `json:"displayName" yaml:"displayName"` - // Policies List of policies applied only to this operation (overrides or adds to API-level policies) + // GlobalPolicies Global (api-level) policies applied across ALL operations as one shared scope, evaluated before operation-level policies. + GlobalPolicies *[]Policy `json:"globalPolicies,omitempty" yaml:"globalPolicies,omitempty"` + + // OperationPolicies Operation-level policies scoped to specific paths/methods, evaluated after global policies. + OperationPolicies *[]OperationPolicy `json:"operationPolicies,omitempty" yaml:"operationPolicies,omitempty"` + + // Policies DEPRECATED - use operationPolicies. Still honoured (treated identically to operationPolicies). + // Deprecated: this property has been marked as deprecated upstream, but no `x-deprecated-reason` was set Policies *[]LLMPolicy `json:"policies,omitempty" yaml:"policies,omitempty"` // Template Template name to use for this LLM Provider @@ -928,7 +935,14 @@ type LLMProxyConfigData struct { // DisplayName Human-readable LLM proxy name (must be URL-friendly - only letters, numbers, spaces, hyphens, underscores, and dots allowed) DisplayName string `json:"displayName" yaml:"displayName"` - // Policies List of policies applied only to this operation (overrides or adds to API-level policies) + // GlobalPolicies Global (api-level) policies applied across ALL operations as one shared scope, evaluated before operation-level policies. + GlobalPolicies *[]Policy `json:"globalPolicies,omitempty" yaml:"globalPolicies,omitempty"` + + // OperationPolicies Operation-level policies scoped to specific paths/methods, evaluated after global policies. + OperationPolicies *[]OperationPolicy `json:"operationPolicies,omitempty" yaml:"operationPolicies,omitempty"` + + // Policies DEPRECATED - use operationPolicies. Still honoured (treated identically to operationPolicies). + // Deprecated: this property has been marked as deprecated upstream, but no `x-deprecated-reason` was set Policies *[]LLMPolicy `json:"policies,omitempty" yaml:"policies,omitempty"` Provider LLMProxyProvider `json:"provider" yaml:"provider"` @@ -1191,6 +1205,24 @@ type Operation struct { // OperationMethod HTTP method type OperationMethod string +// OperationPolicy defines model for OperationPolicy. +type OperationPolicy struct { + // ExecutionCondition Expression controlling conditional execution of the policy + ExecutionCondition *string `json:"executionCondition,omitempty" yaml:"executionCondition,omitempty"` + Name string `json:"name" yaml:"name"` + Paths []OperationPolicyPath `json:"paths" yaml:"paths"` + Version string `json:"version" yaml:"version"` +} + +// OperationPolicyPath defines model for OperationPolicyPath. +type OperationPolicyPath struct { + Methods []string `json:"methods" yaml:"methods"` + + // Params JSON Schema describing the parameters accepted by this policy. This itself is a JSON Schema document. + Params map[string]interface{} `json:"params" yaml:"params"` + Path string `json:"path" yaml:"path"` +} + // Policy defines model for Policy. type Policy struct { // ExecutionCondition Expression controlling conditional execution of the policy @@ -5194,278 +5226,282 @@ func RegisterHandlersWithOptions(router gin.IRouter, si ServerInterface, options // Base64 encoded, gzipped, json marshaled Swagger object var swaggerSpec = []string{ - "H4sIAAAAAAAC/+y9/XLjNrY4+Cq42qm6diLK8lcn9tStW27b6WjS7tbY7uTujb1piIQsjCmSAUDbSsZV", - "+xD7hPskv8IXCZIgRcmULDmaPyZtkQQOgPN9Ds75s+WG4ygMUMBo6/jPFnVHaAzFP0/6vdMwGOK7M8gg", - "/yEiYYQIw0g8dsOAoSfG/+kh6hIcMRwGrePWe0gRiCAbgWFIAPR9cNLvARLGDFGwNY4pA5RBwsAjZiOw", - "0wZBCBiB2MfBHaA+pKPtDvhCEfjbAyIUhwFgIUDjAfIAGyGgf8SB+FNMtIU6d5022CEIeji4c3xM2U7y", - "OUE09B8Q5eNkX3nY7XS3O612Cz3BceSj1nHLPkar3RrDp48ouGOj1vFet9tujXGg/95ttyLIGCJ8+f/P", - "zc3Or9D548T5365z9NvNjXNzs3P7za/899u/tdotNon4RJQRHNy1ntstD0V+OBmjgF0xyJDc0SGMfdY6", - "Vg+R12rntvkMUUyQB9Kv+bYyBBzwn/qj/wRbaqRtEBLwn3GQPOmAX0YoABQxvi3mk7bYV35mmAKCxuED", - "8sCQhGN5hoQf1nCIXTCIGXAFhsQEcqja4qt7NKFtAAMPRKGPXYwogASBiCCKiBgrJCAKGQoYhj4gKF2B", - "OIogHreOfzUXngLXujXPyniluKmYRj6cfIJjVETRH+MxDBx+0nDgy7UGcIwUdg4Q+HL50RkSjALPnwAH", - "hIE/AT7iR0zbIIjHA/EPGkEX0TYYTaIRCmgbcEAJdUOC1A54IaOcBMJH5G1n8OxSohn4iCnjAGQxbLcS", - "w1L0urlxfru56YDbb62YxelVnAwt7oGYOByCH6+v+yB9cUcSaqvdwgyNxXd/I2jYOm79Xzspq9hRfGLn", - "s/6QTzfGQU9+tJsAAwmBE/5QI0M5JCf9nuOjB+QbiBNFPuaEHwpGkoIJ4sBHlILwARGCPQ8FdSHu87EF", - "RHkIaTxIwOr7sGrTzFdB5MNA4A8F8AFiX+AUR3I2wlSdbXLwv7Y+hD7H2CvsPyDCEToBu3B+eQjjiDKC", - "4LgIWLp3+p0sabbaOfY9hjiYtlVf9HR8c2DgDcKn+p88t1sE/R5zHsVXLea7TZYUDv6FXGau6QwNcYCn", - "ICtBMRXbm6zSSz+TAiUU30AfMDxGYZ5F1UbsLwWwbAeixUMB4Cs0hgHDbiKuwqFmqxk2wCVQK0PcDzc3", - "3rc3Nx3+HytRP4xCyix7dBpTFo7BAyYshj4Qb+14Id94qtBRz29HhanDqdEkAyehF7sC/5U8yKwLRrij", - "/uq44bhVyr86NzdOCfcyUG4m0NR3VrjUM+fl8NXD79xbplRKsaedKFMGiWe4t41wTvq9n9CkuDtniEHs", - "U45xMNAS2dyEP/np9LzWccvUdfiWOAodYYTF0Pwf0W+7e/sHh++++/6oCweuh4az/s3XRxBkyDvhGs1e", - "d++d0z1wurvXu93j/e5xt/u/6SvvxbTeGPNtyQjx1sUE9FOs+0ktKsIEUT5wEPt+uxXId8cTJ8VQR24A", - "DWPi8od+6EKf/8Agiymfz2X4AQkplaEMtU/5Hf4S4N9jBKJ44GMXYI9rMkOMiEHkgI0gE3/cowlXpCCl", - "oYv5CgWbyiBl2TEUKEKfSx6gDyjgqII8fdySFYrT44rXED/lqbORYy0AaJxzHsZrPEaUwXEEHrniqfdJ", - "AAspuNNLyABagivDkIyh0I4hQw5n9BXAvLdsWK9wZjFFBDyOwhQQE8Ts7insfJHOKfRNgyuLjdjiUHDE", - "fcAe8tpgHDP+clZztJFBtepYANSgmjyY5/wRlHw9ObEtTlsAD7mphpIXtvNH9Z3T3eVH1eXnVHVUfDi+", - "sNYxIzGyAsh5MfQv0dBGgOfqMSBoiAgKXAR6Z/ndzEDn+mHscdoac2bgHH3/3btD2xEG1rPj5gCFQ2TS", - "euHsYMxCJ8UeYTEZGNEGeKzOs82xzQOQSus1ggSOEUMku6E2Fmac87v9zDHvFyRY1zm6/XbLSf65/Y1d", - "yiquWNBgxO8mSxOrFLyTG5P6iLYNm00zVv0sa67pp0UQFB8ugCB+z4FgTKfYNhexD+G9Yh2RkLWZiZP3", - "qkV4IKWyZPoJVCZTM3mKSUXJLpbL6VP+IQ6DS/R7jKggPEMgl0otm0iyioDPWu2NfIgDh2sTyaE9QD+W", - "zEYfjJRKAQcRh0HnJugNQcp2hN0ipYjvc3NYoCsOKEPQ48ehsJzbrxAE6BGEAercBNdK3OnPRpCOkAcG", - "aBgSBCgLCbxDHaBfc2HA38IBgMEESEZxE2yNcYDH8RjsvwPuCBLocqtbuYQEZHwhCvbgLlmSP0lZ902g", - "HRGdmyBDVE/if84jDfeEpI18yPjMgiuoh/I/XGKa9PXu5Xy0A3pDMAjZCKgPe4HwEiTDKEeJPof0dwbv", - "EeWS3EUeZ3edopTc3XO6388hJRNQKtfgKfvJwmSz+KlftOileggTHfUE5nr2uwmYOGDoDhFhJwa4RKsA", - "/JFlPMUlKHLDwKPyOJVvYxTGhP/XgxP+n0eE7sULYcBGNOdkkq9Usw4BXDtdvI0PNCHTBJFxEsDI97ha", - "mVi7HI8EmYovCHQ5bUQxiUKKqHBgKQK9gww9wpRYKMCMgvAxAHyzBQR6XgLdexzc5WmorizFlMaIVChf", - "VHpwQ8K4uc4VZsVeEw4kKCYlCOGHgxEWpA2ysvYm4INRrlapETUbgq6LIoY8MVgQsgynQwTxfQxC/RVB", - "fAWaL+bV5pRheOhBfmFb+hjSe+SdlPDqC/HU4hoQbJFvvdIbkgPs3AR9BTQYTOS2KUDEd0KlTnliRJCj", - "mK+NCQr1/5tvvvnmafLHd98f1deDelZTR59TdmshUK5nU2nSR2LX9pei8TzXENE0CgOKcjI6lbwb87nM", - "fB4jSuEdkg5Jgc0pkdLYdRGlw9j3J0JnG0Mc4OBOUsk/45DB1vGRMaz6oEoHqvLgKf+ICZVxntMBLNCE", - "HeI8jVzqtxKC/p2/mHBybuKZWH9kE3apRmy4rtR2TJNFid6ql12ulH7ElJnYbttm8c9aLtN0wwue9VmW", - "026xkEH/NIwDm8Dnz1QIRgUNBI/LKBDFLS2n+kuktdkS5byAfjNqfRtVbc1UtSpceQjdgozIedOrmI0y", - "VKeymiXR/5eI45uB9dD3Pw9bx7/WIfS8Rft8m4VDcenb53brlG/PELuQoWqW46Yv1uc7xujJyA0xofcT", - "ZotYSiY04A+Fm933gQE5GGIfZRjS3t7u4ZGV0c/C6iqnqMnzbHtlSe2wwvPJBgnViRgcIhOgXdtycbk3", - "3dASt7586Z1tJ/zLmC3DSw8Pu+j7g27XQXtHA+dg1ztw4He775yDg3fvDg8PDrrdbncWu8TYGyDfAWef", - "wBYHY4gJZQIQgIdgEAde3it7+um/Libg9KT9mf/3M7mDAf5DZkWc/teXK6uRkHKKnN9LYiUQfg4pGqSR", - "p7/ITGxAHUd+CLmNwK3Bq7MrEAsCn85v7Oo+Vxy1ol92COOJ44pwnONC68ghOxmyaduNDPHF/6656VKa", - "7jp770D33XH3u+O9d7WFqcEOtPRJmAEiJCRZ2VLBKWgsyatyheqlRWLUFHr/IpDDYPalrLe4kv75hYMC", - "N+S49T+dw+6RiQ9bdLsDTmEA3DBgEAdgHPsMR34GaWjWZeXw/70//9D7BE7PL697P/ROT67Pxa83wUWv", - "d/Y/16enJ/e/3J089t6f3PX+cfLTx+6XD9+OL39i/7o46X44vfr9w1VvsH/2z/P3p49fTi7Ovzyd/nHy", - "j/d3n36+CTqdzk0gRjv/dGaZYQbXv+ROmXCNsawOuFApQ7F8EbokpDQvEnKrzxHNHIk/nd9qRaWzVCtW", - "aNMGzjm+l8sDQQ60LNKMPK4mYk+Sr3q3ZpbFz8mHAgSb2C7lkj/iu5HKeRGTAvNxhpDMBBAT1qGAvq7+", - "JZlCI9rX+RMjUNjWqUeluO048yy7+H9cff7Uh9KTTBCVfiQCRgh6iEhsZaGWqdJhxMJ7pDT6zPb8rRNz", - "QDs4iGJ2zV+ycjlfab5FWH4RTjQWgiEOPGMqQ3YZOn4EJ5wPcc1eANtqt36PEZn0IYEqD2Mk/53hv+ln", - "1fufgNk29892CB8/XpwInn4aBoyEvgXvn1wUlWQkqc3XL/Dl85VDKbldOSQYhx6qSwuXYczQuR7RSgp8", - "tGLql3XKJEbm++Hjb9D3RQJpMBH/zGVRql+nprjwkUt2UmXVFbZQM1UjCuiPHTekzBlAijyHQIZ8PBY2", - "WQHnOC7UtwMSMPjZTMnWMjOw6gYG03QdCVflVggYLMYhG4Vedkn6pD6cX7farf7nK/GfL/z/z84/nl+f", - "8z9Prk9/bLVbn/vXvc+fuOz/8fzkrNVufWNAUZ43KCLM0qfjeVgqk30DMBmFL3IYcCW2VnHWAQ7uVM61", - "CljTxLcuvdKYytTNSQeIMAVmFPlDkf4CMuOFbqzzfQtbGKmdM3Ky3RFk4sR9pJP4qk9MjNFOtjvZgbIj", - "k15rUpXvDvO8YgoqZnnLczubMK/Tu3cKed0NpM9nE9rDCAUQz5jBvlWawr793+uTxP7x4wXQZztzNvta", - "pbBnVqr4VTrLL1ef98DnCAUnveSthSScT0/yLqR2i5iekJ4inKk8sWBLZXYjYQZDzxMitpgivl1XvKZC", - "ysIgGRpHvtXyuVZPEp0qpkZyt7ntmR1PiK6wRWYOdz13m5GGXe/Fk5jLv9t58pNLFzRvonJx6p+NtF25", - "q0ncmpMkDu464CqOopAwyrlB4EHiAZXfK9Ls29yaVpnNbY4ej9j33PQtqqyyYciVH3D5w6kjhAeGARPT", - "illJ7CPaAb+obyWJywizvLChPVs+GjJnzKH14QD5+rbRN2YC8bYlxtqRSKDyi03ue7hfQWxbNzff3Nx0", - "/p0S3e3Wfx9nSPD2z2773e6z8cb2f9/cdLa/Vb/c/rnXfp5uHZZlIyfUkElHzgrAWpLUCDDUQ/WyERIf", - "czsvllNLrd4Ml0jGMWVumXBa5ymDPCDijGEA75AHfDxE7sT1kcy5oB3QD6PYF141ebdMGM3CwOfc+HPg", - "T6RCZfHH3OazsH/W9NlSaRkdM8eg80jDPY4+Ow+70I9GkKuq9zjwOD/1xyYnRwx6Sm1RIVyR4iQxUGeU", - "ytBihFyrPmNaO78aquqvUie91ZqZRR3jx2K8zzVZ43VuN/j1Xtr5U/y35z2LzZIGT2qhmFqUVmx2+FlQ", - "Vgh3F8VdyuRT9pzhxrFUPJVdetzifDQkyumWUhM/IhlPk8b0ces9ggQRQO+dSRgTR7/AuT3xW8etEWMR", - "Pd7ZyTKFnYfdjFUieWzG+2AL/O8dXHe/O97bPd7d/99WO9Egqt7BXhlCyMlymojyGpeP+PxcQe32DMcN", - "sm+Q3YLsttyOn8uUlkTB5ccq3ZrCo5cILq1418SvjCZeGycLeo5E0lJgxeMUNhOXMwBkkdwSLUqxvkrA", - "Xej3DPSfSeQK8zevKhjHohZsQKQmmqISXBs69szagP54owhU8MbrVG+z8EjFHhPGYOBHyt6U/zfnfU58", - "xOmLvzHtKU4dw4mT9tnOn2QGyjhiU2aRL02bIUnHKhntKfUtOsm7jm1QxQMVyiPKLjhftoAn+HUFQBIF", - "5vtaZAJM2RjxTvW+zKo+CNUgjxpzqAAa98qKRRQRrIo4rQGSOVwiGes9Y58lGFltlxU9HDkEnmcVFsyd", - "b5gsss43huSCFzCKcHBHZ5AWKUvODWEjhXlgy1HE7ENUmLs1ZdViddkNv97w69k04ISfrYMGnABbrgEn", - "FFCmCRsk8hoacUaqLVAnzvHQxQnQNyq+bGn48om+Yivcq6njfqw2Olf6SenwralqwEoKuGQ35sM6WkQ7", - "PeJsQfgpyF2IvzyXgvs0qV2CbBNRXWJE9Wny9sOpkVjmsuuCpZ68p8ksUaM3H6JN3Lq1GNDTpG+4gecK", - "g0bqCDYx0L9iDDQyfLRThNOcUc7c5xvPpt1Slmyw1DyWVJqxjXMxE0cTclnIRDxM2eKvt1lmUx48W2Lw", - "LreUFwbtSlCvcS/Hep3drLGop8m6BKKeJnYb/GliM7yfJsu3tjOKfrOGtqEKFJM6VRR0CoDZxKop19jE", - "jUCgKRP4/hhEtoyqknh8tbjCXtlKMzAWFqrDvKVFRtM8ZB3QtSUWqxjwn1OgFE9tcF6c9vvCA2E5CnIn", - "coJpRW0jX2moybtCY5JXadLIdaJr5q47m2MWr7Kk9VyVDqgnme++XNXX6VZZrlKwESKZEaSlpb5IRhuE", - "oY+gvCaAmY8qdm2UtW3E69PBtOXA2440r6dXbnMZTNmrO7NdzbLUZJNeLuut3tn2KjBOVA5qLc8y/+5J", - "gpjBzZGpI3PaV8a4egWovHfDV4EeEJmwkfR1rYePIV3Wm/YxpMvU6FQIUp6bh/ca2dopjPbC3C8vui2p", - "qr5/MZUglsFmd1denPa1uWStGRAht1QF5JtTqgCad5QPne47Z/f7TF1MS72B0J8J7utQ3iupKhK+2ATz", - "PF+4HiEwgO49CjyBOYLyCIiJLE/Gla18Ne4q50yKfLZ9LauR+5f2uIzdaDdX13qNfC4J5k6XlDP7XKyf", - "b3wuebv9wo3sJnuqRzhjN3ISb0fRcs9oHFm7PSPPEs7/622Gc/M/M3zXYKGthE/yt0xOl+aeHu8YIBzv", - "d7tLzbK27dML/DWVaNugv+Yvc+4zOXlSCbQOjp4UWvFBChw/3MzM8rSX5uKxGDlNuXhM/W02iz8x+abY", - "nmM8RtfKRVIywkXv4lzveU3blatKpnGZhO5txSjwH1Wz88dcaRDlqFrWIlPzG70arppmb7sVEzyLpV6+", - "7nzZNoKrKphofXg2HPix1AvB1z+MA1fuEGZWl6iomCGvtNsrdKT354eyJCR6ipDLZXx6hb4Jfwfnjdb+", - "TzGrgDA5/2pQ5SCAMhK7LCaoYbcKh91e87ZuXYYsAZuHYsUUg8nlJEEQhCxtl2UvlfCnzYmSKceRjiJ0", - "e0gGmBFIJiAIA0dXZOE7rPmbLG0ujQhHduvQhXuzbVuqBUZEQr5GR6gh3d0j7+hwf+h4+9+/c76D7w4c", - "CI/2nN3v3x3Bve/3jvZQt2XLuxHGxkvW/1EMIJZ+jyaOrCAZQUykszaUdaxE6fjAAxT5qmbxSb9HO+An", - "NKFAZFsEIUsKSsmEitxuoOABkzAQ3svjVlquVlx+4spBS9mirawWYF12JcWNYOD5yMazZu7hUtcvmPZV", - "K6khYmFm19d9oB62Z6oqomqJ6OIiGVVBfm+tzGJJugtjplKtsr24/hT87hlEPnTRKPQ9yfgMP+UgDO/p", - "zp/Ye27lM6c636xbIkuZuytfUEcflthNGxqUldVBT8iNOeynYSCp1FoSVleGUrWBREKbq7+APkiGSXzc", - "cr4sYgtjo6O51a8wZiPOxFxuvtyC//gvwM3S+aIklvnc0C4T56lhc5LwXqNkTRIkEHODrSFByBGV1O/R", - "ZEfyq0TYbdsq1JR6rH7OZhHpWjjceAdj+K+QOAIDkxamSQ6Y9u48dNvgYXe7A36IfR/QfHaSfmu30+10", - "t2XdepbW4OEMVVdYJ+hfQnzLdhsfVNF/dQPWR8ToijpCEjhg9FsVtfRxcOfzZ8zlJhUYcpjS9quUQd9P", - "/VW6rwAewzuU90uJIkv5vKm/zVp4yUYhOceLJcOrxO9iVCeTeaEmX88FYGbqapWozI+Q6jKPqq3B1pfr", - "021rg6ucK6FeCUvTKTErYD6kLA1Sb4VjzERvMv5yGvloENh6pV8hpfguSLscKBfyFvo9hj5HzERp4rix", - "PV8bNcqspV5Kw1oERSFheaCaixoZrqC5jlFXeW0UvZ7txMZO+r2Z3KL8g42fNe9vExsTYbvPzY7Idq9b", - "WbvqrANOdRt2uGbkyB6gZm/gX1OtUil8ulKBUMuMagatY61LVrxhGUJqdtlxvtR5K1FWbS/eZnK/kv2j", - "iDky4cUo/SZuMyR+U/3Y+CrtChU56jiddD919QMpe2V1JWJUTLUOaJoo6RAeVyrDSPz6fPv8nDdPch5O", - "3Z61UF2Bdgb4X5jAjocedqjAS7pTwB3OrLCLdhL357I84WXseG5feI6ZNOj93lDjhhpXhBpnik+c9Htr", - "EZkQDXGzMQlNcrfZpviaDpcWmzjp9+qGJYx4hIpQlIYlcrV8q+rAljpxMkW067tz6tWDtXlv+sZNyaxz", - "5qX1V21bdIVcglhV3tusCZtUjJiBvB9SdkfQ1T8/ApHIwY9vIK8DUvoYEi+fV7V38MKsLgnE0q+NnemF", - "9a0La+juWJL+m9e5xZql62SLspBbUShwySRieUBpHO0Tuu+SffYfpiVSfiDT2hlXJ5cIiKfhHxfETeJg", - "G+Chab7iwPVjT7Ra3KDnotBzxmof5vkvLq/iSvMki2KpT9tJTtuQWTnWXANRsjqmbce1ypOhwdk0DkXq", - "66B0KFATd0nuBow6mQwIyWktTf0oSMGmEiOs6C0VZNG4C8neXxZU+3x1vdP/cg12JK+giZOkA77y6ToC", - "jb5q7zNBLCYB8v4OKEKgnKrkVQ0x9Y6094CyAMAg9DDKdyl9O4Q3xcLedbqHmWaAwnouwmgzk3PfTqPl", - "2cmzlNaKZPQqNJNI7swmT/868SNKe0y7E+cgvmTeGanwEjGC0YPtFtCH85T6hG2dkKDSJHBwBzyk9KsM", - "Vb5ZIiqTXhvaWrA8WmG64sTfY2i8Ggrby6SA3YdaD1MLztKNRrcaGp1dOi0r0vVZxXRxIC/OCmcSGMMJ", - "eIBk8nfDXlWmO9fokGGvemCECLKHxprTUad0hK3XG1VJS1P2HVoba6v3SnOG1Asd8ENI+B8xwWwi7yWm", - "YlZuMd8vHTcXLY0fEJmIXU7u8GDK/s41ZCHpAdQpFWrXBxOAPcBCEA5Emhv/JBXrYqZO3ZSjHEd8af/b", - "59LjsnP4wn72ZDpKkgGWtMOmHfApZLJlbOz7IIvnon2ZD7aCEHwVgaKvICQ3wdc06vRVXXqqSNHIx78L", - "WsD8GQtXcIwApNk0BLCjT1RmCrayTamLLLw6A6AR8OvVDbiKB8nqpFlY2h8URrhX4to3W/cayRO9M9GS", - "EBZbm7pHw73BO4ic3b39A+fw3XffO0dw4DoeGnb5T/wX2zaJPD4poqywpI8zMIm7w2fooR8SBv2dq+ur", - "7Q5IcpNFPlh4jwLZkQ5QY09sScjt1gCLVLpTUXcAERso77HKtlPvZODRRNGWiUcB9CcMuxQwAt17HNxt", - "V81qHlnVzOYyGpidGnSuL4ifnF73fj43JHDyQ+9T8s/L858//3R+ZtViTRj7PrSux1wviHwYgC9femfy", - "4iZknMeOMRO8ZoCTDMfU3Oq0pswr6i/aUtfh7zHK7qJsa8lnFlgf6GbwYEuT2t+B8n5DCkaQjoQvNe8A", - "H8iitg4cuLt7+0+TP6ZSr6Q9G9zTiLqmcLUISpMKal9LNqcu78X+PAVojgpTuJE6a/5mlmWefr64OL88", - "7Z18tB286DM9ucb5ppSykfSes797vbd/fHh0fHhUX05wpPxU6HP5IfS9Bgkpo9Umjy2jh9Hn4J9xyOAl", - "gu4oM49MkU2GkX9a6omMSMiYjz5yykp606eN3bvdrvWWkfnZlwAz05S9wFxm/xjGpNVuncFJq926CAOZ", - "9ZyuSz2fElvU231bA40awX8+0Hw0wL98GR2UA58jgQIqZFSiepicJY963ygjT7LuEh2qkmRqdGa3kkMt", - "3K+L3TXRuVpxmzetMn/m0jVfl/c1correiB1+MuMJ1BOcYkKPF0xbVhnXJw+aBt5Ds4xFxeog1eLUiAb", - "Vwu3dCBMxs/DQAW7/i46hvaV+8sRqVBh6hMQjoMnTFn+jOj2VEOxCX4zhde89Ihs038x0uly9wHUk6SK", - "TLa605ZynzBI7hDjxiVBQ0RQ4Ar7MgyQ8qtlLw77rdvn9p+5SunD1u3zbd6LMAq5tvBIcL4UFoxZWCiD", - "pS7TUDAKH4U/48eQMt2CH1Nl+ao7FarIjL5bo1MKO+ArH/sr8JCPOBFRWaGGCCjUB+fBQzhpg8cRdkfq", - "ibq3Y84YU92fWw8OXD+mDBExZAd8HcMghv5X4GEKBz6igE89hgy7xnzckpJ3fyn/r49dnKuypWJMulyg", - "3Bo5tpVIha5UrM+vTo4vEIKIIHHzGHkJ9GfiJnLZtXyRf1lIyMEEuSzBni+XHwWtiVuJumiYgDZVOVXl", - "iIiEnqO+Oz7sdrs7MMI7D3umESCvoM+A4PZSjHB1CzRWLcY4DsthxgKjDMzLEG72MihnVGEsbXY/hB4Y", - "QB8GrmCAiDHRiSBPmQNIUd+atZhW95dXp5Mi/yjwohAHjEpvLKYpdOoenTrj7Q448X2djUCTC6LJ6+JO", - "3Qg+INXiXk0WocBDXiebKpmgzQsv9ZvzeyYlGMWeJo5+xdmdv0BcSa6fOqVp1o5Gj2v1ulGArMLLrilU", - "cnKaQ5BHhO9GqrhnFkHKq3ta+cF7gxFsCb4qCwQSJoR0Wx6lG44RlQUGNZptT+MRzq7gElPZQ7slF2Mp", - "9Sl+t6zR9NApCQR2u90MSN93xXHjMecI+rDlXxbbvFBKw96+eYyDntzc3SkXl9W9zPSgbysYx3WKSMW7", - "bWGhhCPfkATzNU0W/f1hEPB5CoOeygdCL1Pje4n+IMn+pnVIb1riv93umN60sqd9SPM30L1vt1SN/+3/", - "3hrTf9N/j/892v5bPWHwM/SxJ+Y/JyS01CAWsaTiQn4QISY2ggwMIfZlQEiNlHUoRsjt6Dso1kAnpfBu", - "emoo4uAB/bY5w6mqLlpolSLIyRV1Mzi7Vb/W25df0OA9Ce8ROYlw/aio+dXmVmE+eSGzp9YUBspC995h", - "RF5Lyd9kgr5/OoJBoCqAhMFvbkJOv2FlcpvV1p/b6iUaS+FWfCgLcxQfcgtWwGpAdw+H99DxCJbXa3Mq", - "gHhbtFOW78kfnN3jo+4Rl7iZX/fkr7fpfovHwrw1lhgR7CYchS/iBxIKw4SFEXb1hnXUa8lyF7QnbVXG", - "BF2H5TA8ZxtDZ060/M7ZFX8NXMvXQIIoQF4/I8hFYtONltpoQEP3HjEneZhsZfJsmZX1LKj7gsuEJqmc", - "JGjfL60p0ichC93QB2PkYSlOCuVFuCXj+yDBrzwG23GnLruTtUA+kDCOWgUcm38QAxfnGmQab3+fEHmu", - "Wp0UNEDSK5BEn9UFChtoV6HfZ0YoFFHOMRVbR1fTOqtdXCQ7bTqKVjMGYcgoIzBSt0DodjYz86X8LF+C", - "vXpb9PW77LbUrcChvja26nbKsSuCsum9gyvBOzSd2GzFnzhwQPA/o1VfQQU0GXZd5D2Vn8kErXKOvuZU", - "mZMktceQH+nNmUbb2b206eI5xV7ujSx+Jshf2V36vEGCHYXjVsIwP4eJKSxUE6Ds8Fl12RSm09BfTjoN", - "1+1Xx3LKVN0jsAijjKpUdxzFd3P6TllRt9rUo8i6UPbtAkbcsC9Qt7TiB9gTrjlVsVIYdxwLDGLfukei", - "4L/mCrq+yxgHJqi7lrMobZDQeOfHjA4yYwPI0v6P69P9UaS9vOWeDHyBy74bWa2ZN9/1wdT165va6pt5", - "minKhby8jaJFK5fhVPBgFPenO6ocf1LoTc6fu4CvyjhMHU6NJlE1qTGp0b3Q7jBbe7/keDo3N07J4VAY", - "eIPwaWbQ1HdWuNQz5+Xw5esX8k20RhHqVPtPXVaGganknCG0pglfU+0p3qTiP5ulIAuIMEMVSW7eRZE/", - "aaAKZPWKMkpYDa1K4mVRq0qFMQullJ1Tq1K6ZDp8Loi2AJ3q0uBSZQaExpu5rEY9QdFgrPJ8vNxsPEne", - "TOE3xqpt3iXwFyy71Dszi3U3/UAavxy/cVdu3JWv7q78qxRcyhBbZvIcGS7tplzBhG6q+hKXEPFgpkKV", - "ySeboJKFS/OtKWPRd5iN4oGDHvjii7XxEuZlVrW7+vJeN3M4bmFKY5SrWZd5IYp9/7ckEsyXZvCTzPTl", - "/OQDZj/GA3AuXmstL2hh2Z2XBS2yWNqsMH77x/wXYvbqMPOcPjnjZbL5URjen/R7i2DydUJ3U+J0bd2U", - "QlZ4FjgmNrRji+ApG+g3D/lcy5jUWP5VPBAYaTp0jZGUwuLNP5KZNzz/KHHw4nGeSw+qNB50oi9Fa8dv", - "mu2WSwuLEHH0S6p4f9K4YXNUzR1V9sVycpJV89XpVVHNHJ06kiTI7LiL8LuYzOmFQRw7Q2omBGPQUCH4", - "0jcoI+t8v0cTydXMsEoHnEN3BFTABWaeSWe1SMWmVQ1UYBLh6bReNSTziCAbCWtvE4yZGoxpi6/u0URF", - "JTZxmfK4TL5280KCMZtgyiaY0mQw5bZcxqnCRNy4zdY6zVW8nYEsZWfqRFarIihborM2C4GHCBaXJhDA", - "43HM0t5/1I9lnQnjvrw03RSwU4ntZcVfS7ak7OKnkUKdMab4GHrVdyhARDhrVFGdYez71raRqk61tSdo", - "OkrkQyzTrjM1mrYeRxS5v+nLLt+CdwdghJ64MCZ0u3MTXOpriOgJukzcRHQR+P//3/9PlqYAmPHDEEmM", - "yJ8ASPkv4oZLEDLZOUpcTRSHBe8gDvLNnCQEu3BvsO8eeIfo3fA7+P3gyO16u2hvuA8PBofuO+879P3w", - "CHYHu+6et48Ohofw3eA793vvCHWH/Nvq2gg1ShS1W4/mKdY0Q+XLvWAYFpBGzZ5mzCdHNRWFxHiWFEdp", - "zapCK+DHi5NTdZqyLVd6xiUFuDqzFTp653R3r3e7x93ZCh3NTPJTKLfu1afLjw6FQ8kNwFbCItqyNT/U", - "N6106zZZ8wVpEtnxkI8YyrER5Sh6LAemeKUVugw/IOFWfQjv8zpM8nS2qk1zncXzNESrrmdhVDerZSlZ", - "aOKFdcPaLRYy6J/Wq9omt1bXXEsFSU7J2bNeaSoKSl2uTXR/Te4NYlffwxTLFtUH+K8p8CPGIulgxYqO", - "ReNReb1IeSd/ufq8J9RQfZMbXCM4Lppil+dX1+I9vhjh2lfNTbOKONUl4orjql59kuuqxrotSwO/CxE3", - "EGaF3K/U2dntHEn/bBihgKuux639Trezrxq3iJ3ZcTneCNem3Ko7m0y6TGrX+b4qTACuP14B82PgxoSg", - "gMsaP4Re2hLQeEkKn85NcD1CFGU/57aHoPih7EGo2uP+eH3dv8rcKFVhTFUpOmmZ0/OUJ+HUXFHaEEas", - "bq/bTXr1SNQ0ajbs/ItKHZwmrZKryMaYJ0OPAoXsDo7MZj+3W4cNgiPulVUB0Qu4Ygp93Y5A3PSSFBOP", - "x5BMNKDGIbvZvWTwToSyjaUbCMgZ5pMjqArGbOSQ0Bch4hb0xqIwh2qyg4iIcEchZbbL/+IeJAQBeszj", - "GNjqn18AyUG39R16TShClJovY6oR0ZsEcIxd6PsT4VAIY1E+lEHC9GV5PUoBoyQ8xoJbbd2z6H3oTWoc", - "nxGaMcBrHbcc/r/35x96n8Dp+eV174fe6cn1ufj1Jrjo9c7+5/r09OT+l7uTx977k7veP05++tj98uHb", - "8eVP7F8XJ90Pp1e/f7jqDfbP/nn+/vTxy8nF+Zen0z9O/vH+7tPPN0Gn07kJxGjnn84sM6Qxl/HEkeft", - "uNKfPyv+y01KgqZZlUrEJgt0uLsIOqxCfxNn40hhRkZJf263DpZLkOIuZwZplXqwirwhQ5luhiAa5AvP", - "7axM2iGITysdyDaGcSFKTvgTwAi+u0OyhauAlKsWnJWZUkb4x0TVUewjOqGyTGuOlRSYwCXKMYEXC5Ya", - "lqU5nVqS6u57dXaVdPucambOobe9nzCbm17qbQP+UO+tAionJlKVbW/38Oiolt5WRa/G8vMEu3JUkqCj", - "QsImJaiFOkTPPXFS3AqyNSfivwOYZTKaCLKycwSDOyE2tZ//JXJTTpyVm2n7bZEhkNvcM+3cNEEV/iOx", - "tMzl/MMu+v6g23XQ3tHAOdj1Dhz43e475+Dg3bvDw4ODrizKgAPRUko0IdP5B14rL5tMeZc3xG4bJXNZ", - "AGvmZVTd5beyC7VlC2YWMxJxAlRR5h4sj4RNgIKQgWEYB95KMhIb5TbDQHx/7EQkfMAeIg5D48ivNP6E", - "TfDx4wXQ34DkG0DQHaYMkdTaUwyhnQTs/QmXtfKdwURGHq1228ePF301w3UC1BSm8YMYWXTkVp8A5cYq", - "JnR/jlBw0tNs4fcYkUnKF7Ie9WUxBLdQVnXfWq5+RhluHmktD5Bl6+sEzssNXTu6rLbJWwJzSnL8Bb1N", - "QO/TLMRXZvOeeFqttsJQsHRPDGxXMXpZfVAX7xaMX9bQR0/8RxFgG+cc0eZkRZKUpZdtmDGrAVzvMC0z", - "pQZlprbmzgSO/YYGXqqlaiUzCxFZkUC5/FfEZM1WZExrEqkqRdsSsqMlCvYwGPrYZcBJSVMkj1A4VuFG", - "6BMEvYkstLmazEgSXRUzaJIflSsDte2KoIRlFUyMEgPBzl8qZb6qlRfFAx+7Zsk8ZT6YbNNiOwhnOF4D", - "6yABtJ7+bz8Hq9K9DM1/BnCWbQPYQVsPayBYPFdo282AD4iVk/tgAjCjoHdWpPMPyKbZv5+IVhbzEbrO", - "QirbipUk9tkVg4aVnlmolEHs0w1h1iBMThblNOE1bD7E1oiZaKMLg7SCuB2grIVuC3V5cOESWbqiFkqk", - "fyHbpLsatonVv7jitsmGr02J9tXjKou0R2bwSc7rimzrzOo2UMmzbSB14TYICRBJ0lPdlTO4KTN7OMVV", - "mWzmC32W7ZrgGPca84nltunT118+tdr7HcX8jYsdWeGQAyEtHjMXCLkrGXEmdmneZrDPnnyTTj71UsTc", - "Z8MRsZAaLzdHZZ5bz0h99noO7T2bQztD4LN6qDOVbxbQ4rSeV3uNnNmlPuyGU7fK3NgF73XKAJX3WrRO", - "CQHHEAJddetLGZtUdphtG03vk2zApLlDG3Cwud7pqhtOUJy3YCwk9LP3nGo4uxfv5M6gcePaZMno1aoJ", - "DsD/fXLxkQu+f1x9/qSTkV7JRZ6j8ymwa/e4vLgoGe7GVz7VV57wgryvPPCSO2fr7Dd/MeuzaKXzOsfn", - "8InXtLyLJnduD4xrOzTcc6Te4EQ5/XKFneElYM/hGl8Nj/jqOcLX0f/dAHXP4O2u7eSewbn9Fih3Tnm+", - "CE2nBt2tgGt7zTzawpFtdgpt1paYx6c9syt73cjxL2B6fFFO49wOv4rLezYmsrru7g1fm9ujvTBLYUd1", - "6pzizdZFcPibtgy9qTwv55Q+6fd+4pPWY3yyS62N6WX6FGvg1l8xkdtT9+KmPpgNfVXrDRx5/Nye2ZC5", - "AS1C1Squckh+UDUClF9AATQXcRUchBJ/GqEuXcpAPFQArrWqIfcmX2PmZQpG2ZhLTeDNA1FOMBrX1jFr", - "dyXY2+s4RLe8WE4iCVH2qhKPZNyBaxDbq+8BreB0zXLeKRrPzp8wwj8hEaKu9JheipIrHFYFegd8DlwE", - "VCmWNsAMuDAAQQj8MLjjRqmqFsFCM/SDkl7Btku8fKzmWfhyWHUhUMz31CgHJ85bqGp8lRmYkvRu3TLe", - "Ck96Uiumo/Fzc2szXIUxG4Zbg+GGJMGc1VYtC+xhKTpltWNKQyJj1bpgiqrgFVCGVAWCmIWO0vC4DAkD", - "VMNd9SZZkyX1c/GsaVHarTyyJnXb/IhLTf+cXbNdKSeYOuf1YbEb9XZe591K6rY7aUHC8ko1l8k7GSfk", - "S9wS6ZBvX69NNvhtCJDk6Bp2kdjHXXFhQkK2cZO8Pa094XevwbSfcM2iJvzFV7o+8ITR7JcHniYgm/r/", - "ehcHniavc2vgabKSVwZW4sIAP5O3dltA0/IMdwWeJq9+UeAJr0nNG8WGcnz4abLwGwJPE/v1AM7i6t8N", - "SBO+86w7vTOQvR8ww3WAp8lC7wLk0LTJbJzSocv0i6fJ6lwBKJBvFdSb5P95k/+fJm8w81+QbGPMLKdS", - "zp79/zSZMfX/afLSdEUxQv6GvaMfrEflmwTcmZL8heR43Qz/MhBeyWp8mqxbbn+z9Fsrw/9pUiu9/2nS", - "RG7/qlPnPNK5cXVlGoG9ah7/ytOUkcQvUTvO42TD+v5sWfxS06ydwr8mAvFN2wi5dP3ELFpmrv5MLGKT", - "pb92XKuKYSxapX95mn4NpmZ4ficNJOg/TaZn56+VdrFeWflroQXUSMl/OXE1lYxfg4SyvrmXx7olDU3N", - "wV8XjWGTe7/JvX8RE9tkJjWeeN8of63UXVY24b4ZTr1YjvyyFPunySa/fsNUU6b6ZpLrm9YOXyet/i0x", - "IHsi/SIZ0CaLfpNFv2qMdKOoNptC/0paavOp8zWcCPm8+belnpZlyq+jhNikyW/S5N+08j0lR75xrjx2", - "o3rZ8Ren/X7jyfEhUXnT9thIOmf9rPiL0342K75YT/9CvtU3eXHzOfEpIMvNiU/nLc+JRw+ITNiIj/U2", - "8+IXnZl+aMtMH7tRf8bkdIXhr5icbtDYSuemZ3iB5oAJGS8uNV2fUD4zvSQSpV9fUJa4FV+aUYSmDL3U", - "6E4JWRRRKDmdTT/UumneKc28oVRvg+wa4w059WiGTO8EK+smehvgv6i1WrrmpNtp5yareKSi3+GLM/WQ", - "Fc4Bt0NdLxU8OY1XywSvhmDZdlECzXrkgS+EtquzwJMdqk4C16+9qHtpnnLXhV7nEd+NqydTiO11ksLX", - "hL44rmcQ3WtYsa6ZA57AUC8FfCGiUjrql0p6fzHboPuKtsGmH+lb4FcVrKNprZ8gyhwY4Sku0UtE2Um/", - "t0SHqJ6xvjv0pN8rd4ReIihuw4vVnPR7i3OGcjCW6wblM5Y7QIlcueNjUeLibXYTbdYk0/RQy6+pENXm", - "yazpTF2YwzOhoZV2dxqUrlkb/0mg9cJ8nWrSmq5OfcaL0WbU6M3oL4XBlurNTIihiBN6xzfuy7ruS75b", - "b8hxmRJRU2SeUWBqOy0T2q/rskwBf5EZptiN3VdpSmmRq7Im3soyuOv5K/VJvJq7shKAZVsnGpg1cVY2", - "T89VrsqEaqsdleqtF/kphyHRBLs+ZFpPKjegWVST0ev4IdeDcjgem1jsNavx1nRCagjq+SCblX125+OC", - "ieoNKuzdZSrsG5/iG+A95Yxgofr43LUlarMp/v1sBSWmMamkqoS6ES8gehN6wJoUmVgfaV5VYuLlpPXC", - "2hJlJASuVaUHTAEE+3vOYMIQIDDwkvuGKHBDT7r4R+gJesjFY+i3QUTQED8hT7olvsIIR7997YAvFCUE", - "9BOayPqyExAGJlkpVo0ADtxwzBmQvkAtR2MjTMV97BIf3Ez3VKbRuK3qxbprJZsCGJsCGG+JwVbVl2iU", - "uVaoLStYVqJRPijBexUuOFvRiWlgbapPbDjaynO0ApNoVEFcdnmJxhjRyrEc6fF4FZazqTexqTexXNbJ", - "N2htbg2X8jOuI6b3/z3J2JavIjZW06HSeI8IesBhTLUVr5UDGHDUinzoahNdbkwDNn5FIYm3Y5jPXmji", - "TcmITcWJTcWJt6ZwlxWZaNyBQJFLECuPc1zqqAJMPMbQ9wFlIeFYJr/ugEvEYhJQ9YPBJ6WXNIzZTcC5", - "EXRZLNYuXhMcXXqeKXJjgtkERDGJQoqojLYWgyZXCuAFUp2com68Qe1BEn+x0d7u8vDrS8DPPST4D+QB", - "J99GLWFdK51aS5Mz1piuTr0+opfHHq446lKlYihERIFLJpHoSMYAV5ikwqKe9s7AOKZMuL6EOtC5Cfhj", - "ZYVS4/OYcpWICWUH82XpZ3zzk46wAzQMCQIRIhRThgIX2bBdOhLlyheUwisHX8B1pMqBG/LCK/1F1v+Q", - "nnMBYIJPVwkdSs+6vKsgVWyZLv+zusFw3LpTiirXfiIfsmFIxp1HGu513HC887AL/WgEd1vt1j0O+OEk", - "xzJGDHqQiR3RtzEggwNIkRNBSh9DIqiNRsgtImM/pOyOoKt/fgRjiAOgPwXJp+3M5Y7j1pl+o28OniQY", - "qo04Ya3j1l53753T3XW6h9e73eP97nG3+79crfOsMLZbytYs//ZZnN0LMECesURsaRPZeIX8dDWiIe9h", - "avY6YIypIPCQAKx0nCFGvkdXmM2/Vhq4Yp5pkLR3tpK538AxebRUTKtCOlRT/gtkk6F5Tc3/7iMyhnyh", - "vq5OwIWX2t0kF1zTMxdcmMoY+QgST30ijuEmCLgR6IYPiEzAGLkjGGA6lrIukT38W+yhcRTyEwGOHEG0", - "ZAVBGDji7FDAbgIFA1G630H3wCbGZOKtIcaKWpuV/G25zWArCIHCle2VprmDGQVYEDJHGiRZEab2IkRU", - "2Cxi800hluSnt9RpZG2u1M5JhQSf6zdl/NTn51N356p6/lWh9UTCckqPCSpLE2+CzNvVNhVV/W8F80mJ", - "OqN7Jjqmes3UMW8Cm3LpjrgioVTMAZIZK5xCkdcBPWm+6Zep2AXAwptAjS+YiZy7DSA47HbVzgl/nRxG", - "++iEkYpdoHDQRvwfEKuk/BkoRF+YKFPxlP0F/beo4yVLatE42id03yX77D/WT/XTqO9VcJDUkDbIY33M", - "6qX6s9aF6aJqBcvwMjXDd+v49Au+qtQnrmpK8n8+ZRkOp1AaiUhF78wgy4iEXscbdDiFdzI8AUsne4Zr", - "id+yA1gYynNDWXsVIXaaCeWYKrtUdgV0UiAlf2Y8HjdB6vJwY0K4yljh+mgDFMCBrxr8h2PIuPzAdxJz", - "bwIW8nkQkSmpXkzSIu20Az77nuFuE8yU2xNw4CPwgKHyu5hy0CaT5Mr/mn6VWYWukgulQjfpbLHxqswq", - "WnePDw5fwauyEgkFU70qEp02Qn6dhPw0L4pOgmjOgxIPErg4ewlqXNcxvwHiGwAfIPaFDKlzaefKGKAv", - "5lxkJCo3We2YVGGVqxvwscC6+IoqiUevMDtgI8iAh4Y4QBSIGKyPx5hJYx0KpgmYiGwOVf6ROQYtuweS", - "P8pFaR65aXQhmFe5AZEHppLJFQ5Cx3ReUTi9mv98tW82FIim4cuYRca+8yf/T69mpZQiUdetmWKh0pwp", - "abHIJGgvzNM/sDjCC8tQPvGlayCf1qO0xyLxsqLIh4i/yBISIj/Ggn/V1T9eD+u6K8LrX6sCx6eVv6tb", - "gk3Cd7T8KhxFWOrV41gqhi9eqypcInheWcrSHpwNZdlt0SWqMlPM08yrdcvUnvR7bWBs5tQCtVcZgGaq", - "Uts7A1tG0dTeGZ9LtlbcLimSCiMsKLgyed3+YbKk+QaoKM96cnrd+/m81W71PiX/vDz/+fNP52eLKNJa", - "l7bnMe7XxK5fhkmvtnIgBJaxAeKmcu26LEVjfQmG+soY6bVFy1/ZNgdOVmqsU0FTmkXshUm6nT/NP+ey", - "2+cx2WuplVnIFmy2v5bFngEiWD/zfRUs9/pG+/Lxrvu6/P+17PU1QmuL8b4idvvsJvtS8HuxOtarmey1", - "0fm1LPU1oimr2d6wHvOIBgMS3iNSo7/ML2jwXrzbTJOZKaZ7OhsHrLbpnnxW3WrmioXuPbgmsuFM5qPF", - "dZ3Jwrbc/jNvrAX2TN1fTFSq1wJmf6ktYDKEtdqXVbOgprwoi9oL6whjTp9vC5N9qDIjKRhgDxPkSo4E", - "KCMIisKWA8QeEQr4V1ehe48YcH3Md06kPvwEh/cQSNaoal9GiDhuGARyLIBp6IvzKHOrZLBuMSLfnKKZ", - "lEv7iEt10WSptYivmWPeNKqp68XJUugballj4kPTHKmoItXvYJPB07r+HRP5m+jjm92F0s42lKtDDpPq", - "kJNZ8Rr0t6mGvl6Xm8xpvVqrm+lQLNteykC0Jq61RXKEyvY3mc2qdqg1Rui6EU5mdetG3zPoA01pNzXI", - "73W8fmtEcRzrCzjvLUkIz9+2IgtVnTx4c5FNdLEoiGVrP4s3Q8Jr0tMieyrr3Nmi4NF6MUG+tM9FJc2t", - "abeLHFdonCnY6mwunydsmmBsmmC8VgXLCo78On6ULS+Wk0iCDInYNP4ovbu9vWadOhYqLKYpbyvYvGOR", - "bH2p7Hu27h0Z0DRQm7YdGx68RlpxgUksRx1edlePvxyHSipvLJFDbbp8bLp8vCanLev3sVF8X9qOZMW0", - "3ub6kUx3sqxWV5K/oKadnPSbkGWbbiSbbiTNSre1aU+yDPlB40G9vNyreNBMUq7Y9ydWJztXzTlTau5V", - "PKjOy/0FQTZCxHh3oem4Gp7l5uIaE6v93lGsPp1951HuhIMeOE6XAKI+X0xSsJHP+1bTgiUO18sJPlx2", - "TrAmsFVPCE4ZgcECNYIvMhVYTpzPAy4P1qnTXlgurhy/sUTc/HDLzsLVxGEV5WrvN/m3M+Tfapp4W8m3", - "CVU1R/059WemnFuFmDMk3CYLeKnxqVddmmarZXq6tjXIrrUCXTupVh3Ha2bUVoHwCkaQAmd9cmkXQODT", - "smjVHk1NoZXvNZU/qxa1JlRbV3o3ooVMI61XS5VdC2pSebIGVntNa8s1r8anUNS7F78g8SjjBcsktDeq", - "8HeXrfCvVPBuJZ2ca8GRqljDwlX5F2Xua3hqpu3LJTWUs29wsOkJ+2uoNqxPnr4+iXVP0k+d3C8juQbS", - "80sIa31z8xPSb5byp2blr5cas0nG3yTjv4ztbhKSmszEX4BEqNTBVjMBfwG8exk8+gUZ9xqiTcb9htGm", - "BL9GaTKlmfeL0XFfIef+jTMlS5L9wpnSJsl+k2S/csx1o9A2lmH/qtpso4n1Ve6Rlcuqf/PqszWNfm2l", - "1SaNfpNG/7aNg/Ic+mVJCNVKvzTkdIlYTAIKdDN2CaHvA+gy/IDAjxcnp7offwf0fYhF6rVk3hRAgkCA", - "+AbgwPVjD3lTQlKqDfR6MegF56yMwvBe7kvt9lCqmfZWEIJIn8n2JiJVmbdtonLzhFgnjVvHoii3zckk", - "YuEdgdEIu+J+CkVuTDTFjSDhwkB2hd8ahmQM2TH4+jiiyP3tK/gWvDvg+hJwR5DQ7ZtA53Pd4QdV3Vll", - "dUlNLUu3UlnjhI888M03YeCib77RKp7GdK7G3QSSuCkL1eWaZKQ0oKWAhFT89VX++RUk9J34H/jzm+Cr", - "Is7RGLoO38uvOhRmjX89SvoA4kIIoPgugCwmiMosmsoY2JXuQb9urGYhWTspl2k26jVl6GWn79tgqeiL", - "IXFXy+ms+iVpJ0HoIUY+N0d8X3A7GEUIcrkHYDABw5hjpQp5E3CHWEJIndd2QPw1Q2YnmjGpwDky7x5k", - "7huoZFhMgboVtYIZFZkkBkOSLVaQVamUO3/Kf0yNoPURGUO+Kf4EEDQOHxA15EYHnGvng2b1HvLxAyJY", - "vAeZiqbx80lO1PcBHo+RhyFD/kRYJalsAKm9MvX+wzrKiEp/gdqi5DJGBqA7zEbxwFEbbQcmPdUFtM2T", - "wK3QnQRtUaptW6vrCQJ2gxe8DunXdDcKd6BJ+EotTP2D/sSQw2GApPgN/UQNpiyM6E2gqTu4M9RBkx3I", - "DzmjTPVeU+Pl+q5Fu40DFAitHHk25dLiaXzDzKPE17hUBtJ9db3Q5pRLsSvRDDUmZzVDeAdx0NnwtZkc", - "ZVtyy7eXxOQ4GNzsxmwiKFd8dxKzUev411uOkhJqG1l/DF3oAzWamLndionfOm6NGIuOd3Z8/sIopOz4", - "qHvU3YER3hknYO48dDtHrSI1noXuPSI7P8UDRALEEDWqFeQnuJPBGIcfJAl9H5GKmW6TfctPeXr55Qwk", - "vE5qw7rJHk3J2tZ3rwi/bbCL036fhE8YGaNdnPYB/3FSPZx8qBMZrj9eARcRzj5d4Ubho/94fd2/AnEk", - "e1wBrjgOFS6n052mX80O/8ePFxzWB+whAq7ROPL5MBkfubEy+9svm7TWXPNO8TSZNv60U7INnjp61Vjq", - "h8xIt8//JwAA//9q4TK55lQCAA==", + "H4sIAAAAAAAC/+y9/XLjNrY4+Cq42qm6diLK8lcn7albt9y209Gk3a3xR3L3xt40REIWxhTBEKBtJeOq", + "fYh9wn2SX+GLBEmQomRKlhzNH5O2SAIHwPk+B+f82XLJOCQBChhtHf3Zou4IjaH453G/d0KCIb47hQzy", + "H8KIhChiGInHLgkYemL8nx6iboRDhknQOmp9gBSBELIRGJIIQN8Hx/0eiEjMEAVb45gyQBmMGHjEbAR2", + "2iAggEUQ+zi4A9SHdLTdAdcUgb89oIhiEgBGABoPkAfYCAH9Iw7En2KiLdS567TBToSgh4M7x8eU7SSf", + "R4gS/wFRPk72lYfdTne702q30BMchz5qHbXsY7TarTF8+oSCOzZqHe11u+3WGAf67912K4SMoYgv//+5", + "udn5FTp/HDv/23Xe/3Zz49zc7Nx+8yv//fZvrXaLTUI+EWURDu5az+2Wh0KfTMYoYJcMMiR3dAhjn7WO", + "1EPktdq5bT5FFEfIA+nXfFsZAg74T/3Rf4ItNdI2IBH4zzhInnTALyMUAIoY3xbzSVvsKz8zTEGExuQB", + "eWAYkbE8w4gf1nCIXTCIGXAFhsQR5FC1xVf3aELbAAYeCImPXYwogBECYYQoisRYJAIhYShgGPogQukK", + "xFEE8bh19Ku58BS41q15VsYrxU3FNPTh5DMcoyKK/hiPYeDwk4YDX641gGOksHOAwPXFJ2cYYRR4/gQ4", + "gAT+BPiIHzFtgyAeD8Q/aAhdRNtgNAlHKKBtwAGNqEsipHbAI4xyEiCPyNvO4NmFRDPwCVPGAchi2G4l", + "hqXodXPj/HZz0wG331oxi9OrOBla3AMxMRmCH6+u+iB9cUcSaqvdwgyNxXd/i9CwddT6v3ZSVrGj+MTO", + "F/0hn26Mg578aDcBBkYRnPCHGhnKITnu9xwfPSDfQJww9DEnfCIYSQomiAMfUQrIA4oi7HkoqAtxn48t", + "IMpDSONBAlbfh1WbZr4KQh8GAn8ogA8Q+wKnOJKzEabqbJOD/7X1kfgcYy+x/4AijtAJ2IXzy0MYh5RF", + "CI6LgKV7p9/JkmarnWPfY4iDaVt1rafjmwMDb0Ce6n/y3G5F6PeY8yi+ajHfbbIkMvgXcpm5plM0xAGe", + "gqwRiqnY3mSVXvqZFChEfAN9wPAYkTyLqo3Y1wWwbAeixUMB4Es0hgHDbiKuyFCz1Qwb4BKolSHuh5sb", + "79ubmw7/j5WoH0aEMssencSUkTF4wBGLoQ/EWzse4RtPFTrq+e2oMHU4NZpk4BHxYlfgv5IHmXXBEHfU", + "Xx2XjFul/Ktzc+OUcC8D5WYCTX1nhUs9c14OXz38zr1lSqUUe9qJMmWQeIZ72wjnuN/7CU2Ku3OKGMQ+", + "5RgHAy2RzU34k59Oz2sdtUxdh2+Jo9ARhlgMzf8R/ra7t39w+O6779934cD10HDWv/n6IgQZ8o65RrPX", + "3XvndA+c7u7Vbvdov3vU7f5v+soHMa03xnxbMkK8dT4B/RTrflKLCnGEKB84iH2/3Qrku+OJk2KoIzeA", + "kjhy+UOfuNDnPzDIYsrncxl+QEJKZShD7VN+h68D/HuMQBgPfOwC7HFNZohRZBA5YCPIxB/3aMIVKUgp", + "cTFfoWBTGaQsO4YCRehzyQP0EQUcVZCnj1uyQnF6XPEa4qc8dTZyrAUAjXPOw3iFx4gyOA7BI1c89T4J", + "YCEFd3oJGUBLcGVIojEU2jFkyOGMvgKYD5YN6xXOLKYoAo8jkgJigpjdPYWdL9I5hb5pcGWxEVscCo64", + "D9hDXhuMY8ZfzmqONjKoVh0LgBpUkwfzjD+Ckq8nJ7bFaQvgITfVUPLCdv6ovnO6u/youvycqo6KD8cX", + "1jpiUYysAHJeDP0LNLQR4Jl6DCI0RBEKXAR6p/ndzEDn+iT2OG2NOTNw3n//3btD2xEG1rPj5gCFQ2TS", + "euHsYMyIk2KPsJgMjGgDPFbn2ebY5gFIpfUawgiOEUNRdkNtLMw453f7mWPeL0iwrvP+9tstJ/nn9jd2", + "Kau4YkGDEb+bLE2sUvBObkzqI9o2bDbNWPWzrLmmnxZBUHy4AIL4PQeCMZ1i21zEPpB7xTpCIWszEyfv", + "VYvwQEplyfQTqEymZvIUk4qSXSyX0yf8Q0yCC/R7jKggPEMgl0otm0iyioAvWu0NfYgDh2sTyaE9QD+W", + "zEYfjJRKAQcRk6BzE/SGIGU7wm6RUsT3uTks0BUHlCHo8eNQWM7tVwgC9AhIgDo3wZUSd/qzEaQj5IEB", + "GpIIAcpIBO9QB+jXXBjwt3AAYDABklHcBFtjHOBxPAb774A7ghF0udWtXEICMr4QBXtwlyzJn6Ss+ybQ", + "jojOTZAhqifxP+eRkj0haUMfMj6z4ArqofwPl5gmfb17OR/tgN4QDAgbAfVhLxBegmQY5SjR55D+zuA9", + "olySu8jj7K5TlJK7e073+zmkZAJK5Ro8ZT9ZmGwWP/WLFr1UD2Gio57AXM9+NwETBwzdoUjYiQEu0SoA", + "f2QZT3EJilwSeFQep/JtjEgc8f96cML/84jQvXiBBGxEc04m+Uo16xDAtdPF2/hAEzJNEBknAYx8j6uV", + "ibXL8UiQqfgigi6njTCOQkIRFQ4sRaB3kKFHmBILBZhRQB4DwDdbQKDnjaB7j4O7PA3VlaWY0hhFFcoX", + "lR5cEjFurnOFWbHXhAMJikkJQvjhYIgFaYOsrL0J+GCUq1VqRM2GoOuikCFPDBYQluF0KEJ8HwOiv4oQ", + "X4Hmi3m1OWUYHnqQX9iWPob0HnnHJbz6XDy1uAYEW+Rbr/SG5AA7N0FfAQ0GE7ltChDxnVCpU54YRshR", + "zNfGBIX6/80333zzNPnju+/f19eDelZTR59TdmshUK5nU2nSR2LX9pei8TzXENE0JAFFORmdSt6N+Vxm", + "Po8RpfAOSYekwOaUSGnsuojSYez7E6GzjSEOcHAnqeSfMWGwdfTeGFZ9UKUDVXnwlH/EhMo4z+kAFmjC", + "DnGeRi70WwlB/85fTDg5N/FMrH9vE3apRmy4rtR2TJNFid6ql12ulH7ClJnYbttm8c9aLtN0wwue9VmW", + "024xwqB/QuLAJvD5MxWCUUEDweMyCkRxS8up/gJpbbZEOS+g34xa30ZVWzNVrQpXHohbkBE5b3oVs1GG", + "6lRWsyT6vw45vhlYD33/y7B19GsdQs9btM+3WTgUl759brdO+PYMsQsZqmY5bvpifb5jjJ6M3BAT+jBh", + "toilZEID/lC42X0fGJCDIfZRhiHt7e0evrcy+llYXeUUNXmeba8sqR1WeD7bIKE6EYNDZAK0a1suLvem", + "G1ri1vV173Q74V/GbBleenjYRd8fdLsO2ns/cA52vQMHfrf7zjk4ePfu8PDgoNvtdmexS4y9AfIdcPoZ", + "bHEwhjiiTAAC8BAM4sDLe2VPPv/X+QScHLe/8P9+ie5ggP+QWREn/3V9aTUSUk6R83tJrATCzyFFgzTy", + "9BeZiQ2o49AnkNsI3Bq8PL0EsSDw6fzGru5zxVEr+mWHMJ44rgjHOS60jkzY8ZBN225kiC/+d81Nl9J0", + "19l7B7rvjrrfHe29qy1MDXagpU/CDFAUkSgrWyo4BY0leVWuUL20SIyaQu/XAjkMZl/Keosr6Z+dOyhw", + "Ccet/+kcdt+b+LBFtzvgBAbAJQGDOADj2Gc49DNIQ7MuK4f/78PZx95ncHJ2cdX7oXdyfHUmfr0Jznu9", + "0/+5Ojk5vv/l7vix9+H4rveP458+da8/fju++In96/y4+/Hk8vePl73B/uk/zz6cPF4fn59dP538cfyP", + "D3eff74JOp3OTSBGO/t8aplhBte/5E6ZcI2xrA44VylDsXwRuhGhNC8ScqvPEc0ciT+d32pFpbNUK1Zo", + "0wbOOL6XywNBDrQs0ow8riZiT5KverdmlsXPyYcCBJvYLuWSP+K7kcp5EZMC83GGkMwEEBPWoYC+rv4l", + "mUIj2tfZE4ugsK1Tj0px23HmWXbx/7j88rkPpSc5QlT6kSIwQtBDkcRWRrRMlQ4jRu6R0ugz2/O3TswB", + "7eAgjNkVf8nK5Xyl+RZh+UU40RgBQxx4xlSG7DJ0/BBOOB/imr0AttVu/R6jaNKHEVR5GCP57wz/TT+r", + "3v8EzLa5f7ZD+PTp/Fjw9BMSsIj4Frx/clFYkpGkNl+/wJfPVw6l5HblkGBMPFSXFi5IzNCZHtFKCny0", + "YuqXdcokRub75PE36PsigTSYiH/msijVr1NTXPjIJTupsuoKW6iZqhEF9MeOSyhzBpAiz4kgQz4eC5us", + "gHMcF+rbAQkY/GymZGuZGVh1A4Npuo6Eq3IrBAwW45CNiJddkj6pj2dXrXar/+VS/Oea///p2aezqzP+", + "5/HVyY+tdutL/6r35TOX/T+eHZ+22q1vDCjK8wZFhFn6dDwPS2WybwAmo/BFDgMuxdYqzjrAwZ3KuVYB", + "a5r41qVXGlOZujnpABGmwIwifyjSX0BmPOLGOt+3sIWh2jkjJ9sdQSZO3Ec6ia/6xMQY7WS7kx0oOzLp", + "tY6q8t1hnldMQcUsb3luZxPmdXr3TiGvu4H0+WxCOwlRAPGMGexbpSns2/+9Pknsnz6dA322M2ezr1UK", + "e2alil+ls/xy+WUPfAlRcNxL3lpIwvmdTwbQ75emen8Uz8EWDLFU3baLud5Kgz7+9MnM94YUkAABOoIc", + "X6hLQtQGiGszwsBVOQbJB7lE8s7Ls8OToctX96VkdgmuyGKnIXK5Qi4onO4oBmWuBHJrGciNnB3+Lxko", + "rQvJJuKHEXJFIM4qBE7P+hdn3G46BQ6IqbHBehc64JJh3wcjEpCYH80WUzFcqX65IjODkeKX27UXleoX", + "luUwNA59q9F6pZ4k6jBfQJKXb1JMhlgSflnAbjP9vp6n1Migr/ficcxVl9t5UstLFzRvjnlx6p+NjGu5", + "q0nKAeemOLjrgMs4DEnEKGfkgQcjD6jUbHFDog1oPFBJ6W3Ozh+x77npW1QZ1EPC9VZw8cOJI+Q+hgET", + "04pZo9jnmPeL+lZyZ5kcIO/aaKekj4bMGXNofThAvr4o9o2Z+71tCY93JBKo1HBTcB7uV/DJrZubb25u", + "Ov9O+eXt1n8fZbjn7Z/d9rvdZ+ON7f++uelsf6t+uf1zr/083bAvSyRPqCGTSZ7VXWopQUZsqB6ql42Q", + "hAfaeY0qNbLrzXCBZAhapgWKeEOeMqIHFDljGMA75AEfD5E7cX0k02VoB/RJGPuCOclrgcLfIZgrF6Rf", + "An8i2aDFlXabT6D/WdNnS2XUdMz0kM4jJXscfXYedqEfjuBeq926x4HXOmp98semEEYMekrjVNF3kZ0m", + "MVAnA8uocIhcqypqGqq/GlbGr9KcuNVKtUWT5sdivM+NEON1bvL59V7a+VP8t+c9i82StmpqXJoKsNZJ", + "d/hZUFbIVChqKimTT9lzhhvH0mZQLoWjFuejJFL+0pSa+BHJUKj0gxy1PiAYoQjQe2dC4sjRL3BuH/mt", + "o9aIsZAe7exkmcLOw27GoJQ8NuM4suVs7B1cdb872ts92t3/31Y7Uf6q3sFeGULIyXJKpHL4l4/4/FxB", + "7fbk1A2yb5Ddguy2tJyfy5SWxDbRCrByxiaCS9tMNfErY0TVxsmCniORtBRY8TiFzcTlDABZJLcE+lKs", + "rxJw5/o9A/1nErnCc5FXFYxjUQs2IFITTVEJrgwde2ZtQH+8UQQqeONVqrdZeKRijwljMPAjZW/KdZ8L", + "HCTu/fTF35h28qc+/cS//mznTzJ5aByyKbPIl6bNkGTSlYz2lLqFneRdxzao4oEK5RFl55wvW8AT/LoC", + "IIkC830tkjimbIx4p3pfZlUfhGqQR405VACNe2V1PooIVkWc1tjWHN6sjPWesc8SjKy2y4rRhBwCz7MK", + "C+bON0wWWecbQ3LBcxiGOLijM0iLlCXnhrCRwjyw5Shi9iEqzN2asmqxuuyGX2/49WwacMLP1kEDToAt", + "14ATCijThA0SeQ2NOCPVFqgT53jo4gToGxVfthsU8om+HS3cq6njfqw2Ole1S+nwralqwEoKuGQ35sM6", + "WkQ7PeJs+RNTkLsQf3kuBfdpUrt63CYYvsRg+NPk7UfCQ7HMZZd0Sz15T5NZokab6Pomur6q0fXEI19L", + "djxN+oYHf64IdqioZxO+/iuGr0PDvT5Fr5gzQJ37fOOUtjs5pAQr9WxIKs24NXLhLkcTclm0SzxMueWv", + "t1lmUx73XGLcNbeUF8ZbS1CvcQfVep3drGHEp8m6xBCfJnb3ydPE5jN5mizfUZKx0Zr1kRiqQDGVWgWw", + "pwCYzYmbcnlU3MMFmjKB749BaEuGK0mlqBZX2CtbaQbGwkJ1hL60tG+a/a9j8bZ0fhW+/3MKlOKpDc7z", + "k35fOI8sRxHdiUx8WlFRzFfFd5N3hcYkL7ClSQeJrpkrMmCOWbxAllZRVjqgnmS+W6pVX6dbZbnAxEYo", + "yowgjWT1RTLagBAfQXk5BzMfVezaKGuWiteng2m7eWI70ryeXrnNZTBlL8zNdiHSUglROiitd+ln26vA", + "OFE5qLUo0vy7JwliBg9VpnrTSV/5UdQrQN02MdxM6AFFEzaSbsr1cA+ly3rT7qF0mRqdCvHlM/Pwmr8j", + "Mb0QfgqjvRz+y90tkqrqu4ZTCWIZbHZP8/lJX5tL1kodIXJLVUC+OaUKoFkZ4NDpvnN2v89Uo7VU+SD+", + "THBfEXmbq6o0/2LvBuT5wtUIgQF071HgCcwRlBeBOJJFAbmyla+BX+WcSZHPtq9llan/0h6XsRvu5qrJ", + "r5HPJcHc6ZJyZp+L9fONzyVvt5+7od1kT/UIZ+yGTuLtKFruGY0ja7dn5FnC+X+9zXBu/meG7xostJXw", + "Sf6WyenStOGjHQOEo/1ud6kJ8rZ9eoG/phJtG/TX/GXOfSYnTyqB1sHRk0IrPkiB44ebmVme9tJcPBYj", + "pykXj6m/zWbxJybfFNtzjMfoSrlISkY4752f6T2vabtyVck0LpOsC1sJGPxH1ez8MVcaRBG4lrW02/xG", + "r4arptnbbsURnsVSL193vlhihKvqBml9eDYc+LHUC8HXP4wDV+4QZlaXqKhTIwtJ2OvipFUrhrIQK3oK", + "kctlfFq4ogl/B+eN1q5rMauAMDn/alDlIICyKHZZHKGG3Socdnul6brVULIEbB6KFVMMJpeTBEFAWNqk", + "zl6g5E+bEyVTBCcdRej2MBpgFsFoAgISOLoOEt9hzd9kQwFpRDiyR44ul51tllQtMMKI8DU6Qg3p7r73", + "3h/uDx1v//t3znfw3YED4fs9Z/f7d+/h3vd77/dQt2VLmRLGxkvW/0kMIJZ+jyaOrNsaQhxJZy2R1eNE", + "w4bAAxT5qlL4cb9HO+AnNKFAJMoEhCVl3GQuTG43UPCAIxII7+VRKy0SLe6tceWgpWzRVlYLsC67kuJG", + "MPB8ZONZM3dOqusXTLsZllTusTCzq6s+UA/bM9XyURV8dEmfjKogv7fWQ7LkS5KYqSy5bAe8PwW/ewah", + "D100Ir4nGZ/hpxwQck93/sTecyuf9Nb5Zk7vVSHlSNjZoj6WaFigthhsqd6NSBS6hJ4nimgVm0Buv9Td", + "lS9jpQ9L7GYlGpRVtUJPyI35CyckkORqrcisC7Op0lwiKdHVX0AfJMMkzm45X4VsSs9OpKY3X0Qrt/ZX", + "LKVlg6RWQa1SAj0CH8+u2oCTZRv0r6/aQBJlGwiabANFi23AaVN4m77RiaetTZmtl5XZejVaMqWFsOA7", + "WgX4FcZsJNPoGPJuwX/8F+BHNF/o0TKfS+yK5jx4cpwoNAZaJJE3MTfYGkYIOaIpyD2a7EglINEgt21Y", + "UOoG/jmbmqfx7Qvn5WP4LxI5gq0n3biTnFjtMn3otsHD7nYH/BD7PqD5lD/91m6n2+luyxYsLMVzrqXo", + "ZiER+pfQiWXnqI+qf42qCOCjyGjwPUISOGC0DhdtYXBw5/NnzB1xzBlymNJO4pRB30+dwLpFDh7DO5R3", + "9goml09G/NusjM9GITlvpiVtssSZaRTalOzKVJZyUc2ZGjQmdugjpLpisco/3bq+Otm29mrM+efqVWM2", + "PX2zAuZDytLMjy0yxky02eQvp+HEBoGtV8UcUorvgrRhj4rLbKHfY+hzxEwsEY4b2/N1BKXMWvqqNFYc", + "oZBELA9Uc6FYw7861zHqguWNotezndjYcb83U6yBf7AJXuSd2GJjQmx3ZNsR2e7KNt/d+VuqIma92qpx", + "vsPNDUe2szbb3P+ammrKitKVW4StY1R3aR1pA63iDcsQ0lzKjnNd563EArS9eJtJqEz2jyLmyCwyQ70S", + "t7uSYIR+bHyVNjgMHXWcTrqfuhqMlL2y2lxkFP+2Dmja/ekQHrfUSCh+fb59fs7b/Lmwge40Xqg2QzsD", + "/C8cwY6HHnaowEu6U8Adzqywi3aSmMKywktl7HjuAFOOmTQYUtpQ44YaV4QaZwr6Hfd7axHuE73ds4E+", + "TXKZeVM6XFrA77jfqxvrM4J8KuxXGuvLlaWv8sCUOl4y/SDq+0jrlTa3uUT7xs3xrMfzpT4O2xZdIjdC", + "rCqZdNYsaCpGzEDeJ5TdRejyn5+AyI7ixzeQ16MpfSSRl09W3Dt4YaqkBGLp12hP9cL61oU1dJc2yanP", + "69xizdJ1skUZ4VYUCtxoErI8oDQO9yO670b77D9MS6T8QKZ15q/O2BIQT8M/LoibxME2wEPTfMWB68ee", + "6Bq8Qc9FoeeM1Y/M819cstKl5kkWxVKftpOctiGzcqy5BqJkdUzbjmuVJ0ODs2kcitTXQelQoCbukty1", + "MnUyGRCS01qa+lGQgk1lG1nRWyrIogclkm0sLaj25fJqp399BXYkr6CJk6QDvvLpOgKNvmrvc4RYHAXI", + "+zugCIFyqpL3n8TUO9LeA8oCAAPiYZRvuP12CG+Khb3rdA8zfW2F9VyE0WYm576dRsuzk2cprRXJ6FVo", + "JpHcmU2e/nXiR5T2mHYnzkF8ybwzUuEFYhFGD7ardR/PUuoTtnVCgkqTwMEd8JDSrzJU+WaJqEx6bWhr", + "wfJohemKE3+PofFqKGwvkwJ2H2o9TC04Szca3WpodHbptKxI1xcV08WBvI0unElgDCfgAUaTvxv2qjLd", + "uUaHDHvVAyMUIXtorDkddUpz83ptvpW0NGXfoS2/XL9XmoinXuiAH0jE/4gjzCbysm8qZuUW8/3ScXPR", + "nf8BRROxy8nFOEzZ37mGLCQ9gDqlQu36YAKwKMFFBiJ3lH+SinUxU+2CVDmO+NJW7s+lx2Xn8IX97Ml0", + "lCStkulANu2Az4TJ7uex74MsnotOnD7YCgj4KgJFXwGJboKvadTpq7pJWJGikY9/F7SA+TMWLuEYAUiz", + "aQhgR5+oTL/NuD5sLLw6A6AR8OsV47iMB8nqpFlY2uoahrhX4to3u9AbyRO9U9FdFxa7dLvvh3uDdxA5", + "u3v7B87hu+++d97Dget4aNjlP/FfbNskkmOliLLCkj7OwCQu5J+ihz6JGPR3Lq8utzsgSfgX+WBpXiig", + "xp7YMvvbrQEWqXQnopgHimygfMAq2069k4FHE0VbJh4F0J8w7FLAIuje4+Buu2pW88iqZjaX0cDs1KBz", + "XXXh+OSq9/OZIYGTH3qfk39enP385aezU6sWa8LY96F1PeZ6QejDAFxf907lbWjIOI8dYyZ4zQAnGY6p", + "udVpTZlX1KO13QeBv8cou4uyQzOfWWB98KDqW4MtTWp/B8r7DSkYQToSvtS8A3wgi3w7cODu7u0/Tf6Y", + "Sr2S9mxwTyPqmsLVIihNKqidCG1OnUxbq/7tZQ4VpnAjddb8zSzLPPlyfn52cdI7/mQ7ePQU4mhyhfN5", + "4YLR7u45+7tXe/tHh++PDt/XlxMcKT8XUs0/Et9rkJAyWm3y2DI6Cb8E/4wJgxcIuqPMPDJFNhlG/mkp", + "0jOKCGM++sQp60SjSPLZbrfbtV7dMz+7DjAzTdlzzGX2jySOWu3WKZy02q1zEsirBOm61PMpsUW93bc1", + "0KgR/OcDzUcD/MuX0UE58DkSKKBCRiWqh8lZ8qj3jTLyJOsu0aEqSaaCQirJoRbu18XumuhcrbjNm1aZ", + "P3Ppmq/L+xo5xXU9kDr8ZcYTKKe4RAWerpg2rDMuTh+0jTwH55iLC9TBq0UpkI2rhVs6ECbj5yRQwa6/", + "iyLVfeX+ckQqFEl9AsJx8IQpy58R3Z5qKDbBb6bwmpcekW36ayOdLncfQD1JSjNlS6ZtKfcJg9EdYty4", + "jNAQRShwhX1JAqT8atnb+H7r9rn9Z65zxLB1+3yb9yKMCNcWHiOcry8HY0YKteXUZRoKRuRR+DN+JJQB", + "mXoIMFWWr7pToSo36bs1OqWwA77ysb8CD/mIExGVZZ8iAYX64Cx4IJM2eBxhd6SeqHs75owx1Xfg9ODA", + "9WPKUCSG7ICvYxjE0P8KPEzhwEcU8KnHkGHXmI9bUvJCPeX/9bGLc6XrVIxJ1+CUWyPHthKp0JWK/UrU", + "yfEFQhBGSFznR14C/am43l9W60LkXxYScnCEXJZgz/XFJ0Fr4qqvrsQnoE1VTlWOJYyI56jvjg673e4O", + "DPHOw55pBMi6DjMguL2+KVzdqqdVizGOw3KYscAoA/MyhJu9Yc0ZFYmlze4T6IEB9GHgCgaIGBOdWfKU", + "OYAU9a1Zi2m3E1mPIGl6ggIvJDhgVHpjMU2hU/fo1Blvd8Cx7+tsBJrcuk5eF3fqRvABqWukarIQBR7y", + "OtlUyQRtXlgpw5zfMynBqKA2cfQrzu78VRdLcv3UKU2zdjR6XKnXjap+FV52TaGSk9McgjwifDdSFXOz", + "CFJeMtfKDz4YjGBL8FVZdTNiQki35VG6ZIyorNqp0Wx7Go9wdgWXmMoe2i25GEv9XPG7ZY2mh05JILDb", + "7WZA+r4rjhuPOUfQhy3/stjmhfo09nb2Yxz05ObuTqkGoO5lpgd9W8E4rlJEKt5tI4W6qHxDEszXNFn0", + "95Mg4PMUBj2RD4Repsb3Ev1Bkv1N65DetMR/u90xvWllT/uQ5ss6eN9uqcYZ2/+9Nab/pv8e/3u0/bd6", + "wuBn6GNPzH8WRcRS2FvEkooL+UGEmNgIMjCE2JcBITVS1qEYIrej76BYA52UwrvpqaGIgwf02+YMJ6pk", + "b6F1lCAnVxSj4exW/VpvX35Bgw8RuUfRcYjrR0XNrza3CvPJC5k9taYwUEbce4dF8lpK/iYT9P2TEQwC", + "VVaHBL+5CTn9hpXJbbYweG6rl2gshVvxoax2U3zILVgBqwHdPRzeQ8eLsLxem1MBxNuivbx8T/7g7B69", + "774Xm2D+uid/vU33WzwW5q2xxDDCbsJR+CJ+iIgwTBgJsas3rKNeS5a7oD1pq9pA6IqUw/CcbZSfOdHy", + "O2eX/DVwJV8DCaIAef0sQi4Sm56exSMaUOLeI+YkD5OtTJ4ts1ylBXVfcJnQJJXjBO3LG2n1I8KIS3ww", + "Rh6W4qRQs4dbMr4PEvzKY7Add+qyO1kL5GNE4rBVwLH5BzFwca5BpvH2DwmR50pASkEDJL0CSfRZXaCw", + "gXYV+kNmhEJl8hxTsXW4Nq2z2sVFstOmo2g1Y0AIoyyCoboFQrezmZkv5Wf5vgbV26Kv32W3pW4FDvW1", + "sVW3U45dEZRN7x1cCt6h6cRmK/7EgQOC/xmtSwsqoMmw6yLvifxMJmiVc/Q1p8qcJKk9hvxIb8402s7u", + "pU0Xzyn2cm9kRUFB/sru0ucNEuwoHLcShvk5TExhRE2AssNn1WVTmE5DfznpNFy3Xx3LKVN1j8AijDKq", + "Ut1xFN/N6TtllRJrU48i60ItxXMYcsO+QN3Sih9gT7jmVBlYYdxxLDCIfeseiS4amivo+i5jHJig7lrO", + "orTrSOOdcDM6yIwNcUv74a5PN1yR9vKWG53wBS77bmS1Zt58KxVT169vaqtv5ulQKhfy8t6kFq1chlPB", + "g9Exg+6oHhdJoTc5f+4CvirjMHU4NZpE1aRwq0b3Qg/RbEOLkuPp3Nw4JYdDYeANyNPMoKnvrHCpZ87L", + "4csXBeWbaI0i1GmhkbqsDANTyTlDaE0TvqbaU7xJxX8266sWEGGG0qzcvAtDf9JAadXqFWWUsBpalcTL", + "olaVCmNGpJSdU6tSumQ6fC6ItgCd6sLgUmUGhMabuaxGPUHRYKzyfLzcbDxO3kzhN8aqbd4l8Bcsu9Q7", + "M4t1N/1AGr8cv3FXbtyVr+6u/KsUXMoQW2byHBku7aZcwYRuqvoSlxDxYKZClcknm6CShUvzrSlj0XeY", + "jeKBgx744ou18RLmZVa1u7z+oDukHLUwpTHK1azLvBDGvv9bEgnmSzP4SWb6cn7yEbMf4wE4E6+1lhe0", + "sOzOy4IWWSxtVhi//WP+CzF7dZh5Tp+c8TLZ/IiQ++N+bxFMvk7obkqcrq07vcgKzwLHxIZ2bBE8ZQP9", + "5iGfaxmTGsu/jAcCI02HrjGSUli8+Ucy84bnHyUOXjzOc+lBlcaDjvWlaO34TbPdcmlhIYoc/ZIq3p90", + "Q9kcVXNHlX2xnJxk1Xx1elVUM0f7myQJMjvuIvwuJnN6YRDHzpCaCcEYNFQIvvQNysg63+/RRHI1M6zS", + "AWfQHQEVcIGZZ9JZLVKxaVVXIphEeKyNUpYXknlEkI2EtbcJxkwNxrTFV/dooqISm7hMeVwmX7t5IcGY", + "TTBlE0xpMphyWy7jVGEibtxma53mKt7OQJay3Xsiq1URlC3Rrp4R4KEIi0sTCODxOGZpQ03qx7LOhHFf", + "XppuCtipxPay4q8lW1J28dNIoc4YU3wMveo7FKBIOGtUUZ1h7PvWtnSqTrW10W46SuhDLNOuMzWath5H", + "FLm/6csu34J3B2CEnrgwjuh25ya40NcQ0RN0mbiJ6CLw//+//58sTQEw44chkhiRPwGQ8l/EDZeAMNk5", + "SlxNFIcF7yAO8s2cJAS7cG+w7x54h+jd8Dv4/eC92/V20d5wHx4MDt133nfo++F72B3sunvePjoYHsJ3", + "g+/c7733qDvk31bXRqhRoqjdejRPsaYZKl/uBUNSQBo1e5oxnxzVVBQS41lSHKU1qwqtgB/Pj0/Uacq2", + "XOkZlxTg6sxW6Oid09292u0edWcrdDQzyU+h3LpXny4+ORQOJTcAWwmLaAPBQKC+aaVbt8maL0iTyI6H", + "fMRQjo0oR9FjOTDFK63QZfgBCbfqA7nP6zDJ09mqNs11Fs/TEK26noVR3ayWpWShiRfWDWu3GGHQP6lX", + "tU1ura65lgqSnJKzZ73SVBSUulyb6OSY3BvErr6HKZYtqg/wX1PgR4yF0sGKFR2Lbr7yepHyTv5y+WVP", + "qKH6Jje4QnBcNMUuzi6vxHt8McK1rzoGZxVxqkvEFcdVvfok11XdqluWBn7nIm4gzAq5X6mzs9t5L/2z", + "JEQBV12PWvudbme/ZTQ23XE53gjXptyqO5tMukhq1/m+KkwArj5dAvNj4MZRhAIua3wCvbQloPGSFD6d", + "m+BqhCjKfs5tD0HxQ9mDUPWc/vHqqn+ZuVGqwpiqUnTSMqfnKU/CibmitCGMWN1et5v06pGoadRs2PkX", + "lTo4TfqPV5GNMU+GHgUK2R0cmc1+brcOGwRH3CurAqIXcMUU+rodgbjpJSkmHo9hNNGAGofsZveSwTsR", + "yjaWbiAgZ5hPjqAqGLORExFfhIhb0BuLwhyqyQ6KRIQ7JJTZLv+Le5AQBOgxj2Ngq392DiQH3dZ36DWh", + "CFFqvoypRkRvEsAxdqHvT4RDgcSifCiDEdOX5fUoBYyS8BgLbrV1z6IPxJvUOD4jNGOA1zpqOfx/H84+", + "9j6Dk7OLq94PvZPjqzPx601w3uud/s/Vycnx/S93x4+9D8d3vX8c//Spe/3x2/HFT+xf58fdjyeXv3+8", + "7A32T/959uHk8fr4/Oz66eSP4398uPv8803Q6XRuAjHa2edTywxpzGU8ceR5O67058+K/3KTkqBpVqUS", + "sckCHe4ugg6r0N/E2ThUmJFR0p/brYPlEqS4y5lBWqUerCJvyFCmmyGIBvnCczsrk3YixKeVDmQbwzgX", + "JSf8CWARvrtDsoWrgJSrFpyVmVJG+MdE1VHsIzqhskxrjpUUmMAFyjGBFwuWGpalOZ1akurue3l6mXT7", + "nGpmzqG3fZgwm5te6m0D/lDvrQIqJyZSlW1v9/D9+1p6WxW9GsvPE+zKUUmCjgoJm5SgFuoQPffESXEr", + "yNaciP8OYJbJaCLIys4RDO6E2NR+/pfITTlxVm6m7bdFhkBuc0+1c9MEVfiPxNIyl/MPu+j7g27XQXvv", + "B87BrnfgwO923zkHB+/eHR4eHHRlUQYciJZSogmZzj/wWnnZZMq7vCF22yiZywJYMy+j6i6/lV2oLVsw", + "s5iRiBOgijL3YHkkbAIUEAaGJA68lWQkNspthoH4/tgJI/KAPRQ5DI1Dv9L4EzbBp0/nQH8Dkm9AhO4w", + "ZShKrT3FENpJwN6fcFkr3xlMZOTRard9+nTeVzNcJUBNYRo/iJFFR271CVBurGJC95cQBcc9zRZ+j1E0", + "SflC1qO+LIbgFsqq7lvL1c8ow80jreUBsmx9ncB5uaFrR5fVNnlLYE5Jjr+gtwnofZqF+Mps3mNPq9VW", + "GAqW7rGB7SpGL6sP6uLdgvHLGvroif8oAmzjnCPanKxIkrL0sg0zZjWA6x2mZabUoMzU1tyZwLHf0MBL", + "tVStZGYhIisSKJf/ipis2YqMaU0iVaVoW0L2fomCnQRDH7sMOClpiuQRCscq3Aj9CEFvIgttriYzkkRX", + "xQya5EflykBtuyIoYVkFE6PEQLDzl0qZr2rlhfHAx65ZMk+ZDybbtNgOwhmO18A6SACtp//bz8GqdC9D", + "858BnGXbAHbQ1sMaCBbPFdp2M+AjYuXkPpgAzCjonRbp/COyafYfJqKVxXyErrOQyrZiJYl9dsWgYaVn", + "FiplEPt0Q5g1CJOTRTlNeA2bD7E1Yiba6MIgrSBuByhrodtCXR5cuESWrqiFEulfyDbproZtYvUvrrht", + "suFrU6J99bjKIu2RGXyS87oi2zqzug1U8mwbSF24DUgERJL0VHflDG7KzB5OcVUmm/lCn2W7JjjGvcZ8", + "Yrlt+vT1l0+t9n5HMX/jYkdWOORASIvHzAVC7kpGnIldmrcZ7LMn36STT70UMffZcEQspMbLzVGZ59Yz", + "Up+9nkN7z+bQzhD4rB7qTOWbBbQ4refVXiNndqkPu+HUrTI3dsF7nTJA5b0WrVMI4BgSQVfd+lLGJpUd", + "ZttG0/skGzBp7tAGHGyud7rqhhMU5y0YS0T87D2nGs7uxTu5M2jcuDZZMnq1aoID8H8fn3/igu8fl18+", + "62SkV3KR5+h8CuzaPS4vLkqGu/GVT/WVJ7wg7ysPvOTO2Tr7zV/M+ixa6bzO8Tl84jUt76LJndsD49oO", + "JXuO1BucMKdfrrAzvATsOVzjq+ERXz1H+Dr6vxug7hm83bWd3DM4t98C5c4pzxeh6dSguxVwba+ZR1s4", + "ss1Ooc3aEvP4tGd2Za8bOf4FTI9r5TTO7fCruLxnYyKr6+7e8LW5PdoLsxR2VKfOKd5sXQSHv2nL0JvK", + "83JO6eN+7yc+aT3GJ7vU2phepk+xBm79FRO5PXUvbuqD2dBXtd7AkcfP7ZkNmRvQIlSt4iqH5EdVI0D5", + "BRRAcxFXwUEo8acR6tKlDMRDBeBaqxpyb/I1Zl6mYJSNudQE3jwQ5QSjcW0ds3ZXgr29jkN0y4vlJJIQ", + "Za8q8UjGHbgGsb36HtAKTtcs552i8ez8CUP8ExIh6kqP6YUoucJhVaB3wJfARUCVYmkDzIALAxAQ4JPg", + "jhulqloEI2boByW9gm2XePlYzbPw5bDqQqCY76lRDk6ct1DV+CozMCXp3bplvBWe9KRWTEfj5+bWZrgK", + "YzYMtwbDJVGCOautWhbYw1J0ymrHlIZExqp1wRRVwSugDKkKBDEjjtLwuAwhAarhrnqTrMmS+rl41rQo", + "7VYeWZO6bX7EpaZ/zq7ZrpQTTJ3z+rDYjXo7r/NuJXXbnbQgYXmlmovknYwT8iVuiXTIt6/XJhv8NgRI", + "cnQNu0js4664MIkI27hJ3p7WnvC712DaT7hmURP+4itdH3jCaPbLA08TkE39f72LA0+T17k18DRZySsD", + "K3FhgJ/JW7stoGl5hrsCT5NXvyjwhNek5o1iQzk+/DRZ+A2Bp4n9egBncfXvBqQJ33nWnd4ZyN4PmOE6", + "wNNkoXcBcmjaZDZO6dBl+sXTZHWuABTItwrqTfL/vMn/T5M3mPkvSLYxZpZTKWfP/n+azJj6/zR5abqi", + "GCF/w97RD9aj8k0C7kxJ/kJyvG6GfxkIr2Q1Pk3WLbe/WfqtleH/NKmV3v80aSK3f9Wpcx7p3Li6Mo3A", + "XjWPf+Vpykjil6gd53GyYX1/tix+qWnWTuFfE4H4pm2EXLp+YhYtM1d/JhaxydJfO65VxTAWrdK/PE2/", + "BlMzPL+TBhL0nybTs/PXSrtYr6z8tdACaqTkv5y4mkrGr0FCWd/cy2Pdkoam5uCvi8awyb3f5N6/iIlt", + "MpMaT7xvlL9W6i4rm3DfDKdeLEd+WYr902STX79hqilTfTPJ9U1rh6+TVv+WGJA9kX6RDGiTRb/Jol81", + "RrpRVJtNoX8lLbX51PkaToR83vzbUk/LMuXXUUJs0uQ3afJvWvmekiPfOFceu2G97Pjzk36/8eR4Eqm8", + "aXtsJJ2zflb8+Uk/mxVfrKd/Lt/qm7y4+Zz4FJDl5sSn85bnxKMHFE3YiI/1NvPiF52ZfmjLTB+7YX/G", + "5HSF4a+YnG7Q2Ernpmd4geaACRkvLjVdn1A+M70kEqVfX1CWuBVfmlGEpgy91OhOCVkUUSg5nU0/1Lpp", + "3inNvKFUb4PsGuMNOfVohkzvBCvrJnob4L+otVq65qTbaecmq3ikot/hizP1kBXOAbdDXS8VPDmNV8sE", + "r4Zg2XZRAs165IEvhLars8CTHapOAtevvah7aZ5y14Ve5xHfjasnU4jtdZLC14S+OK5nEN1rWLGumQOe", + "wFAvBXwholI66pdKen8x26D7irbBph/pW+BXFayjaa0/QpQ5MMRTXKIXiLLjfm+JDlE9Y3136HG/V+4I", + "vUBQ3IYXqznu9xbnDOVgLNcNymcsd4BGcuWOj0WJi7fZTbRZk0zTQy2/pkJUmyezpjN1YQ7PhIZW2t1p", + "ULpmbfwngdYL83WqSWu6OvUZL0abUaM3o78UBluqNzMhhiJO6B3fuC/rui/5br0hx2VKRE2ReUaBqe20", + "TGi/rssyBfxFZphiN3ZfpSmlRa7Kmngry+Cu56/UJ/Fq7spKAJZtnWhg1sRZ2Tw9V7kqE6qtdlSqt17k", + "pxySSBPs+pBpPancgGZRTUav44dcD8rheGxisdesxlvTCakhqOeDbFb22Z2PCyaqN6iwd5epsG98im+A", + "95QzgoXq43PXlqjNpvj3sxWUmMakkqoS6ka8gOhN6AFrUmRifaR5VYmJl5PWC2tLlJEQuFKVHjAFEOzv", + "OYMJQyCCgZfcN0SBSzzp4h+hJ+ghF4+h3wZhhIb4CXnSLfEVhjj87WsHXFOUENBPaCLry04ACUyyUqwa", + "ARy4ZMwZkL5ALUdjI0zFfewSH9xM91Sm0bit6sW6ayWbAhibAhhvicFW1ZdolLlWqC0rWFaiUT4owXsV", + "Ljhb0YlpYG2qT2w42spztAKTaFRBXHZ5icYY0cqxHOnxeBWWs6k3sak3sVzWyTdobW4Nl/IzriOm9/89", + "ydiWryI2VtOh0ngPI/SASUy1Fa+VAxhw1Ap96GoTXW5MAzZ+RSGJt2OYz15o4k3JiE3FiU3FibemcJcV", + "mWjcgUCRGyFWHue40FEFmHiMoe8DykjEsUx+3QEXiMVRQNUPBp+UXlISs5uAcyPoslisXbwmOLr0PFPk", + "xhFmExDGUUgoojLaWgyaXCqAF0h1coq68Qa1B0n8xUZ7u8vDr+uAnzuJ8B/IA06+jVrCulY6tZYmZ6wx", + "XZ16fUQvjz1cctSlSsVQiIgCN5qEoiMZA1xhkgqLeto7BeOYMuH6EupA5ybgj5UVSo3PY8pVIiaUHcyX", + "pZ/xzU86wg7QkEQIhCiimDIUuMiG7dKRKFe+oBReOfgCriNVDtyQF17pL7L+h/ScCwATfLpM6FB61uVd", + "Baliy3T5n9UNhqPWnVJUufYT+pANSTTuPFKy13HJeOdhF/rhCO612q17HPDDSY5ljBj0IBM7om9jQAYH", + "kCInhJQ+kkhQGw2RW0TGPqHsLkKX//wExhAHQH8Kkk/bmcsdR61T/UbfHDxJMFQbccxaR6297t47p7vr", + "dA+vdrtH+92jbvd/uVrnWWFst5StWf7tszi7F2CAPGOJ2NImsvEK+elqREM+wNTsdcAYU0HgJAJY6ThD", + "jHyPrjCbf600cMU80yBp73Qlc7+BY/JoqZhWhXSopvwXyCZD85qa/91H0Rjyhfq6OgEXXmp3k1xwTc9c", + "cGEqY+QjGHnqE3EMN0HAjUCXPKBoAsbIHcEA07GUdYns4d9iD41Dwk8EOHIE0ZIVBCRwxNmhgN0ECoZI", + "6X4H3QObGJOJt4YYK2ptVvK35TaDrYAAhSvbK01zBzMKsIAwRxokWRGm9oIgKmwWsfmmEEvy01vqNLI2", + "V2rnpEKCz/WbMn7q8/Opu3NZPf+q0HoiYTmlxxEqSxNvgszb1TYVVf1vBfNJiTqjeyY6pnrN1DFvApty", + "6Y64IqFUzAGSGSucQpHXAT1pvumXqdgFwMhNoMYXzETO3QYQHHa7aueEv04Oo310wkjFLlA4aCP+j4hV", + "Uv4MFKIvTJSpeMr+gv5b1PGSJbVoHO5HdN+N9tl/rJ/qp1Hfq+AgqSFtkMf6mNVL9WetC9NF1QqW4WVq", + "hu/W8ekXfFWpT1zVlOT/fMoyHE6hNBSRit6pQZZhRLyON+hwCu9keAKWTvYM1xK/ZQewMJTnhrL2KkLs", + "NBPKMVV2qewK6KRASv7MeDxugtTl4cZRxFXGCtdHG6AADnzV4J+MIePyA99JzL0JGOHzoEimpHpxlBZp", + "px3wxfcMd5tgptyegAMfgQcMld/FlIM2mSRX/tf0q8wqdJVcKBW6SWeLjVdlVtG6e3Rw+ApelZVIKJjq", + "VZHotBHy6yTkp3lRdBJEcx6UeJDAxdlLUOO6jvkNEN8A+ACxL2RInUs7l8YAfTHnIiNRuclqx6QKq1zd", + "gI8F1sVXVEk8eoXZARtBBjw0xAGiQMRgfTzGTBrrUDBNwERkc6jyj8wxaNk9kPxRLkrzyE2jC8G8yg2I", + "PDCVTK5wEDqm84rC6dX856t9s6FANA1fxiwy9p0/+X96NSulFIm6bs0UC5XmTEmLRSZBe2Ge/oHFEV5Y", + "hvKJL10D+bwepT0WiZcVRT5E/EWWkBD5MRb8q67+8XpY110RXv9aFTg+r/xd3RJsEr6j5VfhKMJSrx7H", + "UjF88VpV4RLB88pSlvbgbCjLbosuUZWZYp5mXq1bpva432sDYzOnFqi9zAA0U5Xa3inYMoqm9k75XLK1", + "4nZJkVQYYkHBlcnr9g+TJc03QEV51uOTq97PZ612q/c5+efF2c9ffjo7XUSR1rq0PY9xvyZ2/TJMerWV", + "AyGwjA0QN5Vr12UpGutLMNRXxkivLVr+yrY5cLJSY50KmtIsYi9M0u38af45l90+j8leS63MQrZgs/21", + "LPYMEMH6me+rYLnXN9qXj3fd1+X/r2WvrxFaW4z3FbHbZzfZl4Lfi9WxXs1kr43Or2WprxFNWc32hvWY", + "RzQYROQeRTX6y/yCBh/Eu800mZliuqezccBqm+7JZ9WtZi4Zce/BVSQbzmQ+WlzXmSxsy+0/88ZaYM/U", + "/cVEpXotYPaX2gImQ1irfVk1C2rKi7KovbCOMOb0+bYw2YcqM5KCAfZwhFzJkQBlEYKisOUAsUeEAv7V", + "JXHvEQOuj/nOidSHn+DwHgLJGlXtyxBFjkuCQI4FMCW+OI8yt0oG6xYj8s0pmkm5tI+4VBdNllqL+Jo5", + "5k2jmrpenCyFvqGWNSY+NM2RiipS/Q42GTyt698xkb+JPr7ZXSjtbEO5OuQwqQ45mRWvQX+baujrdbnJ", + "nNartbqZDsWy7aUMRGviWlskR6hsf5PZrGqHWmOErhvhZFa3bvQ9gz7QlHZTg/xex+u3RhTHsb6A896S", + "hPD8bSuyUNXJgzcX2UQXi4JYtvazeDMkvCY9LbKnss6dLQoerRcT5Ev7XFTS3Jp2u8hxhcaZgq3O5vJ5", + "wqYJxqYJxmtVsKzgyK/jR9nyYjmJJEgSiU3jj9K729tr1qljocJimvK2gs07FsnWl8q+Z+vekQFNA7Vp", + "27HhwWukFReYxHLU4WV39fjLcaik8sYSOdSmy8emy8drctqyfh8bxfel7UhWTOttrh/JdCfLanUl+Qtq", + "2slJvwlZtulGsulG0qx0W5v2JMuQHzQe1MvLvYwHzSTlin1/YnWyc9WcM6XmXsaD6rzcXxBkIxQZ7y40", + "HVfDs9xcXGNitd87itWns+88yp1w0APH6RJA1OeLSQo28nnfalqwxOF6OcGHy84J1gS26gnBKSMwWKBG", + "8EWmAsuJ83nA5cE6ddoLy8WV4zeWiJsfbtlZuJo4rKJc7f0m/3aG/FtNE28r+TahquaoP6f+zJRzqxBz", + "hoTbZAEvNT71qkvTbLVMT9e2Btm1VqBrJ9Wq43jNjNoqEF7BCFLgrE8u7QIIfFoWrdqjqSm08r2m8mfV", + "otaEautK70a0kGmk9WqpsmtBTSpP1sBqr2ltuebV+BSKevfiFyQeZbxgmYT2RhX+7rIV/pUK3q2kk3Mt", + "OFIVa1i4Kv+izH0NT820fbmkhnL2DQ42PWF/DdWG9cnT1yex7kn6qZP7ZSTXQHp+CWGtb25+QvrNUv7U", + "rPz1UmM2yfibZPyXsd1NQlKTmfgLkAiVOthqJuAvgHcvg0e/IONeQ7TJuN8w2pTg1yhNpjTzfjE67ivk", + "3L9xpmRJsl84U9ok2W+S7FeOuW4U2sYy7F9Vm200sb7KPbJyWfVvXn22ptGvrbTapNFv0ujftnFQnkO/", + "LAmhWumXhpwuEIujgALdjF1C6PsAugw/IPDj+fGJ7sffAX0fYpF6LZk3BTBCIEB8A3Dg+rGHvCkhKdUG", + "er0Y9IJzVkaE3Mt9qd0eSjXT3goICPWZbG8iUpV52yYqN0+IddK4dSyKcts8moSM3EUwHGFX3E+hyI0j", + "TXEjGHFhILvCbw1JNIbsCHx9HFHk/vYVfAveHXB9CbgjGNHtm0Dnc93hB1XdWWV1SU0tS7dSWeOEjzzw", + "zTckcNE332gVT2M6V+NuAknclBF1uSYZKQ1oKSAhFX99lX9+BQl9J/4H/vwm+KqIczSGrsP38qsOhVnj", + "X4+SPoC4EAIovgsgiyNEZRZNZQzsUvegXzdWs5CsnZTLNBv1mjL0stP3bbBU9MWQuKvldFb9krSTIPQQ", + "I5+bI74vuB0MQwS53AMwmIBhzLFShbwjcIdYQkid13ZA/DVDZseaManAOTLvHmTuG6hkWEyBuhW1ghkV", + "mSQGQ5ItVpBVqZQ7f8p/TI2g9VE0hnxT/AmI0Jg8IGrIjQ44084Hzeo95OMHFGHxHmQqmsbPJzlR3wd4", + "PEYehgz5E2GVpLIBpPbK1PsP6ygjKv0FaouSyxgZgO4wG8UDR220HZj0VBfQNk8Ct0J3ErRFqbZtra4n", + "CNgNXvA6pF/T3SjcgSbhK7Uw9Q/6E0MOkwBJ8Uv8RA2mjIT0JtDUHdwZ6qDJDuSHnFGmeq+p8XJ916Ld", + "xgEKhFaOPJtyafE0vmHmUeJrXCoD6b66XmhzyqXYlWiGGpOzmiG8gzjobPjaTI6yLbnl20tichwMbnZj", + "NhGUK747jtmodfTrLUdJCbWNrD8RF/pAjSZmbrfiyG8dtUaMhUc7Oz5/YUQoO3rffd/dgSHeGSdg7jzs", + "Qj8cwb1WkSJPiXuPop2f4gGKAsQQNSoW5Ce5kwEZhx9mRHwfRVNmu032Lz/tycX1KUh4ntSKdbM9mpK3", + "rf9ecQ22wc5P+v2IPGFkjHZ+0gf8x0n1cPKhTmi4+nQJXBRxNuoKdwof/cerq/4liEPZ6wpwBXKocDqd", + "7iT9anb4P30657A+YA9F4AqNQ58Pk/GVGyuzv/2ySWvNNe8UT5Np4087JdvgqcNXjaV+yIx0+/x/AgAA", + "//+N0nPyuVsCAA==", } // GetSwagger returns the content of the embedded swagger specification file diff --git a/gateway/gateway-controller/pkg/config/api_validator.go b/gateway/gateway-controller/pkg/config/api_validator.go index 953ae99990..816396d3fa 100644 --- a/gateway/gateway-controller/pkg/config/api_validator.go +++ b/gateway/gateway-controller/pkg/config/api_validator.go @@ -96,10 +96,10 @@ func (v *APIValidator) validateRestAPIConfiguration(config *api.RestAPI) []Valid } // Validate version - if config.ApiVersion != api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1 { + if config.ApiVersion != api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2 { errors = append(errors, ValidationError{ Field: "version", - Message: "Unsupported API version (must be 'gateway.api-platform.wso2.com/v1alpha1')", + Message: "Unsupported API version (must be 'gateway.api-platform.wso2.com/v1alpha2')", }) } @@ -131,10 +131,10 @@ func (v *APIValidator) validateWebSubAPIConfiguration(config *api.WebSubAPI) []V } // Validate version - if config.ApiVersion != api.WebSubAPIApiVersionGatewayApiPlatformWso2Comv1alpha1 { + if config.ApiVersion != api.WebSubAPIApiVersionGatewayApiPlatformWso2Comv1alpha2 { errors = append(errors, ValidationError{ Field: "version", - Message: "Unsupported API version (must be 'gateway.api-platform.wso2.com/v1alpha1')", + Message: "Unsupported API version (must be 'gateway.api-platform.wso2.com/v1alpha2')", }) } diff --git a/gateway/gateway-controller/pkg/config/api_validator_test.go b/gateway/gateway-controller/pkg/config/api_validator_test.go index 04a38e8b94..63503ee7cd 100644 --- a/gateway/gateway-controller/pkg/config/api_validator_test.go +++ b/gateway/gateway-controller/pkg/config/api_validator_test.go @@ -93,7 +93,7 @@ func TestAPIValidator_ValidateAPIVersion(t *testing.T) { }{ { name: "Valid API version", - apiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1, + apiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2, wantError: false, }, { @@ -663,7 +663,7 @@ func TestAPIValidator_ValidatePathParametersForAsyncAPIs(t *testing.T) { func createValidRestAPIConfig() *api.RestAPI { return &api.RestAPI{ - ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.RestAPIKindRestApi, Metadata: api.Metadata{ Name: "test-api", @@ -689,7 +689,7 @@ func createValidRestAPIConfig() *api.RestAPI { func createValidWebSubAPIConfig() *api.WebSubAPI { return &api.WebSubAPI{ - ApiVersion: api.WebSubAPIApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.WebSubAPIApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.WebSubAPIKindWebSubApi, Metadata: api.Metadata{ Name: "test-websub", diff --git a/gateway/gateway-controller/pkg/config/label_validation_test.go b/gateway/gateway-controller/pkg/config/label_validation_test.go index 086be131aa..f69b763acc 100644 --- a/gateway/gateway-controller/pkg/config/label_validation_test.go +++ b/gateway/gateway-controller/pkg/config/label_validation_test.go @@ -30,7 +30,7 @@ func TestLabelValidationForAllTypes(t *testing.T) { t.Run("LlmProvider with invalid labels", func(t *testing.T) { validator := NewLLMValidator() provider := api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: api.LLMProviderConfigurationKindLlmProvider, Metadata: api.Metadata{ Name: "test-provider", @@ -71,7 +71,7 @@ func TestLabelValidationForAllTypes(t *testing.T) { t.Run("LlmProvider with valid labels", func(t *testing.T) { validator := NewLLMValidator() provider := api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: api.LLMProviderConfigurationKindLlmProvider, Metadata: api.Metadata{ Name: "test-provider", @@ -112,7 +112,7 @@ func TestLabelValidationForAllTypes(t *testing.T) { t.Run("LlmProxy with invalid labels", func(t *testing.T) { validator := NewLLMValidator() proxy := api.LLMProxyConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: api.LLMProxyConfigurationKindLlmProxy, Metadata: api.Metadata{ Name: "test-proxy", @@ -148,7 +148,7 @@ func TestLabelValidationForAllTypes(t *testing.T) { t.Run("MCPProxyConfiguration with invalid labels", func(t *testing.T) { validator := NewMCPValidator() mcp := api.MCPProxyConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "Mcp", Metadata: api.Metadata{ Name: "test-mcp", @@ -184,7 +184,7 @@ func TestLabelValidationForAllTypes(t *testing.T) { t.Run("MCPProxyConfiguration with valid labels", func(t *testing.T) { validator := NewMCPValidator() mcp := api.MCPProxyConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "Mcp", Metadata: api.Metadata{ Name: "test-mcp", diff --git a/gateway/gateway-controller/pkg/config/llm_parser_test.go b/gateway/gateway-controller/pkg/config/llm_parser_test.go index 9c1caee698..fdf7578056 100644 --- a/gateway/gateway-controller/pkg/config/llm_parser_test.go +++ b/gateway/gateway-controller/pkg/config/llm_parser_test.go @@ -37,7 +37,7 @@ func TestParseLLMProviderTemplate_YAML_Valid(t *testing.T) { { name: "full template with all fields", yaml: ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: openai @@ -67,7 +67,7 @@ spec: { name: "minimal template with only required fields", yaml: ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: minimal-template @@ -85,7 +85,7 @@ spec: { name: "template with header location", yaml: ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: minimal-template @@ -109,7 +109,7 @@ spec: { name: "template with partial fields", yaml: ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: anthropic @@ -142,7 +142,7 @@ spec: require.NoError(t, err, "Failed to parse valid LLM Provider Template YAML") // Verify version and kind - assert.Equal(t, api.LLMProviderTemplateApiVersion("gateway.api-platform.wso2.com/v1alpha1"), template.ApiVersion) + assert.Equal(t, api.LLMProviderTemplateApiVersion("gateway.api-platform.wso2.com/v1alpha2"), template.ApiVersion) assert.Equal(t, api.LLMProviderTemplateKind("LlmProviderTemplate"), template.Kind) // Verify spec.name @@ -194,7 +194,7 @@ func TestParseLLMProviderTemplate_JSON_Valid(t *testing.T) { { name: "full template JSON", json: `{ - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "LlmProviderTemplate", "metadata": { "name": "openai" @@ -224,7 +224,7 @@ func TestParseLLMProviderTemplate_JSON_Valid(t *testing.T) { { name: "minimal template JSON", json: `{ - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "LlmProviderTemplate", "metadata": { "name": "minimal-template" @@ -245,7 +245,7 @@ func TestParseLLMProviderTemplate_JSON_Valid(t *testing.T) { err := parser.Parse([]byte(tt.json), "application/json", &template) require.NoError(t, err, "Failed to parse valid LLM Provider Template JSON") - assert.Equal(t, api.LLMProviderTemplateApiVersion("gateway.api-platform.wso2.com/v1alpha1"), template.ApiVersion) + assert.Equal(t, api.LLMProviderTemplateApiVersion("gateway.api-platform.wso2.com/v1alpha2"), template.ApiVersion) assert.Equal(t, api.LLMProviderTemplateKind("LlmProviderTemplate"), template.Kind) assert.Equal(t, tt.expectedName, template.Spec.DisplayName) }) @@ -271,7 +271,7 @@ spec: { name: "missing kind", yaml: ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 spec: name: test `, @@ -279,14 +279,14 @@ spec: { name: "missing spec", yaml: ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate `, }, { name: "missing name in spec", yaml: ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate spec: {} `, @@ -294,7 +294,7 @@ spec: {} { name: "malformed YAML", yaml: ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate spec: name: test @@ -340,7 +340,7 @@ func TestParseLLMProvider_YAML_Valid(t *testing.T) { { name: "provider with allow_all mode and auth", yaml: ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: my-openai-provider @@ -376,7 +376,7 @@ spec: { name: "provider with deny_all mode", yaml: ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: restricted-llm @@ -408,7 +408,7 @@ spec: { name: "provider with policies", yaml: ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: policy-test-provider @@ -458,7 +458,7 @@ spec: { name: "minimal provider without optional fields", yaml: ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: minimal-provider @@ -492,7 +492,7 @@ spec: require.NoError(t, err, "Failed to parse valid LLM Provider YAML") // Verify version and kind - assert.Equal(t, api.LLMProviderConfigurationApiVersion("gateway.api-platform.wso2.com/v1alpha1"), provider.ApiVersion) + assert.Equal(t, api.LLMProviderConfigurationApiVersion("gateway.api-platform.wso2.com/v1alpha2"), provider.ApiVersion) assert.Equal(t, api.LLMProviderConfigurationKind("LlmProvider"), provider.Kind) // Verify spec fields @@ -559,7 +559,7 @@ func TestParseLLMProvider_JSON_Valid(t *testing.T) { { name: "full provider JSON", json: `{ - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "LlmProvider", "metadata": { "name": "my-openai-provider" @@ -595,7 +595,7 @@ func TestParseLLMProvider_JSON_Valid(t *testing.T) { { name: "minimal provider JSON", json: `{ - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "LlmProvider", "metadata": { "name": "minimal-provider" @@ -625,7 +625,7 @@ func TestParseLLMProvider_JSON_Valid(t *testing.T) { err := parser.Parse([]byte(tt.json), "application/json", &provider) require.NoError(t, err, "Failed to parse valid LLM Provider JSON") - assert.Equal(t, api.LLMProviderConfigurationApiVersion("gateway.api-platform.wso2.com/v1alpha1"), provider.ApiVersion) + assert.Equal(t, api.LLMProviderConfigurationApiVersion("gateway.api-platform.wso2.com/v1alpha2"), provider.ApiVersion) assert.Equal(t, api.LLMProviderConfigurationKind("LlmProvider"), provider.Kind) assert.Equal(t, tt.expectedName, provider.Spec.DisplayName) assert.Equal(t, tt.expectedVersion, provider.Spec.Version) @@ -659,7 +659,7 @@ spec: { name: "missing kind", yaml: ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 spec: name: test version: v1.0 @@ -674,7 +674,7 @@ spec: { name: "malformed JSON", json: `{ - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "LlmProvider", "spec": { "name": "test", @@ -711,7 +711,7 @@ spec: // TestParseContentType tests that parser handles different content types correctly func TestParseContentType(t *testing.T) { yamlData := ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: test-template @@ -720,7 +720,7 @@ spec: ` jsonData := `{ - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "LlmProviderTemplate", "metadata": { "name": "test-template" @@ -802,7 +802,7 @@ func TestParseLLMProviderTemplate_ExtractionIdentifier(t *testing.T) { { name: "payload location with JSONPath", yaml: ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: test @@ -818,7 +818,7 @@ spec: { name: "header location with header name", yaml: ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: test @@ -852,7 +852,7 @@ spec: // TestParseLLMProvider_AccessControlExceptions tests parsing of access control exceptions func TestParseLLMProvider_AccessControlExceptions(t *testing.T) { yaml := ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: test-provider @@ -903,7 +903,7 @@ spec: // TestParseLLMProvider_UpstreamAuth tests parsing of upstream authentication func TestParseLLMProvider_UpstreamAuth(t *testing.T) { yaml := ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: test-provider @@ -939,7 +939,7 @@ spec: // TestParseLLMProvider_Policies tests parsing of policies func TestParseLLMProvider_Policies(t *testing.T) { yaml := ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: test-provider @@ -1005,7 +1005,7 @@ spec: // TestParseRoundTrip tests that parsing and re-marshaling produces consistent results func TestParseRoundTrip(t *testing.T) { originalYAML := ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: openai diff --git a/gateway/gateway-controller/pkg/config/llm_validator.go b/gateway/gateway-controller/pkg/config/llm_validator.go index 62fed822ac..a671bac866 100644 --- a/gateway/gateway-controller/pkg/config/llm_validator.go +++ b/gateway/gateway-controller/pkg/config/llm_validator.go @@ -91,10 +91,10 @@ func (v *LLMValidator) validateLLMProviderTemplate(template *api.LLMProviderTemp } // Validate version - if template.ApiVersion != api.LLMProviderTemplateApiVersionGatewayApiPlatformWso2Comv1alpha1 { + if template.ApiVersion != api.LLMProviderTemplateApiVersionGatewayApiPlatformWso2Comv1alpha2 { errors = append(errors, ValidationError{ Field: "version", - Message: "Version must be 'gateway.api-platform.wso2.com/v1alpha1'", + Message: "Version must be 'gateway.api-platform.wso2.com/v1alpha2'", }) } @@ -293,10 +293,10 @@ func (v *LLMValidator) validateLLMProvider(provider *api.LLMProviderConfiguratio } // Validate version - if provider.ApiVersion != api.LLMProviderConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1 { + if provider.ApiVersion != api.LLMProviderConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2 { errors = append(errors, ValidationError{ Field: "version", - Message: "Version must be in the format 'gateway.api-platform.wso2.com/v1alpha1'", + Message: "Version must be 'gateway.api-platform.wso2.com/v1alpha2'", }) } @@ -384,9 +384,34 @@ func (v *LLMValidator) validateProviderSpec(spec *api.LLMProviderConfigData) []V // Validate access control errors = append(errors, v.validateAccessControl("spec.accessControl", &spec.AccessControl)...) + // The deprecated `policies` list must not coexist with the new policy lists + errors = append(errors, v.validatePolicyListExclusivity(spec.GlobalPolicies, spec.OperationPolicies, spec.Policies)...) + return errors } +// validatePolicyListExclusivity enforces that the deprecated `policies` list is not used +// together with the new `globalPolicies`/`operationPolicies` lists. A configuration must use +// EITHER the legacy style OR the new style — never a mix of both. +func (v *LLMValidator) validatePolicyListExclusivity(globalPolicies *[]api.Policy, + operationPolicies *[]api.OperationPolicy, legacyPolicies *[]api.LLMPolicy) []ValidationError { + + hasLegacy := legacyPolicies != nil && len(*legacyPolicies) > 0 + hasNew := (globalPolicies != nil && len(*globalPolicies) > 0) || + (operationPolicies != nil && len(*operationPolicies) > 0) + + if hasLegacy && hasNew { + return []ValidationError{{ + Field: "spec.policies", + Message: "The deprecated 'policies' field cannot be used together with 'globalPolicies' or " + + "'operationPolicies'. Use either the legacy 'policies' list or the new " + + "'globalPolicies'/'operationPolicies' lists, not both.", + }} + } + + return nil +} + // validateUpstreamWithAuth validates an UpstreamWithAuth configuration func (v *LLMValidator) validateUpstreamWithAuth(fieldPrefix string, upstream *api.LLMProviderConfigData_Upstream) []ValidationError { @@ -475,10 +500,10 @@ func (v *LLMValidator) validateLLMProxy(proxy *api.LLMProxyConfiguration) []Vali } // Validate version - if proxy.ApiVersion != api.LLMProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1 { + if proxy.ApiVersion != api.LLMProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2 { errors = append(errors, ValidationError{ Field: "version", - Message: "Version must be in the format 'gateway.api-platform.wso2.com/v1alpha1'", + Message: "Version must be 'gateway.api-platform.wso2.com/v1alpha2'", }) } @@ -566,6 +591,9 @@ func (v *LLMValidator) validateProxyData(spec *api.LLMProxyConfigData) []Validat }) } + // The deprecated `policies` list must not coexist with the new policy lists + errors = append(errors, v.validatePolicyListExclusivity(spec.GlobalPolicies, spec.OperationPolicies, spec.Policies)...) + return errors } diff --git a/gateway/gateway-controller/pkg/config/llm_validator_additional_test.go b/gateway/gateway-controller/pkg/config/llm_validator_additional_test.go index bf9ae4870d..801d56f8e2 100644 --- a/gateway/gateway-controller/pkg/config/llm_validator_additional_test.go +++ b/gateway/gateway-controller/pkg/config/llm_validator_additional_test.go @@ -12,7 +12,7 @@ func TestLLMValidator_ValidateValueTypes(t *testing.T) { t.Run("LLMProviderTemplate as value", func(t *testing.T) { template := api.LLMProviderTemplate{ - ApiVersion: api.LLMProviderTemplateApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.LLMProviderTemplateApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.LLMProviderTemplateKindLlmProviderTemplate, Metadata: api.Metadata{Name: "test-template"}, Spec: api.LLMProviderTemplateData{DisplayName: "Test Template"}, @@ -28,7 +28,7 @@ func TestLLMValidator_ValidateValueTypes(t *testing.T) { t.Run("LLMProviderConfiguration as value", func(t *testing.T) { provider := api.LLMProviderConfiguration{ - ApiVersion: api.LLMProviderConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.LLMProviderConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.LLMProviderConfigurationKindLlmProvider, Metadata: api.Metadata{Name: "test-provider"}, } @@ -42,7 +42,7 @@ func TestLLMValidator_ValidateValueTypes(t *testing.T) { t.Run("LLMProxyConfiguration as value", func(t *testing.T) { proxy := api.LLMProxyConfiguration{ - ApiVersion: api.LLMProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.LLMProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.LLMProxyConfigurationKindLlmProxy, Metadata: api.Metadata{Name: "test-proxy"}, } @@ -78,7 +78,7 @@ func TestLLMValidator_MetadataNameValidation(t *testing.T) { t.Run("Empty metadata name", func(t *testing.T) { template := &api.LLMProviderTemplate{ - ApiVersion: api.LLMProviderTemplateApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.LLMProviderTemplateApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.LLMProviderTemplateKindLlmProviderTemplate, Metadata: api.Metadata{Name: ""}, Spec: api.LLMProviderTemplateData{DisplayName: "Test"}, @@ -105,7 +105,7 @@ func TestLLMValidator_MetadataNameValidation(t *testing.T) { } template := &api.LLMProviderTemplate{ - ApiVersion: api.LLMProviderTemplateApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.LLMProviderTemplateApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.LLMProviderTemplateKindLlmProviderTemplate, Metadata: api.Metadata{Name: longName}, Spec: api.LLMProviderTemplateData{DisplayName: "Test"}, @@ -127,7 +127,7 @@ func TestLLMValidator_MetadataNameValidation(t *testing.T) { t.Run("Invalid metadata name format", func(t *testing.T) { template := &api.LLMProviderTemplate{ - ApiVersion: api.LLMProviderTemplateApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.LLMProviderTemplateApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.LLMProviderTemplateKindLlmProviderTemplate, Metadata: api.Metadata{Name: "Invalid_Name_With_Underscore"}, Spec: api.LLMProviderTemplateData{DisplayName: "Test"}, @@ -194,7 +194,7 @@ func TestLLMValidator_ProviderMetadataValidation(t *testing.T) { url := "https://api.openai.com" provider := &api.LLMProviderConfiguration{ - ApiVersion: api.LLMProviderConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.LLMProviderConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.LLMProviderConfigurationKindLlmProvider, Metadata: api.Metadata{Name: longName}, Spec: api.LLMProviderConfigData{ @@ -355,7 +355,7 @@ func TestLLMValidator_ValidateLLMProxy_NilAndMetadata(t *testing.T) { } proxy := &api.LLMProxyConfiguration{ - ApiVersion: api.LLMProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.LLMProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.LLMProxyConfigurationKindLlmProxy, Metadata: api.Metadata{Name: longName}, Spec: api.LLMProxyConfigData{ diff --git a/gateway/gateway-controller/pkg/config/llm_validator_policy_exclusivity_test.go b/gateway/gateway-controller/pkg/config/llm_validator_policy_exclusivity_test.go new file mode 100644 index 0000000000..3dbad6c2ba --- /dev/null +++ b/gateway/gateway-controller/pkg/config/llm_validator_policy_exclusivity_test.go @@ -0,0 +1,156 @@ +/* + * Copyright (c) 2026, WSO2 LLC. (https://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package config + +import ( + "testing" + + "github.com/stretchr/testify/assert" + + api "github.com/wso2/api-platform/gateway/gateway-controller/pkg/api/management" +) + +// policyExclusivityErr reports whether the validation errors contain the +// legacy/new policy-list coexistence error on spec.policies. +func policyExclusivityErr(errors []ValidationError) bool { + for _, err := range errors { + if err.Field == "spec.policies" && + err.Message == "The deprecated 'policies' field cannot be used together with 'globalPolicies' or "+ + "'operationPolicies'. Use either the legacy 'policies' list or the new "+ + "'globalPolicies'/'operationPolicies' lists, not both." { + return true + } + } + return false +} + +func sampleGlobalPolicies() *[]api.Policy { + return &[]api.Policy{{Name: "basic-ratelimit", Version: "v1"}} +} + +func sampleOperationPolicies() *[]api.OperationPolicy { + return &[]api.OperationPolicy{{ + Name: "basic-ratelimit", + Version: "v1", + Paths: []api.OperationPolicyPath{{Path: "/chat/completions", Methods: []string{"GET"}}}, + }} +} + +func sampleLegacyPolicies() *[]api.LLMPolicy { + return &[]api.LLMPolicy{{ + Name: "basic-ratelimit", + Version: "v1", + Paths: []api.LLMPolicyPath{{Path: "/chat/completions", Methods: []api.LLMPolicyPathMethods{"GET"}}}, + }} +} + +func providerWithPolicies(global *[]api.Policy, operation *[]api.OperationPolicy, legacy *[]api.LLMPolicy) *api.LLMProviderConfiguration { + return &api.LLMProviderConfiguration{ + ApiVersion: api.LLMProviderConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, + Kind: api.LLMProviderConfigurationKindLlmProvider, + Metadata: api.Metadata{Name: "openai"}, + Spec: api.LLMProviderConfigData{ + DisplayName: "my-provider", + Version: "v1.0", + Template: "openai", + Upstream: api.LLMProviderConfigData_Upstream{ + Url: stringPtr("https://api.example.com"), + }, + AccessControl: api.LLMAccessControl{Mode: api.AllowAll}, + GlobalPolicies: global, + OperationPolicies: operation, + Policies: legacy, + }, + } +} + +func proxyWithPolicies(global *[]api.Policy, operation *[]api.OperationPolicy, legacy *[]api.LLMPolicy) *api.LLMProxyConfiguration { + return &api.LLMProxyConfiguration{ + ApiVersion: api.LLMProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, + Kind: api.LLMProxyConfigurationKindLlmProxy, + Metadata: api.Metadata{Name: "openai-proxy"}, + Spec: api.LLMProxyConfigData{ + DisplayName: "my-proxy", + Version: "v1.0", + Provider: api.LLMProxyProvider{Id: "openai"}, + GlobalPolicies: global, + OperationPolicies: operation, + Policies: legacy, + }, + } +} + +func TestValidateLLMProvider_PolicyListExclusivity(t *testing.T) { + validator := NewLLMValidator() + + tests := []struct { + name string + global *[]api.Policy + operation *[]api.OperationPolicy + legacy *[]api.LLMPolicy + wantErr bool + }{ + {name: "legacy only", legacy: sampleLegacyPolicies(), wantErr: false}, + {name: "globalPolicies only", global: sampleGlobalPolicies(), wantErr: false}, + {name: "operationPolicies only", operation: sampleOperationPolicies(), wantErr: false}, + {name: "global + operation (both new)", global: sampleGlobalPolicies(), operation: sampleOperationPolicies(), wantErr: false}, + {name: "no policies at all", wantErr: false}, + {name: "legacy + globalPolicies", global: sampleGlobalPolicies(), legacy: sampleLegacyPolicies(), wantErr: true}, + {name: "legacy + operationPolicies", operation: sampleOperationPolicies(), legacy: sampleLegacyPolicies(), wantErr: true}, + {name: "legacy + both new", global: sampleGlobalPolicies(), operation: sampleOperationPolicies(), legacy: sampleLegacyPolicies(), wantErr: true}, + // Empty (non-nil) slices must not count as "present". + {name: "empty legacy + globalPolicies", global: sampleGlobalPolicies(), legacy: &[]api.LLMPolicy{}, wantErr: false}, + {name: "legacy + empty new lists", global: &[]api.Policy{}, operation: &[]api.OperationPolicy{}, legacy: sampleLegacyPolicies(), wantErr: false}, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + errors := validator.Validate(providerWithPolicies(tt.global, tt.operation, tt.legacy)) + assert.Equal(t, tt.wantErr, policyExclusivityErr(errors), + "unexpected policy-exclusivity result; errors=%v", errors) + }) + } +} + +func TestValidateLLMProxy_PolicyListExclusivity(t *testing.T) { + validator := NewLLMValidator() + + tests := []struct { + name string + global *[]api.Policy + operation *[]api.OperationPolicy + legacy *[]api.LLMPolicy + wantErr bool + }{ + {name: "legacy only", legacy: sampleLegacyPolicies(), wantErr: false}, + {name: "globalPolicies only", global: sampleGlobalPolicies(), wantErr: false}, + {name: "operationPolicies only", operation: sampleOperationPolicies(), wantErr: false}, + {name: "no policies at all", wantErr: false}, + {name: "legacy + globalPolicies", global: sampleGlobalPolicies(), legacy: sampleLegacyPolicies(), wantErr: true}, + {name: "legacy + operationPolicies", operation: sampleOperationPolicies(), legacy: sampleLegacyPolicies(), wantErr: true}, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + errors := validator.Validate(proxyWithPolicies(tt.global, tt.operation, tt.legacy)) + assert.Equal(t, tt.wantErr, policyExclusivityErr(errors), + "unexpected policy-exclusivity result; errors=%v", errors) + }) + } +} diff --git a/gateway/gateway-controller/pkg/config/llm_validator_test.go b/gateway/gateway-controller/pkg/config/llm_validator_test.go index 52cafa23dc..9ad7399a0e 100644 --- a/gateway/gateway-controller/pkg/config/llm_validator_test.go +++ b/gateway/gateway-controller/pkg/config/llm_validator_test.go @@ -49,7 +49,7 @@ func TestValidateLLMProviderTemplate_Valid(t *testing.T) { { name: "full template with all fields", template: api.LLMProviderTemplate{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: api.LLMProviderTemplateKindLlmProviderTemplate, Metadata: api.Metadata{Name: "openai"}, Spec: api.LLMProviderTemplateData{ @@ -76,7 +76,7 @@ func TestValidateLLMProviderTemplate_Valid(t *testing.T) { { name: "minimal template", template: api.LLMProviderTemplate{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: api.LLMProviderTemplateKindLlmProviderTemplate, Metadata: api.Metadata{Name: "openai"}, Spec: api.LLMProviderTemplateData{ @@ -87,7 +87,7 @@ func TestValidateLLMProviderTemplate_Valid(t *testing.T) { { name: "template with header extraction", template: api.LLMProviderTemplate{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: api.LLMProviderTemplateKindLlmProviderTemplate, Metadata: api.Metadata{Name: "openai"}, Spec: api.LLMProviderTemplateData{ @@ -102,7 +102,7 @@ func TestValidateLLMProviderTemplate_Valid(t *testing.T) { { name: "template with various name formats", template: api.LLMProviderTemplate{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: api.LLMProviderTemplateKindLlmProviderTemplate, Metadata: api.Metadata{Name: "openai"}, Spec: api.LLMProviderTemplateData{ @@ -154,12 +154,12 @@ func TestValidateLLMProviderTemplate_InvalidVersion(t *testing.T) { }, { name: "valid version", - version: "gateway.api-platform.wso2.com/v1alpha1", + version: "gateway.api-platform.wso2.com/v1alpha2", expectError: false, }, { name: "valid version with patch", - version: "gateway.api-platform.wso2.com/v1alpha1", + version: "gateway.api-platform.wso2.com/v1alpha2", expectError: false, }, } @@ -230,7 +230,7 @@ func TestValidateLLMProviderTemplate_InvalidKind(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { template := api.LLMProviderTemplate{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: api.LLMProviderTemplateKind(tt.kind), Metadata: api.Metadata{Name: "openai"}, Spec: api.LLMProviderTemplateData{ @@ -284,7 +284,7 @@ func TestValidateLLMProviderTemplate_InvalidName(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { template := api.LLMProviderTemplate{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: api.LLMProviderTemplateKindLlmProviderTemplate, Metadata: api.Metadata{Name: "openai"}, Spec: api.LLMProviderTemplateData{ @@ -505,7 +505,7 @@ func TestValidateLLMProviderTemplate_InvalidMetadataName(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { provider := api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: api.LLMProviderConfigurationKindLlmProvider, Metadata: api.Metadata{Name: tt.metadataName}, Spec: api.LLMProviderConfigData{ @@ -607,7 +607,7 @@ func TestValidateLLMProviderTemplate_ExtractionIdentifier(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { template := api.LLMProviderTemplate{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: api.LLMProviderTemplateKindLlmProviderTemplate, Metadata: api.Metadata{Name: "openai"}, Spec: api.LLMProviderTemplateData{ @@ -648,7 +648,7 @@ func TestValidateLLMProvider_Valid(t *testing.T) { { name: "full provider with all fields", provider: api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: api.LLMProviderConfigurationKindLlmProvider, Metadata: api.Metadata{Name: "openai"}, Spec: api.LLMProviderConfigData{ @@ -678,7 +678,7 @@ func TestValidateLLMProvider_Valid(t *testing.T) { { name: "minimal provider", provider: api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: api.LLMProviderConfigurationKindLlmProvider, Metadata: api.Metadata{Name: "openai"}, Spec: api.LLMProviderConfigData{ @@ -697,7 +697,7 @@ func TestValidateLLMProvider_Valid(t *testing.T) { { name: "provider with deny_all mode", provider: api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: api.LLMProviderConfigurationKindLlmProvider, Metadata: api.Metadata{Name: "openai"}, Spec: api.LLMProviderConfigData{ @@ -750,7 +750,7 @@ func TestValidateLLMProvider_InvalidVersion(t *testing.T) { }, { name: "valid version - v1", - version: "gateway.api-platform.wso2.com/v1alpha1", + version: "gateway.api-platform.wso2.com/v1alpha2", expectError: false, }, } @@ -824,7 +824,7 @@ func TestValidateLLMProvider_InvalidKind(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { provider := api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: api.LLMProviderConfigurationKind(tt.kind), Metadata: api.Metadata{Name: "openai"}, Spec: api.LLMProviderConfigData{ @@ -886,7 +886,7 @@ func TestValidateLLMProvider_Name(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { provider := api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: api.LLMProviderConfigurationKindLlmProvider, Metadata: api.Metadata{Name: "openai"}, Spec: api.LLMProviderConfigData{ @@ -1115,7 +1115,7 @@ func TestValidateLLMProvider_InvalidMetadataName(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { provider := api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: api.LLMProviderConfigurationKindLlmProvider, Metadata: api.Metadata{Name: tt.metadataName}, Spec: api.LLMProviderConfigData{ @@ -1179,7 +1179,7 @@ func TestValidateLLMProvider_ProviderVersion(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { provider := api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: api.LLMProviderConfigurationKindLlmProvider, Metadata: api.Metadata{Name: "openai"}, Spec: api.LLMProviderConfigData{ @@ -1238,7 +1238,7 @@ func TestValidateLLMProvider_Template(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { provider := api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: api.LLMProviderConfigurationKindLlmProvider, Metadata: api.Metadata{Name: "openai"}, Spec: api.LLMProviderConfigData{ @@ -1352,7 +1352,7 @@ func TestValidateLLMProvider_Upstream(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { provider := api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: api.LLMProviderConfigurationKindLlmProvider, Metadata: api.Metadata{Name: "openai"}, Spec: api.LLMProviderConfigData{ @@ -1506,7 +1506,7 @@ func TestValidateLLMProvider_UpstreamAuth(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { provider := api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: api.LLMProviderConfigurationKindLlmProvider, Metadata: api.Metadata{Name: "openai"}, Spec: api.LLMProviderConfigData{ @@ -1589,7 +1589,7 @@ func TestValidateLLMProvider_AccessControl(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { provider := api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: api.LLMProviderConfigurationKindLlmProvider, Metadata: api.Metadata{Name: "openai"}, Spec: api.LLMProviderConfigData{ @@ -1701,7 +1701,7 @@ func TestValidateLLMProvider_AccessControlExceptions(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { provider := api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: api.LLMProviderConfigurationKindLlmProvider, Metadata: api.Metadata{Name: "openai"}, Spec: api.LLMProviderConfigData{ @@ -1746,7 +1746,7 @@ func TestValidateLLMProvider_NilSpec(t *testing.T) { validator := NewLLMValidator() provider := api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: api.LLMProviderConfigurationKindLlmProvider, // Spec is nil/zero value } @@ -1767,7 +1767,7 @@ func TestValidateLLMProvider_ExtremelyLongInputs(t *testing.T) { } provider := api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: api.LLMProviderConfigurationKindLlmProvider, Metadata: api.Metadata{Name: "openai"}, Spec: api.LLMProviderConfigData{ @@ -1860,7 +1860,7 @@ func TestValidateLLMProvider_URLValidation(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { provider := api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: api.LLMProviderConfigurationKindLlmProvider, Metadata: api.Metadata{Name: "openai"}, Spec: api.LLMProviderConfigData{ diff --git a/gateway/gateway-controller/pkg/config/mcp_validator.go b/gateway/gateway-controller/pkg/config/mcp_validator.go index d2fc30e2b6..c440e2305b 100644 --- a/gateway/gateway-controller/pkg/config/mcp_validator.go +++ b/gateway/gateway-controller/pkg/config/mcp_validator.go @@ -79,10 +79,10 @@ func (v *MCPValidator) validateMCPConfiguration(config *api.MCPProxyConfiguratio var errors []ValidationError // Validate version - if config.ApiVersion != api.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1 { + if config.ApiVersion != api.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2 { errors = append(errors, ValidationError{ Field: "version", - Message: "Unsupported configuration version (must be 'gateway.api-platform.wso2.com/v1alpha1')", + Message: "Unsupported configuration version (must be 'gateway.api-platform.wso2.com/v1alpha2')", }) } diff --git a/gateway/gateway-controller/pkg/config/mcp_validator_test.go b/gateway/gateway-controller/pkg/config/mcp_validator_test.go index 6b745a9cef..8d28fc3dc6 100644 --- a/gateway/gateway-controller/pkg/config/mcp_validator_test.go +++ b/gateway/gateway-controller/pkg/config/mcp_validator_test.go @@ -62,7 +62,7 @@ func TestMCPValidator_Validate_PointerAndValue(t *testing.T) { url := "http://backend:8080" specVersion := constants.SPEC_VERSION_2025_JUNE config := api.MCPProxyConfiguration{ - ApiVersion: api.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: "Mcp", Metadata: api.Metadata{ Name: "test-mcp", @@ -101,7 +101,7 @@ func TestMCPValidator_ValidateAPIVersion(t *testing.T) { }{ { name: "Valid API version", - apiVersion: api.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + apiVersion: api.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, wantError: false, }, { @@ -171,7 +171,7 @@ func TestMCPValidator_ValidateKind(t *testing.T) { url := "http://backend:8080" specVersion := constants.SPEC_VERSION_2025_JUNE config := &api.MCPProxyConfiguration{ - ApiVersion: api.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: tt.kind, Metadata: api.Metadata{Name: "test"}, Spec: api.MCPProxyConfigData{ @@ -245,7 +245,7 @@ func TestMCPValidator_ValidateDisplayName(t *testing.T) { url := "http://backend:8080" specVersion := constants.SPEC_VERSION_2025_JUNE config := &api.MCPProxyConfiguration{ - ApiVersion: api.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: "Mcp", Metadata: api.Metadata{Name: "test"}, Spec: api.MCPProxyConfigData{ @@ -302,7 +302,7 @@ func TestMCPValidator_ValidateVersion(t *testing.T) { url := "http://backend:8080" specVersion := constants.SPEC_VERSION_2025_JUNE config := &api.MCPProxyConfiguration{ - ApiVersion: api.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: "Mcp", Metadata: api.Metadata{Name: "test"}, Spec: api.MCPProxyConfigData{ @@ -352,7 +352,7 @@ func TestMCPValidator_ValidateSpecVersion(t *testing.T) { t.Run(tt.name, func(t *testing.T) { url := "http://backend:8080" config := &api.MCPProxyConfiguration{ - ApiVersion: api.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: "Mcp", Metadata: api.Metadata{Name: "test"}, Spec: api.MCPProxyConfigData{ @@ -407,7 +407,7 @@ func TestMCPValidator_ValidateContextAndVhost(t *testing.T) { url := "http://backend:8080" specVersion := constants.SPEC_VERSION_2025_JUNE config := &api.MCPProxyConfiguration{ - ApiVersion: api.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: "Mcp", Metadata: api.Metadata{Name: "test"}, Spec: api.MCPProxyConfigData{ @@ -508,7 +508,7 @@ func TestMCPValidator_ValidateUpstream(t *testing.T) { } config := &api.MCPProxyConfiguration{ - ApiVersion: api.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: "Mcp", Metadata: api.Metadata{Name: "test"}, Spec: spec, @@ -623,7 +623,7 @@ func TestMCPValidator_ValidateUpstreamAuth(t *testing.T) { } } config := &api.MCPProxyConfiguration{ - ApiVersion: api.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: "Mcp", Metadata: api.Metadata{Name: "test"}, Spec: api.MCPProxyConfigData{ diff --git a/gateway/gateway-controller/pkg/config/policy_validator_test.go b/gateway/gateway-controller/pkg/config/policy_validator_test.go index f9afdc22a8..5cd7f81177 100644 --- a/gateway/gateway-controller/pkg/config/policy_validator_test.go +++ b/gateway/gateway-controller/pkg/config/policy_validator_test.go @@ -52,7 +52,7 @@ func TestPolicyValidator_ValidateRestAPIPolicies_Success(t *testing.T) { // Create API config with valid policy apiConfig := &api.RestAPI{ - ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.RestAPIKindRestApi, Spec: api.APIConfigData{ DisplayName: "Test API", @@ -98,7 +98,7 @@ func TestPolicyValidator_PolicyNotFound(t *testing.T) { // Create API config with non-existent policy apiConfig := &api.RestAPI{ - ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.RestAPIKindRestApi, Spec: api.APIConfigData{ DisplayName: "Test API", @@ -161,7 +161,7 @@ func TestPolicyValidator_InvalidParameters(t *testing.T) { // Create API config with invalid params (missing required field) apiConfig := &api.RestAPI{ - ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.RestAPIKindRestApi, Spec: api.APIConfigData{ DisplayName: "Test API", @@ -222,7 +222,7 @@ func TestPolicyValidator_OperationLevelPolicies(t *testing.T) { // Create API config with operation-level policy apiConfig := &api.RestAPI{ - ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.RestAPIKindRestApi, Spec: api.APIConfigData{ DisplayName: "Test API", @@ -273,7 +273,7 @@ func TestPolicyValidator_MultipleErrors(t *testing.T) { // Create API config with multiple invalid policies apiConfig := &api.RestAPI{ - ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.RestAPIKindRestApi, Spec: api.APIConfigData{ DisplayName: "Test API", @@ -339,7 +339,7 @@ func TestPolicyValidator_TypeMismatch(t *testing.T) { // Create API config with wrong type (string instead of integer) apiConfig := &api.RestAPI{ - ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.RestAPIKindRestApi, Spec: api.APIConfigData{ DisplayName: "Test API", @@ -402,7 +402,7 @@ func TestPolicyValidator_MissingRequiredParams(t *testing.T) { // Test case 1: Policy with nil params (should fail validation for required field) apiConfig := &api.RestAPI{ - ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.RestAPIKindRestApi, Spec: api.APIConfigData{ DisplayName: "Test API", @@ -482,7 +482,7 @@ func TestPolicyValidator_MixedMajorVersions_SamePolicyName(t *testing.T) { validator := NewPolicyValidator(policyDefs) apiConfig := &api.RestAPI{ - ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.RestAPIKindRestApi, Spec: api.APIConfigData{ DisplayName: "Test API", @@ -534,7 +534,7 @@ func TestPolicyValidator_FullSemverRejected(t *testing.T) { validator := NewPolicyValidator(policyDefs) apiConfig := &api.RestAPI{ - ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.RestAPIKindRestApi, Spec: api.APIConfigData{ DisplayName: "Test API", @@ -588,7 +588,7 @@ func TestPolicyValidator_MajorVersionResolution_Success(t *testing.T) { validator := NewPolicyValidator(policyDefs) apiConfig := &api.RestAPI{ - ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.RestAPIKindRestApi, Spec: api.APIConfigData{ DisplayName: "Test API", @@ -635,7 +635,7 @@ func TestPolicyValidator_MajorVersionResolution_NotFound(t *testing.T) { validator := NewPolicyValidator(policyDefs) apiConfig := &api.RestAPI{ - ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.RestAPIKindRestApi, Spec: api.APIConfigData{ DisplayName: "Test API", @@ -689,7 +689,7 @@ func TestPolicyValidator_MajorVersionResolution_MultipleMatches(t *testing.T) { validator := NewPolicyValidator(policyDefs) apiConfig := &api.RestAPI{ - ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.RestAPIKindRestApi, Spec: api.APIConfigData{ DisplayName: "Test API", @@ -747,7 +747,7 @@ func TestPolicyValidator_EmptyVersion_ResolvesToLatest(t *testing.T) { validator := NewPolicyValidator(policyDefs) apiConfig := &api.RestAPI{ - ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.RestAPIKindRestApi, Spec: api.APIConfigData{ DisplayName: "Test API", @@ -785,7 +785,7 @@ func TestPolicyValidator_EmptyVersion_PolicyNotFound(t *testing.T) { validator := NewPolicyValidator(policyDefs) apiConfig := &api.RestAPI{ - ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.RestAPIKindRestApi, Spec: api.APIConfigData{ DisplayName: "Test API", @@ -868,7 +868,7 @@ func TestPolicyValidator_ValidateMCPProxyPolicies_NilPolicies(t *testing.T) { validator := NewPolicyValidator(policyDefs) mcpConfig := &api.MCPProxyConfiguration{ - ApiVersion: api.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.MCPProxyConfigurationKindMcp, Metadata: api.Metadata{Name: "test-mcp"}, Spec: api.MCPProxyConfigData{ @@ -894,7 +894,7 @@ func TestPolicyValidator_ValidateMCPProxyPolicies_ValidPolicy(t *testing.T) { {Name: "allow-all", Version: "v1"}, } mcpConfig := &api.MCPProxyConfiguration{ - ApiVersion: api.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.MCPProxyConfigurationKindMcp, Metadata: api.Metadata{Name: "test-mcp"}, Spec: api.MCPProxyConfigData{ @@ -916,7 +916,7 @@ func TestPolicyValidator_ValidateMCPProxyPolicies_PolicyNotFound(t *testing.T) { {Name: "missing-policy", Version: "v1"}, } mcpConfig := &api.MCPProxyConfiguration{ - ApiVersion: api.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.MCPProxyConfigurationKindMcp, Metadata: api.Metadata{Name: "test-mcp"}, Spec: api.MCPProxyConfigData{ @@ -945,7 +945,7 @@ func TestPolicyValidator_ValidateMCPProxyPolicies_MultiplePoliciesWithErrors(t * {Name: "bad-policy", Version: "v1"}, } mcpConfig := &api.MCPProxyConfiguration{ - ApiVersion: api.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.MCPProxyConfigurationKindMcp, Metadata: api.Metadata{Name: "test-mcp"}, Spec: api.MCPProxyConfigData{ diff --git a/gateway/gateway-controller/pkg/config/secret_validator.go b/gateway/gateway-controller/pkg/config/secret_validator.go index c7b7acff6b..8405179612 100644 --- a/gateway/gateway-controller/pkg/config/secret_validator.go +++ b/gateway/gateway-controller/pkg/config/secret_validator.go @@ -72,10 +72,10 @@ func (v *SecretValidator) validateSecretConfiguration(config *api.SecretConfigur var errors []ValidationError // Validate apiVersion - if config.ApiVersion != api.SecretConfigurationRequestApiVersionGatewayApiPlatformWso2Comv1alpha1 { + if config.ApiVersion != api.SecretConfigurationRequestApiVersionGatewayApiPlatformWso2Comv1alpha2 { errors = append(errors, ValidationError{ Field: "version", - Message: "Unsupported configuration version (must be 'gateway.api-platform.wso2.com/v1alpha1')", + Message: "Unsupported configuration version (must be 'gateway.api-platform.wso2.com/v1alpha2')", }) } diff --git a/gateway/gateway-controller/pkg/config/secret_validator_test.go b/gateway/gateway-controller/pkg/config/secret_validator_test.go index 75339ee545..25c380c536 100644 --- a/gateway/gateway-controller/pkg/config/secret_validator_test.go +++ b/gateway/gateway-controller/pkg/config/secret_validator_test.go @@ -48,7 +48,7 @@ func TestSecretValidator_Validate_PointerAndValue(t *testing.T) { v := NewSecretValidator() cfg := api.SecretConfigurationRequest{ - ApiVersion: api.SecretConfigurationRequestApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.SecretConfigurationRequestApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.SecretConfigurationRequestKindSecret, Metadata: api.Metadata{Name: "my-secret"}, Spec: api.SecretConfigData{ @@ -69,7 +69,7 @@ func TestSecretValidator_ValidateSecretConfiguration_Valid(t *testing.T) { v := NewSecretValidator() desc := "A test secret" cfg := &api.SecretConfigurationRequest{ - ApiVersion: api.SecretConfigurationRequestApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.SecretConfigurationRequestApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.SecretConfigurationRequestKindSecret, Metadata: api.Metadata{Name: "test-secret"}, Spec: api.SecretConfigData{ @@ -102,7 +102,7 @@ func TestSecretValidator_InvalidApiVersion(t *testing.T) { func TestSecretValidator_InvalidKind(t *testing.T) { v := NewSecretValidator() cfg := &api.SecretConfigurationRequest{ - ApiVersion: api.SecretConfigurationRequestApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.SecretConfigurationRequestApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: "NotSecret", Metadata: api.Metadata{Name: "test-secret"}, Spec: api.SecretConfigData{ @@ -119,7 +119,7 @@ func TestSecretValidator_InvalidKind(t *testing.T) { func TestSecretValidator_MissingDisplayName(t *testing.T) { v := NewSecretValidator() cfg := &api.SecretConfigurationRequest{ - ApiVersion: api.SecretConfigurationRequestApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.SecretConfigurationRequestApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.SecretConfigurationRequestKindSecret, Metadata: api.Metadata{Name: "test-secret"}, Spec: api.SecretConfigData{ @@ -136,7 +136,7 @@ func TestSecretValidator_MissingDisplayName(t *testing.T) { func TestSecretValidator_DisplayNameTooLong(t *testing.T) { v := NewSecretValidator() cfg := &api.SecretConfigurationRequest{ - ApiVersion: api.SecretConfigurationRequestApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.SecretConfigurationRequestApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.SecretConfigurationRequestKindSecret, Metadata: api.Metadata{Name: "test-secret"}, Spec: api.SecretConfigData{ @@ -153,7 +153,7 @@ func TestSecretValidator_DisplayNameTooLong(t *testing.T) { func TestSecretValidator_DisplayNameInvalidChars(t *testing.T) { v := NewSecretValidator() cfg := &api.SecretConfigurationRequest{ - ApiVersion: api.SecretConfigurationRequestApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.SecretConfigurationRequestApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.SecretConfigurationRequestKindSecret, Metadata: api.Metadata{Name: "test-secret"}, Spec: api.SecretConfigData{ @@ -171,7 +171,7 @@ func TestSecretValidator_DescriptionTooLong(t *testing.T) { v := NewSecretValidator() longDesc := strings.Repeat("x", 1025) cfg := &api.SecretConfigurationRequest{ - ApiVersion: api.SecretConfigurationRequestApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.SecretConfigurationRequestApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.SecretConfigurationRequestKindSecret, Metadata: api.Metadata{Name: "test-secret"}, Spec: api.SecretConfigData{ @@ -189,7 +189,7 @@ func TestSecretValidator_DescriptionTooLong(t *testing.T) { func TestSecretValidator_MissingValue(t *testing.T) { v := NewSecretValidator() cfg := &api.SecretConfigurationRequest{ - ApiVersion: api.SecretConfigurationRequestApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.SecretConfigurationRequestApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.SecretConfigurationRequestKindSecret, Metadata: api.Metadata{Name: "test-secret"}, Spec: api.SecretConfigData{ @@ -206,7 +206,7 @@ func TestSecretValidator_MissingValue(t *testing.T) { func TestSecretValidator_ValueTooLarge(t *testing.T) { v := NewSecretValidator() cfg := &api.SecretConfigurationRequest{ - ApiVersion: api.SecretConfigurationRequestApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.SecretConfigurationRequestApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.SecretConfigurationRequestKindSecret, Metadata: api.Metadata{Name: "test-secret"}, Spec: api.SecretConfigData{ diff --git a/gateway/gateway-controller/pkg/config/validator_test.go b/gateway/gateway-controller/pkg/config/validator_test.go index d11813d8cd..af3bc0ab42 100644 --- a/gateway/gateway-controller/pkg/config/validator_test.go +++ b/gateway/gateway-controller/pkg/config/validator_test.go @@ -102,7 +102,7 @@ func TestValidator_URLFriendlyName(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { config := &api.RestAPI{ - ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.RestAPIKindRestApi, Spec: api.APIConfigData{ DisplayName: tt.apiName, @@ -353,7 +353,7 @@ func TestValidator_LabelsValidation(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { config := &api.RestAPI{ - ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.RestAPIKindRestApi, Metadata: api.Metadata{ Name: "test-api-v1.0", @@ -416,7 +416,7 @@ func TestValidator_LabelsWithAllAPITypes(t *testing.T) { // Test RestApi t.Run("RestApi with valid labels", func(t *testing.T) { config := &api.RestAPI{ - ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.RestAPIKindRestApi, Metadata: api.Metadata{ Name: "test-api-v1.0", @@ -454,7 +454,7 @@ func TestValidator_LabelsWithAllAPITypes(t *testing.T) { // Test WebSubApi t.Run("WebSubApi with valid labels", func(t *testing.T) { config := &api.WebSubAPI{ - ApiVersion: api.WebSubAPIApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.WebSubAPIApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.WebSubAPIKindWebSubApi, Metadata: api.Metadata{ Name: "test-api-v1.0", @@ -484,7 +484,7 @@ func TestValidator_LabelsWithAllAPITypes(t *testing.T) { t.Run("RestApi with invalid labels", func(t *testing.T) { config := &api.RestAPI{ - ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.RestAPIKindRestApi, Metadata: api.Metadata{ Name: "test-api-v1.0", @@ -521,7 +521,7 @@ func TestValidator_LabelsWithAllAPITypes(t *testing.T) { t.Run("WebSubApi with invalid labels", func(t *testing.T) { config := &api.WebSubAPI{ - ApiVersion: api.WebSubAPIApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.WebSubAPIApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.WebSubAPIKindWebSubApi, Metadata: api.Metadata{ Name: "test-api-v1.0", diff --git a/gateway/gateway-controller/pkg/controlplane/api_deleted_test.go b/gateway/gateway-controller/pkg/controlplane/api_deleted_test.go index 91deb514b1..2916d41573 100644 --- a/gateway/gateway-controller/pkg/controlplane/api_deleted_test.go +++ b/gateway/gateway-controller/pkg/controlplane/api_deleted_test.go @@ -90,7 +90,7 @@ func newMockStorageForDeletion() *mockStorageForDeletion { secrets: make(map[string]*models.Secret), webhookSecrets: make(map[string]*models.WebhookSecret), subscriptions: make(map[string]*models.Subscription), - apiKeysByUUID: make(map[string]*models.APIKey), + apiKeysByUUID: make(map[string]*models.APIKey), } } @@ -647,7 +647,7 @@ func createTestAPIConfigForDeletion(apiID string) *models.StoredConfig { Origin: models.OriginGatewayAPI, Kind: "API", Configuration: api.RestAPI{ - ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.RestAPIKindRestApi, Metadata: api.Metadata{ Name: apiID, diff --git a/gateway/gateway-controller/pkg/controlplane/controlplane_test.go b/gateway/gateway-controller/pkg/controlplane/controlplane_test.go index 7205e4101a..ecab70c5ba 100644 --- a/gateway/gateway-controller/pkg/controlplane/controlplane_test.go +++ b/gateway/gateway-controller/pkg/controlplane/controlplane_test.go @@ -593,7 +593,7 @@ func TestClient_handleMCPProxyUndeploymentEvent_PublishesReplicaSyncUpdate(t *te }, }, SourceConfiguration: api.MCPProxyConfiguration{ - ApiVersion: api.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.MCPProxyConfigurationKindMcp, Metadata: api.Metadata{Name: "test-mcp"}, Spec: api.MCPProxyConfigData{ diff --git a/gateway/gateway-controller/pkg/eventlistener/apikey_processor_test.go b/gateway/gateway-controller/pkg/eventlistener/apikey_processor_test.go index 55fd2fde9a..dc45a78e6c 100644 --- a/gateway/gateway-controller/pkg/eventlistener/apikey_processor_test.go +++ b/gateway/gateway-controller/pkg/eventlistener/apikey_processor_test.go @@ -180,7 +180,7 @@ func TestHandleEvent_APIKeyCreate_SyncsMemoryAndXDS_ForLLMProxy(t *testing.T) { DisplayName: "Test LLM Proxy", Version: "v1.0.0", SourceConfiguration: api.LLMProxyConfiguration{ - ApiVersion: api.LLMProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.LLMProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.LLMProxyConfigurationKindLlmProxy, Metadata: api.Metadata{ Name: "test-llm-proxy", diff --git a/gateway/gateway-controller/pkg/eventlistener/listener_test.go b/gateway/gateway-controller/pkg/eventlistener/listener_test.go index 46178a8196..6f331dcbbc 100644 --- a/gateway/gateway-controller/pkg/eventlistener/listener_test.go +++ b/gateway/gateway-controller/pkg/eventlistener/listener_test.go @@ -180,7 +180,7 @@ func setupSQLiteDBForEventListenerTests(t *testing.T) storage.Storage { func testRestStoredConfig(uuid, handle, displayName, version string, status models.DesiredState) *models.StoredConfig { restAPI := api.RestAPI{ - ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.RestAPIKindRestApi, Metadata: api.Metadata{ Name: handle, diff --git a/gateway/gateway-controller/pkg/eventlistener/llm_provider_processor_test.go b/gateway/gateway-controller/pkg/eventlistener/llm_provider_processor_test.go index b9739712a7..3b36ae5d06 100644 --- a/gateway/gateway-controller/pkg/eventlistener/llm_provider_processor_test.go +++ b/gateway/gateway-controller/pkg/eventlistener/llm_provider_processor_test.go @@ -39,7 +39,7 @@ func testLLMProviderTemplate(uuid, handle string) *models.StoredLLMProviderTempl return &models.StoredLLMProviderTemplate{ UUID: uuid, Configuration: api.LLMProviderTemplate{ - ApiVersion: api.LLMProviderTemplateApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.LLMProviderTemplateApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.LLMProviderTemplateKindLlmProviderTemplate, Metadata: api.Metadata{ Name: handle, @@ -56,7 +56,7 @@ func testLLMProviderTemplate(uuid, handle string) *models.StoredLLMProviderTempl func testLLMProviderStoredConfig(uuid, handle, template string, policies *[]api.LLMPolicy) *models.StoredConfig { now := time.Now() provider := api.LLMProviderConfiguration{ - ApiVersion: api.LLMProviderConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.LLMProviderConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.LLMProviderConfigurationKindLlmProvider, Metadata: api.Metadata{ Name: handle, @@ -90,7 +90,7 @@ func testLLMProviderStoredConfig(uuid, handle, template string, policies *[]api. func testLLMProxyStoredConfig(uuid, handle, provider string, policies *[]api.LLMPolicy) *models.StoredConfig { now := time.Now() proxy := api.LLMProxyConfiguration{ - ApiVersion: api.LLMProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.LLMProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.LLMProxyConfigurationKindLlmProxy, Metadata: api.Metadata{ Name: handle, diff --git a/gateway/gateway-controller/pkg/eventlistener/mcp_processor_test.go b/gateway/gateway-controller/pkg/eventlistener/mcp_processor_test.go index fc8e7cce3b..acdfc17c2c 100644 --- a/gateway/gateway-controller/pkg/eventlistener/mcp_processor_test.go +++ b/gateway/gateway-controller/pkg/eventlistener/mcp_processor_test.go @@ -37,7 +37,7 @@ func testMCPStoredConfig(uuid, handle, displayName, version string, desiredState now := time.Now() upstreamURL := "https://example.com" mcp := api.MCPProxyConfiguration{ - ApiVersion: api.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.MCPProxyConfigurationKindMcp, Metadata: api.Metadata{ Name: handle, diff --git a/gateway/gateway-controller/pkg/secrets/service_test.go b/gateway/gateway-controller/pkg/secrets/service_test.go index 5eb5af3952..257c3d58a4 100644 --- a/gateway/gateway-controller/pkg/secrets/service_test.go +++ b/gateway/gateway-controller/pkg/secrets/service_test.go @@ -320,7 +320,7 @@ func TestSecretService_CreateSecret(t *testing.T) { { name: "successful creation", yamlData: ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Secret metadata: name: my-secret @@ -359,7 +359,7 @@ spec: { name: "validation error - missing name", yamlData: ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Secret metadata: name: "" @@ -379,7 +379,7 @@ spec: { name: "secret value exceeds max size", yamlData: ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Secret metadata: name: large-secret @@ -398,7 +398,7 @@ spec: { name: "encryption failure", yamlData: ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Secret metadata: name: my-secret @@ -421,7 +421,7 @@ spec: { name: "storage save failure", yamlData: ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Secret metadata: name: my-secret @@ -688,7 +688,7 @@ func TestSecretService_UpdateSecret(t *testing.T) { name: "successful update", handle: "my-secret", yamlData: ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Secret metadata: name: my-secret @@ -733,7 +733,7 @@ spec: name: "handle mismatch", handle: "my-secret", yamlData: ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Secret metadata: name: different-name @@ -756,7 +756,7 @@ spec: name: "value exceeds max size", handle: "my-secret", yamlData: ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Secret metadata: name: my-secret @@ -776,7 +776,7 @@ spec: name: "encryption failure", handle: "my-secret", yamlData: ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Secret metadata: name: my-secret @@ -802,7 +802,7 @@ spec: name: "secret not found", handle: "nonexistent", yamlData: ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Secret metadata: name: nonexistent @@ -830,7 +830,7 @@ spec: name: "storage update failure", handle: "my-secret", yamlData: ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Secret metadata: name: my-secret diff --git a/gateway/gateway-controller/pkg/storage/sqlite_test.go b/gateway/gateway-controller/pkg/storage/sqlite_test.go index 7f52cb3197..3175baac2b 100644 --- a/gateway/gateway-controller/pkg/storage/sqlite_test.go +++ b/gateway/gateway-controller/pkg/storage/sqlite_test.go @@ -280,7 +280,7 @@ func TestSQLiteStorage_GetAllConfigs_Success(t *testing.T) { config1 := createTestStoredConfig() config1.UUID = "config1" config1.Configuration = api.RestAPI{ - ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.RestAPIKindRestApi, Metadata: api.Metadata{Name: "0000-test-api-1-0000-000000000000"}, Spec: api.APIConfigData{ @@ -293,7 +293,7 @@ func TestSQLiteStorage_GetAllConfigs_Success(t *testing.T) { config2 := createTestStoredConfig() config2.UUID = "config2" config2.Configuration = api.RestAPI{ - ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.RestAPIKindRestApi, Metadata: api.Metadata{Name: "test-api-2"}, Spec: api.APIConfigData{ @@ -376,7 +376,7 @@ func TestSQLiteStorage_GetAllConfigsByKind_Success(t *testing.T) { apiConfig.UUID = "api-config" apiConfig.Kind = "RestApi" apiConfig.Configuration = api.RestAPI{ - ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.RestAPIKindRestApi, Metadata: api.Metadata{Name: "test-api-kind"}, Spec: api.APIConfigData{ @@ -390,7 +390,7 @@ func TestSQLiteStorage_GetAllConfigsByKind_Success(t *testing.T) { llmConfig.UUID = "llm-config" llmConfig.Kind = "LlmProvider" llmConfig.Configuration = api.RestAPI{ - ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.RestAPIKindRestApi, Metadata: api.Metadata{Name: "test-llm-kind"}, Spec: api.APIConfigData{ @@ -400,7 +400,7 @@ func TestSQLiteStorage_GetAllConfigsByKind_Success(t *testing.T) { }, } llmConfig.SourceConfiguration = api.LLMProviderConfiguration{ - ApiVersion: api.LLMProviderConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.LLMProviderConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.LLMProviderConfigurationKindLlmProvider, Metadata: api.Metadata{Name: "test-llm-kind"}, } @@ -1145,7 +1145,7 @@ func setupTestStorage(t *testing.T) *sqlStore { func createTestStoredConfig() *models.StoredConfig { configCounter++ apiConfig := api.RestAPI{ - ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.RestAPIKindRestApi, Metadata: api.Metadata{Name: fmt.Sprintf("test-api-%d", configCounter)}, Spec: api.APIConfigData{ @@ -1174,7 +1174,7 @@ func createTestLLMProviderTemplate() *models.StoredLLMProviderTemplate { return &models.StoredLLMProviderTemplate{ UUID: fmt.Sprintf("test-template-%d", llmTemplateCounter), Configuration: api.LLMProviderTemplate{ - ApiVersion: api.LLMProviderTemplateApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.LLMProviderTemplateApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.LLMProviderTemplateKindLlmProviderTemplate, Metadata: api.Metadata{Name: fmt.Sprintf("test-template-%d", llmTemplateCounter)}, Spec: api.LLMProviderTemplateData{ diff --git a/gateway/gateway-controller/pkg/utils/api_deployment_test.go b/gateway/gateway-controller/pkg/utils/api_deployment_test.go index 15eccdb3c3..1a19b4fd1f 100644 --- a/gateway/gateway-controller/pkg/utils/api_deployment_test.go +++ b/gateway/gateway-controller/pkg/utils/api_deployment_test.go @@ -398,7 +398,7 @@ func TestDeployAPIConfiguration_ValidationError(t *testing.T) { // Invalid YAML that will pass parsing but fail validation yamlData := ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-api @@ -439,7 +439,7 @@ func TestDeployAPIConfiguration_DBConflictValidation(t *testing.T) { params := APIDeploymentParams{ Data: []byte(` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: another-rest-api @@ -481,7 +481,7 @@ spec: params := APIDeploymentParams{ Data: []byte(` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: existing-rest-api @@ -539,7 +539,7 @@ func TestDeployAPIConfiguration_InferKindFromPayload(t *testing.T) { t.Run("Infers RestApi kind from payload", func(t *testing.T) { yamlData := ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: inferred-api @@ -567,7 +567,7 @@ spec: t.Run("Infers WebSubApi kind from payload", func(t *testing.T) { yamlData := ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: WebSubApi metadata: name: inferred-websub @@ -598,7 +598,7 @@ func TestDeployAPIConfiguration_EmptyKindInPayload(t *testing.T) { logger := slog.New(slog.NewTextHandler(io.Discard, nil)) yamlData := ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 metadata: name: no-kind-api spec: @@ -640,7 +640,7 @@ func TestDeployAPIConfiguration_WebSubParseError(t *testing.T) { // Create a WebSub API with invalid spec structure yamlData := ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: WebSubApi metadata: name: test-websub diff --git a/gateway/gateway-controller/pkg/utils/llm_deployment_test.go b/gateway/gateway-controller/pkg/utils/llm_deployment_test.go index 54ff69ed5d..77ea123ee0 100644 --- a/gateway/gateway-controller/pkg/utils/llm_deployment_test.go +++ b/gateway/gateway-controller/pkg/utils/llm_deployment_test.go @@ -127,7 +127,7 @@ func TestLLMTemplateParams(t *testing.T) { func testLLMTemplateYAML(handle, displayName string) []byte { return []byte(fmt.Sprintf(` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: %s @@ -140,7 +140,7 @@ func testLLMProviderYAML(t *testing.T, handle, displayName, template string) []b t.Helper() cfg := api.LLMProviderConfiguration{ - ApiVersion: api.LLMProviderConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.LLMProviderConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.LLMProviderConfigurationKindLlmProvider, Metadata: api.Metadata{ Name: handle, @@ -168,7 +168,7 @@ func testLLMProxyYAML(t *testing.T, handle, displayName, providerHandle string) t.Helper() cfg := api.LLMProxyConfiguration{ - ApiVersion: api.LLMProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.LLMProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.LLMProxyConfigurationKindLlmProxy, Metadata: api.Metadata{ Name: handle, @@ -194,7 +194,7 @@ func testStoredLLMTemplate(uuid, handle, displayName string) *models.StoredLLMPr return &models.StoredLLMProviderTemplate{ UUID: uuid, Configuration: api.LLMProviderTemplate{ - ApiVersion: api.LLMProviderTemplateApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.LLMProviderTemplateApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.LLMProviderTemplateKindLlmProviderTemplate, Metadata: api.Metadata{ Name: handle, @@ -481,7 +481,7 @@ func TestLLMDeploymentService_CreateLLMProviderTemplate_ValidationError(t *testi // Template with empty metadata name yamlData := ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: "" @@ -539,7 +539,7 @@ func TestLLMDeploymentService_UpdateLLMProviderTemplate_HandleChange(t *testing. // Try to update with different handle yamlData := ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: different-handle @@ -871,7 +871,7 @@ func TestLLMDeploymentService_DeployLLMProxyConfiguration_ConflictValidation(t * DisplayName: "Provider A", Version: "1.0.0", SourceConfiguration: api.LLMProviderConfiguration{ - ApiVersion: api.LLMProviderConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.LLMProviderConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.LLMProviderConfigurationKindLlmProvider, Metadata: api.Metadata{ Name: "provider-a", @@ -1018,7 +1018,7 @@ func TestLLMDeploymentService_DeleteLLMProvider_WithDBAndEventHubPublishesDelete DisplayName: "LLM Provider Delete", Version: "v1.0.0", SourceConfiguration: api.LLMProviderConfiguration{ - ApiVersion: api.LLMProviderConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.LLMProviderConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.LLMProviderConfigurationKindLlmProvider, Metadata: api.Metadata{ Name: "llm-provider-delete", @@ -1094,7 +1094,7 @@ func TestLLMDeploymentService_DeleteLLMProxy_WithDBAndEventHubPublishesDeleteAnd DisplayName: "Provider A", Version: "v1.0.0", SourceConfiguration: api.LLMProviderConfiguration{ - ApiVersion: api.LLMProviderConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.LLMProviderConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.LLMProviderConfigurationKindLlmProvider, Metadata: api.Metadata{ Name: "provider-a", @@ -1120,7 +1120,7 @@ func TestLLMDeploymentService_DeleteLLMProxy_WithDBAndEventHubPublishesDeleteAnd DisplayName: "LLM Proxy Delete", Version: "v1.0.0", SourceConfiguration: api.LLMProxyConfiguration{ - ApiVersion: api.LLMProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.LLMProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.LLMProxyConfigurationKindLlmProxy, Metadata: api.Metadata{ Name: "llm-proxy-delete", @@ -1296,7 +1296,7 @@ func TestLLMDeploymentService_InitializeOOBTemplates_ValidTemplates(t *testing.T templates := map[string]*api.LLMProviderTemplate{ "openai": { - ApiVersion: api.LLMProviderTemplateApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.LLMProviderTemplateApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.LLMProviderTemplateKindLlmProviderTemplate, Metadata: api.Metadata{Name: "openai"}, Spec: api.LLMProviderTemplateData{ @@ -1337,7 +1337,7 @@ func TestLLMDeploymentService_InitializeOOBTemplates_UpdateExisting(t *testing.T // Initialize with updated template templates := map[string]*api.LLMProviderTemplate{ "existing": { - ApiVersion: api.LLMProviderTemplateApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.LLMProviderTemplateApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.LLMProviderTemplateKindLlmProviderTemplate, Metadata: api.Metadata{Name: "existing"}, Spec: api.LLMProviderTemplateData{ diff --git a/gateway/gateway-controller/pkg/utils/llm_provider_template_loader_test.go b/gateway/gateway-controller/pkg/utils/llm_provider_template_loader_test.go index 2637425cc9..0967630305 100644 --- a/gateway/gateway-controller/pkg/utils/llm_provider_template_loader_test.go +++ b/gateway/gateway-controller/pkg/utils/llm_provider_template_loader_test.go @@ -89,7 +89,7 @@ func TestLLMTemplateLoader_LoadTemplatesFromDirectory_JSONFile(t *testing.T) { // Create a valid JSON template jsonTemplate := `{ - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "LlmProviderTemplate", "metadata": { "name": "test-template" @@ -118,7 +118,7 @@ func TestLLMTemplateLoader_LoadTemplatesFromDirectory_YAMLFile(t *testing.T) { // Create a valid YAML template yamlTemplate := ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: yaml-template @@ -145,7 +145,7 @@ func TestLLMTemplateLoader_LoadTemplatesFromDirectory_YMLFile(t *testing.T) { // Create a valid YML template ymlTemplate := ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: yml-template @@ -172,13 +172,13 @@ func TestLLMTemplateLoader_LoadTemplatesFromDirectory_MultipleFiles(t *testing.T // Create multiple templates jsonTemplate := `{ - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "LlmProviderTemplate", "metadata": {"name": "template-1"}, "spec": {"displayName": "Template 1"} }` yamlTemplate := ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: template-2 @@ -208,13 +208,13 @@ func TestLLMTemplateLoader_LoadTemplatesFromDirectory_DuplicateHandle(t *testing // Create two templates with the same handle template1 := `{ - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "LlmProviderTemplate", "metadata": {"name": "duplicate-template"}, "spec": {"displayName": "Template 1"} }` template2 := `{ - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "LlmProviderTemplate", "metadata": {"name": "duplicate-template"}, "spec": {"displayName": "Template 2"} @@ -278,13 +278,13 @@ func TestLLMTemplateLoader_LoadTemplatesFromDirectory_Subdirectories(t *testing. // Create templates in root and subdirectory rootTemplate := `{ - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "LlmProviderTemplate", "metadata": {"name": "root-template"}, "spec": {"displayName": "Root Template"} }` subTemplate := `{ - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "LlmProviderTemplate", "metadata": {"name": "sub-template"}, "spec": {"displayName": "Sub Template"} @@ -319,7 +319,7 @@ func TestLLMTemplateLoader_loadTemplateFile_ValidJSON(t *testing.T) { defer os.Remove(tmpFile.Name()) jsonTemplate := `{ - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "LlmProviderTemplate", "metadata": {"name": "test-template"}, "spec": {"displayName": "Test Template"} @@ -344,7 +344,7 @@ func TestLLMTemplateLoader_loadTemplateFile_ValidYAML(t *testing.T) { defer os.Remove(tmpFile.Name()) yamlTemplate := ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: yaml-template @@ -371,7 +371,7 @@ func TestLLMTemplateLoader_loadTemplateFile_CompleteTemplate(t *testing.T) { defer os.Remove(tmpFile.Name()) jsonTemplate := `{ - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "LlmProviderTemplate", "metadata": {"name": "complete-template"}, "spec": { diff --git a/gateway/gateway-controller/pkg/utils/llm_provider_transformer_test.go b/gateway/gateway-controller/pkg/utils/llm_provider_transformer_test.go index c47462d0fa..148dc5edbf 100644 --- a/gateway/gateway-controller/pkg/utils/llm_provider_transformer_test.go +++ b/gateway/gateway-controller/pkg/utils/llm_provider_transformer_test.go @@ -96,7 +96,7 @@ func setupTestTransformer(t *testing.T) (*LLMProviderTransformer, *storage.Confi openAITemplate := &models.StoredLLMProviderTemplate{ UUID: "0000-openai-template-id-0000-000000000000", Configuration: api.LLMProviderTemplate{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProviderTemplate", Metadata: api.Metadata{Name: "openai"}, Spec: api.LLMProviderTemplateData{ @@ -140,7 +140,7 @@ func TestTransform_MinimalProvider(t *testing.T) { transformer, _ := setupTestTransformer(t) provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -164,7 +164,7 @@ func TestTransform_MinimalProvider(t *testing.T) { // Verify basic fields assert.Equal(t, api.RestAPIKindRestApi, result.Kind) - assert.Equal(t, api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1, result.ApiVersion) + assert.Equal(t, api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2, result.ApiVersion) // Extract spec spec := result.Spec @@ -180,7 +180,7 @@ func TestTransform_FullProvider(t *testing.T) { transformer, _ := setupTestTransformer(t) provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -255,7 +255,7 @@ func TestTransform_NonExistentTemplate(t *testing.T) { transformer, _ := setupTestTransformer(t) provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -287,7 +287,7 @@ func TestTransform_DefaultContext(t *testing.T) { transformer, _ := setupTestTransformer(t) provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -330,7 +330,7 @@ func TestTransform_CustomContext(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -367,7 +367,7 @@ func TestTransform_NoVhost(t *testing.T) { transformer, _ := setupTestTransformer(t) provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -398,7 +398,7 @@ func TestTransform_WithVhost(t *testing.T) { transformer, _ := setupTestTransformer(t) provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -435,7 +435,7 @@ func TestTransform_NoAuth(t *testing.T) { transformer, _ := setupTestTransformer(t) provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -469,7 +469,7 @@ func TestTransform_ApiKeyAuth(t *testing.T) { transformer, _ := setupTestTransformer(t) provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -529,7 +529,7 @@ func TestTransform_UnsupportedAuthType(t *testing.T) { transformer, _ := setupTestTransformer(t) provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -569,7 +569,7 @@ func TestTransform_AllowAll_NoExceptions(t *testing.T) { transformer, _ := setupTestTransformer(t) provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -614,7 +614,7 @@ func TestTransform_AllowAll_WithSingleException(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -694,7 +694,7 @@ func TestTransform_AllowAll_WithSingleExceptionWithWildCardMethod(t *testing.T) } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -758,7 +758,7 @@ func TestTransform_AllowAll_WithSingleExceptionWithWildCardResource(t *testing.T } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -826,7 +826,7 @@ func TestTransform_AllowAll_WithMultipleExceptions(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -886,7 +886,7 @@ func TestTransform_DenyAll_NoExceptions(t *testing.T) { transformer, _ := setupTestTransformer(t) provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -925,7 +925,7 @@ func TestTransform_DenyAll_WithSingleException(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -971,7 +971,7 @@ func TestTransform_DenyAll_WithSingleExceptionWithWildCardMethod(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -1036,7 +1036,7 @@ func TestTransform_DenyAll_WithSingleExceptionWithWildCardResource(t *testing.T) } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -1107,7 +1107,7 @@ func TestTransform_DenyAll_WithMultipleExceptions(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -1152,7 +1152,7 @@ func TestTransform_InvalidAccessControlMode(t *testing.T) { transformer, _ := setupTestTransformer(t) provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -1206,7 +1206,7 @@ func TestTransform_WithSinglePolicy(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -1291,7 +1291,7 @@ func TestTransform_WithMultiplePoliciesSameRoute(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -1376,7 +1376,7 @@ func TestTransform_PolicyOnDifferentRoutes(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -1449,7 +1449,7 @@ func TestTransform_PolicyOnWildcardMethod_1(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -1525,7 +1525,7 @@ func TestTransform_PolicyOnWildcardMethod_2(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -1604,7 +1604,7 @@ func TestTransform_PolicyOnNonExistentRoute(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -1654,7 +1654,7 @@ func TestTransform_AuthWithAllowAll(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -1781,7 +1781,7 @@ func TestTransform_EmptyExceptionsArray(t *testing.T) { emptyExceptions := []api.RouteException{} provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -1828,7 +1828,7 @@ func TestTransform_DuplicateExceptionPaths(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -1899,7 +1899,7 @@ func TestTransform_AllowAllWithPolicies(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -1971,7 +1971,7 @@ func TestTransform_APILevelPolicy_AllowAll(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -2041,7 +2041,7 @@ func TestTransform_APILevelPolicy_DenyAll(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -2131,7 +2131,7 @@ func TestTransform_MultipleAPILevelPolicies_AllowAll(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -2198,7 +2198,7 @@ func TestTransform_UpstreamAuth_Plus_APILevelPolicy_AllowAll(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -2287,7 +2287,7 @@ func TestTransform_UpstreamAuth_Plus_APILevelPolicy_DenyAll(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -2402,7 +2402,7 @@ func TestTransform_APILevel_Plus_OperationLevel_Policies_AllowAll(t *testing.T) } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -2512,7 +2512,7 @@ func TestTransform_APILevel_Plus_OperationLevel_Policies_DenyAll(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -2584,7 +2584,7 @@ func TestTransform_APILevelPolicy_WildcardMethods_AllowAll(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -2648,7 +2648,7 @@ func TestTransform_NoAPILevelPolicy_OperationLevelOnly_AllowAll(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -2719,7 +2719,7 @@ func TestTransform_ExceptionPrecedence_ExactMatch(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -2794,7 +2794,7 @@ func TestTransform_ExceptionPrecedence_WildcardCoverage_InternalPath(t *testing. } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -2886,7 +2886,7 @@ func TestTransform_ExceptionPrecedence_NestedWildcards(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -2971,7 +2971,7 @@ func TestTransform_ExceptionPrecedence_PolicyAllowedWhenNotCovered(t *testing.T) } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -3083,7 +3083,7 @@ func TestTransform_ExceptionPrecedence_MultipleOverlappingExceptions(t *testing. } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -3174,7 +3174,7 @@ func TestTransform_ExceptionPrecedence_WildcardMethodExpansion(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -3250,7 +3250,7 @@ func TestTransform_ExceptionPrecedence_PartialMethodCoverage(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -3346,7 +3346,7 @@ func TestTransform_ExceptionPrecedence_DeepNestedPath(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -3445,7 +3445,7 @@ func TestTransform_Auth_Plus_APILevel_Plus_OperationLevel_AllowAll(t *testing.T) } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -3575,7 +3575,7 @@ func TestTransform_Auth_Plus_APILevel_Plus_OperationLevel_DenyAll(t *testing.T) } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -3711,7 +3711,7 @@ func TestTransform_MultipleAPILevelPolicies_Plus_Exceptions_Plus_OperationPolici } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -3912,7 +3912,7 @@ func TestTransform_AllPolicyTypes_WildcardExceptions_WildcardOperations_AllowAll } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -4142,7 +4142,7 @@ func TestTransform_AllPolicyTypes_WildcardExceptions_WildcardOperations_DenyAll( } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -4281,7 +4281,7 @@ func TestTransform_PolicyMoreGeneral_AccessControlSpecific_DenyAll(t *testing.T) } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -4359,7 +4359,7 @@ func TestTransform_MultipleOverlappingExceptions_MultipleWildcardPolicies_DenyAl } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -4442,7 +4442,7 @@ func TestTransform_PolicyMoreSpecific_AccessControlWildcard_DenyAll(t *testing.T } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -4526,7 +4526,7 @@ func TestTransform_MultipleOverlappingWildcards_DenyAll(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -4631,7 +4631,7 @@ func TestTransform_TripleNestedWildcards_DenyAll(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -4732,7 +4732,7 @@ func TestTransform_SiblingWildcards_DenyAll(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -4812,7 +4812,7 @@ func TestTransform_PathMatchingEdgeCases_AllowAll_PolicyMoreGeneral(t *testing.T } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -4886,7 +4886,7 @@ func TestTransform_PathMatchingEdgeCases_AllowAll_NestedWildcardPolicies(t *test } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -4993,7 +4993,7 @@ func TestTransform_ComplexCombined_MultipleAPILevelPolicies_NestedWildcards_Allo } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -5182,7 +5182,7 @@ func TestTransform_ComplexCombined_MultipleAPILevelPolicies_NestedWildcards_Deny } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -5364,7 +5364,7 @@ func TestTransform_ComplexCombined_MaximumComplexity_AllowAll(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -5673,7 +5673,7 @@ func TestTransform_ComplexCombined_MaximumComplexity_DenyAll(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -5834,7 +5834,7 @@ func TestTransform_PolicyWildcard_AllowAll(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -5906,7 +5906,7 @@ func TestTransform_PolicyWildcard_DenyAll(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -5987,7 +5987,7 @@ func TestTransform_PolicyWildcard_MatchingMultipleSpecificOperations_DenyAll(t * } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -6058,7 +6058,7 @@ func TestTransform_PolicyWildcard_MatchingWildcardOperations_DenyAll(t *testing. } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -6145,7 +6145,7 @@ func TestTransform_NestedPolicyWildcards_DenyAll(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -6244,7 +6244,7 @@ func TestTransform_PolicyWildcard_OverlappingAccessControlWildcards_DenyAll(t *t } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -6371,7 +6371,7 @@ func TestTransform_PolicyWildcard_AllowAll_WithExceptionPrecedence(t *testing.T) } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -6461,7 +6461,7 @@ func TestTransform_DynamicOperationCreation_PolicyOnSpecific_AccessControlWildca } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -6532,7 +6532,7 @@ func TestTransform_DynamicOperationCreation_MultiplePolicies_SameOperation_DenyA } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -6600,7 +6600,7 @@ func TestTransform_DynamicOperationCreation_AllowAll_PolicyCreatesOperation(t *t } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -6675,7 +6675,7 @@ func TestTransform_DynamicOperationCreation_OperationRegistry_PreventsDuplicates } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -6758,7 +6758,7 @@ func TestTransform_DynamicOperationCreation_NestedSpecificPaths_DenyAll(t *testi } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -6844,7 +6844,7 @@ func TestTransform_DynamicOperationCreation_AllowAll_MultipleSpecificPolicies(t } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -6923,7 +6923,7 @@ func TestTransform_OperationSorting_NonWildcardBeforeWildcard_DenyAll(t *testing } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -6975,7 +6975,7 @@ func TestTransform_OperationSorting_LongerPathsFirst_DenyAll(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -7035,7 +7035,7 @@ func TestTransform_OperationSorting_CatchAllLast_AllowAll(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -7105,7 +7105,7 @@ func TestTransform_OperationSorting_CatchAllLast_AllowAll(t *testing.T) { // } // // provider := &api.LLMProviderConfiguration{ -// ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", +// ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", // Kind: "LlmProvider", // Metadata: api.Metadata{Name: "openai-provider"}, // Spec: api.LLMProviderConfigData{ @@ -7159,7 +7159,7 @@ func TestTransform_OperationSorting_ComplexMultipleWildcardLevels_DenyAll(t *tes } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -7234,7 +7234,7 @@ func TestTransform_OperationSorting_MixedMethodsSamePath_DenyAll(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -7307,7 +7307,7 @@ func TestTransform_OperationSorting_AllowAll_ComplexMixedOperations(t *testing.T } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -7396,7 +7396,7 @@ func TestTransform_OperationSorting_SpecificityPreservation_DenyAll(t *testing.T } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -7471,7 +7471,7 @@ func TestTransform_AllowAll_UserPolicyOnCatchAll_NotDenied(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -7542,7 +7542,7 @@ func TestTransform_AllowAll_UserPolicyOnSpecificOperation_NotDenied(t *testing.T } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -7626,7 +7626,7 @@ func TestTransform_AllowAll_DenyPolicyPreventsUserPolicy(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -7735,7 +7735,7 @@ func TestTransform_AllowAll_PolicyOnAllowedPath_MixedExceptions(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -7868,7 +7868,7 @@ func TestTransform_AllowAll_WildcardPolicyWithExceptions(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -8031,7 +8031,7 @@ func TestTransform_AllowAll_MultiplePolicies_PartiallyDenied(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ @@ -8139,7 +8139,7 @@ func TestTransform_AllowAll_NestedPolicyWithPartialExceptions(t *testing.T) { } provider := &api.LLMProviderConfiguration{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: "gateway.api-platform.wso2.com/v1alpha2", Kind: "LlmProvider", Metadata: api.Metadata{Name: "openai-provider"}, Spec: api.LLMProviderConfigData{ diff --git a/gateway/gateway-controller/pkg/utils/llm_transformer.go b/gateway/gateway-controller/pkg/utils/llm_transformer.go index 3c4d5edf30..4d1f9d75fc 100644 --- a/gateway/gateway-controller/pkg/utils/llm_transformer.go +++ b/gateway/gateway-controller/pkg/utils/llm_transformer.go @@ -27,8 +27,8 @@ type pathMethodKey struct { } type llmPolicyAttachment struct { - policy api.LLMPolicy - pathEntry api.LLMPolicyPath + policy api.OperationPolicy + pathEntry api.OperationPolicyPath } func NewLLMProviderTransformer(store *storage.ConfigStore, db storage.Storage, routerConfig *config.RouterConfig, policyVersionResolver PolicyVersionResolver) *LLMProviderTransformer { @@ -123,7 +123,7 @@ func (t *LLMProviderTransformer) transformProxy(proxy *api.LLMProxyConfiguration // Step 2: Configure API metadata and basic spec output.Kind = api.RestAPIKindRestApi - output.ApiVersion = api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1 + output.ApiVersion = api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2 output.Metadata = proxy.Metadata spec := api.APIConfigData{} @@ -228,11 +228,12 @@ func (t *LLMProviderTransformer) transformProxy(proxy *api.LLMProxyConfiguration operationRegistry[pathMethodKey{path: op.Path, method: method}] = op } - // Phase 2: Process User-Defined Policies - if proxy.Spec.Policies != nil { - registerExplicitLLMPolicyOperations(operationRegistry, *proxy.Spec.Policies, nil) + // Phase 2: Process User-Defined Policies (operationPolicies + deprecated policies) + opLevelPolicies := collectOperationLevelLLMPolicies(proxy.Spec.OperationPolicies, proxy.Spec.Policies) + if len(opLevelPolicies) > 0 { + registerExplicitLLMPolicyOperations(operationRegistry, opLevelPolicies, nil) - for _, attachment := range orderedLLMPolicyAttachments(*proxy.Spec.Policies) { + for _, attachment := range orderedLLMPolicyAttachments(opLevelPolicies) { policyMethods := expandLLMPolicyMethods(attachment.pathEntry.Methods) for _, policyMethod := range policyMethods { @@ -264,9 +265,10 @@ func (t *LLMProviderTransformer) transformProxy(proxy *api.LLMProxyConfiguration return nil, fmt.Errorf("failed to build template params: %w", err) } pol := api.Policy{ - Name: attachment.policy.Name, - Version: attachment.policy.Version, - Params: mergeParams(attachment.pathEntry.Params, templateParams), + Name: attachment.policy.Name, + Version: attachment.policy.Version, + ExecutionCondition: attachment.policy.ExecutionCondition, + Params: mergeParams(attachment.pathEntry.Params, templateParams), } appendOperationPolicy(targetOp, pol) attachedPolicyPaths[targetPath] = true @@ -295,6 +297,25 @@ func (t *LLMProviderTransformer) transformProxy(proxy *api.LLMProxyConfiguration } spec.Operations = ops + // Global (api-level) policies: route into the derived RestAPI's spec.Policies so they are + // applied across ALL operations as one shared scope, evaluated before operation-level policies. + // Append because the proxy may already hold an api-level host-header policy (see Step 3). + if proxy.Spec.GlobalPolicies != nil && len(*proxy.Spec.GlobalPolicies) > 0 { + gp := make([]api.Policy, len(*proxy.Spec.GlobalPolicies)) + for i, p := range *proxy.Spec.GlobalPolicies { + if p.Name == "advanced-ratelimit" { + p = withGlobalAdvancedRatelimitKeyExtraction(p) + } + gp[i] = p + } + if spec.Policies == nil { + spec.Policies = &gp + } else { + merged := append(*spec.Policies, gp...) + spec.Policies = &merged + } + } + output.Spec = spec return output, nil } @@ -309,7 +330,7 @@ func (t *LLMProviderTransformer) transformProvider(provider *api.LLMProviderConf } output.Kind = api.RestAPIKindRestApi - output.ApiVersion = api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1 + output.ApiVersion = api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2 output.Metadata = provider.Metadata spec := api.APIConfigData{} @@ -438,13 +459,14 @@ func (t *LLMProviderTransformer) transformProvider(provider *api.LLMProviderConf } } - // Phase 3: Process User-Defined Policies - if provider.Spec.Policies != nil { - registerExplicitLLMPolicyOperations(operationRegistry, *provider.Spec.Policies, func(path, method string) bool { + // Phase 3: Process User-Defined Policies (operationPolicies + deprecated policies) + opLevelPolicies := collectOperationLevelLLMPolicies(provider.Spec.OperationPolicies, provider.Spec.Policies) + if len(opLevelPolicies) > 0 { + registerExplicitLLMPolicyOperations(operationRegistry, opLevelPolicies, func(path, method string) bool { return !isDeniedByException(path, method, deniedPathMethods) }) - for _, attachment := range orderedLLMPolicyAttachments(*provider.Spec.Policies) { + for _, attachment := range orderedLLMPolicyAttachments(opLevelPolicies) { policyMethods := expandLLMPolicyMethods(attachment.pathEntry.Methods) for _, policyMethod := range policyMethods { @@ -489,9 +511,10 @@ func (t *LLMProviderTransformer) transformProvider(provider *api.LLMProviderConf return nil, fmt.Errorf("failed to build template params: %w", err) } pol := api.Policy{ - Name: attachment.policy.Name, - Version: attachment.policy.Version, - Params: mergeParams(attachment.pathEntry.Params, templateParams), + Name: attachment.policy.Name, + Version: attachment.policy.Version, + ExecutionCondition: attachment.policy.ExecutionCondition, + Params: mergeParams(attachment.pathEntry.Params, templateParams), } appendOperationPolicy(targetOp, pol) attachedPolicyPaths[targetPath] = true @@ -538,13 +561,14 @@ func (t *LLMProviderTransformer) transformProvider(provider *api.LLMProviderConf operationRegistry[key] = op } - // Phase 3: Process Policies with Dynamic Operation Creation - if provider.Spec.Policies != nil { - registerExplicitLLMPolicyOperations(operationRegistry, *provider.Spec.Policies, func(path, method string) bool { + // Phase 3: Process Policies with Dynamic Operation Creation (operationPolicies + deprecated policies) + opLevelPolicies := collectOperationLevelLLMPolicies(provider.Spec.OperationPolicies, provider.Spec.Policies) + if len(opLevelPolicies) > 0 { + registerExplicitLLMPolicyOperations(operationRegistry, opLevelPolicies, func(path, method string) bool { return isAllowedByAccessControl(path, method, normalizedExceptions) }) - for _, attachment := range orderedLLMPolicyAttachments(*provider.Spec.Policies) { + for _, attachment := range orderedLLMPolicyAttachments(opLevelPolicies) { policyMethods := expandLLMPolicyMethods(attachment.pathEntry.Methods) for _, policyMethod := range policyMethods { @@ -575,9 +599,10 @@ func (t *LLMProviderTransformer) transformProvider(provider *api.LLMProviderConf return nil, fmt.Errorf("failed to build template params: %w", err) } pol := api.Policy{ - Name: attachment.policy.Name, - Version: attachment.policy.Version, - Params: mergeParams(attachment.pathEntry.Params, templateParams), + Name: attachment.policy.Name, + Version: attachment.policy.Version, + ExecutionCondition: attachment.policy.ExecutionCondition, + Params: mergeParams(attachment.pathEntry.Params, templateParams), } appendOperationPolicy(targetOp, pol) attachedPolicyPaths[targetPath] = true @@ -611,6 +636,24 @@ func (t *LLMProviderTransformer) transformProvider(provider *api.LLMProviderConf } spec.Operations = ops + // Global (api-level) policies: route into the derived RestAPI's spec.Policies so they are + // applied across ALL operations as one shared scope, evaluated before operation-level policies. + if provider.Spec.GlobalPolicies != nil && len(*provider.Spec.GlobalPolicies) > 0 { + gp := make([]api.Policy, len(*provider.Spec.GlobalPolicies)) + for i, p := range *provider.Spec.GlobalPolicies { + if p.Name == "advanced-ratelimit" { + p = withGlobalAdvancedRatelimitKeyExtraction(p) + } + gp[i] = p + } + if spec.Policies == nil { + spec.Policies = &gp + } else { + merged := append(*spec.Policies, gp...) + spec.Policies = &merged + } + } + output.Spec = spec return output, nil } @@ -757,7 +800,58 @@ func appendOperationPolicy(op *api.Operation, pol api.Policy) { op.Policies = &existing } -func orderedLLMPolicyAttachments(policies []api.LLMPolicy) []llmPolicyAttachment { +// legacyToOperationPolicy converts a deprecated LLMPolicy into an OperationPolicy. +// This is the SOLE remaining reference to the legacy LLMPolicy type; remove it (along +// with the LLMPolicy/LLMPolicyPath types) once the deprecated `policies` field is dropped. +func legacyToOperationPolicy(p api.LLMPolicy) api.OperationPolicy { + op := api.OperationPolicy{Name: p.Name, Version: p.Version} + for _, pe := range p.Paths { + methods := make([]string, 0, len(pe.Methods)) + for _, m := range pe.Methods { + methods = append(methods, string(m)) + } + op.Paths = append(op.Paths, api.OperationPolicyPath{Path: pe.Path, Methods: methods, Params: pe.Params}) + } + return op +} + +// withGlobalAdvancedRatelimitKeyExtraction returns a copy of p with +// keyExtraction set to [{type:"apiname"}] in params if not already present, +// so that advanced-ratelimit in globalPolicies uses one shared API-level +// counter rather than the default per-route (routename) bucket. +func withGlobalAdvancedRatelimitKeyExtraction(p api.Policy) api.Policy { + if p.Params == nil { + return p + } + if _, ok := (*p.Params)["keyExtraction"]; ok { + return p + } + newParams := make(map[string]interface{}, len(*p.Params)+1) + for k, v := range *p.Params { + newParams[k] = v + } + newParams["keyExtraction"] = []map[string]interface{}{{"type": "apiname"}} + p.Params = &newParams + return p +} + +// collectOperationLevelLLMPolicies merges the operation-level policies with the deprecated +// `policies` list (converted to operation policies), operationPolicies first. The deprecated +// list is treated identically to operationPolicies; setting both is discouraged. +func collectOperationLevelLLMPolicies(operationPolicies *[]api.OperationPolicy, deprecated *[]api.LLMPolicy) []api.OperationPolicy { + var out []api.OperationPolicy + if operationPolicies != nil { + out = append(out, *operationPolicies...) + } + if deprecated != nil { + for _, p := range *deprecated { + out = append(out, legacyToOperationPolicy(p)) + } + } + return out +} + +func orderedLLMPolicyAttachments(policies []api.OperationPolicy) []llmPolicyAttachment { attachments := make([]llmPolicyAttachment, 0) for _, llmPol := range policies { for _, pathEntry := range llmPol.Paths { @@ -839,7 +933,7 @@ func moreSpecificPolicyAttachmentCovers(targetPath, method string, current llmPo // isMoreSpecificAttachment reports whether path entry a is strictly more specific than b. // Path specificity dominates (see isMoreSpecificPath); for entries on an equally specific // path, the narrower HTTP method set is more specific. -func isMoreSpecificAttachment(a, b api.LLMPolicyPath) bool { +func isMoreSpecificAttachment(a, b api.OperationPolicyPath) bool { if isMoreSpecificPath(a.Path, b.Path) { return true } @@ -852,7 +946,7 @@ func isMoreSpecificAttachment(a, b api.LLMPolicyPath) bool { // isStrictMethodSubset reports whether the methods covered by a are a strict subset of the // methods covered by b ('*' expands to the full supported method set). This makes e.g. // [POST] more specific than [GET, POST], which in turn is more specific than '*'. -func isStrictMethodSubset(a, b []api.LLMPolicyPathMethods) bool { +func isStrictMethodSubset(a, b []string) bool { aSet := methodSet(a) bSet := methodSet(b) if len(aSet) == 0 || len(aSet) >= len(bSet) { @@ -867,7 +961,7 @@ func isStrictMethodSubset(a, b []api.LLMPolicyPathMethods) bool { } // methodSet returns the set of concrete HTTP methods an entry covers, with '*' expanded. -func methodSet(methods []api.LLMPolicyPathMethods) map[string]bool { +func methodSet(methods []string) map[string]bool { set := make(map[string]bool) for _, m := range expandLLMPolicyMethods(methods) { set[m] = true @@ -891,22 +985,20 @@ func ensureOperation(operationRegistry map[pathMethodKey]*api.Operation, path, m } // expandLLMPolicyMethods takes the methods defined in an LLM policy and expands them to actual HTTP methods if wildcard is used -func expandLLMPolicyMethods(methods []api.LLMPolicyPathMethods) []string { - if len(methods) == 1 && string(methods[0]) == constants.WILD_CARD { +func expandLLMPolicyMethods(methods []string) []string { + if len(methods) == 1 && methods[0] == constants.WILD_CARD { return append([]string(nil), constants.WILDCARD_HTTP_METHODS...) } expanded := make([]string, len(methods)) - for i, method := range methods { - expanded[i] = string(method) - } + copy(expanded, methods) return expanded } // registerExplicitLLMPolicyOperations iterates through the explicitly defined policies in the LLM policy and ensures that operations // exist for their paths and methods in the operation registry. The shouldRegister callback allows conditional registration based on // path and method (e.g., to skip paths/methods denied by access control exceptions). -func registerExplicitLLMPolicyOperations(operationRegistry map[pathMethodKey]*api.Operation, policies []api.LLMPolicy, +func registerExplicitLLMPolicyOperations(operationRegistry map[pathMethodKey]*api.Operation, policies []api.OperationPolicy, shouldRegister func(path, method string) bool) { for _, llmPol := range policies { for _, pathEntry := range llmPol.Paths { diff --git a/gateway/gateway-controller/pkg/utils/llm_transformer_test.go b/gateway/gateway-controller/pkg/utils/llm_transformer_test.go index 061bf2952a..d770551da9 100644 --- a/gateway/gateway-controller/pkg/utils/llm_transformer_test.go +++ b/gateway/gateway-controller/pkg/utils/llm_transformer_test.go @@ -77,7 +77,7 @@ func TestLLMProviderTransformer_TransformProvider_ReadsTemplateFromDB(t *testing template := &models.StoredLLMProviderTemplate{ UUID: "0000-db-template-id-0000-000000000000", Configuration: api.LLMProviderTemplate{ - ApiVersion: api.LLMProviderTemplateApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.LLMProviderTemplateApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.LLMProviderTemplateKindLlmProviderTemplate, Metadata: api.Metadata{Name: "openai"}, Spec: api.LLMProviderTemplateData{ @@ -93,7 +93,7 @@ func TestLLMProviderTransformer_TransformProvider_ReadsTemplateFromDB(t *testing transformer := NewLLMProviderTransformer(store, db, routerConfig, newTestPolicyVersionResolver()) provider := &api.LLMProviderConfiguration{ - ApiVersion: api.LLMProviderConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.LLMProviderConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.LLMProviderConfigurationKindLlmProvider, Metadata: api.Metadata{Name: "db-backed-provider"}, Spec: api.LLMProviderConfigData{ @@ -120,7 +120,7 @@ func TestLLMProviderTransformer_TransformProxy_ReadsProviderAndTemplateFromDB(t template := &models.StoredLLMProviderTemplate{ UUID: "0000-db-template-id-0000-000000000001", Configuration: api.LLMProviderTemplate{ - ApiVersion: api.LLMProviderTemplateApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.LLMProviderTemplateApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.LLMProviderTemplateKindLlmProviderTemplate, Metadata: api.Metadata{Name: "openai"}, Spec: api.LLMProviderTemplateData{ @@ -132,7 +132,7 @@ func TestLLMProviderTransformer_TransformProxy_ReadsProviderAndTemplateFromDB(t now := time.Now() providerSourceConfig := api.LLMProviderConfiguration{ - ApiVersion: api.LLMProviderConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.LLMProviderConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.LLMProviderConfigurationKindLlmProvider, Metadata: api.Metadata{Name: "db-provider"}, Spec: api.LLMProviderConfigData{ @@ -147,7 +147,7 @@ func TestLLMProviderTransformer_TransformProxy_ReadsProviderAndTemplateFromDB(t }, } providerRuntimeConfig := api.RestAPI{ - ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.RestAPIKindRestApi, Metadata: api.Metadata{Name: "db-provider"}, Spec: api.APIConfigData{ @@ -182,7 +182,7 @@ func TestLLMProviderTransformer_TransformProxy_ReadsProviderAndTemplateFromDB(t transformer := NewLLMProviderTransformer(store, db, routerConfig, newTestPolicyVersionResolver()) proxy := &api.LLMProxyConfiguration{ - ApiVersion: api.LLMProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.LLMProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.LLMProxyConfigurationKindLlmProxy, Metadata: api.Metadata{Name: "db-proxy"}, Spec: api.LLMProxyConfigData{ @@ -677,12 +677,8 @@ func TestMoreSpecificPolicyAttachmentCovers(t *testing.T) { // these cases construct the block (and the current entry within it) directly. It returns // true iff some OTHER entry in the same block both covers (targetPath, method) and is // strictly more specific than the current entry. - mk := func(path string, methods ...string) api.LLMPolicyPath { - ms := make([]api.LLMPolicyPathMethods, len(methods)) - for i, m := range methods { - ms[i] = api.LLMPolicyPathMethods(m) - } - return api.LLMPolicyPath{Path: path, Methods: ms} + mk := func(path string, methods ...string) api.OperationPolicyPath { + return api.OperationPolicyPath{Path: path, Methods: methods} } ccAll := mk("/chat/completions", "*") ccGet := mk("/chat/completions", "GET") @@ -694,45 +690,45 @@ func TestMoreSpecificPolicyAttachmentCovers(t *testing.T) { tests := []struct { name string - block []api.LLMPolicyPath - current api.LLMPolicyPath + block []api.OperationPolicyPath + current api.OperationPolicyPath targetPath string method string want bool }{ // --- nothing more specific present --- - {"only the current entry in the block", []api.LLMPolicyPath{root}, root, "/chat/completions", "POST", false}, - {"current is the most specific entry", []api.LLMPolicyPath{ccAll, chatWild, root}, ccAll, "/chat/completions", "POST", false}, - {"only a less specific sibling", []api.LLMPolicyPath{ccAll, root}, ccAll, "/chat/completions", "POST", false}, + {"only the current entry in the block", []api.OperationPolicyPath{root}, root, "/chat/completions", "POST", false}, + {"current is the most specific entry", []api.OperationPolicyPath{ccAll, chatWild, root}, ccAll, "/chat/completions", "POST", false}, + {"only a less specific sibling", []api.OperationPolicyPath{ccAll, root}, ccAll, "/chat/completions", "POST", false}, // --- more specific by PATH --- - {"more specific concrete sibling covers target", []api.LLMPolicyPath{ccAll, root}, root, "/chat/completions", "POST", true}, - {"more specific nested-wildcard sibling covers target", []api.LLMPolicyPath{chatWild, root}, root, "/chat/foo", "POST", true}, - {"more specific sibling does not cover target", []api.LLMPolicyPath{ccAll, root}, root, "/models", "POST", false}, + {"more specific concrete sibling covers target", []api.OperationPolicyPath{ccAll, root}, root, "/chat/completions", "POST", true}, + {"more specific nested-wildcard sibling covers target", []api.OperationPolicyPath{chatWild, root}, root, "/chat/foo", "POST", true}, + {"more specific sibling does not cover target", []api.OperationPolicyPath{ccAll, root}, root, "/models", "POST", false}, // --- method gating of the more specific sibling --- - {"more specific sibling does not apply to method", []api.LLMPolicyPath{ccGet, root}, root, "/chat/completions", "POST", false}, - {"more specific sibling applies to method", []api.LLMPolicyPath{ccGet, root}, root, "/chat/completions", "GET", true}, + {"more specific sibling does not apply to method", []api.OperationPolicyPath{ccGet, root}, root, "/chat/completions", "POST", false}, + {"more specific sibling applies to method", []api.OperationPolicyPath{ccGet, root}, root, "/chat/completions", "GET", true}, // --- method specificity on the SAME path --- - {"concrete method beats wildcard method", []api.LLMPolicyPath{ccAll, ccGet}, ccAll, "/chat/completions", "GET", true}, - {"wildcard method not suppressed for uncovered method", []api.LLMPolicyPath{ccAll, ccGet}, ccAll, "/chat/completions", "POST", false}, - {"concrete-method current not suppressed by wildcard-method sibling", []api.LLMPolicyPath{ccAll, ccGet}, ccGet, "/chat/completions", "GET", false}, - {"narrower method set beats broader", []api.LLMPolicyPath{ccGetPost, ccPost}, ccGetPost, "/chat/completions", "POST", true}, - {"broader method set does not suppress narrower", []api.LLMPolicyPath{ccGetPost, ccPost}, ccPost, "/chat/completions", "POST", false}, + {"concrete method beats wildcard method", []api.OperationPolicyPath{ccAll, ccGet}, ccAll, "/chat/completions", "GET", true}, + {"wildcard method not suppressed for uncovered method", []api.OperationPolicyPath{ccAll, ccGet}, ccAll, "/chat/completions", "POST", false}, + {"concrete-method current not suppressed by wildcard-method sibling", []api.OperationPolicyPath{ccAll, ccGet}, ccGet, "/chat/completions", "GET", false}, + {"narrower method set beats broader", []api.OperationPolicyPath{ccGetPost, ccPost}, ccGetPost, "/chat/completions", "POST", true}, + {"broader method set does not suppress narrower", []api.OperationPolicyPath{ccGetPost, ccPost}, ccPost, "/chat/completions", "POST", false}, // --- ties --- - {"equal-specificity duplicate is a tie", []api.LLMPolicyPath{ccPost, mk("/chat/completions", "POST")}, ccPost, "/chat/completions", "POST", false}, + {"equal-specificity duplicate is a tie", []api.OperationPolicyPath{ccPost, mk("/chat/completions", "POST")}, ccPost, "/chat/completions", "POST", false}, // --- path dominates method --- - {"specific path beats method-specific wildcard path", []api.LLMPolicyPath{chatWildPost, ccAll}, chatWildPost, "/chat/completions", "POST", true}, - {"method-specific wildcard path does not beat specific path", []api.LLMPolicyPath{chatWildPost, ccAll}, ccAll, "/chat/completions", "POST", false}, + {"specific path beats method-specific wildcard path", []api.OperationPolicyPath{chatWildPost, ccAll}, chatWildPost, "/chat/completions", "POST", true}, + {"method-specific wildcard path does not beat specific path", []api.OperationPolicyPath{chatWildPost, ccAll}, ccAll, "/chat/completions", "POST", false}, } for _, tc := range tests { t.Run(tc.name, func(t *testing.T) { att := llmPolicyAttachment{ - policy: api.LLMPolicy{Name: "advanced-ratelimit", Version: "v1", Paths: tc.block}, + policy: api.OperationPolicy{Name: "advanced-ratelimit", Version: "v1", Paths: tc.block}, pathEntry: tc.current, } assert.Equal(t, tc.want, moreSpecificPolicyAttachmentCovers(tc.targetPath, tc.method, att)) @@ -741,13 +737,7 @@ func TestMoreSpecificPolicyAttachmentCovers(t *testing.T) { } func TestMethodSet(t *testing.T) { - mm := func(methods ...string) []api.LLMPolicyPathMethods { - out := make([]api.LLMPolicyPathMethods, len(methods)) - for i, m := range methods { - out[i] = api.LLMPolicyPathMethods(m) - } - return out - } + mm := func(methods ...string) []string { return methods } t.Run("single concrete method", func(t *testing.T) { assert.Equal(t, map[string]bool{"GET": true}, methodSet(mm("GET"))) @@ -777,16 +767,10 @@ func TestMethodSet(t *testing.T) { } func TestIsStrictMethodSubset(t *testing.T) { - mm := func(methods ...string) []api.LLMPolicyPathMethods { - out := make([]api.LLMPolicyPathMethods, len(methods)) - for i, m := range methods { - out[i] = api.LLMPolicyPathMethods(m) - } - return out - } + mm := func(methods ...string) []string { return methods } tests := []struct { name string - a, b []api.LLMPolicyPathMethods + a, b []string want bool }{ {"strict subset", mm("POST"), mm("GET", "POST"), true}, @@ -812,16 +796,12 @@ func TestIsStrictMethodSubset(t *testing.T) { } func TestIsMoreSpecificAttachment(t *testing.T) { - mk := func(path string, methods ...string) api.LLMPolicyPath { - ms := make([]api.LLMPolicyPathMethods, len(methods)) - for i, m := range methods { - ms[i] = api.LLMPolicyPathMethods(m) - } - return api.LLMPolicyPath{Path: path, Methods: ms} + mk := func(path string, methods ...string) api.OperationPolicyPath { + return api.OperationPolicyPath{Path: path, Methods: methods} } tests := []struct { name string - a, b api.LLMPolicyPath + a, b api.OperationPolicyPath want bool }{ // Path specificity dominates, regardless of methods. diff --git a/gateway/gateway-controller/pkg/utils/mcp_deployment_test.go b/gateway/gateway-controller/pkg/utils/mcp_deployment_test.go index a4d89ed011..ddb28378ff 100644 --- a/gateway/gateway-controller/pkg/utils/mcp_deployment_test.go +++ b/gateway/gateway-controller/pkg/utils/mcp_deployment_test.go @@ -45,7 +45,7 @@ func newUnhydratedTestMCPStoredConfig(id, handle, displayName, version, contextP DisplayName: displayName, Version: version, SourceConfiguration: api.MCPProxyConfiguration{ - ApiVersion: api.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.MCPProxyConfigurationKindMcp, Metadata: api.Metadata{Name: handle}, Spec: api.MCPProxyConfigData{ @@ -231,7 +231,7 @@ func TestMCPDeploymentService_GetMCPProxyByHandle(t *testing.T) { DisplayName: "Test MCP", Version: "1.0.0", SourceConfiguration: api.MCPProxyConfiguration{ - ApiVersion: api.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.MCPProxyConfigurationKindMcp, Metadata: api.Metadata{Name: "test-mcp"}, Spec: api.MCPProxyConfigData{ @@ -280,7 +280,7 @@ func TestMCPDeploymentService_CreateMCPProxy_ValidationError(t *testing.T) { // Invalid MCP config that will fail validation yamlData := ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Mcp metadata: name: test-mcp @@ -333,7 +333,7 @@ func TestMCPDeploymentService_CreateMCPProxy_ConflictError(t *testing.T) { // Try to create another with the same name/version upstreamURL := "http://localhost:8080" yamlData := ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Mcp metadata: name: test-mcp @@ -536,7 +536,7 @@ func TestMCPDeploymentService_ParseValidateAndTransform(t *testing.T) { t.Run("Valid MCP config", func(t *testing.T) { yamlData := ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Mcp metadata: name: test-mcp @@ -596,7 +596,7 @@ func TestMCPDeploymentService_CreateMCPProxy_WithDBAndEventHubPublishesCreate(t service := newTestMCPDeploymentServiceWithHub(store, db, nil, nil, nil, mockHub, "test-gateway") yamlData := ` -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Mcp metadata: name: test-mcp @@ -650,7 +650,7 @@ func TestMCPDeploymentService_UndeployMCPProxy_WithDBAndEventHubPublishesUpdate( DeploymentID: "rev-1", Origin: models.OriginControlPlane, SourceConfiguration: api.MCPProxyConfiguration{ - ApiVersion: api.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.MCPProxyConfigurationApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.MCPProxyConfigurationKindMcp, Metadata: api.Metadata{Name: "test-mcp"}, Spec: api.MCPProxyConfigData{ diff --git a/gateway/gateway-controller/pkg/utils/mcp_transformer.go b/gateway/gateway-controller/pkg/utils/mcp_transformer.go index 8ce5ef9650..dd0c8fad75 100644 --- a/gateway/gateway-controller/pkg/utils/mcp_transformer.go +++ b/gateway/gateway-controller/pkg/utils/mcp_transformer.go @@ -102,7 +102,7 @@ func (t *MCPTransformer) Transform(input any, output *api.RestAPI) (*api.RestAPI if !ok || mcpConfig == nil { return nil, fmt.Errorf("invalid input type: expected *api.MCPProxyConfiguration") } - output.ApiVersion = api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1 + output.ApiVersion = api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2 output.Kind = api.RestAPIKindRestApi // Build APIConfigData and set it directly on the RestAPI spec @@ -148,8 +148,8 @@ func (t *MCPTransformer) Transform(input any, output *api.RestAPI) (*api.RestAPI return nil, fmt.Errorf("failed to build upstream auth params: %w", err) } pol := api.Policy{ - Name: constants.SET_HEADERS_POLICY_NAME, - Params: ¶ms, + Name: constants.SET_HEADERS_POLICY_NAME, + Params: ¶ms, } policies = append(policies, pol) } diff --git a/gateway/gateway-controller/pkg/utils/mcp_transformer_test.go b/gateway/gateway-controller/pkg/utils/mcp_transformer_test.go index 4b76c12c9e..9f46964987 100644 --- a/gateway/gateway-controller/pkg/utils/mcp_transformer_test.go +++ b/gateway/gateway-controller/pkg/utils/mcp_transformer_test.go @@ -152,7 +152,7 @@ func TestMCPTransformer_Transform(t *testing.T) { if res.Kind != api.RestAPIKindRestApi { t.Fatalf("expected Kind Httprest, got %s", res.Kind) } - if res.ApiVersion != api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1 { + if res.ApiVersion != api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2 { t.Fatalf("expected Version ApiPlatformWso2Comv1, got %s", res.ApiVersion) } } diff --git a/gateway/gateway-controller/pkg/utils/on_prem_apim_utils_test.go b/gateway/gateway-controller/pkg/utils/on_prem_apim_utils_test.go index 9c7f9e0f3d..8eeadc1916 100644 --- a/gateway/gateway-controller/pkg/utils/on_prem_apim_utils_test.go +++ b/gateway/gateway-controller/pkg/utils/on_prem_apim_utils_test.go @@ -39,7 +39,7 @@ func buildStoredConfig(name, version, context, upstreamURL string, ops []managem Kind: "RestApi", Origin: models.OriginGatewayAPI, Configuration: management.RestAPI{ - ApiVersion: management.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: management.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: management.RestAPIKindRestApi, Metadata: management.Metadata{ Name: name, @@ -194,7 +194,7 @@ func TestExportAPIAsZip_MissingUpstreamURL(t *testing.T) { Handle: "NoUpstreamAPI", Kind: "RestApi", Configuration: management.RestAPI{ - ApiVersion: management.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: management.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: management.RestAPIKindRestApi, Metadata: management.Metadata{Name: "NoUpstreamAPI"}, Spec: management.APIConfigData{ diff --git a/gateway/gateway-controller/pkg/utils/websub_topic_registration_test.go b/gateway/gateway-controller/pkg/utils/websub_topic_registration_test.go index 808622c4cf..b2ffe5a033 100644 --- a/gateway/gateway-controller/pkg/utils/websub_topic_registration_test.go +++ b/gateway/gateway-controller/pkg/utils/websub_topic_registration_test.go @@ -22,7 +22,7 @@ func TestDeployAPIConfigurationWebSubKindTopicRegistration(t *testing.T) { // Inline YAML config similar to websubhub.yaml yamlConfig := `kind: WebSubApi -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 metadata: name: testapi spec: @@ -73,7 +73,7 @@ func TestDeployAPIConfigurationWebSubKindRevisionDeployment(t *testing.T) { // Inline YAML config similar to websubhub.yaml yamlConfig := `kind: WebSubApi -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 metadata: name: testapi spec: @@ -117,7 +117,7 @@ spec: // Second deployment with topic2 removed -> should deregister topic2 yamlConfig2 := `kind: WebSubApi -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 metadata: name: testapi spec: @@ -160,7 +160,7 @@ func TestTopicRegistrationForConcurrentAPIConfigs(t *testing.T) { // Two different API YAMLs yamlA := `kind: WebSubApi -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 metadata: name: testapiA spec: @@ -174,7 +174,7 @@ spec: /topic2: {}` yamlB := `kind: WebSubApi -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 metadata: name: testapiB spec: @@ -268,7 +268,7 @@ func TestTopicDeregistrationOnConfigDeletion(t *testing.T) { // Inline YAML config similar to websubhub.yaml yamlConfig := `kind: WebSubApi -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 metadata: name: testapi spec: diff --git a/gateway/gateway-controller/pkg/xds/translator_test.go b/gateway/gateway-controller/pkg/xds/translator_test.go index 0be6f3968b..524ce7eeae 100644 --- a/gateway/gateway-controller/pkg/xds/translator_test.go +++ b/gateway/gateway-controller/pkg/xds/translator_test.go @@ -1934,7 +1934,7 @@ func TestTranslator_TranslateAsyncAPIConfig(t *testing.T) { Annotations: &map[string]string{"gateway.api-platform.wso2.com/project-id": "proj-123"}, }, Kind: api.WebSubAPIKindWebSubApi, - ApiVersion: api.WebSubAPIApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.WebSubAPIApiVersionGatewayApiPlatformWso2Comv1alpha2, Spec: api.WebhookAPIData{ DisplayName: "WebSub Test API", Version: "v1.0", @@ -1974,7 +1974,7 @@ func TestTranslator_TranslateAsyncAPIConfig(t *testing.T) { Configuration: api.WebSubAPI{ Metadata: api.Metadata{Name: "websub-invalid"}, Kind: api.WebSubAPIKindWebSubApi, - ApiVersion: api.WebSubAPIApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.WebSubAPIApiVersionGatewayApiPlatformWso2Comv1alpha2, Spec: api.WebhookAPIData{ DisplayName: "WebSub Invalid", Version: "v1.0", diff --git a/gateway/gateway-controller/tests/integration/storage_test.go b/gateway/gateway-controller/tests/integration/storage_test.go index 954f7f3d19..aab77425e7 100644 --- a/gateway/gateway-controller/tests/integration/storage_test.go +++ b/gateway/gateway-controller/tests/integration/storage_test.go @@ -64,7 +64,7 @@ func setupTestDB(t *testing.T) (storage.Storage, string, func()) { // createTestConfig creates a sample API configuration for testing func createTestConfig(name, version string) *models.StoredConfig { apiConfig := api.RestAPI{ - ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.RestAPIKindRestApi, Metadata: api.Metadata{Name: name + "-" + version}, Spec: api.APIConfigData{ @@ -389,7 +389,7 @@ func createTestConfigWithLabels(name, version string, labels map[string]string) } apiConfig := api.RestAPI{ - ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.RestAPIApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.RestAPIKindRestApi, Metadata: api.Metadata{ Name: name + "-" + version, @@ -693,7 +693,7 @@ func TestConfigStore_LabelsWithAllAPITypes(t *testing.T) { t.Run("WebSubApi with labels", func(t *testing.T) { asyncApiConfig := api.WebSubAPI{ - ApiVersion: api.WebSubAPIApiVersionGatewayApiPlatformWso2Comv1alpha1, + ApiVersion: api.WebSubAPIApiVersionGatewayApiPlatformWso2Comv1alpha2, Kind: api.WebSubAPIKindWebSubApi, Metadata: api.Metadata{ Name: "async-api-v1.0", diff --git a/gateway/gateway-controller/tests/integration/vhost_test.go b/gateway/gateway-controller/tests/integration/vhost_test.go index 4462e06bfd..0d9c882ae9 100644 --- a/gateway/gateway-controller/tests/integration/vhost_test.go +++ b/gateway/gateway-controller/tests/integration/vhost_test.go @@ -52,7 +52,7 @@ func TestVhostMaterializationOnDeploy(t *testing.T) { const sandboxDefault = "*-sandbox.gw.example.com" makeYAML := func(name, vhostBlock string) []byte { - yaml := fmt.Sprintf(`apiVersion: gateway.api-platform.wso2.com/v1alpha1 + yaml := fmt.Sprintf(`apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: %s diff --git a/gateway/it/features/analytics-basic.feature b/gateway/it/features/analytics-basic.feature index f48f6e6217..bbcb597c30 100644 --- a/gateway/it/features/analytics-basic.feature +++ b/gateway/it/features/analytics-basic.feature @@ -11,7 +11,7 @@ Feature: Analytics - Basic Event Capture Scenario: REST API request generates analytics event Given I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-analytics-api @@ -37,7 +37,7 @@ Feature: Analytics - Basic Event Capture Scenario: Analytics event contains API metadata Given I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: metadata-test-api @@ -67,7 +67,7 @@ Feature: Analytics - Basic Event Capture Scenario: Multiple requests generate multiple analytics events Given I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: multi-request-api diff --git a/gateway/it/features/analytics-header-filter.feature b/gateway/it/features/analytics-header-filter.feature index 15fd31bde2..74470d32ba 100644 --- a/gateway/it/features/analytics-header-filter.feature +++ b/gateway/it/features/analytics-header-filter.feature @@ -29,7 +29,7 @@ Feature: Analytics Header Filter Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: analytics-header-filter-both-api @@ -74,7 +74,7 @@ Feature: Analytics Header Filter Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: analytics-header-filter-request-api @@ -114,7 +114,7 @@ Feature: Analytics Header Filter Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: analytics-header-filter-response-api @@ -152,7 +152,7 @@ Feature: Analytics Header Filter Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: analytics-header-filter-invalid-api @@ -183,7 +183,7 @@ Feature: Analytics Header Filter Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: analytics-header-filter-invalid-op-api @@ -215,7 +215,7 @@ Feature: Analytics Header Filter Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: analytics-header-filter-no-headers-api @@ -253,7 +253,7 @@ Feature: Analytics Header Filter Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: analytics-header-filter-case-api @@ -295,7 +295,7 @@ Feature: Analytics Header Filter Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: analytics-header-filter-empty-api diff --git a/gateway/it/features/api-error-responses.feature b/gateway/it/features/api-error-responses.feature index 7f0fa5ab32..09c63067e3 100644 --- a/gateway/it/features/api-error-responses.feature +++ b/gateway/it/features/api-error-responses.feature @@ -28,7 +28,7 @@ Feature: API Error Responses Scenario: Create API returns validation errors with field details When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: create-error-response-api @@ -51,7 +51,7 @@ Feature: API Error Responses Scenario: Create API returns policy schema validation errors When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: policy-schema-error-api @@ -81,7 +81,7 @@ Feature: API Error Responses Scenario: Create API returns policy not found errors When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: policy-not-found-error-api @@ -110,7 +110,7 @@ Feature: API Error Responses Scenario: Create API returns metadata name validation errors When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: {} spec: @@ -134,7 +134,7 @@ Feature: API Error Responses Scenario: Create API returns version format validation errors When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: invalid-version-format-api @@ -159,7 +159,7 @@ Feature: API Error Responses Scenario: Update API parse errors include detailed message When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: update-parse-error-api @@ -192,7 +192,7 @@ Feature: API Error Responses Scenario: Update API returns validation errors with field details When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: update-validation-error-api @@ -210,7 +210,7 @@ Feature: API Error Responses Then the response should be successful When I update the API "update-validation-error-api" with this configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: update-validation-error-api diff --git a/gateway/it/features/api-keys.feature b/gateway/it/features/api-keys.feature index d14ea6bfb8..3986752e6a 100644 --- a/gateway/it/features/api-keys.feature +++ b/gateway/it/features/api-keys.feature @@ -31,7 +31,7 @@ Feature: API Key Management Operations # First create an API When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: apikey-lifecycle-api @@ -99,7 +99,7 @@ Feature: API Key Management Operations Scenario: Generate multiple API keys for same API When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: multi-key-api @@ -151,7 +151,7 @@ Feature: API Key Management Operations Scenario: List API keys for API with no keys returns empty list When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: no-keys-api @@ -191,7 +191,7 @@ Feature: API Key Management Operations Scenario: Generate API key without name auto-generates name When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: key-validation-api @@ -242,7 +242,7 @@ Feature: API Key Management Operations Scenario: Revoke non-existent API key returns success (idempotent) When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: revoke-error-api @@ -280,7 +280,7 @@ Feature: API Key Management Operations Scenario: Regenerate non-existent API key returns 404 When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-regenerate-api @@ -318,7 +318,7 @@ Feature: API Key Management Operations Scenario: Generate API key with invalid JSON body returns error When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: invalid-json-key-api @@ -347,7 +347,7 @@ Feature: API Key Management Operations Scenario: API key with special characters in name When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: special-char-key-api @@ -382,7 +382,7 @@ Feature: API Key Management Operations Scenario: List API keys with pagination parameters When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: paginated-keys-api diff --git a/gateway/it/features/api-management.feature b/gateway/it/features/api-management.feature index 682cb43da4..bfd96a9cd7 100644 --- a/gateway/it/features/api-management.feature +++ b/gateway/it/features/api-management.feature @@ -36,7 +36,7 @@ Feature: API Management Handler Operations Scenario: List APIs after deploying one When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-list-api @@ -82,7 +82,7 @@ Feature: API Management Handler Operations Scenario: Get API by existing ID returns API details When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: get-by-id-test-api @@ -119,7 +119,7 @@ Feature: API Management Handler Operations Scenario: Delete existing API successfully When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: delete-test-api @@ -148,7 +148,7 @@ Feature: API Management Handler Operations Scenario: Update non-existent API returns 404 When I update the API "non-existent-api-to-update" with this configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: non-existent-api-to-update @@ -168,7 +168,7 @@ Feature: API Management Handler Operations Scenario: Update existing API successfully When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: update-test-api @@ -186,7 +186,7 @@ Feature: API Management Handler Operations Then the response should be successful When I update the API "update-test-api" with this configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: update-test-api @@ -215,7 +215,7 @@ Feature: API Management Handler Operations Scenario: Create API with minimal required fields When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: minimal-api @@ -240,7 +240,7 @@ Feature: API Management Handler Operations Scenario: Create API with multiple operations When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: multi-operation-api @@ -273,7 +273,7 @@ Feature: API Management Handler Operations Scenario: Create API with displayName When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: display-name-api @@ -297,7 +297,7 @@ Feature: API Management Handler Operations Scenario: Create API with context containing version placeholder When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: versioned-context-api @@ -330,7 +330,7 @@ Feature: API Management Handler Operations Scenario: Create API then verify it appears in list When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: list-verification-api @@ -356,7 +356,7 @@ Feature: API Management Handler Operations Scenario: Create API with wildcard path When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: wildcard-path-api @@ -380,7 +380,7 @@ Feature: API Management Handler Operations Scenario: Create multiple APIs with different contexts When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: first-api @@ -398,7 +398,7 @@ Feature: API Management Handler Operations Then the response should be successful When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: second-api @@ -425,7 +425,7 @@ Feature: API Management Handler Operations Scenario: Create API with missing context returns error When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: missing-context-api @@ -446,7 +446,7 @@ Feature: API Management Handler Operations Scenario: Create API with missing version returns error When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: missing-version-api @@ -466,7 +466,7 @@ Feature: API Management Handler Operations Scenario: Create API with missing upstream returns error When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: missing-upstream-api @@ -484,7 +484,7 @@ Feature: API Management Handler Operations Scenario: Create API with empty operations returns error When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: empty-ops-api @@ -503,7 +503,7 @@ Feature: API Management Handler Operations Scenario: Create API with invalid labels (spaces in keys) should fail When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: invalid-labels-api @@ -527,7 +527,7 @@ Feature: API Management Handler Operations Scenario: Create API with labels and verify they are stored When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: labeled-api @@ -562,7 +562,7 @@ Feature: API Management Handler Operations # First create an API When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: handle-mismatch-api @@ -581,7 +581,7 @@ Feature: API Management Handler Operations # Try to update with mismatched handle in YAML When I update the API "handle-mismatch-api" with this configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: different-handle-name @@ -608,7 +608,7 @@ Feature: API Management Handler Operations # First create an API When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: update-validation-api @@ -627,7 +627,7 @@ Feature: API Management Handler Operations # Try to update with missing context When I update the API "update-validation-api" with this configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: update-validation-api @@ -662,7 +662,7 @@ Feature: API Management Handler Operations Scenario: Create API with sandbox upstream When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: sandbox-api @@ -689,7 +689,7 @@ Feature: API Management Handler Operations Scenario: Create API with path parameters When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: path-params-api @@ -719,7 +719,7 @@ Feature: API Management Handler Operations Scenario: List APIs filtered by displayName When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: filter-display-api @@ -746,7 +746,7 @@ Feature: API Management Handler Operations Scenario: List APIs filtered by version When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: filter-version-api @@ -773,7 +773,7 @@ Feature: API Management Handler Operations Scenario: List APIs filtered by context When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: filter-context-api @@ -802,7 +802,7 @@ Feature: API Management Handler Operations Scenario: Update API with invalid JSON body returns error When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: update-invalid-json-api @@ -832,7 +832,7 @@ Feature: API Management Handler Operations Scenario: Update API version while keeping same context When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: update-version-api @@ -850,7 +850,7 @@ Feature: API Management Handler Operations Then the response should be successful When I update the API "update-version-api" with this configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: update-version-api @@ -884,7 +884,7 @@ Feature: API Management Handler Operations Scenario: Delete same API twice (idempotent check) When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: delete-twice-api diff --git a/gateway/it/features/api-with-policies.feature b/gateway/it/features/api-with-policies.feature index 825af66aba..faac43351d 100644 --- a/gateway/it/features/api-with-policies.feature +++ b/gateway/it/features/api-with-policies.feature @@ -28,7 +28,7 @@ Feature: API Configuration with Policies Scenario: Deploy API without any policies When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: no-policy-api @@ -53,7 +53,7 @@ Feature: API Configuration with Policies Scenario: Deploy API with operation-level policy When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: operation-policy-api @@ -88,7 +88,7 @@ Feature: API Configuration with Policies Scenario: Deploy API with API-level policy When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: api-level-policy-api @@ -122,7 +122,7 @@ Feature: API Configuration with Policies Scenario: Update API to add policies When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: update-add-policy-api @@ -140,7 +140,7 @@ Feature: API Configuration with Policies Then the response should be successful When I update the API "update-add-policy-api" with this configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: update-add-policy-api @@ -173,7 +173,7 @@ Feature: API Configuration with Policies Scenario: Update API to remove policies When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: update-remove-policy-api @@ -201,7 +201,7 @@ Feature: API Configuration with Policies Then the response should be successful When I update the API "update-remove-policy-api" with this configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: update-remove-policy-api @@ -224,7 +224,7 @@ Feature: API Configuration with Policies Scenario: Deploy API with API-level policy using empty version resolves to latest When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: empty-version-api-level-api @@ -264,7 +264,7 @@ Feature: API Configuration with Policies Scenario: Deploy API with operation-level policy using empty version resolves to latest When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: empty-version-op-level-api @@ -304,7 +304,7 @@ Feature: API Configuration with Policies Scenario: Deploy API with different HTTP methods When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: http-methods-api diff --git a/gateway/it/features/api_deploy.feature b/gateway/it/features/api_deploy.feature index 030bf594db..8657b2c6b5 100644 --- a/gateway/it/features/api_deploy.feature +++ b/gateway/it/features/api_deploy.feature @@ -28,7 +28,7 @@ Feature: API Deployment and Invocation Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: weather-api-v1.0 @@ -66,7 +66,7 @@ Feature: API Deployment and Invocation Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: labeled-api-v1.0 @@ -106,7 +106,7 @@ Feature: API Deployment and Invocation Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: invalid-labels-api-v1.0 @@ -133,7 +133,7 @@ Feature: API Deployment and Invocation Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: invalid-upstream-query-api-v1.0 @@ -165,7 +165,7 @@ Feature: API Deployment and Invocation Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: invalid-upstream-bare-query-api-v1.0 @@ -197,7 +197,7 @@ Feature: API Deployment and Invocation Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: invalid-upstream-fragment-api-v1.0 @@ -229,7 +229,7 @@ Feature: API Deployment and Invocation Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: invalid-upstream-query-fragment-api-v1.0 diff --git a/gateway/it/features/aws-bedrock-guardrail.feature b/gateway/it/features/aws-bedrock-guardrail.feature index a10ac73f84..aad47eec40 100644 --- a/gateway/it/features/aws-bedrock-guardrail.feature +++ b/gateway/it/features/aws-bedrock-guardrail.feature @@ -31,7 +31,7 @@ Feature: AWS Bedrock Guardrail Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: bedrock-safe-request-api @@ -75,7 +75,7 @@ Feature: AWS Bedrock Guardrail Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: bedrock-block-request-api @@ -119,7 +119,7 @@ Feature: AWS Bedrock Guardrail Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: bedrock-assessment-api @@ -164,7 +164,7 @@ Feature: AWS Bedrock Guardrail Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: bedrock-safe-response-api @@ -205,7 +205,7 @@ Feature: AWS Bedrock Guardrail Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: bedrock-jsonpath-api @@ -264,7 +264,7 @@ Feature: AWS Bedrock Guardrail Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: bedrock-pii-masking-api @@ -314,7 +314,7 @@ Feature: AWS Bedrock Guardrail Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: bedrock-pii-redaction-api @@ -361,7 +361,7 @@ Feature: AWS Bedrock Guardrail Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: bedrock-both-phases-api @@ -408,7 +408,7 @@ Feature: AWS Bedrock Guardrail Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: bedrock-empty-body-api @@ -449,7 +449,7 @@ Feature: AWS Bedrock Guardrail Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: bedrock-passthrough-api @@ -495,7 +495,7 @@ Feature: AWS Bedrock Guardrail Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: bedrock-nested-jsonpath-api @@ -557,7 +557,7 @@ Feature: AWS Bedrock Guardrail Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: bedrock-invalid-path-api @@ -606,7 +606,7 @@ Feature: AWS Bedrock Guardrail Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: bedrock-error-structure-api diff --git a/gateway/it/features/azure-content-safety.feature b/gateway/it/features/azure-content-safety.feature index 10262ece6e..db641bdfcb 100644 --- a/gateway/it/features/azure-content-safety.feature +++ b/gateway/it/features/azure-content-safety.feature @@ -31,7 +31,7 @@ Feature: Azure Content Safety Content Moderation Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: azure-safe-request-api @@ -76,7 +76,7 @@ Feature: Azure Content Safety Content Moderation Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: azure-hate-block-api @@ -119,7 +119,7 @@ Feature: Azure Content Safety Content Moderation Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: azure-violence-block-api @@ -162,7 +162,7 @@ Feature: Azure Content Safety Content Moderation Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: azure-assessment-api @@ -214,7 +214,7 @@ Feature: Azure Content Safety Content Moderation Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: azure-disabled-category-api @@ -258,7 +258,7 @@ Feature: Azure Content Safety Content Moderation Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: azure-multi-category-api @@ -319,7 +319,7 @@ Feature: Azure Content Safety Content Moderation Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: azure-jsonpath-api @@ -377,7 +377,7 @@ Feature: Azure Content Safety Content Moderation Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: azure-nested-jsonpath-api @@ -442,7 +442,7 @@ Feature: Azure Content Safety Content Moderation Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: azure-both-phases-api @@ -490,7 +490,7 @@ Feature: Azure Content Safety Content Moderation Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: azure-empty-body-api @@ -532,7 +532,7 @@ Feature: Azure Content Safety Content Moderation Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: azure-passthrough-api @@ -578,7 +578,7 @@ Feature: Azure Content Safety Content Moderation Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: azure-error-structure-api diff --git a/gateway/it/features/backend_timeout.feature b/gateway/it/features/backend_timeout.feature index 185880f002..265c410b72 100644 --- a/gateway/it/features/backend_timeout.feature +++ b/gateway/it/features/backend_timeout.feature @@ -30,7 +30,7 @@ Feature: Backend timeout Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: timeout-api-v1.0 @@ -67,7 +67,7 @@ Feature: Backend timeout Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: timeout-api-global-v1.0 diff --git a/gateway/it/features/basic-ratelimit.feature b/gateway/it/features/basic-ratelimit.feature index 6933f90d5a..b97300aa1f 100644 --- a/gateway/it/features/basic-ratelimit.feature +++ b/gateway/it/features/basic-ratelimit.feature @@ -29,7 +29,7 @@ Feature: Basic Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: basic-ratelimit-test-api @@ -67,7 +67,7 @@ Feature: Basic Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: basic-ratelimit-headers-api @@ -102,7 +102,7 @@ Feature: Basic Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: basic-ratelimit-multi-limits-api @@ -145,7 +145,7 @@ Feature: Basic Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: basic-ratelimit-per-route-api @@ -202,7 +202,7 @@ Feature: Basic Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: basic-ratelimit-retry-after-api @@ -242,7 +242,7 @@ Feature: Basic Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: basic-ratelimit-scope-api @@ -319,7 +319,7 @@ Feature: Basic Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: basic-ratelimit-api-shared-api @@ -363,7 +363,7 @@ Feature: Basic Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: basic-ratelimit-route-isolation-api @@ -406,7 +406,7 @@ Feature: Basic Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: basic-ratelimit-additive-limit-api @@ -458,7 +458,7 @@ Feature: Basic Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: basic-ratelimit-mixed-headers-api @@ -517,7 +517,7 @@ Feature: Basic Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: basic-ratelimit-update-route-policy-api @@ -551,7 +551,7 @@ Feature: Basic Rate Limiting # Add route-level basic-ratelimit policy on /resource When I update the API "basic-ratelimit-update-route-policy-api" with this configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: basic-ratelimit-update-route-policy-api @@ -594,7 +594,7 @@ Feature: Basic Rate Limiting # Remove route-level basic-ratelimit policy from /resource When I update the API "basic-ratelimit-update-route-policy-api" with this configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: basic-ratelimit-update-route-policy-api @@ -628,7 +628,7 @@ Feature: Basic Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: basic-ratelimit-reading-list-mixed-api @@ -695,7 +695,7 @@ Feature: Basic Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: labels: diff --git a/gateway/it/features/cel-conditions.feature b/gateway/it/features/cel-conditions.feature index efdf19489e..e3d4a11a20 100644 --- a/gateway/it/features/cel-conditions.feature +++ b/gateway/it/features/cel-conditions.feature @@ -33,7 +33,7 @@ Feature: CEL Execution Conditions Scenario: Policy executes only on POST requests using method condition When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: cel-method-condition-api-v1.0.0 @@ -87,7 +87,7 @@ Feature: CEL Execution Conditions Scenario: Policy executes on multiple methods using IN operator When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: cel-multi-method-api-v1.0.0 @@ -163,7 +163,7 @@ Feature: CEL Execution Conditions Scenario: Policy executes only when specific header is present When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: cel-header-presence-api-v1.0.0 @@ -203,7 +203,7 @@ Feature: CEL Execution Conditions Scenario: Policy executes based on header value When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: cel-header-value-api-v1.0.0 @@ -247,7 +247,7 @@ Feature: CEL Execution Conditions Scenario: Policy executes based on path prefix When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: cel-path-prefix-api-v1.0.0 @@ -302,7 +302,7 @@ Feature: CEL Execution Conditions Scenario: Policy executes with combined method and header conditions When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: cel-combined-condition-api-v1.0.0 diff --git a/gateway/it/features/config-dump.feature b/gateway/it/features/config-dump.feature index a4f5460b48..544b6cdf69 100644 --- a/gateway/it/features/config-dump.feature +++ b/gateway/it/features/config-dump.feature @@ -43,7 +43,7 @@ Feature: Configuration Dump Endpoint Scenario: Get config dump after deploying a simple API When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: config-dump-test-api @@ -75,7 +75,7 @@ Feature: Configuration Dump Endpoint Scenario: Config dump includes multiple deployed APIs When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: config-dump-api-1 @@ -93,7 +93,7 @@ Feature: Configuration Dump Endpoint Then the response should be successful When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: config-dump-api-2 @@ -127,7 +127,7 @@ Feature: Configuration Dump Endpoint Scenario: Config dump includes API with CORS policy When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: config-dump-cors-api @@ -183,7 +183,7 @@ Feature: Configuration Dump Endpoint Scenario: Config dump statistics reflect deployed resources When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: stats-test-api @@ -212,7 +212,7 @@ Feature: Configuration Dump Endpoint Scenario: Config dump includes deployed MCP proxy When I deploy this MCP configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Mcp metadata: name: config-dump-mcp-v1.0 @@ -241,7 +241,7 @@ Feature: Configuration Dump Endpoint Scenario: Config dump includes deployed LLM provider When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: config-dump-llm-provider @@ -273,7 +273,7 @@ Feature: Configuration Dump Endpoint # Deploy API When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: mixed-resources-api @@ -292,7 +292,7 @@ Feature: Configuration Dump Endpoint # Deploy MCP When I deploy this MCP configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Mcp metadata: name: mixed-resources-mcp-v1.0 @@ -311,7 +311,7 @@ Feature: Configuration Dump Endpoint # Deploy LLM Provider When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: mixed-resources-llm @@ -344,7 +344,7 @@ Feature: Configuration Dump Endpoint Scenario: Config dump reflects removed API after deletion When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: deletion-test-api diff --git a/gateway/it/features/content-length-guardrail.feature b/gateway/it/features/content-length-guardrail.feature index b4c88cd45e..d7fd0e2df1 100644 --- a/gateway/it/features/content-length-guardrail.feature +++ b/gateway/it/features/content-length-guardrail.feature @@ -31,7 +31,7 @@ Feature: Content Length Guardrail Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: clg-valid-content-api @@ -73,7 +73,7 @@ Feature: Content Length Guardrail Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: clg-below-min-api @@ -117,7 +117,7 @@ Feature: Content Length Guardrail Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: clg-above-max-api @@ -160,7 +160,7 @@ Feature: Content Length Guardrail Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: clg-empty-body-api @@ -202,7 +202,7 @@ Feature: Content Length Guardrail Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: clg-min-boundary-api @@ -244,7 +244,7 @@ Feature: Content Length Guardrail Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: clg-max-boundary-api @@ -288,7 +288,7 @@ Feature: Content Length Guardrail Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: clg-jsonpath-valid-api @@ -330,7 +330,7 @@ Feature: Content Length Guardrail Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: clg-jsonpath-invalid-api @@ -373,7 +373,7 @@ Feature: Content Length Guardrail Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: clg-nested-jsonpath-api @@ -415,7 +415,7 @@ Feature: Content Length Guardrail Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: clg-missing-field-api @@ -460,7 +460,7 @@ Feature: Content Length Guardrail Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: clg-inverted-excluded-api @@ -506,7 +506,7 @@ Feature: Content Length Guardrail Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: clg-inverted-allowed-api @@ -551,7 +551,7 @@ Feature: Content Length Guardrail Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: clg-show-assessment-api @@ -597,7 +597,7 @@ Feature: Content Length Guardrail Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: clg-no-assessment-api diff --git a/gateway/it/features/cors.feature b/gateway/it/features/cors.feature index ce39880fa6..dea8815072 100644 --- a/gateway/it/features/cors.feature +++ b/gateway/it/features/cors.feature @@ -29,7 +29,7 @@ Feature: CORS Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: cors-preflight-api @@ -125,7 +125,7 @@ Feature: CORS Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: cors-simple-api @@ -208,7 +208,7 @@ Feature: CORS Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: cors-simple-wildcard-api diff --git a/gateway/it/features/dynamic-endpoint.feature b/gateway/it/features/dynamic-endpoint.feature index ede341a819..21d814ef3c 100644 --- a/gateway/it/features/dynamic-endpoint.feature +++ b/gateway/it/features/dynamic-endpoint.feature @@ -31,7 +31,7 @@ Feature: Dynamic Endpoint policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: dynamic-endpoint-api-v1.0 @@ -87,7 +87,7 @@ Feature: Dynamic Endpoint policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: dynamic-endpoint-routes-v1.0 @@ -166,7 +166,7 @@ Feature: Dynamic Endpoint policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: dynamic-endpoint-missing-param-v1.0 @@ -196,7 +196,7 @@ Feature: Dynamic Endpoint policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: dynamic-endpoint-sandbox-v1.0 @@ -256,7 +256,7 @@ Feature: Dynamic Endpoint policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: dynamic-endpoint-api-sandbox-v1.0 @@ -317,7 +317,7 @@ Feature: Dynamic Endpoint policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: dynamic-endpoint-sandbox-mixed-v1.0 @@ -380,7 +380,7 @@ Feature: Dynamic Endpoint policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: dynamic-endpoint-rewrite-v1.0 @@ -433,7 +433,7 @@ Feature: Dynamic Endpoint policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: dynamic-endpoint-rewrite-sandbox-v1.0 diff --git a/gateway/it/features/host-rewrite.feature b/gateway/it/features/host-rewrite.feature index b93242155a..8ba39fe5dd 100644 --- a/gateway/it/features/host-rewrite.feature +++ b/gateway/it/features/host-rewrite.feature @@ -8,7 +8,7 @@ Feature: Host Rewrite Policy Integration Tests Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: host-rewrite-basic @@ -39,7 +39,7 @@ Feature: Host Rewrite Policy Integration Tests Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: host-rewrite-with-port @@ -70,7 +70,7 @@ Feature: Host Rewrite Policy Integration Tests Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: host-rewrite-api-level @@ -106,7 +106,7 @@ Feature: Host Rewrite Policy Integration Tests Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: host-rewrite-no-manual @@ -136,7 +136,7 @@ Feature: Host Rewrite Policy Integration Tests Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: host-rewrite-override @@ -177,7 +177,7 @@ Feature: Host Rewrite Policy Integration Tests Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: host-rewrite-methods diff --git a/gateway/it/features/interceptor-service.feature b/gateway/it/features/interceptor-service.feature index 8f04d36f3a..29c8a3f6b9 100644 --- a/gateway/it/features/interceptor-service.feature +++ b/gateway/it/features/interceptor-service.feature @@ -8,7 +8,7 @@ Feature: Interceptor Service Policy Integration Tests Scenario: Request interceptor mutates path, headers, and body before upstream call When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: interceptor-request-mutation-api @@ -50,7 +50,7 @@ Feature: Interceptor Service Policy Integration Tests Scenario: Request interceptor short-circuits with direct response When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: interceptor-direct-respond-api @@ -88,7 +88,7 @@ Feature: Interceptor Service Policy Integration Tests Scenario: Response interceptor rewrites status, headers, and body When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: interceptor-response-mutation-api diff --git a/gateway/it/features/json-schema-guardrail.feature b/gateway/it/features/json-schema-guardrail.feature index 8f0382d0c6..8f1da4643b 100644 --- a/gateway/it/features/json-schema-guardrail.feature +++ b/gateway/it/features/json-schema-guardrail.feature @@ -14,7 +14,7 @@ Feature: JSON Schema Guardrail Policy Scenario: Valid request passes schema validation When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-jsg-valid-request @@ -53,7 +53,7 @@ Feature: JSON Schema Guardrail Policy Scenario: Invalid request fails schema validation When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-jsg-invalid-request @@ -93,7 +93,7 @@ Feature: JSON Schema Guardrail Policy Scenario: Missing required field fails validation When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-jsg-missing-field @@ -133,7 +133,7 @@ Feature: JSON Schema Guardrail Policy Scenario: Wrong type fails validation When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-jsg-wrong-type @@ -176,7 +176,7 @@ Feature: JSON Schema Guardrail Policy Scenario: Valid response passes schema validation When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-jsg-valid-response @@ -215,7 +215,7 @@ Feature: JSON Schema Guardrail Policy Scenario: Validate both request and response When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-jsg-both-validation @@ -261,7 +261,7 @@ Feature: JSON Schema Guardrail Policy Scenario: Validate specific field with JSONPath When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-jsg-jsonpath @@ -300,7 +300,7 @@ Feature: JSON Schema Guardrail Policy Scenario: JSONPath extraction with invalid data When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-jsg-jsonpath-invalid @@ -339,7 +339,7 @@ Feature: JSON Schema Guardrail Policy Scenario: Validate nested object with JSONPath When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-jsg-nested-jsonpath @@ -382,7 +382,7 @@ Feature: JSON Schema Guardrail Policy Scenario: Invert logic passes when schema validation fails When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-jsg-invert-pass @@ -422,7 +422,7 @@ Feature: JSON Schema Guardrail Policy Scenario: Invert logic blocks when schema validation succeeds When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-jsg-invert-block @@ -462,7 +462,7 @@ Feature: JSON Schema Guardrail Policy Scenario: Block requests matching malicious pattern with invert When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-jsg-block-malicious @@ -506,7 +506,7 @@ Feature: JSON Schema Guardrail Policy Scenario: Show detailed assessment on validation failure When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-jsg-show-assessment @@ -547,7 +547,7 @@ Feature: JSON Schema Guardrail Policy Scenario: Hide assessment details when showAssessment is false When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-jsg-hide-assessment @@ -592,7 +592,7 @@ Feature: JSON Schema Guardrail Policy Scenario: Validate string length constraints When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-jsg-string-length @@ -631,7 +631,7 @@ Feature: JSON Schema Guardrail Policy Scenario: Validate numeric range constraints When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-jsg-numeric-range @@ -670,7 +670,7 @@ Feature: JSON Schema Guardrail Policy Scenario: Validate array constraints When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-jsg-array-constraints @@ -709,7 +709,7 @@ Feature: JSON Schema Guardrail Policy Scenario: Validate enum constraints When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-jsg-enum-constraints @@ -748,7 +748,7 @@ Feature: JSON Schema Guardrail Policy Scenario: Validate pattern constraints When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-jsg-pattern-constraints @@ -791,7 +791,7 @@ Feature: JSON Schema Guardrail Policy Scenario: Validate nested object schema When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-jsg-nested-object @@ -830,7 +830,7 @@ Feature: JSON Schema Guardrail Policy Scenario: Validate array of objects When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-jsg-array-objects @@ -873,7 +873,7 @@ Feature: JSON Schema Guardrail Policy Scenario: Handle empty request body When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-jsg-empty-body @@ -911,7 +911,7 @@ Feature: JSON Schema Guardrail Policy Scenario: Handle invalid JSON When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-jsg-invalid-json @@ -950,7 +950,7 @@ Feature: JSON Schema Guardrail Policy Scenario: Handle invalid JSONPath When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-jsg-invalid-jsonpath @@ -993,7 +993,7 @@ Feature: JSON Schema Guardrail Policy Scenario: User registration with comprehensive validation When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-jsg-registration @@ -1033,7 +1033,7 @@ Feature: JSON Schema Guardrail Policy Scenario: Block SQL injection patterns When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-jsg-sql-injection @@ -1073,7 +1073,7 @@ Feature: JSON Schema Guardrail Policy Scenario: E-commerce order validation When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-jsg-ecommerce-order @@ -1113,7 +1113,7 @@ Feature: JSON Schema Guardrail Policy Scenario: API response contract enforcement When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-jsg-response-contract diff --git a/gateway/it/features/jwt-auth.feature b/gateway/it/features/jwt-auth.feature index e0a3e8aa9c..26b5ef6a36 100644 --- a/gateway/it/features/jwt-auth.feature +++ b/gateway/it/features/jwt-auth.feature @@ -29,7 +29,7 @@ Feature: JWT Authentication Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: jwt-auth-basic-api @@ -63,7 +63,7 @@ Feature: JWT Authentication Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: jwt-auth-no-header-api @@ -98,7 +98,7 @@ Feature: JWT Authentication Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: jwt-auth-invalid-token-api @@ -134,7 +134,7 @@ Feature: JWT Authentication Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: jwt-auth-malformed-header-api @@ -169,7 +169,7 @@ Feature: JWT Authentication Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: jwt-auth-wrong-issuer-api @@ -205,7 +205,7 @@ Feature: JWT Authentication Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: jwt-auth-audience-api @@ -241,7 +241,7 @@ Feature: JWT Authentication Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: jwt-auth-wrong-audience-api @@ -279,7 +279,7 @@ Feature: JWT Authentication Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: jwt-auth-multi-keymanager-api @@ -315,7 +315,7 @@ Feature: JWT Authentication Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: jwt-auth-partial-api @@ -354,7 +354,7 @@ Feature: JWT Authentication Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: jwt-auth-empty-bearer-api @@ -389,7 +389,7 @@ Feature: JWT Authentication Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: jwt-auth-bearer-only-api diff --git a/gateway/it/features/lazy-resources-xds.feature b/gateway/it/features/lazy-resources-xds.feature index fc35eaeeee..21234ad53b 100644 --- a/gateway/it/features/lazy-resources-xds.feature +++ b/gateway/it/features/lazy-resources-xds.feature @@ -33,7 +33,7 @@ Feature: Lazy Resources xDS Synchronization Given I authenticate using basic auth as "admin" When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: xds-test-template @@ -92,7 +92,7 @@ Feature: Lazy Resources xDS Synchronization Given I authenticate using basic auth as "admin" When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: update-test-template @@ -117,7 +117,7 @@ Feature: Lazy Resources xDS Synchronization Given I authenticate using basic auth as "admin" When I update the LLM provider template "update-test-template" with: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: update-test-template @@ -148,7 +148,7 @@ Feature: Lazy Resources xDS Synchronization Given I authenticate using basic auth as "admin" When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: delete-test-template @@ -191,7 +191,7 @@ Feature: Lazy Resources xDS Synchronization Given I authenticate using basic auth as "admin" When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: test-openai-provider @@ -228,7 +228,7 @@ Feature: Lazy Resources xDS Synchronization Given I authenticate using basic auth as "admin" When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: custom-template-for-update @@ -244,7 +244,7 @@ Feature: Lazy Resources xDS Synchronization Given I authenticate using basic auth as "admin" When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: update-mapping-provider @@ -272,7 +272,7 @@ Feature: Lazy Resources xDS Synchronization Given I authenticate using basic auth as "admin" When I update the LLM provider "update-mapping-provider" with: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: update-mapping-provider @@ -310,7 +310,7 @@ Feature: Lazy Resources xDS Synchronization Given I authenticate using basic auth as "admin" When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: delete-mapping-provider @@ -357,7 +357,7 @@ Feature: Lazy Resources xDS Synchronization Given I authenticate using basic auth as "admin" When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: route-metadata-test-provider @@ -398,7 +398,7 @@ Feature: Lazy Resources xDS Synchronization Given I authenticate using basic auth as "admin" When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: collision-test @@ -428,7 +428,7 @@ Feature: Lazy Resources xDS Synchronization Given I authenticate using basic auth as "admin" When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: collision-test diff --git a/gateway/it/features/llm-cost-based-ratelimit.feature b/gateway/it/features/llm-cost-based-ratelimit.feature index a24cbb4f80..590368059d 100644 --- a/gateway/it/features/llm-cost-based-ratelimit.feature +++ b/gateway/it/features/llm-cost-based-ratelimit.feature @@ -32,7 +32,7 @@ Feature: LLM Cost-Based Rate Limiting # Request 1: allowed (remaining $0.000118), request 2: allowed (remaining $0), request 3: blocked When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: cbl-enforce-template @@ -42,7 +42,7 @@ Feature: LLM Cost-Based Rate Limiting Then the response status code should be 201 When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: cbl-enforce-provider @@ -119,7 +119,7 @@ Feature: LLM Cost-Based Rate Limiting # The tighter per-minute window triggers the 429 When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: cbl-multiwin-template @@ -129,7 +129,7 @@ Feature: LLM Cost-Based Rate Limiting Then the response status code should be 201 When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: cbl-multiwin-provider @@ -206,7 +206,7 @@ Feature: LLM Cost-Based Rate Limiting # Budget: $0.000280 = exactly 2 requests worth When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: cbl-anthropic-template @@ -216,7 +216,7 @@ Feature: LLM Cost-Based Rate Limiting Then the response status code should be 201 When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: cbl-anthropic-provider @@ -291,7 +291,7 @@ Feature: LLM Cost-Based Rate Limiting # are present in the response after the llm-cost policy stores cost in shared context When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: cbl-headers-template @@ -301,7 +301,7 @@ Feature: LLM Cost-Based Rate Limiting Then the response status code should be 201 When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: cbl-headers-provider @@ -362,7 +362,7 @@ Feature: LLM Cost-Based Rate Limiting # Exhausting Provider A's budget does not affect Provider B's budget When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: cbl-prov-a-template @@ -372,7 +372,7 @@ Feature: LLM Cost-Based Rate Limiting Then the response status code should be 201 When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: cbl-prov-b-template @@ -383,7 +383,7 @@ Feature: LLM Cost-Based Rate Limiting When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: cbl-prov-a @@ -421,7 +421,7 @@ Feature: LLM Cost-Based Rate Limiting Then the response status code should be 201 When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: cbl-prov-b @@ -508,7 +508,7 @@ Feature: LLM Cost-Based Rate Limiting # - 3rd OpenAI request → 429 When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: cbl-zero-template @@ -518,7 +518,7 @@ Feature: LLM Cost-Based Rate Limiting Then the response status code should be 201 When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: cbl-zero-provider @@ -604,7 +604,7 @@ Feature: LLM Cost-Based Rate Limiting # After exhaustion and window expiry, new requests are allowed When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: cbl-reset-template @@ -614,7 +614,7 @@ Feature: LLM Cost-Based Rate Limiting Then the response status code should be 201 When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: cbl-reset-provider @@ -697,7 +697,7 @@ Feature: LLM Cost-Based Rate Limiting # Budget: $0.000075 = exactly 2 requests worth When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: cbl-gemini-template @@ -707,7 +707,7 @@ Feature: LLM Cost-Based Rate Limiting Then the response status code should be 201 When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: cbl-gemini-provider @@ -786,7 +786,7 @@ Feature: LLM Cost-Based Rate Limiting # Budget: $0.004620 = exactly 2 requests worth When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: cbl-anthropic-geo-speed-template @@ -796,7 +796,7 @@ Feature: LLM Cost-Based Rate Limiting Then the response status code should be 201 When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: cbl-anthropic-geo-speed-provider @@ -870,7 +870,7 @@ Feature: LLM Cost-Based Rate Limiting # Budget: $0.011600 = exactly 2 requests worth When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: cbl-anthropic-cache1hr-template @@ -880,7 +880,7 @@ Feature: LLM Cost-Based Rate Limiting Then the response status code should be 201 When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: cbl-anthropic-cache1hr-provider @@ -953,7 +953,7 @@ Feature: LLM Cost-Based Rate Limiting # Budget: $0.040280 = exactly 2 requests worth When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: cbl-anthropic-websearch-template @@ -963,7 +963,7 @@ Feature: LLM Cost-Based Rate Limiting Then the response status code should be 201 When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: cbl-anthropic-websearch-provider @@ -1037,7 +1037,7 @@ Feature: LLM Cost-Based Rate Limiting # Budget: $0.000150 = exactly 2 requests worth When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: cbl-gemini-cached-template @@ -1047,7 +1047,7 @@ Feature: LLM Cost-Based Rate Limiting Then the response status code should be 201 When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: cbl-gemini-cached-provider @@ -1121,7 +1121,7 @@ Feature: LLM Cost-Based Rate Limiting # Budget: $0.000300 = exactly 2 requests worth When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: cbl-gemini-thinking-template @@ -1131,7 +1131,7 @@ Feature: LLM Cost-Based Rate Limiting Then the response status code should be 201 When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: cbl-gemini-thinking-provider @@ -1205,7 +1205,7 @@ Feature: LLM Cost-Based Rate Limiting # Budget: $0.000312 = exactly 2 requests worth When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: cbl-anthropic-cache-read-template @@ -1215,7 +1215,7 @@ Feature: LLM Cost-Based Rate Limiting Then the response status code should be 201 When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: cbl-anthropic-cache-read-provider @@ -1289,7 +1289,7 @@ Feature: LLM Cost-Based Rate Limiting # Budget: $0.001300 = exactly 2 requests worth When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: cbl-openai-cached-template @@ -1299,7 +1299,7 @@ Feature: LLM Cost-Based Rate Limiting Then the response status code should be 201 When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: cbl-openai-cached-provider @@ -1372,7 +1372,7 @@ Feature: LLM Cost-Based Rate Limiting # Budget: $0.001000 = exactly 2 requests worth When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: cbl-openai-flex-template @@ -1382,7 +1382,7 @@ Feature: LLM Cost-Based Rate Limiting Then the response status code should be 201 When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: cbl-openai-flex-provider @@ -1455,7 +1455,7 @@ Feature: LLM Cost-Based Rate Limiting # Budget: $0.002100 = exactly 2 requests worth When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: cbl-openai-priority-template @@ -1465,7 +1465,7 @@ Feature: LLM Cost-Based Rate Limiting Then the response status code should be 201 When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: cbl-openai-priority-provider @@ -1538,7 +1538,7 @@ Feature: LLM Cost-Based Rate Limiting # Budget: $0.000600 = exactly 2 requests worth When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: cbl-openai-batch-template @@ -1548,7 +1548,7 @@ Feature: LLM Cost-Based Rate Limiting Then the response status code should be 201 When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: cbl-openai-batch-provider @@ -1621,7 +1621,7 @@ Feature: LLM Cost-Based Rate Limiting # Budget: $0.000924 = exactly 2 requests worth When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: cbl-openai-reasoning-template @@ -1631,7 +1631,7 @@ Feature: LLM Cost-Based Rate Limiting Then the response status code should be 201 When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: cbl-openai-reasoning-provider @@ -1704,7 +1704,7 @@ Feature: LLM Cost-Based Rate Limiting # Budget: $0.020600 = exactly 2 requests worth When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: cbl-openai-web-search-template @@ -1714,7 +1714,7 @@ Feature: LLM Cost-Based Rate Limiting Then the response status code should be 201 When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: cbl-openai-web-search-provider @@ -1786,7 +1786,7 @@ Feature: LLM Cost-Based Rate Limiting # Budget: $0.000050 = exactly 2 requests worth When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: cbl-mistral-template @@ -1796,7 +1796,7 @@ Feature: LLM Cost-Based Rate Limiting Then the response status code should be 201 When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: cbl-mistral-provider @@ -1867,7 +1867,7 @@ Feature: LLM Cost-Based Rate Limiting # With a very tight budget ($0.000001), 3 requests still all pass because cost=0 When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: cbl-no-model-template @@ -1877,7 +1877,7 @@ Feature: LLM Cost-Based Rate Limiting Then the response status code should be 201 When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: cbl-no-model-provider diff --git a/gateway/it/features/llm-policy-path-specificity.feature b/gateway/it/features/llm-policy-path-specificity.feature index 5e5b9a2564..f34e845a8a 100644 --- a/gateway/it/features/llm-policy-path-specificity.feature +++ b/gateway/it/features/llm-policy-path-specificity.feature @@ -52,7 +52,7 @@ Feature: LLM policy path and method specificity Scenario: Overlapping specific and wildcard advanced-ratelimit paths apply only the most specific match When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: advrl-path-template @@ -63,7 +63,7 @@ Feature: LLM policy path and method specificity When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: advrl-path-provider @@ -186,7 +186,7 @@ Feature: LLM policy path and method specificity Scenario: Overlapping nested paths each apply only their most specific advanced-ratelimit When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: nestedrl-template @@ -197,7 +197,7 @@ Feature: LLM policy path and method specificity When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: nestedrl-provider @@ -333,7 +333,7 @@ Feature: LLM policy path and method specificity Scenario: Per-method limits on the same path win over wildcards regardless of declaration order When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: methodrl-template @@ -344,7 +344,7 @@ Feature: LLM policy path and method specificity When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: methodrl-provider @@ -506,7 +506,7 @@ Feature: LLM policy path and method specificity Scenario: A concrete method beats the wildcard method on the same path When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: methodspec-template @@ -517,7 +517,7 @@ Feature: LLM policy path and method specificity When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: methodspec-provider @@ -673,7 +673,7 @@ Feature: LLM policy path and method specificity Scenario: A narrower method set wins over a broader one on the same path When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: narrowrl-template @@ -684,7 +684,7 @@ Feature: LLM policy path and method specificity When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: narrowrl-provider @@ -787,7 +787,7 @@ Feature: LLM policy path and method specificity # Backing provider (no policies, just forwards to the echo backend) When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: proxyspec-template @@ -797,7 +797,7 @@ Feature: LLM policy path and method specificity Then the response status code should be 201 When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: proxyspec-provider @@ -820,7 +820,7 @@ Feature: LLM policy path and method specificity # Proxy carrying the overlapping-path advanced-ratelimit policy When I deploy this LLM proxy configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProxy metadata: name: proxyspec-proxy @@ -923,7 +923,7 @@ Feature: LLM policy path and method specificity Scenario: Two policy blocks of the same name both apply, each most-specific within itself When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: twoblocks-template @@ -934,7 +934,7 @@ Feature: LLM policy path and method specificity When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: twoblocks-provider diff --git a/gateway/it/features/llm-provider-templates.feature b/gateway/it/features/llm-provider-templates.feature index fcf79db6cd..9564965367 100644 --- a/gateway/it/features/llm-provider-templates.feature +++ b/gateway/it/features/llm-provider-templates.feature @@ -32,7 +32,7 @@ Feature: LLM Provider Template Management Given I authenticate using basic auth as "admin" When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: openai-test @@ -76,7 +76,7 @@ Feature: LLM Provider Template Management Given I authenticate using basic auth as "admin" When I update the LLM provider template "openai-test" with: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: openai-test @@ -130,7 +130,7 @@ Feature: LLM Provider Template Management Given I authenticate using basic auth as "admin" When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: minimal-template @@ -173,7 +173,7 @@ Feature: LLM Provider Template Management Given I authenticate using basic auth as "admin" When I update the LLM provider template "non-existent-update-template" with: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: non-existent-update-template @@ -228,7 +228,7 @@ Feature: LLM Provider Template Management Given I authenticate using basic auth as "admin" When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: header-tokens-template diff --git a/gateway/it/features/llm-provider-wide-ratelimit.feature b/gateway/it/features/llm-provider-wide-ratelimit.feature new file mode 100644 index 0000000000..46a1699374 --- /dev/null +++ b/gateway/it/features/llm-provider-wide-ratelimit.feature @@ -0,0 +1,856 @@ +# -------------------------------------------------------------------- +# Copyright (c) 2026, WSO2 LLC. (https://www.wso2.com). +# +# WSO2 LLC. licenses this file to you under the Apache License, +# Version 2.0 (the "License"); you may not use this file except +# in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# -------------------------------------------------------------------- + +@llm-provider-wide-ratelimit +Feature: Provider-wide rate limiting for LLM providers + As an API developer + I want a single rate-limit bucket shared across every resource of an LLM provider + So that I can enforce one provider-wide quota regardless of which resource is called + + Background: + Given the gateway services are running + + # Scenario 1 — globalPolicies: one shared bucket across ALL resources (the headline). + # Exhausting /chat/completions also limits /embeddings because they share a single api-level bucket. + # RED before the controller change (field unknown or silently ignored → no limit enforced). + # GREEN after Phases 2–3. + Scenario: globalPolicies shares one rate-limit bucket across all resources + Given I authenticate using basic auth as "admin" + When I create this LLM provider template: + """ + apiVersion: gateway.api-platform.wso2.com/v1alpha2 + kind: LlmProviderTemplate + metadata: + name: global-rl-template + spec: + displayName: Global RateLimit Template + promptTokens: + location: payload + identifier: $.json.usage.prompt_tokens + completionTokens: + location: payload + identifier: $.json.usage.completion_tokens + totalTokens: + location: payload + identifier: $.json.usage.total_tokens + """ + Then the response status code should be 201 + + Given I authenticate using basic auth as "admin" + When I create this LLM provider: + """ + apiVersion: gateway.api-platform.wso2.com/v1alpha2 + kind: LlmProvider + metadata: + name: global-rl-provider + spec: + displayName: Global RateLimit Provider + version: v1.0 + context: /global-rl + template: global-rl-template + upstream: + url: http://echo-backend-multi-arch:8080/anything + auth: + type: api-key + header: Authorization + value: test-api-key + accessControl: + mode: deny_all + exceptions: + - path: /chat/completions + methods: [GET] + - path: /embeddings + methods: [GET] + globalPolicies: + - name: basic-ratelimit + version: v1 + params: + limits: + - requests: 10 + duration: "1h" + """ + Then the response status code should be 201 + And I wait for the endpoint "http://localhost:8080/global-rl/chat/completions" to be ready + + # Exhaust the shared api-level bucket via /chat/completions + When I send 20 GET requests to "http://localhost:8080/global-rl/chat/completions" + Then the response status code should be 429 + + # KEY ASSERTION: a SEPARATE resource must ALSO be limited — it shares the same bucket + When I send a GET request to "http://localhost:8080/global-rl/embeddings" + Then the response status code should be 429 + And the response body should contain "Rate limit exceeded" + + # Scenario 2 — operationPolicies: independent bucket per resource. + # Exhausting /chat/completions does NOT affect /embeddings (its own bucket). + # RED before the controller change (field unknown or silently ignored). + # GREEN after Phases 2–3. + Scenario: operationPolicies keeps independent rate-limit buckets per resource + Given I authenticate using basic auth as "admin" + When I create this LLM provider template: + """ + apiVersion: gateway.api-platform.wso2.com/v1alpha2 + kind: LlmProviderTemplate + metadata: + name: op-rl-template + spec: + displayName: Operation RateLimit Template + promptTokens: + location: payload + identifier: $.json.usage.prompt_tokens + completionTokens: + location: payload + identifier: $.json.usage.completion_tokens + totalTokens: + location: payload + identifier: $.json.usage.total_tokens + """ + Then the response status code should be 201 + + Given I authenticate using basic auth as "admin" + When I create this LLM provider: + """ + apiVersion: gateway.api-platform.wso2.com/v1alpha2 + kind: LlmProvider + metadata: + name: op-rl-provider + spec: + displayName: Operation RateLimit Provider + version: v1.0 + context: /op-rl + template: op-rl-template + upstream: + url: http://echo-backend-multi-arch:8080/anything + auth: + type: api-key + header: Authorization + value: test-api-key + accessControl: + mode: deny_all + exceptions: + - path: /chat/completions + methods: [GET] + - path: /embeddings + methods: [GET] + operationPolicies: + - name: basic-ratelimit + version: v1 + paths: + - path: /chat/completions + methods: [GET] + params: + limits: + - requests: 10 + duration: "1h" + - path: /embeddings + methods: [GET] + params: + limits: + - requests: 10 + duration: "1h" + """ + Then the response status code should be 201 + And I wait for the endpoint "http://localhost:8080/op-rl/chat/completions" to be ready + + When I send 20 GET requests to "http://localhost:8080/op-rl/chat/completions" + Then the response status code should be 429 + + # Separate resource has its OWN bucket — still served + When I send a GET request to "http://localhost:8080/op-rl/embeddings" + Then the response status code should be 200 + + # Scenario 3 — combined: globalPolicies caps total traffic; operationPolicies caps /chat/completions independently. + # /chat/completions is blocked by its tighter per-resource bucket; /embeddings is isolated from that + # exhaustion but is eventually capped by the shared global bucket. + # GREEN after Phases 2–3 when both fields are wired up. + Scenario: globalPolicies and operationPolicies coexist — per-resource cap blocks one resource without affecting another + Given I authenticate using basic auth as "admin" + When I create this LLM provider template: + """ + apiVersion: gateway.api-platform.wso2.com/v1alpha2 + kind: LlmProviderTemplate + metadata: + name: combined-rl-template + spec: + displayName: Combined RateLimit Template + promptTokens: + location: payload + identifier: $.json.usage.prompt_tokens + completionTokens: + location: payload + identifier: $.json.usage.completion_tokens + totalTokens: + location: payload + identifier: $.json.usage.total_tokens + """ + Then the response status code should be 201 + + Given I authenticate using basic auth as "admin" + When I create this LLM provider: + """ + apiVersion: gateway.api-platform.wso2.com/v1alpha2 + kind: LlmProvider + metadata: + name: combined-rl-provider + spec: + displayName: Combined RateLimit Provider + version: v1.0 + context: /combined-rl + template: combined-rl-template + upstream: + url: http://echo-backend-multi-arch:8080/anything + auth: + type: api-key + header: Authorization + value: test-api-key + accessControl: + mode: deny_all + exceptions: + - path: /chat/completions + methods: [GET] + - path: /embeddings + methods: [GET] + globalPolicies: + - name: basic-ratelimit + version: v1 + params: + limits: + - requests: 20 + duration: "1h" + operationPolicies: + - name: basic-ratelimit + version: v1 + paths: + - path: /chat/completions + methods: [GET] + params: + limits: + - requests: 5 + duration: "1h" + """ + Then the response status code should be 201 + And I wait for the endpoint "http://localhost:8080/combined-rl/chat/completions" to be ready + + # Per-resource op bucket for /chat/completions is exhausted (limit: 5) + When I send 10 GET requests to "http://localhost:8080/combined-rl/chat/completions" + Then the response status code should be 429 + + # KEY ASSERTION: /embeddings has no op policy — its independent bucket is untouched + When I send a GET request to "http://localhost:8080/combined-rl/embeddings" + Then the response status code should be 200 + + # Exhaust the shared global bucket via /embeddings (global limit: 20; at least 5 already consumed) + When I send 25 GET requests to "http://localhost:8080/combined-rl/embeddings" + Then the response status code should be 429 + And the response body should contain "Rate limit exceeded" + + # Scenario 4 — deprecated policies field still works (regression guard). + # Identical to the operationPolicies scenario but using the legacy policies: field. + # GREEN before AND after the controller change. + Scenario: deprecated policies field still enforces independent per-resource rate limits + Given I authenticate using basic auth as "admin" + When I create this LLM provider template: + """ + apiVersion: gateway.api-platform.wso2.com/v1alpha2 + kind: LlmProviderTemplate + metadata: + name: legacy-rl-template + spec: + displayName: Legacy RateLimit Template + promptTokens: + location: payload + identifier: $.json.usage.prompt_tokens + completionTokens: + location: payload + identifier: $.json.usage.completion_tokens + totalTokens: + location: payload + identifier: $.json.usage.total_tokens + """ + Then the response status code should be 201 + + Given I authenticate using basic auth as "admin" + When I create this LLM provider: + """ + apiVersion: gateway.api-platform.wso2.com/v1alpha2 + kind: LlmProvider + metadata: + name: legacy-rl-provider + spec: + displayName: Legacy RateLimit Provider + version: v1.0 + context: /legacy-rl + template: legacy-rl-template + upstream: + url: http://echo-backend-multi-arch:8080/anything + auth: + type: api-key + header: Authorization + value: test-api-key + accessControl: + mode: deny_all + exceptions: + - path: /chat/completions + methods: [GET] + - path: /embeddings + methods: [GET] + policies: + - name: basic-ratelimit + version: v1 + paths: + - path: /chat/completions + methods: [GET] + params: + limits: + - requests: 10 + duration: "1h" + - path: /embeddings + methods: [GET] + params: + limits: + - requests: 10 + duration: "1h" + """ + Then the response status code should be 201 + And I wait for the endpoint "http://localhost:8080/legacy-rl/chat/completions" to be ready + + When I send 20 GET requests to "http://localhost:8080/legacy-rl/chat/completions" + Then the response status code should be 429 + + # Separate resource has its OWN bucket — still served + When I send a GET request to "http://localhost:8080/legacy-rl/embeddings" + Then the response status code should be 200 + + # --------------------------------------------------------------------------- + # Scenarios 5–6: advanced-ratelimit on LLM providers + # --------------------------------------------------------------------------- + + # Scenario 5 — advanced-ratelimit in globalPolicies with keyExtraction=apiname. + # All operations share ONE counter. Exhausting /chat/completions also limits + # /embeddings because the counter key is the API name, not the route. + Scenario: advanced-ratelimit globalPolicies with keyExtraction=apiname shares one bucket across all provider resources + Given I authenticate using basic auth as "admin" + When I create this LLM provider template: + """ + apiVersion: gateway.api-platform.wso2.com/v1alpha2 + kind: LlmProviderTemplate + metadata: + name: adv-gl-prov-tpl + spec: + displayName: Adv Global Provider Template + promptTokens: + location: payload + identifier: $.json.usage.prompt_tokens + completionTokens: + location: payload + identifier: $.json.usage.completion_tokens + totalTokens: + location: payload + identifier: $.json.usage.total_tokens + """ + Then the response status code should be 201 + + Given I authenticate using basic auth as "admin" + When I create this LLM provider: + """ + apiVersion: gateway.api-platform.wso2.com/v1alpha2 + kind: LlmProvider + metadata: + name: adv-gl-provider + spec: + displayName: Adv Global RateLimit Provider + version: v1.0 + context: /adv-gl + template: adv-gl-prov-tpl + upstream: + url: http://echo-backend-multi-arch:8080/anything + auth: + type: api-key + header: Authorization + value: test-api-key + accessControl: + mode: deny_all + exceptions: + - path: /chat/completions + methods: [GET] + - path: /embeddings + methods: [GET] + globalPolicies: + - name: advanced-ratelimit + version: v1 + params: + quotas: + - name: request-limit + limits: + - limit: 10 + duration: "1h" + keyExtraction: + - type: apiname + """ + Then the response status code should be 201 + And I wait for the endpoint "http://localhost:8080/adv-gl/chat/completions" to be ready + + # Exhaust the shared api-level bucket via /chat/completions + When I send 20 GET requests to "http://localhost:8080/adv-gl/chat/completions" + Then the response status code should be 429 + + # KEY ASSERTION: /embeddings shares the same apiname-keyed bucket — must also be limited + When I send a GET request to "http://localhost:8080/adv-gl/embeddings" + Then the response status code should be 429 + And the response body should contain "Rate limit exceeded" + + # Scenario 6 — advanced-ratelimit in operationPolicies without keyExtraction. + # Default key is routename, so each operation gets its own isolated counter. + # Exhausting /chat/completions leaves /embeddings unaffected. + Scenario: advanced-ratelimit operationPolicies without keyExtraction keeps independent buckets per provider resource + Given I authenticate using basic auth as "admin" + When I create this LLM provider template: + """ + apiVersion: gateway.api-platform.wso2.com/v1alpha2 + kind: LlmProviderTemplate + metadata: + name: adv-op-prov-tpl + spec: + displayName: Adv Op Provider Template + promptTokens: + location: payload + identifier: $.json.usage.prompt_tokens + completionTokens: + location: payload + identifier: $.json.usage.completion_tokens + totalTokens: + location: payload + identifier: $.json.usage.total_tokens + """ + Then the response status code should be 201 + + Given I authenticate using basic auth as "admin" + When I create this LLM provider: + """ + apiVersion: gateway.api-platform.wso2.com/v1alpha2 + kind: LlmProvider + metadata: + name: adv-op-provider + spec: + displayName: Adv Op RateLimit Provider + version: v1.0 + context: /adv-op + template: adv-op-prov-tpl + upstream: + url: http://echo-backend-multi-arch:8080/anything + auth: + type: api-key + header: Authorization + value: test-api-key + accessControl: + mode: deny_all + exceptions: + - path: /chat/completions + methods: [GET] + - path: /embeddings + methods: [GET] + operationPolicies: + - name: advanced-ratelimit + version: v1 + paths: + - path: /chat/completions + methods: [GET] + params: + quotas: + - name: request-limit + limits: + - limit: 10 + duration: "1h" + - path: /embeddings + methods: [GET] + params: + quotas: + - name: request-limit + limits: + - limit: 10 + duration: "1h" + """ + Then the response status code should be 201 + And I wait for the endpoint "http://localhost:8080/adv-op/chat/completions" to be ready + + When I send 20 GET requests to "http://localhost:8080/adv-op/chat/completions" + Then the response status code should be 429 + + # /embeddings has its own routename-keyed bucket — completely unaffected + When I send a GET request to "http://localhost:8080/adv-op/embeddings" + Then the response status code should be 200 + + # --------------------------------------------------------------------------- + # Scenarios 7–8: advanced-ratelimit on LLM proxies + # --------------------------------------------------------------------------- + + # Scenario 7 — advanced-ratelimit in proxy globalPolicies with keyExtraction=apiname. + # The proxy exposes multiple operations; the shared apiname counter spans all of them. + Scenario: advanced-ratelimit globalPolicies with keyExtraction=apiname shares one bucket across all proxy resources + Given I authenticate using basic auth as "admin" + When I create this LLM provider template: + """ + apiVersion: gateway.api-platform.wso2.com/v1alpha2 + kind: LlmProviderTemplate + metadata: + name: adv-gl-proxy-tpl + spec: + displayName: Adv Global Proxy Template + promptTokens: + location: payload + identifier: $.json.usage.prompt_tokens + completionTokens: + location: payload + identifier: $.json.usage.completion_tokens + totalTokens: + location: payload + identifier: $.json.usage.total_tokens + """ + Then the response status code should be 201 + + When I create this LLM provider: + """ + apiVersion: gateway.api-platform.wso2.com/v1alpha2 + kind: LlmProvider + metadata: + name: adv-gl-proxy-backend + spec: + displayName: Adv Global Proxy Backend + version: v1.0 + context: /adv-gl-pb + template: adv-gl-proxy-tpl + upstream: + url: http://echo-backend-multi-arch:8080/anything + auth: + type: api-key + header: Authorization + value: test-api-key + accessControl: + mode: allow_all + """ + Then the response status code should be 201 + + When I deploy this LLM proxy configuration: + """ + apiVersion: gateway.api-platform.wso2.com/v1alpha2 + kind: LlmProxy + metadata: + name: adv-gl-proxy + spec: + displayName: Adv Global RateLimit Proxy + version: v1.0 + context: /adv-gl-px + provider: + id: adv-gl-proxy-backend + globalPolicies: + - name: advanced-ratelimit + version: v1 + params: + quotas: + - name: request-limit + limits: + - limit: 10 + duration: "1h" + keyExtraction: + - type: apiname + """ + Then the response status code should be 201 + And I wait for the endpoint "http://localhost:8080/adv-gl-px/chat/completions" to be ready + + # Exhaust the shared api-level proxy bucket via /chat/completions + When I send 20 GET requests to "http://localhost:8080/adv-gl-px/chat/completions" + Then the response status code should be 429 + + # KEY ASSERTION: /embeddings shares the same apiname-keyed bucket — must also be limited + When I send a GET request to "http://localhost:8080/adv-gl-px/embeddings" + Then the response status code should be 429 + And the response body should contain "Rate limit exceeded" + + # Scenario 8 — advanced-ratelimit in proxy operationPolicies without keyExtraction. + # Default routename key gives each operation its own isolated counter. + # Exhausting /chat/completions leaves /embeddings unaffected. + Scenario: advanced-ratelimit operationPolicies without keyExtraction keeps independent buckets per proxy resource + Given I authenticate using basic auth as "admin" + When I create this LLM provider template: + """ + apiVersion: gateway.api-platform.wso2.com/v1alpha2 + kind: LlmProviderTemplate + metadata: + name: adv-op-proxy-tpl + spec: + displayName: Adv Op Proxy Template + promptTokens: + location: payload + identifier: $.json.usage.prompt_tokens + completionTokens: + location: payload + identifier: $.json.usage.completion_tokens + totalTokens: + location: payload + identifier: $.json.usage.total_tokens + """ + Then the response status code should be 201 + + When I create this LLM provider: + """ + apiVersion: gateway.api-platform.wso2.com/v1alpha2 + kind: LlmProvider + metadata: + name: adv-op-proxy-backend + spec: + displayName: Adv Op Proxy Backend + version: v1.0 + context: /adv-op-pb + template: adv-op-proxy-tpl + upstream: + url: http://echo-backend-multi-arch:8080/anything + auth: + type: api-key + header: Authorization + value: test-api-key + accessControl: + mode: allow_all + """ + Then the response status code should be 201 + + When I deploy this LLM proxy configuration: + """ + apiVersion: gateway.api-platform.wso2.com/v1alpha2 + kind: LlmProxy + metadata: + name: adv-op-proxy + spec: + displayName: Adv Op RateLimit Proxy + version: v1.0 + context: /adv-op-px + provider: + id: adv-op-proxy-backend + operationPolicies: + - name: advanced-ratelimit + version: v1 + paths: + - path: /chat/completions + methods: [GET] + params: + quotas: + - name: request-limit + limits: + - limit: 10 + duration: "1h" + """ + Then the response status code should be 201 + And I wait for the endpoint "http://localhost:8080/adv-op-px/chat/completions" to be ready + + When I send 20 GET requests to "http://localhost:8080/adv-op-px/chat/completions" + Then the response status code should be 429 + + # /embeddings has its own routename-keyed bucket — completely unaffected + When I send a GET request to "http://localhost:8080/adv-op-px/embeddings" + Then the response status code should be 200 + + # --------------------------------------------------------------------------- + # Scenarios 9–10: mixed advanced-ratelimit (global) + basic-ratelimit (operation) + # This is the realistic production case: a provider-wide cap enforced by + # advanced-ratelimit (apiname key) combined with a tighter per-path cap + # enforced by basic-ratelimit. The operation policy fires first; but because + # global policies run before operation policies in the chain, the shared global + # counter is still incremented even for requests that the operation policy + # ultimately rejects — so /embeddings eventually hits the global cap even + # though it has no operation policy of its own. + # --------------------------------------------------------------------------- + + # Scenario 9 — Provider: advanced-ratelimit global (5/hr, apiname) + + # basic-ratelimit operation (3/hr for /chat/completions). + Scenario: mixed advanced-ratelimit global and basic-ratelimit operation on provider — global bucket exhausted by rejected operation traffic + Given I authenticate using basic auth as "admin" + When I create this LLM provider template: + """ + apiVersion: gateway.api-platform.wso2.com/v1alpha2 + kind: LlmProviderTemplate + metadata: + name: mix-prov-tpl + spec: + displayName: Mix Provider Template + promptTokens: + location: payload + identifier: $.json.usage.prompt_tokens + completionTokens: + location: payload + identifier: $.json.usage.completion_tokens + totalTokens: + location: payload + identifier: $.json.usage.total_tokens + """ + Then the response status code should be 201 + + Given I authenticate using basic auth as "admin" + When I create this LLM provider: + """ + apiVersion: gateway.api-platform.wso2.com/v1alpha2 + kind: LlmProvider + metadata: + name: mix-provider + spec: + displayName: Mix RateLimit Provider + version: v1.0 + context: /mix-prov + template: mix-prov-tpl + upstream: + url: http://echo-backend-multi-arch:8080/anything + auth: + type: api-key + header: Authorization + value: test-api-key + accessControl: + mode: deny_all + exceptions: + - path: /chat/completions + methods: [GET] + - path: /embeddings + methods: [GET] + globalPolicies: + - name: advanced-ratelimit + version: v1 + params: + quotas: + - name: request-limit + limits: + - limit: 5 + duration: "1h" + keyExtraction: + - type: apiname + operationPolicies: + - name: basic-ratelimit + version: v1 + paths: + - path: /chat/completions + methods: [GET] + params: + limits: + - requests: 3 + duration: "1h" + """ + Then the response status code should be 201 + And I wait for the endpoint "http://localhost:8080/mix-prov/chat/completions" to be ready + + # Operation policy (3/hr) fires before global (5/hr) for /chat/completions. + # Global still increments on every attempt — including those the operation policy rejects. + When I send 10 GET requests to "http://localhost:8080/mix-prov/chat/completions" + Then the response status code should be 429 + + # KEY ASSERTION: /embeddings has no operation policy but shares the global + # apiname bucket. The global was exhausted by /chat/completions traffic, + # so /embeddings is also blocked. + When I send a GET request to "http://localhost:8080/mix-prov/embeddings" + Then the response status code should be 429 + And the response body should contain "Rate limit exceeded" + + # Scenario 10 — Proxy: advanced-ratelimit global (5/hr, apiname) + + # basic-ratelimit operation (3/hr for /chat/completions). + Scenario: mixed advanced-ratelimit global and basic-ratelimit operation on proxy — global bucket exhausted by rejected operation traffic + Given I authenticate using basic auth as "admin" + When I create this LLM provider template: + """ + apiVersion: gateway.api-platform.wso2.com/v1alpha2 + kind: LlmProviderTemplate + metadata: + name: mix-proxy-tpl + spec: + displayName: Mix Proxy Template + promptTokens: + location: payload + identifier: $.json.usage.prompt_tokens + completionTokens: + location: payload + identifier: $.json.usage.completion_tokens + totalTokens: + location: payload + identifier: $.json.usage.total_tokens + """ + Then the response status code should be 201 + + When I create this LLM provider: + """ + apiVersion: gateway.api-platform.wso2.com/v1alpha2 + kind: LlmProvider + metadata: + name: mix-proxy-backend + spec: + displayName: Mix Proxy Backend + version: v1.0 + context: /mix-pb + template: mix-proxy-tpl + upstream: + url: http://echo-backend-multi-arch:8080/anything + auth: + type: api-key + header: Authorization + value: test-api-key + accessControl: + mode: allow_all + """ + Then the response status code should be 201 + + When I deploy this LLM proxy configuration: + """ + apiVersion: gateway.api-platform.wso2.com/v1alpha2 + kind: LlmProxy + metadata: + name: mix-proxy + spec: + displayName: Mix RateLimit Proxy + version: v1.0 + context: /mix-px + provider: + id: mix-proxy-backend + globalPolicies: + - name: advanced-ratelimit + version: v1 + params: + quotas: + - name: request-limit + limits: + - limit: 5 + duration: "1h" + keyExtraction: + - type: apiname + operationPolicies: + - name: basic-ratelimit + version: v1 + paths: + - path: /chat/completions + methods: [GET] + params: + limits: + - requests: 3 + duration: "1h" + """ + Then the response status code should be 201 + And I wait for the endpoint "http://localhost:8080/mix-px/chat/completions" to be ready + + # Operation policy (3/hr) fires before global (5/hr) for /chat/completions. + # Global still increments on every attempt — including those the operation policy rejects. + When I send 10 GET requests to "http://localhost:8080/mix-px/chat/completions" + Then the response status code should be 429 + + # KEY ASSERTION: /embeddings has no operation policy but shares the global + # apiname bucket. The global was exhausted by /chat/completions traffic, + # so /embeddings is also blocked. + When I send a GET request to "http://localhost:8080/mix-px/embeddings" + Then the response status code should be 429 + And the response body should contain "Rate limit exceeded" diff --git a/gateway/it/features/llm-provider.feature b/gateway/it/features/llm-provider.feature index 866b7f0e19..e2f334a8c6 100644 --- a/gateway/it/features/llm-provider.feature +++ b/gateway/it/features/llm-provider.feature @@ -33,7 +33,7 @@ Feature: LLM Provider Management Given I authenticate using basic auth as "admin" When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: openai-provider @@ -72,7 +72,7 @@ Feature: LLM Provider Management Given I authenticate using basic auth as "admin" When I update the LLM provider "openai-provider" with: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: openai-provider @@ -128,7 +128,7 @@ Feature: LLM Provider Management Given I authenticate using basic auth as "admin" When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: provider-1 @@ -146,7 +146,7 @@ Feature: LLM Provider Management Given I authenticate using basic auth as "admin" When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: provider-2 @@ -203,7 +203,7 @@ Feature: LLM Provider Management Given I authenticate using basic auth as "admin" When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: filter-test-1 @@ -233,7 +233,7 @@ Feature: LLM Provider Management Given I authenticate using basic auth as "admin" When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: version-test @@ -267,7 +267,7 @@ Feature: LLM Provider Management Given I authenticate using basic auth as "admin" When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: vhost-provider @@ -307,7 +307,7 @@ Feature: LLM Provider Management Given I authenticate using basic auth as "admin" When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: openai-template-test @@ -345,7 +345,7 @@ Feature: LLM Provider Management Given I authenticate using basic auth as "admin" When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: policy-provider @@ -395,7 +395,7 @@ Feature: LLM Provider Management Given I authenticate using basic auth as "admin" When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: invalid-provider @@ -444,7 +444,7 @@ Feature: LLM Provider Management Given I authenticate using basic auth as "admin" When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: minimal-provider @@ -478,7 +478,7 @@ Feature: LLM Provider Management Given I authenticate using basic auth as "admin" When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: invoke-context-provider @@ -525,7 +525,7 @@ Feature: LLM Provider Management Given I authenticate using basic auth as "admin" When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: invoke-acl-provider @@ -571,7 +571,7 @@ Feature: LLM Provider Management Given I authenticate using basic auth as "admin" When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: invoke-auth-provider diff --git a/gateway/it/features/llm-proxies.feature b/gateway/it/features/llm-proxies.feature index 7348d7d198..5b030dbc6b 100644 --- a/gateway/it/features/llm-proxies.feature +++ b/gateway/it/features/llm-proxies.feature @@ -81,7 +81,7 @@ Feature: LLM Proxy Management Operations When I send a PUT request to the "gateway-controller" service at "/llm-proxies/non-existent-proxy-update" with body: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "LlmProxy", "metadata": { "name": "non-existent-proxy-update" @@ -103,7 +103,7 @@ Feature: LLM Proxy Management Operations When I send a POST request to the "gateway-controller" service at "/llm-proxies" with body: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "LlmProxy", "metadata": { "name": "invalid-proxy" @@ -122,7 +122,7 @@ Feature: LLM Proxy Management Operations # First, create the LLM provider that the proxy will reference When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: lifecycle-test-provider @@ -143,7 +143,7 @@ Feature: LLM Proxy Management Operations # Create LLM proxy referencing the provider When I deploy this LLM proxy configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProxy metadata: name: lifecycle-llm-proxy @@ -165,7 +165,7 @@ Feature: LLM Proxy Management Operations # Update the LLM proxy When I update the LLM proxy "lifecycle-llm-proxy" with: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProxy metadata: name: lifecycle-llm-proxy @@ -197,7 +197,7 @@ Feature: LLM Proxy Management Operations # First, create the LLM provider When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: list-test-provider @@ -218,7 +218,7 @@ Feature: LLM Proxy Management Operations # Create LLM proxy When I deploy this LLM proxy configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProxy metadata: name: list-test-llm-proxy @@ -254,7 +254,7 @@ Feature: LLM Proxy Management Operations Scenario: Create LLM proxy referencing non-existent provider When I deploy this LLM proxy configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProxy metadata: name: orphan-llm-proxy @@ -281,7 +281,7 @@ Feature: LLM Proxy Management Operations # First, create the LLM provider When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: filter-llm-provider @@ -302,7 +302,7 @@ Feature: LLM Proxy Management Operations # Create LLM proxy with unique displayName When I deploy this LLM proxy configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProxy metadata: name: unique-displayname-proxy @@ -329,7 +329,7 @@ Feature: LLM Proxy Management Operations # First, create the LLM provider When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: version-filter-provider @@ -350,7 +350,7 @@ Feature: LLM Proxy Management Operations # Create LLM proxy with specific version When I deploy this LLM proxy configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProxy metadata: name: version-filter-proxy @@ -386,7 +386,7 @@ Feature: LLM Proxy Management Operations Given I authenticate using basic auth as "admin" When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: invoke-proxy-provider @@ -409,7 +409,7 @@ Feature: LLM Proxy Management Operations # Create LLM proxy with context path When I deploy this LLM proxy configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProxy metadata: name: invoke-test-proxy @@ -450,7 +450,7 @@ Feature: LLM Proxy Management Operations Given I authenticate using basic auth as "admin" When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: acl-proxy-provider @@ -476,7 +476,7 @@ Feature: LLM Proxy Management Operations # Create LLM proxy When I deploy this LLM proxy configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProxy metadata: name: acl-invoke-proxy @@ -514,7 +514,7 @@ Feature: LLM Proxy Management Operations Given I authenticate using basic auth as "admin" When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: multi-request-provider @@ -537,7 +537,7 @@ Feature: LLM Proxy Management Operations # Create LLM proxy When I deploy this LLM proxy configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProxy metadata: name: multi-request-proxy diff --git a/gateway/it/features/log-message.feature b/gateway/it/features/log-message.feature index dc669a8968..39fb92ad4b 100644 --- a/gateway/it/features/log-message.feature +++ b/gateway/it/features/log-message.feature @@ -12,7 +12,7 @@ Feature: Log Message Policy Integration Tests Scenario: Log request payload and headers When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-log-message-request @@ -48,7 +48,7 @@ Feature: Log Message Policy Integration Tests Scenario: Log response payload and headers When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-log-message-response @@ -79,7 +79,7 @@ Feature: Log Message Policy Integration Tests Scenario: Log both request and response When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-log-message-both @@ -123,7 +123,7 @@ Feature: Log Message Policy Integration Tests Scenario: Log only request headers without payload When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-log-message-req-headers-only @@ -153,7 +153,7 @@ Feature: Log Message Policy Integration Tests Scenario: Log only response headers without payload When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-log-message-resp-headers-only @@ -187,7 +187,7 @@ Feature: Log Message Policy Integration Tests Scenario: Log only request payload without headers When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-log-message-req-payload-only @@ -223,7 +223,7 @@ Feature: Log Message Policy Integration Tests Scenario: Log only response payload without headers When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-log-message-resp-payload-only @@ -257,7 +257,7 @@ Feature: Log Message Policy Integration Tests Scenario: Log request headers with exclusions When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-log-message-req-exclude @@ -289,7 +289,7 @@ Feature: Log Message Policy Integration Tests Scenario: Log response headers with exclusions When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-log-message-resp-exclude @@ -325,7 +325,7 @@ Feature: Log Message Policy Integration Tests Scenario: Log message policy combined with set-headers When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-log-message-combined @@ -367,7 +367,7 @@ Feature: Log Message Policy Integration Tests Scenario: Log message with different HTTP methods When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-log-message-methods @@ -443,7 +443,7 @@ Feature: Log Message Policy Integration Tests Scenario: Log message with large request payload When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-log-message-large-payload diff --git a/gateway/it/features/mcp_deploy.feature b/gateway/it/features/mcp_deploy.feature index 1fc0e027b8..8e43da07a4 100644 --- a/gateway/it/features/mcp_deploy.feature +++ b/gateway/it/features/mcp_deploy.feature @@ -28,7 +28,7 @@ Feature: Test MCP CRUD and connectivity Given I authenticate using basic auth as "admin" When I deploy this MCP configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Mcp metadata: name: everything-mcp-v1.0 @@ -66,7 +66,7 @@ Feature: Test MCP CRUD and connectivity Given I authenticate using basic auth as "admin" When I update the MCP proxy "everything-mcp-v1.0" with: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Mcp metadata: name: everything-mcp-v1.0 @@ -100,7 +100,7 @@ Feature: Test MCP CRUD and connectivity Given I authenticate using basic auth as "admin" When I deploy this MCP configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Mcp metadata: name: invalid-tools-mcp-v1.0 @@ -169,7 +169,7 @@ Feature: Test MCP CRUD and connectivity Given I authenticate using basic auth as "admin" When I update the MCP proxy "non-existent-mcp-update" with: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Mcp metadata: name: non-existent-mcp-update @@ -186,7 +186,7 @@ Feature: Test MCP CRUD and connectivity Given I authenticate using basic auth as "admin" When I deploy this MCP configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Mcp metadata: name: labeled-mcp-v1.0 @@ -228,7 +228,7 @@ Feature: Test MCP CRUD and connectivity Given I authenticate using basic auth as "admin" When I deploy this MCP configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Mcp metadata: name: invalid-mcp-labels-v1.0 @@ -265,7 +265,7 @@ Feature: Test MCP CRUD and connectivity Given I authenticate using basic auth as "admin" When I deploy this MCP configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Mcp metadata: name: incomplete-mcp-v1.0 @@ -280,7 +280,7 @@ Feature: Test MCP CRUD and connectivity Given I authenticate using basic auth as "admin" When I deploy this MCP configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Mcp metadata: name: invalid-spec-version-mcp-v1.0 @@ -301,7 +301,7 @@ Feature: Test MCP CRUD and connectivity Given I authenticate using basic auth as "admin" When I deploy this MCP configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Mcp metadata: name: missing-upstream-mcp-v1.0 @@ -322,7 +322,7 @@ Feature: Test MCP CRUD and connectivity Given I authenticate using basic auth as "admin" When I deploy this MCP configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Mcp metadata: name: duplicate-mcp-v1.0 @@ -342,7 +342,7 @@ Feature: Test MCP CRUD and connectivity Given I authenticate using basic auth as "admin" When I deploy this MCP configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Mcp metadata: name: duplicate-mcp-v1.0 @@ -380,7 +380,7 @@ Feature: Test MCP CRUD and connectivity Given I authenticate using basic auth as "admin" When I deploy this MCP configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Mcp metadata: name: filter-test-mcp-v1.0 @@ -410,7 +410,7 @@ Feature: Test MCP CRUD and connectivity Given I authenticate using basic auth as "admin" When I deploy this MCP configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Mcp metadata: name: version-test-mcp-v99.0 diff --git a/gateway/it/features/mcp_policies.feature b/gateway/it/features/mcp_policies.feature index c2a493b342..32e51ff93a 100644 --- a/gateway/it/features/mcp_policies.feature +++ b/gateway/it/features/mcp_policies.feature @@ -28,7 +28,7 @@ Feature: Test how MCP Proxies behave when various policies are applied. Given I authenticate using basic auth as "admin" When I deploy this MCP configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Mcp metadata: name: mcp-non-existing-policy-test @@ -55,7 +55,7 @@ Feature: Test how MCP Proxies behave when various policies are applied. Given I authenticate using basic auth as "admin" When I deploy this MCP configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Mcp metadata: name: mcp-auth-test @@ -98,7 +98,7 @@ Feature: Test how MCP Proxies behave when various policies are applied. Given I authenticate using basic auth as "admin" When I deploy this MCP configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Mcp metadata: name: mcp-auth-valid-token-test @@ -138,7 +138,7 @@ Feature: Test how MCP Proxies behave when various policies are applied. Given I authenticate using basic auth as "admin" When I deploy this MCP configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Mcp metadata: name: mcp-auth-tools-only-test @@ -185,7 +185,7 @@ Feature: Test how MCP Proxies behave when various policies are applied. Given I authenticate using basic auth as "admin" When I deploy this MCP configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Mcp metadata: name: mcp-authz-test @@ -243,7 +243,7 @@ Feature: Test how MCP Proxies behave when various policies are applied. Given I authenticate using basic auth as "admin" When I deploy this MCP configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Mcp metadata: name: mcp-authz-valid-token-test @@ -294,7 +294,7 @@ Feature: Test how MCP Proxies behave when various policies are applied. Given I authenticate using basic auth as "admin" When I deploy this MCP configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Mcp metadata: name: mcp-acl-test @@ -334,7 +334,7 @@ Feature: Test how MCP Proxies behave when various policies are applied. Given I authenticate using basic auth as "admin" When I update the MCP proxy "mcp-acl-test" with: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Mcp metadata: name: mcp-acl-test @@ -379,7 +379,7 @@ Feature: Test how MCP Proxies behave when various policies are applied. Given I authenticate using basic auth as "admin" When I deploy this MCP configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Mcp metadata: name: mcp-rewrite-test @@ -443,7 +443,7 @@ Feature: Test how MCP Proxies behave when various policies are applied. Given I authenticate using basic auth as "admin" When I deploy this MCP configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Mcp metadata: name: mcp-ratelimit-tool-test @@ -510,7 +510,7 @@ Feature: Test how MCP Proxies behave when various policies are applied. Given I authenticate using basic auth as "admin" When I deploy this MCP configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Mcp metadata: name: mcp-ratelimit-method-test @@ -577,7 +577,7 @@ Feature: Test how MCP Proxies behave when various policies are applied. Given I authenticate using basic auth as "admin" When I deploy this MCP configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Mcp metadata: name: mcp-cors-test diff --git a/gateway/it/features/metrics.feature b/gateway/it/features/metrics.feature index 0dd42b678d..6648efe851 100644 --- a/gateway/it/features/metrics.feature +++ b/gateway/it/features/metrics.feature @@ -38,7 +38,7 @@ Feature: Gateway Metrics Given I authenticate using basic auth as "admin" When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: metrics-test-api-v1.0 @@ -68,7 +68,7 @@ Feature: Gateway Metrics Given I authenticate using basic auth as "admin" And I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: metrics-api-v1.0 @@ -124,7 +124,7 @@ Feature: Gateway Metrics Given I authenticate using basic auth as "admin" And I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: policy-metrics-api-v1.0 @@ -158,7 +158,7 @@ Feature: Gateway Metrics Given I authenticate using basic auth as "admin" And I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: chain-metrics-api-v1.0 diff --git a/gateway/it/features/model-round-robin.feature b/gateway/it/features/model-round-robin.feature index c0d624a211..9b0c22929f 100644 --- a/gateway/it/features/model-round-robin.feature +++ b/gateway/it/features/model-round-robin.feature @@ -15,7 +15,7 @@ Feature: Model Round-Robin Load Balancing Policy Scenario: Basic round-robin with two models When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: rrr-two-models @@ -79,7 +79,7 @@ Feature: Model Round-Robin Load Balancing Policy Scenario: Round-robin with three models When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: rrr-three-models @@ -141,7 +141,7 @@ Feature: Model Round-Robin Load Balancing Policy Scenario: Round-robin with four models When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: rrr-four-models @@ -207,7 +207,7 @@ Feature: Model Round-Robin Load Balancing Policy Scenario: Model selection with header location When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: rrr-header-loc @@ -272,7 +272,7 @@ Feature: Model Round-Robin Load Balancing Policy Scenario: Model selection with query parameter location When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: rrr-query-loc @@ -325,7 +325,7 @@ Feature: Model Round-Robin Load Balancing Policy Scenario: Model selection with path parameter location When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: rrr-path-loc @@ -384,7 +384,7 @@ Feature: Model Round-Robin Load Balancing Policy Scenario: Model selection with nested JSONPath When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: rrr-nested-jsonpath @@ -443,7 +443,7 @@ Feature: Model Round-Robin Load Balancing Policy Scenario: Suspend model on 5xx error with recovery When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: rrr-suspend-5xx @@ -508,7 +508,7 @@ Feature: Model Round-Robin Load Balancing Policy Scenario: Suspend model on 429 rate limit error When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: rrr-suspend-429 @@ -565,7 +565,7 @@ Feature: Model Round-Robin Load Balancing Policy Scenario: All models suspended returns 503 When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: rrr-all-suspended @@ -625,7 +625,7 @@ Feature: Model Round-Robin Load Balancing Policy Scenario: No suspension when suspendDuration is 0 When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: rrr-no-suspend @@ -686,7 +686,7 @@ Feature: Model Round-Robin Load Balancing Policy Scenario: Handle empty request body When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: rrr-empty-body @@ -726,7 +726,7 @@ Feature: Model Round-Robin Load Balancing Policy Scenario: Handle invalid JSON in request body When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: rrr-invalid-json @@ -767,7 +767,7 @@ Feature: Model Round-Robin Load Balancing Policy Scenario: Handle invalid JSONPath When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: rrr-inv-jsonpath @@ -808,7 +808,7 @@ Feature: Model Round-Robin Load Balancing Policy Scenario: Handle missing model field in payload When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: rrr-missing-model @@ -849,7 +849,7 @@ Feature: Model Round-Robin Load Balancing Policy Scenario: High availability with automatic failover When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: rrr-ha-failover diff --git a/gateway/it/features/model-weighted-round-robin.feature b/gateway/it/features/model-weighted-round-robin.feature index 3df303e833..2b23d5502e 100644 --- a/gateway/it/features/model-weighted-round-robin.feature +++ b/gateway/it/features/model-weighted-round-robin.feature @@ -15,7 +15,7 @@ Feature: Model Weighted Round-Robin Load Balancing Policy Scenario: Basic weighted distribution with payload location When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: wrr-basic @@ -86,7 +86,7 @@ Feature: Model Weighted Round-Robin Load Balancing Policy Scenario: Equal weight distribution When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: wrr-equal @@ -143,7 +143,7 @@ Feature: Model Weighted Round-Robin Load Balancing Policy Scenario: Three models with different weights When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: wrr-three @@ -244,7 +244,7 @@ Feature: Model Weighted Round-Robin Load Balancing Policy Scenario: Model selection with header location When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: wrr-header @@ -302,7 +302,7 @@ Feature: Model Weighted Round-Robin Load Balancing Policy Scenario: Model selection with query parameter location When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: wrr-query @@ -354,7 +354,7 @@ Feature: Model Weighted Round-Robin Load Balancing Policy Scenario: Model selection with path parameter location When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: wrr-path @@ -408,7 +408,7 @@ Feature: Model Weighted Round-Robin Load Balancing Policy Scenario: Suspend model on 5xx error with recovery When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: wrr-susp-5xx @@ -467,7 +467,7 @@ Feature: Model Weighted Round-Robin Load Balancing Policy Scenario: Suspend model on 429 rate limit error When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: wrr-susp-429 @@ -526,7 +526,7 @@ Feature: Model Weighted Round-Robin Load Balancing Policy Scenario: All models suspended returns 503 When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: wrr-all-susp @@ -588,7 +588,7 @@ Feature: Model Weighted Round-Robin Load Balancing Policy Scenario: No suspension when suspendDuration is 0 When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: wrr-no-susp @@ -651,7 +651,7 @@ Feature: Model Weighted Round-Robin Load Balancing Policy Scenario: Handle empty request body When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: wrr-empty @@ -692,7 +692,7 @@ Feature: Model Weighted Round-Robin Load Balancing Policy Scenario: Handle invalid JSON in request body When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: wrr-inv-json @@ -734,7 +734,7 @@ Feature: Model Weighted Round-Robin Load Balancing Policy Scenario: Handle invalid JSONPath When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: wrr-inv-path @@ -776,7 +776,7 @@ Feature: Model Weighted Round-Robin Load Balancing Policy Scenario: Handle missing model field in payload When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: wrr-missing @@ -822,7 +822,7 @@ Feature: Model Weighted Round-Robin Load Balancing Policy Scenario: Fallback to secondary models on primary failure When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: wrr-fallback @@ -876,7 +876,7 @@ Feature: Model Weighted Round-Robin Load Balancing Policy Scenario: Canary deployment with small weight for new model When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: wrr-canary diff --git a/gateway/it/features/pii-masking-regex.feature b/gateway/it/features/pii-masking-regex.feature index d816b38caa..38ca9164dc 100644 --- a/gateway/it/features/pii-masking-regex.feature +++ b/gateway/it/features/pii-masking-regex.feature @@ -33,7 +33,7 @@ Feature: PII Masking Regex Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: pii-masking-email-api @@ -86,7 +86,7 @@ Feature: PII Masking Regex Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: pii-masking-phone-api @@ -138,7 +138,7 @@ Feature: PII Masking Regex Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: pii-masking-multi-api @@ -206,7 +206,7 @@ Feature: PII Masking Regex Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: pii-redact-email-api @@ -254,7 +254,7 @@ Feature: PII Masking Regex Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: pii-redact-ssn-api @@ -302,7 +302,7 @@ Feature: PII Masking Regex Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: pii-redact-multi-api @@ -357,7 +357,7 @@ Feature: PII Masking Regex Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: pii-masking-jsonpath-api @@ -415,7 +415,7 @@ Feature: PII Masking Regex Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: pii-masking-nested-api @@ -477,7 +477,7 @@ Feature: PII Masking Regex Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: pii-masking-no-pii-api @@ -524,7 +524,7 @@ Feature: PII Masking Regex Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: pii-masking-empty-api @@ -569,7 +569,7 @@ Feature: PII Masking Regex Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: pii-masking-invalid-path-api @@ -622,7 +622,7 @@ Feature: PII Masking Regex Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: pii-masking-multi-emails-api @@ -678,7 +678,7 @@ Feature: PII Masking Regex Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: pii-masking-credit-card-api @@ -726,7 +726,7 @@ Feature: PII Masking Regex Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: pii-masking-comprehensive-api diff --git a/gateway/it/features/policy-engine-admin.feature b/gateway/it/features/policy-engine-admin.feature index 96ff909b43..e64b39e691 100644 --- a/gateway/it/features/policy-engine-admin.feature +++ b/gateway/it/features/policy-engine-admin.feature @@ -70,7 +70,7 @@ Feature: Policy Engine Admin API Scenario: Config dump reflects deployed API routes Given I deploy a test API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: admin-test-api-v1 @@ -105,7 +105,7 @@ Feature: Policy Engine Admin API Scenario: Config dump reflects API deletion Given I deploy a test API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: admin-delete-test-api-v1 @@ -134,7 +134,7 @@ Feature: Policy Engine Admin API Scenario: Config dump shows policy parameters Given I deploy a test API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: admin-policy-params-api-v1 @@ -180,7 +180,7 @@ Feature: Policy Engine Admin API Scenario: Multiple APIs sync correctly via xDS Given I deploy a test API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: xds-sync-api-1-v1 @@ -199,7 +199,7 @@ Feature: Policy Engine Admin API """ And I deploy a test API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: xds-sync-api-2-v1 @@ -228,7 +228,7 @@ Feature: Policy Engine Admin API Scenario: API update syncs via xDS Given I deploy a test API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: xds-update-api-v1 @@ -251,7 +251,7 @@ Feature: Policy Engine Admin API # Update the API with a new operation When I deploy a test API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: xds-update-api-v1 diff --git a/gateway/it/features/prompt-compressor.feature b/gateway/it/features/prompt-compressor.feature index 760dfa5e7a..a27567195f 100644 --- a/gateway/it/features/prompt-compressor.feature +++ b/gateway/it/features/prompt-compressor.feature @@ -33,7 +33,7 @@ Feature: Prompt Compressor Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: pc-deploy-test-api @@ -70,7 +70,7 @@ Feature: Prompt Compressor Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: pc-deterministic-api @@ -125,7 +125,7 @@ Feature: Prompt Compressor Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: pc-ratio-api @@ -179,7 +179,7 @@ Feature: Prompt Compressor Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: pc-ratio-short-api @@ -226,7 +226,7 @@ Feature: Prompt Compressor Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: pc-ratio-one-api @@ -282,7 +282,7 @@ Feature: Prompt Compressor Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: pc-token-api @@ -334,7 +334,7 @@ Feature: Prompt Compressor Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: pc-token-skip-api @@ -385,7 +385,7 @@ Feature: Prompt Compressor Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: pc-jsonpath-flat-api @@ -435,7 +435,7 @@ Feature: Prompt Compressor Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: pc-jsonpath-nested-api @@ -489,7 +489,7 @@ Feature: Prompt Compressor Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: pc-jsonpath-neg-api @@ -542,7 +542,7 @@ Feature: Prompt Compressor Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: pc-jsonpath-nonstring-api @@ -589,7 +589,7 @@ Feature: Prompt Compressor Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: pc-jsonpath-missing-api @@ -640,7 +640,7 @@ Feature: Prompt Compressor Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: pc-tags-api @@ -695,7 +695,7 @@ Feature: Prompt Compressor Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: pc-multi-tags-api @@ -750,7 +750,7 @@ Feature: Prompt Compressor Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: pc-orphan-tag-api @@ -801,7 +801,7 @@ Feature: Prompt Compressor Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: pc-multi-rule-api @@ -859,7 +859,7 @@ Feature: Prompt Compressor Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: pc-multi-rule-fallback-api @@ -920,7 +920,7 @@ Feature: Prompt Compressor Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: pc-invalid-rules-api @@ -982,7 +982,7 @@ Feature: Prompt Compressor Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: pc-empty-body-api @@ -1025,7 +1025,7 @@ Feature: Prompt Compressor Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: pc-non-json-api @@ -1069,7 +1069,7 @@ Feature: Prompt Compressor Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: pc-invalid-json-api @@ -1117,7 +1117,7 @@ Feature: Prompt Compressor Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: pc-metadata-api @@ -1164,7 +1164,7 @@ Feature: Prompt Compressor Policy # Phase 1: Deploy without policy When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: pc-lifecycle-api @@ -1201,7 +1201,7 @@ Feature: Prompt Compressor Policy # Phase 2: Add policy (aggressive ratio 0.3) When I update the API "pc-lifecycle-api" with this configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: pc-lifecycle-api @@ -1248,7 +1248,7 @@ Feature: Prompt Compressor Policy # Phase 3: Update policy (high ratio 0.95 -> skip compression) When I update the API "pc-lifecycle-api" with this configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: pc-lifecycle-api @@ -1296,7 +1296,7 @@ Feature: Prompt Compressor Policy # Phase 4: Remove policy entirely When I update the API "pc-lifecycle-api" with this configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: pc-lifecycle-api diff --git a/gateway/it/features/prompt-decorator.feature b/gateway/it/features/prompt-decorator.feature index b7122a4113..60c9900373 100644 --- a/gateway/it/features/prompt-decorator.feature +++ b/gateway/it/features/prompt-decorator.feature @@ -33,7 +33,7 @@ Feature: Prompt Decorator Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-decorator-prepend-api @@ -85,7 +85,7 @@ Feature: Prompt Decorator Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-decorator-append-api @@ -138,7 +138,7 @@ Feature: Prompt Decorator Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-decorator-multi-api @@ -196,7 +196,7 @@ Feature: Prompt Decorator Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-decorator-text-prepend-api @@ -244,7 +244,7 @@ Feature: Prompt Decorator Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-decorator-text-append-api @@ -296,7 +296,7 @@ Feature: Prompt Decorator Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-decorator-last-msg-api @@ -347,7 +347,7 @@ Feature: Prompt Decorator Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-decorator-last-string-api @@ -401,7 +401,7 @@ Feature: Prompt Decorator Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-decorator-nested-api @@ -456,7 +456,7 @@ Feature: Prompt Decorator Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-decorator-empty-api @@ -503,7 +503,7 @@ Feature: Prompt Decorator Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-decorator-invalid-path-api @@ -556,7 +556,7 @@ Feature: Prompt Decorator Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-decorator-invalid-json-api @@ -609,7 +609,7 @@ Feature: Prompt Decorator Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-decorator-safety-api @@ -660,7 +660,7 @@ Feature: Prompt Decorator Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-decorator-json-format-api @@ -711,7 +711,7 @@ Feature: Prompt Decorator Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-decorator-context-api diff --git a/gateway/it/features/prompt-template.feature b/gateway/it/features/prompt-template.feature index eaef6925cc..c78ac44078 100644 --- a/gateway/it/features/prompt-template.feature +++ b/gateway/it/features/prompt-template.feature @@ -33,7 +33,7 @@ Feature: Prompt Template Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-template-simple-api @@ -78,7 +78,7 @@ Feature: Prompt Template Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-template-no-params-api @@ -127,7 +127,7 @@ Feature: Prompt Template Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-template-multi-config-api @@ -181,7 +181,7 @@ Feature: Prompt Template Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-template-multi-ref-api @@ -234,7 +234,7 @@ Feature: Prompt Template Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-template-encoded-api @@ -279,7 +279,7 @@ Feature: Prompt Template Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-template-special-chars-api @@ -327,7 +327,7 @@ Feature: Prompt Template Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-template-prompt-field-api @@ -371,7 +371,7 @@ Feature: Prompt Template Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-template-message-api @@ -421,7 +421,7 @@ Feature: Prompt Template Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-template-not-found-api @@ -468,7 +468,7 @@ Feature: Prompt Template Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-template-empty-api @@ -508,7 +508,7 @@ Feature: Prompt Template Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-template-no-ref-api @@ -556,7 +556,7 @@ Feature: Prompt Template Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-template-translation-api @@ -600,7 +600,7 @@ Feature: Prompt Template Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-template-code-review-api @@ -644,7 +644,7 @@ Feature: Prompt Template Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-template-sentiment-api diff --git a/gateway/it/features/ratelimit.feature b/gateway/it/features/ratelimit.feature index 850038a9ed..e2e3c37d20 100644 --- a/gateway/it/features/ratelimit.feature +++ b/gateway/it/features/ratelimit.feature @@ -29,7 +29,7 @@ Feature: Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-test-api @@ -69,7 +69,7 @@ Feature: Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-multi-quota-headers-api @@ -121,7 +121,7 @@ Feature: Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-multi-quota-429-api @@ -173,7 +173,7 @@ Feature: Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-headers-api @@ -210,7 +210,7 @@ Feature: Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-custom-api @@ -252,7 +252,7 @@ Feature: Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-basic-api @@ -291,7 +291,7 @@ Feature: Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-cost-extraction-api @@ -357,7 +357,7 @@ Feature: Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-response-clamp-api @@ -413,7 +413,7 @@ Feature: Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-api-level-api @@ -484,7 +484,7 @@ Feature: Rate Limiting # Deploy initial API with rate limit When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-update-test-api @@ -524,7 +524,7 @@ Feature: Rate Limiting # Update the API by adding a new unrelated route (PUT /handle) When I update the API "ratelimit-update-test-api" with this configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-update-test-api @@ -564,7 +564,7 @@ Feature: Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-quotas-api @@ -646,7 +646,7 @@ Feature: Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-quota-cost-api @@ -711,7 +711,7 @@ Feature: Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-peruser-api @@ -761,7 +761,7 @@ Feature: Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-multilimits-api @@ -811,7 +811,7 @@ Feature: Rate Limiting # New limits: 12/1h and 10000/24h - the 1h limit should be hit first When I update the API "ratelimit-multilimits-api" with this configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-multilimits-api @@ -858,7 +858,7 @@ Feature: Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-request-body-cost-api @@ -924,7 +924,7 @@ Feature: Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-prompt-tokens-api @@ -1037,7 +1037,7 @@ Feature: Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-ip-based-api @@ -1086,7 +1086,7 @@ Feature: Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-request-header-cost-api @@ -1151,7 +1151,7 @@ Feature: Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-composite-key-api @@ -1202,7 +1202,7 @@ Feature: Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-default-cost-api @@ -1273,7 +1273,7 @@ Feature: Rate Limiting # Deploy first API with apiname-based rate limiting When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-apiname-isolation-api-a @@ -1307,7 +1307,7 @@ Feature: Rate Limiting # Deploy second API with the same rate limit configuration but different API name When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-apiname-isolation-api-b @@ -1365,7 +1365,7 @@ Feature: Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-constant-key-api @@ -1455,7 +1455,7 @@ Feature: Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-cel-key-api @@ -1505,7 +1505,7 @@ Feature: Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-cel-composite-key-api @@ -1551,7 +1551,7 @@ Feature: Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-cel-cost-api @@ -1616,7 +1616,7 @@ Feature: Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-global-key-inherited-api @@ -1666,7 +1666,7 @@ Feature: Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-quota-key-override-api @@ -1716,7 +1716,7 @@ Feature: Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-cost-sum-api @@ -1773,7 +1773,7 @@ Feature: Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-custom-plain-status-api @@ -1819,7 +1819,7 @@ Feature: Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-missing-header-key-api @@ -1864,7 +1864,7 @@ Feature: Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-empty-global-key-api @@ -1922,7 +1922,7 @@ Feature: Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-partial-cost-source-api @@ -1987,7 +1987,7 @@ Feature: Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-response-cel-cost-api @@ -2041,7 +2041,7 @@ Feature: Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-response-header-cost-api @@ -2090,7 +2090,7 @@ Feature: Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-fractional-multiplier-api @@ -2154,7 +2154,7 @@ Feature: Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-zero-cost-api @@ -2208,7 +2208,7 @@ Feature: Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-mixed-key-strategy-api @@ -2264,7 +2264,7 @@ Feature: Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-apiversion-key-api @@ -2329,7 +2329,7 @@ Feature: Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-ip-precedence-api @@ -2375,7 +2375,7 @@ Feature: Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-missing-composite-component-api @@ -2419,7 +2419,7 @@ Feature: Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-custom-json-status-api @@ -2467,7 +2467,7 @@ Feature: Rate Limiting Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: ratelimit-malformed-json-default-cost-api @@ -2531,7 +2531,7 @@ Feature: Rate Limiting # # Deploy initial API with two routes sharing an API-scoped quota # When I deploy this API configuration: # """ - # apiVersion: gateway.api-platform.wso2.com/v1alpha1 + # apiVersion: gateway.api-platform.wso2.com/v1alpha2 # kind: RestApi # metadata: # name: ratelimit-shared-quota-api @@ -2594,7 +2594,7 @@ Feature: Rate Limiting # # FIX (after fix): Ref count goes from 2->1, limiter preserved for route2 # When I update the API "ratelimit-shared-quota-api" with this configuration: # """ - # apiVersion: gateway.api-platform.wso2.com/v1alpha1 + # apiVersion: gateway.api-platform.wso2.com/v1alpha2 # kind: RestApi # metadata: # name: ratelimit-shared-quota-api diff --git a/gateway/it/features/regex-guardrail.feature b/gateway/it/features/regex-guardrail.feature index 54548ac96c..5c6e9c32a8 100644 --- a/gateway/it/features/regex-guardrail.feature +++ b/gateway/it/features/regex-guardrail.feature @@ -33,7 +33,7 @@ Feature: Regex Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: regex-match-pass-api @@ -85,7 +85,7 @@ Feature: Regex Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: regex-profanity-api @@ -136,7 +136,7 @@ Feature: Regex Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: regex-email-api @@ -190,7 +190,7 @@ Feature: Regex Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: regex-invert-api @@ -241,7 +241,7 @@ Feature: Regex Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: regex-creditcard-api @@ -296,7 +296,7 @@ Feature: Regex Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: regex-jsonpath-api @@ -354,7 +354,7 @@ Feature: Regex Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: regex-nested-jsonpath-api @@ -416,7 +416,7 @@ Feature: Regex Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: regex-invalid-jsonpath-api @@ -468,7 +468,7 @@ Feature: Regex Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: regex-assessment-api @@ -519,7 +519,7 @@ Feature: Regex Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: regex-empty-api @@ -561,7 +561,7 @@ Feature: Regex Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: regex-complex-api @@ -618,7 +618,7 @@ Feature: Regex Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: regex-case-sensitive-api @@ -668,7 +668,7 @@ Feature: Regex Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: regex-case-insensitive-api @@ -729,7 +729,7 @@ Feature: Regex Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: regex-combined-api @@ -787,7 +787,7 @@ Feature: Regex Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: regex-phone-api @@ -841,7 +841,7 @@ Feature: Regex Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: regex-error-structure-api @@ -895,7 +895,7 @@ Feature: Regex Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: regex-response-json-api @@ -939,7 +939,7 @@ Feature: Regex Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: regex-response-block-api @@ -980,7 +980,7 @@ Feature: Regex Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: regex-response-format-api @@ -1027,7 +1027,7 @@ Feature: Regex Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: regex-unicode-api @@ -1077,7 +1077,7 @@ Feature: Regex Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: regex-international-api @@ -1134,7 +1134,7 @@ Feature: Regex Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: regex-emoji-api @@ -1185,7 +1185,7 @@ Feature: Regex Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: regex-diacritics-api diff --git a/gateway/it/features/request-rewrite.feature b/gateway/it/features/request-rewrite.feature index a6ad08e265..8d0dde4b29 100644 --- a/gateway/it/features/request-rewrite.feature +++ b/gateway/it/features/request-rewrite.feature @@ -8,7 +8,7 @@ Feature: Request Transformation Policy Integration Tests Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: request-rewrite-prefix @@ -41,7 +41,7 @@ Feature: Request Transformation Policy Integration Tests Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: request-rewrite-full @@ -74,7 +74,7 @@ Feature: Request Transformation Policy Integration Tests Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: request-rewrite-regex @@ -109,7 +109,7 @@ Feature: Request Transformation Policy Integration Tests Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: request-rewrite-regex-capture @@ -144,7 +144,7 @@ Feature: Request Transformation Policy Integration Tests Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: request-rewrite-regex-ci @@ -179,7 +179,7 @@ Feature: Request Transformation Policy Integration Tests Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: request-rewrite-regex-multi @@ -214,7 +214,7 @@ Feature: Request Transformation Policy Integration Tests Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: request-rewrite-query @@ -255,7 +255,7 @@ Feature: Request Transformation Policy Integration Tests Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: request-rewrite-method @@ -286,7 +286,7 @@ Feature: Request Transformation Policy Integration Tests Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: request-rewrite-api-level-prefix @@ -319,7 +319,7 @@ Feature: Request Transformation Policy Integration Tests Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: request-rewrite-api-level-method @@ -350,7 +350,7 @@ Feature: Request Transformation Policy Integration Tests Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: request-rewrite-match diff --git a/gateway/it/features/respond.feature b/gateway/it/features/respond.feature index a100023d26..f3405a6df2 100644 --- a/gateway/it/features/respond.feature +++ b/gateway/it/features/respond.feature @@ -12,7 +12,7 @@ Feature: Respond Policy Integration Tests Scenario: Return simple 200 OK response with plain text body When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-respond-simple-200 @@ -42,7 +42,7 @@ Feature: Respond Policy Integration Tests Scenario: Return 201 Created with JSON body and headers When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-respond-201-json @@ -90,7 +90,7 @@ Feature: Respond Policy Integration Tests Scenario: Return 204 No Content with empty body When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-respond-204-empty @@ -127,7 +127,7 @@ Feature: Respond Policy Integration Tests Scenario: Default status code is 200 when not specified When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-respond-default-200 @@ -160,7 +160,7 @@ Feature: Respond Policy Integration Tests Scenario: Return 400 Bad Request error When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-respond-400-error @@ -205,7 +205,7 @@ Feature: Respond Policy Integration Tests Scenario: Return 401 Unauthorized error When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-respond-401-error @@ -249,7 +249,7 @@ Feature: Respond Policy Integration Tests Scenario: Return 403 Forbidden error When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-respond-403-error @@ -291,7 +291,7 @@ Feature: Respond Policy Integration Tests Scenario: Return 404 Not Found error When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-respond-404-error @@ -332,7 +332,7 @@ Feature: Respond Policy Integration Tests Scenario: Return 429 Too Many Requests When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-respond-429-ratelimit @@ -383,7 +383,7 @@ Feature: Respond Policy Integration Tests Scenario: Return 500 Internal Server Error When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-respond-500-error @@ -424,7 +424,7 @@ Feature: Respond Policy Integration Tests Scenario: Return 503 Service Unavailable (maintenance mode) When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-respond-503-maintenance @@ -472,7 +472,7 @@ Feature: Respond Policy Integration Tests Scenario: Return 301 Moved Permanently redirect When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-respond-301-redirect @@ -512,7 +512,7 @@ Feature: Respond Policy Integration Tests Scenario: Return 302 Found temporary redirect When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-respond-302-redirect @@ -556,7 +556,7 @@ Feature: Respond Policy Integration Tests Scenario: Return XML response When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-respond-xml @@ -590,7 +590,7 @@ Feature: Respond Policy Integration Tests Scenario: Return HTML response When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-respond-html @@ -624,7 +624,7 @@ Feature: Respond Policy Integration Tests Scenario: Return plain text response When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-respond-text @@ -662,7 +662,7 @@ Feature: Respond Policy Integration Tests Scenario: API mocking - return mocked user data When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-respond-mock-user @@ -707,7 +707,7 @@ Feature: Respond Policy Integration Tests Scenario: Deprecated API endpoint notice When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-respond-deprecated @@ -754,7 +754,7 @@ Feature: Respond Policy Integration Tests Scenario: Health check stub When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-respond-health @@ -790,7 +790,7 @@ Feature: Respond Policy Integration Tests Scenario: CORS preflight OPTIONS response When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-respond-cors-preflight @@ -842,7 +842,7 @@ Feature: Respond Policy Integration Tests Scenario: Response with no body and no headers When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-respond-minimal @@ -870,7 +870,7 @@ Feature: Respond Policy Integration Tests Scenario: Response with empty body string When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-respond-empty-body @@ -900,7 +900,7 @@ Feature: Respond Policy Integration Tests Scenario: Response with multiple custom headers When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-respond-multiple-headers @@ -947,7 +947,7 @@ Feature: Respond Policy Integration Tests Scenario: Large JSON response body When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-respond-large-json @@ -982,7 +982,7 @@ Feature: Respond Policy Integration Tests Scenario: Response with special characters in body When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-respond-special-chars @@ -1020,7 +1020,7 @@ Feature: Respond Policy Integration Tests Scenario: Return 206 Partial Content status code When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-respond-206-partial @@ -1067,7 +1067,7 @@ Feature: Respond Policy Integration Tests Scenario: Return custom error code 418 I'm a teapot When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-respond-418-teapot @@ -1115,7 +1115,7 @@ Feature: Respond Policy Integration Tests Scenario: Return different response based on path but same policy When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-respond-multi-path @@ -1166,7 +1166,7 @@ Feature: Respond Policy Integration Tests Scenario: Response with cache control headers When I deploy an API with the following configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-respond-cache-control diff --git a/gateway/it/features/route-path-matching.feature b/gateway/it/features/route-path-matching.feature index e9a30fdcb3..acd83a1ff4 100644 --- a/gateway/it/features/route-path-matching.feature +++ b/gateway/it/features/route-path-matching.feature @@ -28,7 +28,7 @@ Feature: Route Path Matching Scenario: Wildcard path /* matches requests with a subpath When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: route-wildcard-api @@ -58,7 +58,7 @@ Feature: Route Path Matching Scenario: Wildcard path /* enforces HTTP method When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: route-wildcard-method-api @@ -88,7 +88,7 @@ Feature: Route Path Matching Scenario: Root path / matches request with trailing slash When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: route-root-api @@ -115,7 +115,7 @@ Feature: Route Path Matching Scenario: Root path / matches request without trailing slash When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: route-root-noslash-api @@ -142,7 +142,7 @@ Feature: Route Path Matching Scenario: Wildcard /* does not match a sibling context prefix When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: route-wildcard-boundary-api @@ -178,7 +178,7 @@ Feature: Route Path Matching Scenario: Exact path matches both with and without trailing slash When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: route-exact-slash-api @@ -208,7 +208,7 @@ Feature: Route Path Matching Scenario: Exact path preserves trailing slash to upstream When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: route-exact-upstream-slash-api @@ -246,7 +246,7 @@ Feature: Route Path Matching # so each assertion pins the upstream request. When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: route-wildcard-prefix-api diff --git a/gateway/it/features/sandbox-routing.feature b/gateway/it/features/sandbox-routing.feature index 53efa2611d..bd49489243 100644 --- a/gateway/it/features/sandbox-routing.feature +++ b/gateway/it/features/sandbox-routing.feature @@ -29,7 +29,7 @@ Feature: Sandbox Routing Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: env-routing-api-v1.0 @@ -75,7 +75,7 @@ Feature: Sandbox Routing Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: env-routing-main-ref-v1.0 @@ -125,7 +125,7 @@ Feature: Sandbox Routing Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: env-routing-sandbox-ref-v1.0 @@ -176,7 +176,7 @@ Feature: Sandbox Routing Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: env-routing-missing-ref-v1.0 @@ -200,7 +200,7 @@ Feature: Sandbox Routing Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: env-routing-invalid-upstream-def-v1.0 @@ -231,7 +231,7 @@ Feature: Sandbox Routing Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: env-routing-sandbox-ref-policy-v1.0 @@ -287,7 +287,7 @@ Feature: Sandbox Routing Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: env-routing-both-ref-v1.0 @@ -338,7 +338,7 @@ Feature: Sandbox Routing Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: env-routing-sandbox-manual-host-v1.0 @@ -382,7 +382,7 @@ Feature: Sandbox Routing Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: env-routing-sandbox-timeout-ref-v1.0 @@ -424,7 +424,7 @@ Feature: Sandbox Routing Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: env-routing-sandbox-https-ref-v1.0 @@ -481,7 +481,7 @@ Feature: Sandbox Routing Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: env-routing-sandbox-multi-url-ref-v1.0 @@ -510,7 +510,7 @@ Feature: Sandbox Routing Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: env-routing-sandbox-params-ref-v1.0 @@ -558,7 +558,7 @@ Feature: Sandbox Routing Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: env-routing-sandbox-wildcard-ref-v1.0 @@ -600,7 +600,7 @@ Feature: Sandbox Routing Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: env-routing-missing-sandbox-ref-v1.0 @@ -626,7 +626,7 @@ Feature: Sandbox Routing Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: env-routing-duplicate-upstream-def-v1.0 @@ -659,7 +659,7 @@ Feature: Sandbox Routing Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: env-routing-both-ref-policy-v1.0 @@ -720,7 +720,7 @@ Feature: Sandbox Routing Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: env-routing-main-ref-policy-v1.0 @@ -778,7 +778,7 @@ Feature: Sandbox Routing Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: env-routing-no-sandbox-v1.0 @@ -821,7 +821,7 @@ Feature: Sandbox Routing Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: env-routing-invalid-sandbox-url-v1.0 @@ -849,7 +849,7 @@ Feature: Sandbox Routing Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: env-routing-both-url-policy-v1.0 @@ -902,7 +902,7 @@ Feature: Sandbox Routing Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: env-routing-redeploy-sandbox-v1.0 @@ -937,7 +937,7 @@ Feature: Sandbox Routing Given I authenticate using basic auth as "admin" When I update the API "env-routing-redeploy-sandbox-v1.0" with this configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: env-routing-redeploy-sandbox-v1.0 @@ -978,7 +978,7 @@ Feature: Sandbox Routing Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: env-routing-sandbox-vhost-fallback-v1.0 @@ -1026,7 +1026,7 @@ Feature: Sandbox Routing Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: env-routing-no-sandbox-global-vhost-v1.0 diff --git a/gateway/it/features/search-deployments.feature b/gateway/it/features/search-deployments.feature index 23f61736e7..e20b82bcb5 100644 --- a/gateway/it/features/search-deployments.feature +++ b/gateway/it/features/search-deployments.feature @@ -31,7 +31,7 @@ Feature: Search Deployments API # First deploy some APIs When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: search-api-1 @@ -49,7 +49,7 @@ Feature: Search Deployments API Then the response should be successful When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: search-api-2 @@ -79,7 +79,7 @@ Feature: Search Deployments API Scenario: Search APIs by displayName filter When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: displayname-search-api @@ -108,7 +108,7 @@ Feature: Search Deployments API Scenario: Search APIs by version filter When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: version-search-api @@ -136,7 +136,7 @@ Feature: Search Deployments API Scenario: Search APIs by context filter When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: context-search-api @@ -164,7 +164,7 @@ Feature: Search Deployments API Scenario: Search APIs by status filter When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: status-search-api @@ -193,7 +193,7 @@ Feature: Search Deployments API Scenario: Search APIs with multiple filters When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: multi-filter-api @@ -231,7 +231,7 @@ Feature: Search Deployments API # Deploy an MCP proxy first When I deploy this MCP configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Mcp metadata: name: search-mcp-v1.0 @@ -260,7 +260,7 @@ Feature: Search Deployments API Scenario: Search MCP proxies by displayName filter When I deploy this MCP configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Mcp metadata: name: displayname-mcp-v1.0 @@ -289,7 +289,7 @@ Feature: Search Deployments API Scenario: Search MCP proxies by version filter When I deploy this MCP configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Mcp metadata: name: version-mcp-v2.0 diff --git a/gateway/it/features/secrets.feature b/gateway/it/features/secrets.feature index 5ba119ba9b..8218ca8698 100644 --- a/gateway/it/features/secrets.feature +++ b/gateway/it/features/secrets.feature @@ -31,7 +31,7 @@ Feature: Secret Management Operations When I create a secret with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "Secret", "metadata": { "name": "test-secret-1" @@ -63,7 +63,7 @@ Feature: Secret Management Operations When I create a secret with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "Secret", "metadata": { "name": "special-secret" @@ -86,7 +86,7 @@ Feature: Secret Management Operations When I create a secret with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "Secret", "metadata": { "name": "long-secret" @@ -111,7 +111,7 @@ Feature: Secret Management Operations When I create a secret with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "Secret", "spec": { "displayName": "No Name Secret", @@ -128,7 +128,7 @@ Feature: Secret Management Operations When I create a secret with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "Secret", "metadata": { "name": "no-value-secret" @@ -147,7 +147,7 @@ Feature: Secret Management Operations Given I create a secret with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "Secret", "metadata": { "name": "duplicate-secret" @@ -163,7 +163,7 @@ Feature: Secret Management Operations When I create a secret with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "Secret", "metadata": { "name": "duplicate-secret" @@ -188,7 +188,7 @@ Feature: Secret Management Operations Given I create a secret with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "Secret", "metadata": { "name": "get-test-secret" @@ -214,7 +214,7 @@ Feature: Secret Management Operations Given I create a secret with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "Secret", "metadata": { "name": "list-test-secret" @@ -249,7 +249,7 @@ Feature: Secret Management Operations Given I create a secret with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "Secret", "metadata": { "name": "update-test-secret" @@ -265,7 +265,7 @@ Feature: Secret Management Operations When I update the secret "update-test-secret" with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "Secret", "metadata": { "name": "update-test-secret" @@ -301,7 +301,7 @@ Feature: Secret Management Operations When I update the secret "non-existent-secret-12345" with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "Secret", "metadata": { "name": "non-existent-secret-12345" @@ -323,7 +323,7 @@ Feature: Secret Management Operations Given I create a secret with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "Secret", "metadata": { "name": "delete-test-secret" @@ -354,7 +354,7 @@ Feature: Secret Management Operations When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: invoke-auth-provider-secret @@ -401,7 +401,7 @@ Feature: Secret Management Operations When I create a secret with the following configuration: """ { - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "Secret", "metadata": { "name": "upstream-secret-special" @@ -419,7 +419,7 @@ Feature: Secret Management Operations When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: invoke-auth-provider-special-secret @@ -468,7 +468,7 @@ Feature: Secret Management Operations Scenario: Create LLM Provider with a secret that does not exist When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: invalid-secret-llm-provider diff --git a/gateway/it/features/semantic-cache.feature b/gateway/it/features/semantic-cache.feature index a4b9e100c4..6182264969 100644 --- a/gateway/it/features/semantic-cache.feature +++ b/gateway/it/features/semantic-cache.feature @@ -31,7 +31,7 @@ Feature: Semantic Cache Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: semantic-cache-miss-api @@ -73,7 +73,7 @@ Feature: Semantic Cache Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: semantic-cache-hit-api @@ -124,7 +124,7 @@ Feature: Semantic Cache Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: semantic-cache-similar-api @@ -177,7 +177,7 @@ Feature: Semantic Cache Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: semantic-cache-high-threshold-api @@ -228,7 +228,7 @@ Feature: Semantic Cache Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: semantic-cache-low-threshold-api @@ -281,7 +281,7 @@ Feature: Semantic Cache Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: semantic-cache-jsonpath-api @@ -339,7 +339,7 @@ Feature: Semantic Cache Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: semantic-cache-invalid-jsonpath-api @@ -386,7 +386,7 @@ Feature: Semantic Cache Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: semantic-cache-empty-body-api @@ -427,7 +427,7 @@ Feature: Semantic Cache Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: semantic-cache-non-200-api @@ -478,7 +478,7 @@ Feature: Semantic Cache Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: semantic-cache-embed-error-api diff --git a/gateway/it/features/semantic-prompt-guard.feature b/gateway/it/features/semantic-prompt-guard.feature index 8ac361aa8d..0e15fa4da9 100644 --- a/gateway/it/features/semantic-prompt-guard.feature +++ b/gateway/it/features/semantic-prompt-guard.feature @@ -33,7 +33,7 @@ Feature: Semantic Prompt Guard Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-guard-deny-block-api @@ -80,7 +80,7 @@ Feature: Semantic Prompt Guard Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-guard-deny-allow-api @@ -128,7 +128,7 @@ Feature: Semantic Prompt Guard Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-guard-allow-match-api @@ -173,7 +173,7 @@ Feature: Semantic Prompt Guard Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-guard-allow-block-api @@ -222,7 +222,7 @@ Feature: Semantic Prompt Guard Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-guard-both-deny-api @@ -270,7 +270,7 @@ Feature: Semantic Prompt Guard Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-guard-both-allow-api @@ -321,7 +321,7 @@ Feature: Semantic Prompt Guard Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-guard-high-threshold-api @@ -374,7 +374,7 @@ Feature: Semantic Prompt Guard Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-guard-low-threshold-api @@ -419,7 +419,7 @@ Feature: Semantic Prompt Guard Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-guard-high-deny-threshold-api @@ -476,7 +476,7 @@ Feature: Semantic Prompt Guard Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-guard-jsonpath-api @@ -529,7 +529,7 @@ Feature: Semantic Prompt Guard Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-guard-jsonpath-invalid-api @@ -578,7 +578,7 @@ Feature: Semantic Prompt Guard Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-guard-assessment-true-api @@ -625,7 +625,7 @@ Feature: Semantic Prompt Guard Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-guard-assessment-false-api @@ -675,7 +675,7 @@ Feature: Semantic Prompt Guard Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-guard-empty-body-api @@ -718,7 +718,7 @@ Feature: Semantic Prompt Guard Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-guard-embed-fail-api @@ -764,7 +764,7 @@ Feature: Semantic Prompt Guard Policy Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: prompt-guard-case-insensitive-api diff --git a/gateway/it/features/semantic-tool-filtering.feature b/gateway/it/features/semantic-tool-filtering.feature index 4d3496da3d..2959028f22 100644 --- a/gateway/it/features/semantic-tool-filtering.feature +++ b/gateway/it/features/semantic-tool-filtering.feature @@ -29,7 +29,7 @@ Feature: Semantic Tool Filtering policy Given I authenticate using basic auth as "admin" When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: semantic-tool-filtering-rank-provider @@ -111,7 +111,7 @@ Feature: Semantic Tool Filtering policy Given I authenticate using basic auth as "admin" When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: semantic-tool-filtering-mistral-provider diff --git a/gateway/it/features/sentence-count-guardrail.feature b/gateway/it/features/sentence-count-guardrail.feature index 34e21af196..d763a889a0 100644 --- a/gateway/it/features/sentence-count-guardrail.feature +++ b/gateway/it/features/sentence-count-guardrail.feature @@ -33,7 +33,7 @@ Feature: Sentence Count Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: sentence-count-max-test-api @@ -84,7 +84,7 @@ Feature: Sentence Count Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: sentence-count-min-test-api @@ -139,7 +139,7 @@ Feature: Sentence Count Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: sentence-count-jsonpath-api @@ -198,7 +198,7 @@ Feature: Sentence Count Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: sentence-count-nested-jsonpath-api @@ -262,7 +262,7 @@ Feature: Sentence Count Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: sentence-count-invalid-path-api @@ -315,7 +315,7 @@ Feature: Sentence Count Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: sentence-count-invert-api @@ -378,7 +378,7 @@ Feature: Sentence Count Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: sentence-count-assessment-api @@ -429,7 +429,7 @@ Feature: Sentence Count Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: sentence-count-empty-api @@ -472,7 +472,7 @@ Feature: Sentence Count Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: sentence-count-boundary-api @@ -541,7 +541,7 @@ Feature: Sentence Count Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: sentence-count-combined-api @@ -600,7 +600,7 @@ Feature: Sentence Count Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: sentence-count-punctuation-api @@ -651,7 +651,7 @@ Feature: Sentence Count Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: sentence-count-plaintext-api @@ -708,7 +708,7 @@ Feature: Sentence Count Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: sentence-count-error-structure-api diff --git a/gateway/it/features/startup-db-bootstrap.feature b/gateway/it/features/startup-db-bootstrap.feature index 996bd5aa33..e23daf489a 100644 --- a/gateway/it/features/startup-db-bootstrap.feature +++ b/gateway/it/features/startup-db-bootstrap.feature @@ -31,7 +31,7 @@ Feature: Startup DB Bootstrap Scenario: Restarted gateway-controller restores persisted resources from the database When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: startup-db-llm-provider @@ -53,7 +53,7 @@ Feature: Startup DB Bootstrap When I deploy this LLM proxy configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProxy metadata: name: startup-db-llm-proxy @@ -68,7 +68,7 @@ Feature: Startup DB Bootstrap When I deploy this MCP configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Mcp metadata: name: startup-db-mcp-v1.0 @@ -89,7 +89,7 @@ Feature: Startup DB Bootstrap When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: startup-db-rest-api diff --git a/gateway/it/features/subscription-analytics.feature b/gateway/it/features/subscription-analytics.feature index f3737308b9..a78e2857de 100644 --- a/gateway/it/features/subscription-analytics.feature +++ b/gateway/it/features/subscription-analytics.feature @@ -35,7 +35,7 @@ Feature: Subscription Analytics - Monetized Subscription Billing Metadata # Step 2: Deploy API with subscription-validation policy When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: subscription-analytics-test-api diff --git a/gateway/it/features/subscription-validation.feature b/gateway/it/features/subscription-validation.feature index a59f7d6ca7..40a4c9b45e 100644 --- a/gateway/it/features/subscription-validation.feature +++ b/gateway/it/features/subscription-validation.feature @@ -35,7 +35,7 @@ Feature: Subscription Validation # Step 2: Deploy API with subscription plan and subscription-validation policy When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: subscription-validation-test-api diff --git a/gateway/it/features/template-functions.feature b/gateway/it/features/template-functions.feature index 0bba2cb398..1ce591b742 100644 --- a/gateway/it/features/template-functions.feature +++ b/gateway/it/features/template-functions.feature @@ -34,7 +34,7 @@ Feature: Template functions in RestApi spec Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: tpl-secret-api-v1.0 @@ -94,7 +94,7 @@ Feature: Template functions in RestApi spec Scenario: env template in upstream URL path resolves at runtime When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: tpl-env-api-v1.0 @@ -142,7 +142,7 @@ Feature: Template functions in RestApi spec Scenario: default function returns fallback when env is missing When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: tpl-default-api-v1.0 @@ -193,7 +193,7 @@ Feature: Template functions in RestApi spec Given I authenticate using basic auth as "admin" When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: tpl-llm-provider @@ -260,7 +260,7 @@ Feature: Template functions in RestApi spec Given I authenticate using basic auth as "admin" When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: tpl-llm-proxy-provider @@ -279,7 +279,7 @@ Feature: Template functions in RestApi spec Given I authenticate using basic auth as "admin" When I deploy this LLM proxy configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProxy metadata: name: tpl-llm-proxy @@ -345,7 +345,7 @@ Feature: Template functions in RestApi spec Scenario: env template in McpProxy upstream URL resolves at runtime but is unrendered in response and DB When I deploy this MCP configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: Mcp metadata: name: tpl-mcp-v1.0 @@ -396,7 +396,7 @@ Feature: Template functions in RestApi spec Scenario: missing secret reference fails with 400 at deploy time When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: tpl-bad-secret-api-v1.0 diff --git a/gateway/it/features/token-based-ratelimit.feature b/gateway/it/features/token-based-ratelimit.feature index 2bac49663c..fe6a915d00 100644 --- a/gateway/it/features/token-based-ratelimit.feature +++ b/gateway/it/features/token-based-ratelimit.feature @@ -31,7 +31,7 @@ Feature: Token-Based Rate Limiting # Create LLM provider template with token extraction paths When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: test-openai-template @@ -61,7 +61,7 @@ Feature: Token-Based Rate Limiting Given I authenticate using basic auth as "admin" When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: test-openai-provider @@ -165,7 +165,7 @@ Feature: Token-Based Rate Limiting # Create LLM provider template When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: multi-quota-template @@ -193,7 +193,7 @@ Feature: Token-Based Rate Limiting Given I authenticate using basic auth as "admin" When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: multi-quota-provider @@ -277,7 +277,7 @@ Feature: Token-Based Rate Limiting When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: gzip-response-template @@ -298,7 +298,7 @@ Feature: Token-Based Rate Limiting Given I authenticate using basic auth as "admin" When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: gzip-response-provider @@ -383,7 +383,7 @@ Feature: Token-Based Rate Limiting # Create LLM provider template When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: headers-test-template @@ -408,7 +408,7 @@ Feature: Token-Based Rate Limiting Given I authenticate using basic auth as "admin" When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: headers-test-provider @@ -476,7 +476,7 @@ Feature: Token-Based Rate Limiting # Create two LLM provider templates When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: provider-a-template @@ -500,7 +500,7 @@ Feature: Token-Based Rate Limiting Given I authenticate using basic auth as "admin" When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: provider-b-template @@ -525,7 +525,7 @@ Feature: Token-Based Rate Limiting Given I authenticate using basic auth as "admin" When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: provider-a @@ -563,7 +563,7 @@ Feature: Token-Based Rate Limiting Given I authenticate using basic auth as "admin" When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: provider-b @@ -673,7 +673,7 @@ Feature: Token-Based Rate Limiting # Create template with all three token types When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: multi-quota-detailed-template @@ -700,7 +700,7 @@ Feature: Token-Based Rate Limiting Given I authenticate using basic auth as "admin" When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: multi-quota-detailed-provider @@ -811,7 +811,7 @@ Feature: Token-Based Rate Limiting # Create provider with short 10-second window for testing When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: window-test-template @@ -832,7 +832,7 @@ Feature: Token-Based Rate Limiting Given I authenticate using basic auth as "admin" When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: window-test-provider @@ -915,7 +915,7 @@ Feature: Token-Based Rate Limiting When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: zero-token-template @@ -936,7 +936,7 @@ Feature: Token-Based Rate Limiting Given I authenticate using basic auth as "admin" When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: zero-token-provider @@ -1025,7 +1025,7 @@ Feature: Token-Based Rate Limiting When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: header-cost-template @@ -1046,7 +1046,7 @@ Feature: Token-Based Rate Limiting Given I authenticate using basic auth as "admin" When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: header-cost-provider @@ -1114,7 +1114,7 @@ Feature: Token-Based Rate Limiting # Create initial template When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: change-test-template @@ -1136,7 +1136,7 @@ Feature: Token-Based Rate Limiting Given I authenticate using basic auth as "admin" When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: change-test-provider @@ -1200,7 +1200,7 @@ Feature: Token-Based Rate Limiting # Recreate provider with limit of 10 (should get fresh quota) When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: change-test-provider @@ -1258,7 +1258,7 @@ Feature: Token-Based Rate Limiting When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: shared-template @@ -1280,7 +1280,7 @@ Feature: Token-Based Rate Limiting Given I authenticate using basic auth as "admin" When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: provider-alpha @@ -1319,7 +1319,7 @@ Feature: Token-Based Rate Limiting Given I authenticate using basic auth as "admin" When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: provider-beta @@ -1396,7 +1396,7 @@ Feature: Token-Based Rate Limiting # Create template with all token extraction paths When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: empty-limits-template @@ -1424,7 +1424,7 @@ Feature: Token-Based Rate Limiting Given I authenticate using basic auth as "admin" When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: empty-limits-provider @@ -1506,7 +1506,7 @@ Feature: Token-Based Rate Limiting # Create template with all token extraction paths When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: prompt-only-empty-limits-template @@ -1534,7 +1534,7 @@ Feature: Token-Based Rate Limiting Given I authenticate using basic auth as "admin" When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: prompt-only-empty-limits-provider @@ -1615,7 +1615,7 @@ Feature: Token-Based Rate Limiting # Create template with all token extraction paths When I create this LLM provider template: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: completion-only-empty-limits-template @@ -1643,7 +1643,7 @@ Feature: Token-Based Rate Limiting Given I authenticate using basic auth as "admin" When I create this LLM provider: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: completion-only-empty-limits-provider diff --git a/gateway/it/features/url-guardrail.feature b/gateway/it/features/url-guardrail.feature index a954df27b8..443d8ab407 100644 --- a/gateway/it/features/url-guardrail.feature +++ b/gateway/it/features/url-guardrail.feature @@ -33,7 +33,7 @@ Feature: URL Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: url-http-check-api @@ -86,7 +86,7 @@ Feature: URL Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: url-no-urls-api @@ -130,7 +130,7 @@ Feature: URL Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: url-multiple-api @@ -185,7 +185,7 @@ Feature: URL Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: url-dns-only-api @@ -241,7 +241,7 @@ Feature: URL Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: url-jsonpath-api @@ -300,7 +300,7 @@ Feature: URL Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: url-nested-jsonpath-api @@ -364,7 +364,7 @@ Feature: URL Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: url-invalid-jsonpath-api @@ -417,7 +417,7 @@ Feature: URL Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: url-timeout-api @@ -465,7 +465,7 @@ Feature: URL Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: url-assessment-api @@ -517,7 +517,7 @@ Feature: URL Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: url-empty-api @@ -560,7 +560,7 @@ Feature: URL Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: url-malformed-api @@ -608,7 +608,7 @@ Feature: URL Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: url-combined-api @@ -666,7 +666,7 @@ Feature: URL Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: url-special-chars-api @@ -710,7 +710,7 @@ Feature: URL Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: url-plaintext-api @@ -767,7 +767,7 @@ Feature: URL Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: url-error-structure-api diff --git a/gateway/it/features/vhost-routing-multi.feature b/gateway/it/features/vhost-routing-multi.feature index 066ef3bb83..7cd57937bc 100644 --- a/gateway/it/features/vhost-routing-multi.feature +++ b/gateway/it/features/vhost-routing-multi.feature @@ -29,7 +29,7 @@ Feature: Gateway vhost routing with multi-domain defaults Scenario: Route requests across all configured main and sandbox domains When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: vhost-multi-domains-v1.0 @@ -91,7 +91,7 @@ Feature: Gateway vhost routing with multi-domain defaults Scenario: API vhost override should bypass multi-domain gateway defaults When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: vhost-multi-override-v1.0 @@ -156,7 +156,7 @@ Feature: Gateway vhost routing with multi-domain defaults Scenario: Sentinel vhost resolves to all configured gateway domains When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: vhost-multi-sentinel-v1.0 diff --git a/gateway/it/features/vhost-routing-single.feature b/gateway/it/features/vhost-routing-single.feature index 9a443862ac..3c1df29574 100644 --- a/gateway/it/features/vhost-routing-single.feature +++ b/gateway/it/features/vhost-routing-single.feature @@ -29,7 +29,7 @@ Feature: Gateway vhost routing with single-domain defaults Scenario: Route requests using single-domain gateway defaults When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: vhost-single-defaults-v1.0 @@ -76,7 +76,7 @@ Feature: Gateway vhost routing with single-domain defaults Scenario: API vhost override should take precedence over gateway defaults When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: vhost-single-override-v1.0 @@ -126,7 +126,7 @@ Feature: Gateway vhost routing with single-domain defaults Scenario: Sentinel vhost resolves to gateway defaults at deploy time When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: vhost-single-sentinel-v1.0 diff --git a/gateway/it/features/word-count-guardrail.feature b/gateway/it/features/word-count-guardrail.feature index e1ee386ece..73f25b24ad 100644 --- a/gateway/it/features/word-count-guardrail.feature +++ b/gateway/it/features/word-count-guardrail.feature @@ -33,7 +33,7 @@ Feature: Word Count Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: word-count-max-test-api @@ -84,7 +84,7 @@ Feature: Word Count Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: word-count-min-test-api @@ -139,7 +139,7 @@ Feature: Word Count Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: word-count-jsonpath-api @@ -202,7 +202,7 @@ Feature: Word Count Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: word-count-invert-api @@ -265,7 +265,7 @@ Feature: Word Count Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: word-count-assessment-api @@ -316,7 +316,7 @@ Feature: Word Count Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: word-count-empty-api @@ -359,7 +359,7 @@ Feature: Word Count Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: word-count-boundary-api @@ -428,7 +428,7 @@ Feature: Word Count Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: word-count-combined-api @@ -487,7 +487,7 @@ Feature: Word Count Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: word-count-nested-jsonpath-api @@ -551,7 +551,7 @@ Feature: Word Count Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: word-count-invalid-path-api @@ -604,7 +604,7 @@ Feature: Word Count Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: word-count-punctuation-api @@ -655,7 +655,7 @@ Feature: Word Count Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: word-count-plaintext-api @@ -712,7 +712,7 @@ Feature: Word Count Guardrail Given I authenticate using basic auth as "admin" When I deploy this API configuration: """ - apiVersion: gateway.api-platform.wso2.com/v1alpha1 + apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: word-count-error-structure-api diff --git a/gateway/it/state.go b/gateway/it/state.go index f6b9d11fd8..e48553199a 100644 --- a/gateway/it/state.go +++ b/gateway/it/state.go @@ -78,7 +78,7 @@ const RedisPort = "6379" // GatewayManagementAPIBasePath is the URL prefix under which the gateway-controller // management API is served. Must stay in sync with `servers.url` in // gateway/gateway-controller/api/management-openapi.yaml. -const GatewayManagementAPIBasePath = "/api/management/v0.9" +const GatewayManagementAPIBasePath = "/api/management/v1alpha2" // GatewayAdminAPIBasePath is the URL prefix under which the gateway-controller // admin API is served. Must stay in sync with `servers.url` in diff --git a/gateway/it/steps_secrets.go b/gateway/it/steps_secrets.go index 8c784a4ffe..92aa9013a4 100644 --- a/gateway/it/steps_secrets.go +++ b/gateway/it/steps_secrets.go @@ -101,7 +101,7 @@ func (s *SecretSteps) createSecret(body *godog.DocString) error { // createSecretWithValue creates a secret with a simple name and value func (s *SecretSteps) createSecretWithValue(name, value string) error { config := fmt.Sprintf(`{ - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "Secret", "metadata": { "name": "%s" @@ -154,7 +154,7 @@ func (s *SecretSteps) updateSecret(name string, body *godog.DocString) error { // updateSecretWithValue updates a secret with a simple value func (s *SecretSteps) updateSecretWithValue(name, value string) error { config := fmt.Sprintf(`{ - "apiVersion": "gateway.api-platform.wso2.com/v1alpha1", + "apiVersion": "gateway.api-platform.wso2.com/v1alpha2", "kind": "Secret", "metadata": { "name": "%s" diff --git a/gateway/it/suite_test.go b/gateway/it/suite_test.go index bef384d115..b1f2023a1c 100644 --- a/gateway/it/suite_test.go +++ b/gateway/it/suite_test.go @@ -138,6 +138,7 @@ func getFeaturePaths() []string { "features/subscription-validation.feature", "features/subscription-analytics.feature", "features/llm-cost-based-ratelimit.feature", + "features/llm-provider-wide-ratelimit.feature", "features/log-message.feature", "features/route-path-matching.feature", "features/secrets.feature", diff --git a/gateway/perf/create_apis_and_capture_stats.sh b/gateway/perf/create_apis_and_capture_stats.sh index cc3662213e..aeadf8e75c 100755 --- a/gateway/perf/create_apis_and_capture_stats.sh +++ b/gateway/perf/create_apis_and_capture_stats.sh @@ -7,7 +7,7 @@ CONTROLLER_CTN="gateway-gateway-controller-1" # ---------------- API endpoint ---------------- -API_MGR_URL="http://localhost:9090/api/management/v0.9/rest-apis" +API_MGR_URL="http://localhost:9090/api/management/v1alpha2/rest-apis" # ---------------- params ---------------- TOTAL="${1:-50}" @@ -43,7 +43,7 @@ for i in $(seq 1 "$TOTAL"); do -u admin:admin \ -H "Content-Type: application/yaml" \ --data-binary @- < 0 && artifact.Spec.Policies[i].Paths[0].Path == "/*" { + wildcardEntry = &artifact.Spec.Policies[i] + } else { + chatEntry = &artifact.Spec.Policies[i] + } + } + require.NotNil(t, wildcardEntry, "global policy must produce a /* legacy entry") + assert.Equal(t, api.LLMPolicyPathMethods("*"), wildcardEntry.Paths[0].Methods[0]) + require.NotNil(t, chatEntry, "operation policy must be preserved with its path") + assert.Equal(t, "/chat/completions", chatEntry.Paths[0].Path) +} + +func TestTransform_Provider_EmptyVersion_TreatedAsOld(t *testing.T) { + // Empty version string → ParseVersion returns 1.0.0 → old gateway. + artifact := newProviderArtifact(sampleGlobal(), nil, nil) + err := Default().Transform(constants.LLMProvider, ParseVersion(""), artifact) + require.NoError(t, err) + assert.Equal(t, constants.GatewayApiVersionV1Alpha1, artifact.ApiVersion) + assert.Nil(t, artifact.Spec.GlobalPolicies) + require.Len(t, artifact.Spec.Policies, 1) + assert.Equal(t, "/*", artifact.Spec.Policies[0].Paths[0].Path) +} + +func TestTransform_Provider_OldGateway_AppendedToExistingLegacy(t *testing.T) { + // If the spec already has legacy policies (e.g. security/consumer entries + // that are present when the old-gateway path is tested in isolation), + // down-convert appends to them then re-orders. + existing := sampleLegacy() + artifact := newProviderArtifact(sampleGlobal(), nil, existing) + err := Default().Transform(constants.LLMProvider, ParseVersion("1.0.0"), artifact) + require.NoError(t, err) + assert.Equal(t, constants.GatewayApiVersionV1Alpha1, artifact.ApiVersion) + assert.Nil(t, artifact.Spec.GlobalPolicies) + // existing (1) + global flattened (1) = 2 + assert.Len(t, artifact.Spec.Policies, 2) +} + +func TestTransform_Proxy_OldGateway_FlattensToLegacy(t *testing.T) { + artifact := newProxyArtifact(sampleGlobal(), nil, nil) + err := Default().Transform(constants.LLMProxy, ParseVersion("1.0.0"), artifact) + require.NoError(t, err) + assert.Equal(t, constants.GatewayApiVersionV1Alpha1, artifact.ApiVersion) + assert.Nil(t, artifact.Spec.GlobalPolicies) + require.Len(t, artifact.Spec.Policies, 1) + assert.Equal(t, "/*", artifact.Spec.Policies[0].Paths[0].Path) +} + +// --------------------------------------------------------------------------- +// Registry dispatch — no-op for unknown kind; type error for wrong payload +// --------------------------------------------------------------------------- + +func TestTransform_UnknownKind_Noop(t *testing.T) { + artifact := newProviderArtifact(sampleGlobal(), nil, nil) + err := Default().Transform("UnknownKind", ParseVersion("1.0.0"), artifact) + require.NoError(t, err) + // Unknown kind: no-op — artifact unchanged. + assert.Equal(t, constants.GatewayApiVersion, artifact.ApiVersion) + assert.Len(t, artifact.Spec.GlobalPolicies, 1) +} + +func TestTransform_WrongPayloadType_ReturnsError(t *testing.T) { + // Passing a *dto.LLMProviderDeploymentYAML where LLMProxy is expected + // triggers the type-assertion guard in Apply. + artifact := newProviderArtifact(sampleGlobal(), nil, nil) + err := Default().Transform(constants.LLMProxy, ParseVersion("1.0.0"), artifact) + assert.Error(t, err) +} diff --git a/platform-api/src/internal/deploymenttransform/version.go b/platform-api/src/internal/deploymenttransform/version.go new file mode 100644 index 0000000000..e7f1fa8050 --- /dev/null +++ b/platform-api/src/internal/deploymenttransform/version.go @@ -0,0 +1,74 @@ +/* + * Copyright (c) 2026, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +package deploymenttransform + +import ( + "strconv" + "strings" +) + +// MinSplitPoliciesVersion is the first gateway release that understands +// globalPolicies/operationPolicies. Use this constant in tests and call sites +// instead of a raw string literal so a future version-boundary change is a +// one-place edit. +const MinSplitPoliciesVersion = "1.2.0" + +// Version is a parsed, comparable gateway semver. Empty or unparseable version +// strings are treated as 1.0.0 — the implicit version for gateways that predate +// version reporting. +type Version struct { + Major, Minor, Patch int +} + +// ParseVersion parses a gateway version string into a Version. Pre-release +// suffixes (e.g. "-SNAPSHOT", "-RC1") and a leading "v" are stripped before +// parsing. An empty or unparseable string returns Version{1, 0, 0}. +func ParseVersion(s string) Version { + v := strings.TrimSpace(s) + if v == "" { + return Version{1, 0, 0} + } + // Strip pre-release suffix + if i := strings.IndexByte(v, '-'); i >= 0 { + v = v[:i] + } + // Strip leading "v" + v = strings.TrimPrefix(strings.ToLower(v), "v") + parts := strings.SplitN(v, ".", 3) + for len(parts) < 3 { + parts = append(parts, "0") + } + major, err1 := strconv.Atoi(parts[0]) + minor, err2 := strconv.Atoi(parts[1]) + patch, err3 := strconv.Atoi(parts[2]) + if err1 != nil || err2 != nil || err3 != nil { + return Version{1, 0, 0} // unparseable → treat as oldest known + } + return Version{major, minor, patch} +} + +// GTE reports whether v is greater than or equal to o. +func (v Version) GTE(o Version) bool { + if v.Major != o.Major { + return v.Major > o.Major + } + if v.Minor != o.Minor { + return v.Minor > o.Minor + } + return v.Patch >= o.Patch +} diff --git a/platform-api/src/internal/dto/llm_deployment.go b/platform-api/src/internal/dto/llm_deployment.go index 9fc0c7a8a6..8142abecc9 100644 --- a/platform-api/src/internal/dto/llm_deployment.go +++ b/platform-api/src/internal/dto/llm_deployment.go @@ -30,14 +30,16 @@ type LLMProviderDeploymentYAML struct { // LLMProviderDeploymentSpec represents the spec section for LLM provider deployments type LLMProviderDeploymentSpec struct { - DisplayName string `yaml:"displayName"` - Version string `yaml:"version"` - Context string `yaml:"context,omitempty"` - VHost string `yaml:"vhost,omitempty"` - Template string `yaml:"template"` - Upstream LLMUpstreamYAML `yaml:"upstream"` - AccessControl api.LLMAccessControl `yaml:"accessControl"` - Policies []api.LLMPolicy `yaml:"policies,omitempty"` + DisplayName string `yaml:"displayName"` + Version string `yaml:"version"` + Context string `yaml:"context,omitempty"` + VHost string `yaml:"vhost,omitempty"` + Template string `yaml:"template"` + Upstream LLMUpstreamYAML `yaml:"upstream"` + AccessControl api.LLMAccessControl `yaml:"accessControl"` + GlobalPolicies []api.Policy `yaml:"globalPolicies,omitempty"` + OperationPolicies []api.OperationPolicy `yaml:"operationPolicies,omitempty"` + Policies []api.LLMPolicy `yaml:"policies,omitempty"` } // LLMUpstreamYAML represents the upstream configuration for LLM provider deployments @@ -59,12 +61,14 @@ type LLMProxyDeploymentYAML struct { // LLMProxyDeploymentSpec represents the spec section for LLM proxy deployments type LLMProxyDeploymentSpec struct { - DisplayName string `yaml:"displayName"` - Version string `yaml:"version"` - Context string `yaml:"context,omitempty"` - VHost string `yaml:"vhost,omitempty"` - Provider LLMProxyDeploymentProvider `yaml:"provider"` - Policies []api.LLMPolicy `yaml:"policies,omitempty"` + DisplayName string `yaml:"displayName"` + Version string `yaml:"version"` + Context string `yaml:"context,omitempty"` + VHost string `yaml:"vhost,omitempty"` + Provider LLMProxyDeploymentProvider `yaml:"provider"` + GlobalPolicies []api.Policy `yaml:"globalPolicies,omitempty"` + OperationPolicies []api.OperationPolicy `yaml:"operationPolicies,omitempty"` + Policies []api.LLMPolicy `yaml:"policies,omitempty"` } type LLMProxyDeploymentProvider struct { diff --git a/platform-api/src/internal/handler/api.go b/platform-api/src/internal/handler/api.go index 28df8ba749..76962848c6 100644 --- a/platform-api/src/internal/handler/api.go +++ b/platform-api/src/internal/handler/api.go @@ -48,7 +48,7 @@ func NewAPIHandler(apiService *service.APIService, slogger *slog.Logger) *APIHan } } -// CreateAPI handles POST /api/v1/rest-apis and creates a new API +// CreateAPI handles POST /api/v1alpha2/rest-apis and creates a new API func (h *APIHandler) CreateAPI(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -168,7 +168,7 @@ func (h *APIHandler) CreateAPI(c *gin.Context) { c.JSON(http.StatusCreated, apiResponse) } -// GetAPI handles GET /api/v1/rest-apis/:apiId and retrieves an API by its handle +// GetAPI handles GET /api/v1alpha2/rest-apis/:apiId and retrieves an API by its handle func (h *APIHandler) GetAPI(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -201,7 +201,7 @@ func (h *APIHandler) GetAPI(c *gin.Context) { c.JSON(http.StatusOK, apiResponse) } -// ListAPIs handles GET /api/v1/rest-apis and lists APIs for an organization filtered by project +// ListAPIs handles GET /api/v1alpha2/rest-apis and lists APIs for an organization filtered by project func (h *APIHandler) ListAPIs(c *gin.Context) { // Get organization from JWT token orgId, exists := middleware.GetOrganizationFromContext(c) @@ -319,7 +319,7 @@ func (h *APIHandler) UpdateAPI(c *gin.Context) { c.JSON(http.StatusOK, apiResponse) } -// DeleteAPI handles DELETE /api/v1/rest-apis/:apiId and deletes an API by its handle +// DeleteAPI handles DELETE /api/v1alpha2/rest-apis/:apiId and deletes an API by its handle func (h *APIHandler) DeleteAPI(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -352,7 +352,7 @@ func (h *APIHandler) DeleteAPI(c *gin.Context) { c.JSON(http.StatusNoContent, nil) } -// AddGatewaysToAPI handles POST /api/v1/rest-apis/:apiId/gateways to associate gateways with an API +// AddGatewaysToAPI handles POST /api/v1alpha2/rest-apis/:apiId/gateways to associate gateways with an API func (h *APIHandler) AddGatewaysToAPI(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -409,7 +409,7 @@ func (h *APIHandler) AddGatewaysToAPI(c *gin.Context) { c.JSON(http.StatusOK, gatewaysResponse) } -// GetAPIGateways handles GET /api/v1/rest-apis/:apiId/gateways to get gateways associated with an API including deployment details +// GetAPIGateways handles GET /api/v1alpha2/rest-apis/:apiId/gateways to get gateways associated with an API including deployment details func (h *APIHandler) GetAPIGateways(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -442,7 +442,7 @@ func (h *APIHandler) GetAPIGateways(c *gin.Context) { c.JSON(http.StatusOK, gatewaysResponse) } -// PublishToDevPortal handles POST /api/v1/rest-apis/:apiId/publications +// PublishToDevPortal handles POST /api/v1alpha2/rest-apis/:apiId/publications func (h *APIHandler) PublishToDevPortal(c *gin.Context) { // Extract organization ID from context orgID, exists := middleware.GetOrganizationFromContext(c) @@ -487,7 +487,7 @@ func (h *APIHandler) PublishToDevPortal(c *gin.Context) { }) } -// UnpublishFromDevPortal handles DELETE /api/v1/rest-apis/:apiId/publications/:devportalId +// UnpublishFromDevPortal handles DELETE /api/v1alpha2/rest-apis/:apiId/publications/:devportalId func (h *APIHandler) UnpublishFromDevPortal(c *gin.Context) { orgID, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -526,7 +526,7 @@ func (h *APIHandler) UnpublishFromDevPortal(c *gin.Context) { }) } -// GetAPIPublications handles GET /api/v1/rest-apis/:apiId/publications +// GetAPIPublications handles GET /api/v1alpha2/rest-apis/:apiId/publications // // This endpoint retrieves all DevPortals associated with an API including publication details. func (h *APIHandler) GetAPIPublications(c *gin.Context) { @@ -567,7 +567,7 @@ func (h *APIHandler) GetAPIPublications(c *gin.Context) { c.JSON(http.StatusOK, response) } -// ImportAPIProject handles POST /api/v1/import/api-project +// ImportAPIProject handles POST /api/v1alpha2/import/api-project func (h *APIHandler) ImportAPIProject(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -924,7 +924,7 @@ func (h *APIHandler) ImportOpenAPI(c *gin.Context) { c.JSON(http.StatusCreated, apiResponse) } -// ValidateAPI handles GET /api/v1/rest-apis?name=&version= +// ValidateAPI handles GET /api/v1alpha2/rest-apis?name=&version= func (h *APIHandler) ValidateAPI(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -975,7 +975,7 @@ func (h *APIHandler) ValidateAPI(c *gin.Context) { // RegisterRoutes registers all API routes func (h *APIHandler) RegisterRoutes(r *gin.Engine) { h.slogger.Debug("Registering REST API routes") - apiGroup := r.Group("/api/v1/rest-apis") + apiGroup := r.Group(constants.APIBasePath + "/rest-apis") { apiGroup.POST("", h.CreateAPI) apiGroup.GET("", h.ListAPIs) @@ -991,7 +991,7 @@ func (h *APIHandler) RegisterRoutes(r *gin.Engine) { apiGroup.GET("/:apiId/publications", h.GetAPIPublications) } - apiProjectsGroup := r.Group("/api/v1/api-projects") + apiProjectsGroup := r.Group(constants.APIBasePath + "/api-projects") { apiProjectsGroup.POST("/import", h.ImportAPIProject) apiProjectsGroup.POST("/validate", h.ValidateAPIProject) diff --git a/platform-api/src/internal/handler/api_key.go b/platform-api/src/internal/handler/api_key.go index 22994d2775..d3d088a869 100644 --- a/platform-api/src/internal/handler/api_key.go +++ b/platform-api/src/internal/handler/api_key.go @@ -288,7 +288,7 @@ func (h *APIKeyHandler) RevokeAPIKey(c *gin.Context) { // RegisterRoutes registers API key routes with the router func (h *APIKeyHandler) RegisterRoutes(r *gin.Engine) { h.slogger.Debug("Registering API key routes") - apiKeyGroup := r.Group("/api/v1/rest-apis/:apiId/api-keys") + apiKeyGroup := r.Group(constants.APIBasePath + "/rest-apis/:apiId/api-keys") { apiKeyGroup.POST("", h.CreateAPIKey) apiKeyGroup.PUT("/:keyName", h.UpdateAPIKey) diff --git a/platform-api/src/internal/handler/apikey_user.go b/platform-api/src/internal/handler/apikey_user.go index 8c1a67df40..33fd0c90f6 100644 --- a/platform-api/src/internal/handler/apikey_user.go +++ b/platform-api/src/internal/handler/apikey_user.go @@ -22,6 +22,7 @@ import ( "net/http" "strings" + "platform-api/src/internal/constants" "platform-api/src/internal/middleware" "platform-api/src/internal/service" "platform-api/src/internal/utils" @@ -43,7 +44,7 @@ func NewAPIKeyUserHandler(apiKeyUserService *service.APIKeyUserService, slogger } } -// ListUserAPIKeys handles GET /api/v1/me/api-keys +// ListUserAPIKeys handles GET /api/v1alpha2/me/api-keys func (h *APIKeyUserHandler) ListUserAPIKeys(c *gin.Context) { orgID, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -72,5 +73,5 @@ func (h *APIKeyUserHandler) ListUserAPIKeys(c *gin.Context) { // RegisterRoutes registers the user API key routes. func (h *APIKeyUserHandler) RegisterRoutes(r *gin.Engine) { - r.GET("/api/v1/me/api-keys", h.ListUserAPIKeys) + r.GET(constants.APIBasePath + "/me/api-keys", h.ListUserAPIKeys) } diff --git a/platform-api/src/internal/handler/application.go b/platform-api/src/internal/handler/application.go index 814e1b6298..1594481b21 100644 --- a/platform-api/src/internal/handler/application.go +++ b/platform-api/src/internal/handler/application.go @@ -437,7 +437,7 @@ func (h *ApplicationHandler) RemoveApplicationAPIKey(c *gin.Context) { } func (h *ApplicationHandler) RegisterRoutes(r *gin.Engine) { - applicationGroup := r.Group("/api/v1/applications") + applicationGroup := r.Group(constants.APIBasePath + "/applications") { applicationGroup.GET("", h.ListApplications) applicationGroup.POST("", h.CreateApplication) diff --git a/platform-api/src/internal/handler/deployment.go b/platform-api/src/internal/handler/deployment.go index 770fbd3fbc..e91777b3a9 100644 --- a/platform-api/src/internal/handler/deployment.go +++ b/platform-api/src/internal/handler/deployment.go @@ -44,7 +44,7 @@ func NewDeploymentHandler(deploymentService *service.DeploymentService, slogger } } -// DeployAPI handles POST /api/v1/apis/:apiId/deploy +// DeployAPI handles POST /api/v1alpha2/apis/:apiId/deploy // Creates a new immutable deployment artifact and deploys it to a gateway func (h *DeploymentHandler) DeployAPI(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) @@ -130,7 +130,7 @@ func (h *DeploymentHandler) DeployAPI(c *gin.Context) { c.JSON(http.StatusCreated, deployment) } -// UndeployDeployment handles POST /api/v1/rest-apis/:apiId/deployments/:deploymentId/undeploy +// UndeployDeployment handles POST /api/v1alpha2/rest-apis/:apiId/deployments/:deploymentId/undeploy func (h *DeploymentHandler) UndeployDeployment(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -198,7 +198,7 @@ func (h *DeploymentHandler) UndeployDeployment(c *gin.Context) { c.JSON(http.StatusOK, deployment) } -// RestoreDeployment handles POST /api/v1/rest-apis/:apiId/deployments/:deploymentId/restore +// RestoreDeployment handles POST /api/v1alpha2/rest-apis/:apiId/deployments/:deploymentId/restore func (h *DeploymentHandler) RestoreDeployment(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -256,7 +256,7 @@ func (h *DeploymentHandler) RestoreDeployment(c *gin.Context) { c.JSON(http.StatusOK, deployment) } -// DeleteDeployment handles DELETE /api/v1/apis/:apiId/deployments/:deploymentId +// DeleteDeployment handles DELETE /api/v1alpha2/apis/:apiId/deployments/:deploymentId // Permanently deletes an undeployed deployment artifact func (h *DeploymentHandler) DeleteDeployment(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) @@ -305,7 +305,7 @@ func (h *DeploymentHandler) DeleteDeployment(c *gin.Context) { c.JSON(http.StatusNoContent, nil) } -// GetDeployment handles GET /api/v1/apis/:apiId/deployments/:deploymentId +// GetDeployment handles GET /api/v1alpha2/apis/:apiId/deployments/:deploymentId // Retrieves metadata for a specific deployment artifact func (h *DeploymentHandler) GetDeployment(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) @@ -350,7 +350,7 @@ func (h *DeploymentHandler) GetDeployment(c *gin.Context) { c.JSON(http.StatusOK, deployment) } -// GetDeployments handles GET /api/v1/apis/:apiId/deployments +// GetDeployments handles GET /api/v1alpha2/apis/:apiId/deployments // Retrieves all deployment records for an API with optional filters func (h *DeploymentHandler) GetDeployments(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) @@ -405,7 +405,7 @@ func (h *DeploymentHandler) GetDeployments(c *gin.Context) { // RegisterRoutes registers all deployment-related routes func (h *DeploymentHandler) RegisterRoutes(r *gin.Engine) { h.slogger.Debug("Registering deployment routes") - apiGroup := r.Group("/api/v1/rest-apis/:apiId") + apiGroup := r.Group(constants.APIBasePath + "/rest-apis/:apiId") { apiGroup.POST("/deployments", h.DeployAPI) apiGroup.POST("/deployments/:deploymentId/undeploy", h.UndeployDeployment) diff --git a/platform-api/src/internal/handler/devportal.go b/platform-api/src/internal/handler/devportal.go index 139041b4d4..559f832501 100644 --- a/platform-api/src/internal/handler/devportal.go +++ b/platform-api/src/internal/handler/devportal.go @@ -24,6 +24,7 @@ import ( "time" "platform-api/src/api" + "platform-api/src/internal/constants" "platform-api/src/internal/middleware" "platform-api/src/internal/service" "platform-api/src/internal/utils" @@ -45,7 +46,7 @@ func NewDevPortalHandler(devPortalService *service.DevPortalService, logger *slo } } -// CreateDevPortal handles POST /api/v1/devportals +// CreateDevPortal handles POST /api/v1alpha2/devportals func (h *DevPortalHandler) CreateDevPortal(c *gin.Context) { // Extract organization ID from context orgID, exists := middleware.GetOrganizationFromContext(c) @@ -80,7 +81,7 @@ func (h *DevPortalHandler) CreateDevPortal(c *gin.Context) { c.JSON(http.StatusCreated, response) } -// GetDevPortal handles GET /api/v1/devportals/:devportalId +// GetDevPortal handles GET /api/v1alpha2/devportals/:devportalId func (h *DevPortalHandler) GetDevPortal(c *gin.Context) { // Extract organization ID from context orgID, exists := middleware.GetOrganizationFromContext(c) @@ -110,7 +111,7 @@ func (h *DevPortalHandler) GetDevPortal(c *gin.Context) { c.JSON(http.StatusOK, response) } -// ListDevPortals handles GET /api/v1/devportals +// ListDevPortals handles GET /api/v1alpha2/devportals func (h *DevPortalHandler) ListDevPortals(c *gin.Context) { // Extract organization ID from context orgID, exists := middleware.GetOrganizationFromContext(c) @@ -163,7 +164,7 @@ func (h *DevPortalHandler) ListDevPortals(c *gin.Context) { c.JSON(http.StatusOK, response) } -// UpdateDevPortal handles PUT /api/v1/devportals/:devportalId +// UpdateDevPortal handles PUT /api/v1alpha2/devportals/:devportalId func (h *DevPortalHandler) UpdateDevPortal(c *gin.Context) { // Extract organization ID from context orgID, exists := middleware.GetOrganizationFromContext(c) @@ -206,7 +207,7 @@ func (h *DevPortalHandler) UpdateDevPortal(c *gin.Context) { c.JSON(http.StatusOK, response) } -// DeleteDevPortal handles DELETE /api/v1/devportals/:devportalId +// DeleteDevPortal handles DELETE /api/v1alpha2/devportals/:devportalId func (h *DevPortalHandler) DeleteDevPortal(c *gin.Context) { // Extract organization ID from context orgID, exists := middleware.GetOrganizationFromContext(c) @@ -239,7 +240,7 @@ func (h *DevPortalHandler) DeleteDevPortal(c *gin.Context) { c.JSON(http.StatusNoContent, nil) } -// ActivateDevPortal handles POST /api/v1/devportals/:devportalId/activate +// ActivateDevPortal handles POST /api/v1alpha2/devportals/:devportalId/activate func (h *DevPortalHandler) ActivateDevPortal(c *gin.Context) { // Extract organization ID from context orgID, exists := middleware.GetOrganizationFromContext(c) @@ -277,7 +278,7 @@ func (h *DevPortalHandler) ActivateDevPortal(c *gin.Context) { }) } -// DeactivateDevPortal handles POST /api/v1/devportals/:devportalId/deactivate +// DeactivateDevPortal handles POST /api/v1alpha2/devportals/:devportalId/deactivate func (h *DevPortalHandler) DeactivateDevPortal(c *gin.Context) { // Extract organization ID from context orgID, exists := middleware.GetOrganizationFromContext(c) @@ -315,7 +316,7 @@ func (h *DevPortalHandler) DeactivateDevPortal(c *gin.Context) { }) } -// SetAsDefault handles POST /api/v1/devportals/:devportalId/set-default +// SetAsDefault handles POST /api/v1alpha2/devportals/:devportalId/set-default func (h *DevPortalHandler) SetAsDefault(c *gin.Context) { // Extract organization ID from context orgID, exists := middleware.GetOrganizationFromContext(c) @@ -373,7 +374,7 @@ func (h *DevPortalHandler) GetDefaultDevPortal(c *gin.Context) { // RegisterRoutes registers all DevPortal routes func (h *DevPortalHandler) RegisterRoutes(r *gin.Engine) { h.logger.Debug("Registering DevPortal routes") - v1 := r.Group("/api/v1") + v1 := r.Group(constants.APIBasePath) { // DevPortal CRUD operations v1.POST("/devportals", h.CreateDevPortal) diff --git a/platform-api/src/internal/handler/gateway.go b/platform-api/src/internal/handler/gateway.go index 0f1ad0dc70..05b402d035 100644 --- a/platform-api/src/internal/handler/gateway.go +++ b/platform-api/src/internal/handler/gateway.go @@ -60,7 +60,7 @@ type manifestSyncResponse struct { Policies json.RawMessage `json:"policies,omitempty"` } -// CreateGateway handles POST /api/v1/gateways +// CreateGateway handles POST /api/v1alpha2/gateways func (h *GatewayHandler) CreateGateway(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -141,7 +141,7 @@ func (h *GatewayHandler) CreateGateway(c *gin.Context) { c.JSON(http.StatusCreated, gateway) } -// ListGateways handles GET /api/v1/gateways with constitution-compliant response +// ListGateways handles GET /api/v1alpha2/gateways with constitution-compliant response func (h *GatewayHandler) ListGateways(c *gin.Context) { organizationID, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -162,7 +162,7 @@ func (h *GatewayHandler) ListGateways(c *gin.Context) { c.JSON(http.StatusOK, gateways) } -// GetGateway handles GET /api/v1/gateways/:gatewayId +// GetGateway handles GET /api/v1alpha2/gateways/:gatewayId func (h *GatewayHandler) GetGateway(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -237,7 +237,7 @@ func (h *GatewayHandler) GetGatewayStatus(c *gin.Context) { c.JSON(http.StatusOK, status) } -// UpdateGateway handles PUT /api/v1/gateways/:gatewayId +// UpdateGateway handles PUT /api/v1alpha2/gateways/:gatewayId func (h *GatewayHandler) UpdateGateway(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -277,7 +277,7 @@ func (h *GatewayHandler) UpdateGateway(c *gin.Context) { c.JSON(http.StatusOK, response) } -// DeleteGateway handles DELETE /api/v1/gateways/:gatewayId +// DeleteGateway handles DELETE /api/v1alpha2/gateways/:gatewayId func (h *GatewayHandler) DeleteGateway(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -328,7 +328,7 @@ func (h *GatewayHandler) DeleteGateway(c *gin.Context) { c.Status(http.StatusNoContent) } -// ListTokens handles GET /api/v1/gateways/:gatewayId/tokens +// ListTokens handles GET /api/v1alpha2/gateways/:gatewayId/tokens func (h *GatewayHandler) ListTokens(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -363,7 +363,7 @@ func (h *GatewayHandler) ListTokens(c *gin.Context) { c.JSON(http.StatusOK, tokens) } -// RotateToken handles POST /api/v1/gateways/:gatewayId/tokens +// RotateToken handles POST /api/v1alpha2/gateways/:gatewayId/tokens func (h *GatewayHandler) RotateToken(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -408,7 +408,7 @@ func (h *GatewayHandler) RotateToken(c *gin.Context) { c.JSON(http.StatusCreated, response) } -// RevokeToken handles DELETE /api/v1/gateways/:gatewayId/tokens/:tokenId +// RevokeToken handles DELETE /api/v1alpha2/gateways/:gatewayId/tokens/:tokenId func (h *GatewayHandler) RevokeToken(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -450,7 +450,7 @@ func (h *GatewayHandler) RevokeToken(c *gin.Context) { c.JSON(http.StatusOK, gin.H{"message": "Token revoked successfully"}) } -// GetGatewayArtifacts handles GET /api/v1/gateways/{gatewayId}/live-proxy-artifacts +// GetGatewayArtifacts handles GET /api/v1alpha2/gateways/{gatewayId}/live-proxy-artifacts func (h *GatewayHandler) GetGatewayArtifacts(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -495,7 +495,7 @@ func (h *GatewayHandler) GetGatewayArtifacts(c *gin.Context) { c.JSON(http.StatusOK, artifactListResponse) } -// GetGatewayManifest handles GET /api/v1/gateways/{gatewayId}/manifest +// GetGatewayManifest handles GET /api/v1alpha2/gateways/{gatewayId}/manifest // Called by APIM to retrieve the manifest pushed by the gateway controller on connect. func (h *GatewayHandler) GetGatewayManifest(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) @@ -534,7 +534,7 @@ func (h *GatewayHandler) GetGatewayManifest(c *gin.Context) { }) } -// SyncCustomPolicy handles POST /api/v1/gateway-custom-policies/sync +// SyncCustomPolicy handles POST /api/v1alpha2/gateway-custom-policies/sync // It upserts a custom policy from the gateway's stored manifest into the gateway_custom_policies table. func (h *GatewayHandler) SyncCustomPolicy(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) @@ -582,7 +582,7 @@ func (h *GatewayHandler) SyncCustomPolicy(c *gin.Context) { c.JSON(http.StatusOK, policy) } -// GetCustomPolicy handles GET /api/v1/gateway-custom-policies/:customPolicyUuid/versions/:version +// GetCustomPolicy handles GET /api/v1alpha2/gateway-custom-policies/:customPolicyUuid/versions/:version func (h *GatewayHandler) GetCustomPolicy(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -618,7 +618,7 @@ func (h *GatewayHandler) GetCustomPolicy(c *gin.Context) { c.JSON(http.StatusOK, policy) } -// DeleteCustomPolicy handles DELETE /api/v1/gateway-custom-policies/:customPolicyUuid/versions/:version +// DeleteCustomPolicy handles DELETE /api/v1alpha2/gateway-custom-policies/:customPolicyUuid/versions/:version func (h *GatewayHandler) DeleteCustomPolicy(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -659,7 +659,7 @@ func (h *GatewayHandler) DeleteCustomPolicy(c *gin.Context) { c.Status(http.StatusNoContent) } -// ListCustomPolicies handles GET /api/v1/gateway-custom-policies +// ListCustomPolicies handles GET /api/v1alpha2/gateway-custom-policies func (h *GatewayHandler) ListCustomPolicies(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -682,7 +682,7 @@ func (h *GatewayHandler) ListCustomPolicies(c *gin.Context) { // RegisterRoutes registers gateway routes with the router func (h *GatewayHandler) RegisterRoutes(r *gin.Engine) { h.slogger.Debug("Registering gateway routes") - gatewayGroup := r.Group("/api/v1/gateways") + gatewayGroup := r.Group(constants.APIBasePath + "/gateways") { gatewayGroup.POST("", h.CreateGateway) gatewayGroup.GET("", h.ListGateways) @@ -696,7 +696,7 @@ func (h *GatewayHandler) RegisterRoutes(r *gin.Engine) { gatewayGroup.GET("/:gatewayId/manifest", h.GetGatewayManifest) } - customPoliciesGroup := r.Group("/api/v1/gateway-custom-policies") + customPoliciesGroup := r.Group(constants.APIBasePath + "/gateway-custom-policies") { customPoliciesGroup.GET("", h.ListCustomPolicies) customPoliciesGroup.POST("/sync", h.SyncCustomPolicy) diff --git a/platform-api/src/internal/handler/git.go b/platform-api/src/internal/handler/git.go index 62ef57ed20..27fd259141 100644 --- a/platform-api/src/internal/handler/git.go +++ b/platform-api/src/internal/handler/git.go @@ -21,6 +21,7 @@ import ( "log/slog" "net/http" "platform-api/src/api" + "platform-api/src/internal/constants" "platform-api/src/internal/middleware" "platform-api/src/internal/service" "strings" @@ -250,7 +251,7 @@ func (h *GitHandler) FetchRepoContent(c *gin.Context) { // RegisterRoutes registers Git-related routes func (h *GitHandler) RegisterRoutes(router *gin.Engine) { - gitRoutes := router.Group("/api/v1/git") + gitRoutes := router.Group(constants.APIBasePath + "/git") { gitRoutes.POST("/repo/fetch-branches", h.FetchRepoBranches) gitRoutes.POST("/repo/branch/fetch-content", h.FetchRepoContent) diff --git a/platform-api/src/internal/handler/llm.go b/platform-api/src/internal/handler/llm.go index bf56de79d8..9f929affb1 100644 --- a/platform-api/src/internal/handler/llm.go +++ b/platform-api/src/internal/handler/llm.go @@ -50,7 +50,7 @@ func NewLLMHandler( } func (h *LLMHandler) RegisterRoutes(r *gin.Engine) { - v1 := r.Group("/api/v1") + v1 := r.Group(constants.APIBasePath) { // LLM Provider Templates v1.POST("/llm-provider-templates", h.CreateLLMProviderTemplate) diff --git a/platform-api/src/internal/handler/llm_apikey.go b/platform-api/src/internal/handler/llm_apikey.go index f22a3cb273..1058460b54 100644 --- a/platform-api/src/internal/handler/llm_apikey.go +++ b/platform-api/src/internal/handler/llm_apikey.go @@ -45,7 +45,7 @@ func NewLLMProviderAPIKeyHandler(apiKeyService *service.LLMProviderAPIKeyService } } -// ListAPIKeys handles GET /api/v1/llm-providers/{id}/api-keys +// ListAPIKeys handles GET /api/v1alpha2/llm-providers/{id}/api-keys func (h *LLMProviderAPIKeyHandler) ListAPIKeys(c *gin.Context) { orgID, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -79,7 +79,7 @@ func (h *LLMProviderAPIKeyHandler) ListAPIKeys(c *gin.Context) { c.JSON(http.StatusOK, response) } -// DeleteAPIKey handles DELETE /api/v1/llm-providers/{id}/api-keys/{keyName} +// DeleteAPIKey handles DELETE /api/v1alpha2/llm-providers/{id}/api-keys/{keyName} func (h *LLMProviderAPIKeyHandler) DeleteAPIKey(c *gin.Context) { orgID, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -103,7 +103,7 @@ func (h *LLMProviderAPIKeyHandler) DeleteAPIKey(c *gin.Context) { } callerUserID := c.GetHeader("x-user-id") - + err := h.apiKeyService.DeleteLLMProviderAPIKey(c.Request.Context(), providerID, orgID, callerUserID, keyName) if err != nil { if errors.Is(err, constants.ErrAPINotFound) { @@ -131,7 +131,7 @@ func (h *LLMProviderAPIKeyHandler) DeleteAPIKey(c *gin.Context) { c.Status(http.StatusNoContent) } -// CreateAPIKey handles POST /api/v1/llm-providers/{id}/api-keys +// CreateAPIKey handles POST /api/v1alpha2/llm-providers/{id}/api-keys func (h *LLMProviderAPIKeyHandler) CreateAPIKey(c *gin.Context) { orgID, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -192,7 +192,7 @@ func (h *LLMProviderAPIKeyHandler) CreateAPIKey(c *gin.Context) { // RegisterRoutes registers LLM provider API key routes with the router func (h *LLMProviderAPIKeyHandler) RegisterRoutes(r *gin.Engine) { - apiKeyGroup := r.Group("/api/v1/llm-providers/:id/api-keys") + apiKeyGroup := r.Group(constants.APIBasePath + "/llm-providers/:id/api-keys") { apiKeyGroup.POST("", h.CreateAPIKey) apiKeyGroup.GET("", h.ListAPIKeys) diff --git a/platform-api/src/internal/handler/llm_deployment.go b/platform-api/src/internal/handler/llm_deployment.go index a7ec546e2c..5188df3789 100644 --- a/platform-api/src/internal/handler/llm_deployment.go +++ b/platform-api/src/internal/handler/llm_deployment.go @@ -54,7 +54,7 @@ func NewLLMProxyDeploymentHandler(deploymentService *service.LLMProxyDeploymentS return &LLMProxyDeploymentHandler{deploymentService: deploymentService, slogger: slogger} } -// DeployLLMProvider handles POST /api/v1/llm-providers/:id/deployments +// DeployLLMProvider handles POST /api/v1alpha2/llm-providers/:id/deployments func (h *LLMProviderDeploymentHandler) DeployLLMProvider(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -138,7 +138,7 @@ func (h *LLMProviderDeploymentHandler) DeployLLMProvider(c *gin.Context) { c.JSON(http.StatusCreated, deployment) } -// UndeployLLMProviderDeployment handles POST /api/v1/llm-providers/:id/deployments/:deploymentId/undeploy +// UndeployLLMProviderDeployment handles POST /api/v1alpha2/llm-providers/:id/deployments/:deploymentId/undeploy func (h *LLMProviderDeploymentHandler) UndeployLLMProviderDeployment(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -189,7 +189,7 @@ func (h *LLMProviderDeploymentHandler) UndeployLLMProviderDeployment(c *gin.Cont c.JSON(http.StatusOK, deployment) } -// RestoreLLMProviderDeployment handles POST /api/v1/llm-providers/:id/deployments/:deploymentId/restore +// RestoreLLMProviderDeployment handles POST /api/v1alpha2/llm-providers/:id/deployments/:deploymentId/restore func (h *LLMProviderDeploymentHandler) RestoreLLMProviderDeployment(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -240,7 +240,7 @@ func (h *LLMProviderDeploymentHandler) RestoreLLMProviderDeployment(c *gin.Conte c.JSON(http.StatusOK, deployment) } -// DeleteLLMProviderDeployment handles DELETE /api/v1/llm-providers/:id/deployments/:deploymentId +// DeleteLLMProviderDeployment handles DELETE /api/v1alpha2/llm-providers/:id/deployments/:deploymentId func (h *LLMProviderDeploymentHandler) DeleteLLMProviderDeployment(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -288,7 +288,7 @@ func (h *LLMProviderDeploymentHandler) DeleteLLMProviderDeployment(c *gin.Contex c.JSON(http.StatusNoContent, nil) } -// GetLLMProviderDeployment handles GET /api/v1/llm-providers/:id/deployments/:deploymentId +// GetLLMProviderDeployment handles GET /api/v1alpha2/llm-providers/:id/deployments/:deploymentId func (h *LLMProviderDeploymentHandler) GetLLMProviderDeployment(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -333,7 +333,7 @@ func (h *LLMProviderDeploymentHandler) GetLLMProviderDeployment(c *gin.Context) c.JSON(http.StatusOK, deployment) } -// GetLLMProviderDeployments handles GET /api/v1/llm-providers/:id/deployments +// GetLLMProviderDeployments handles GET /api/v1alpha2/llm-providers/:id/deployments func (h *LLMProviderDeploymentHandler) GetLLMProviderDeployments(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -389,7 +389,7 @@ func (h *LLMProviderDeploymentHandler) GetLLMProviderDeployments(c *gin.Context) // RegisterRoutes registers all LLM provider deployment-related routes func (h *LLMProviderDeploymentHandler) RegisterRoutes(r *gin.Engine) { - providerGroup := r.Group("/api/v1/llm-providers/:id") + providerGroup := r.Group(constants.APIBasePath + "/llm-providers/:id") { providerGroup.POST("/deployments", h.DeployLLMProvider) providerGroup.POST("/deployments/:deploymentId/undeploy", h.UndeployLLMProviderDeployment) @@ -400,7 +400,7 @@ func (h *LLMProviderDeploymentHandler) RegisterRoutes(r *gin.Engine) { } } -// DeployLLMProxy handles POST /api/v1/llm-proxies/:id/deployments +// DeployLLMProxy handles POST /api/v1alpha2/llm-proxies/:id/deployments func (h *LLMProxyDeploymentHandler) DeployLLMProxy(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -480,7 +480,7 @@ func (h *LLMProxyDeploymentHandler) DeployLLMProxy(c *gin.Context) { c.JSON(http.StatusCreated, deployment) } -// UndeployLLMProxyDeployment handles POST /api/v1/llm-proxies/:id/deployments/:deploymentId/undeploy +// UndeployLLMProxyDeployment handles POST /api/v1alpha2/llm-proxies/:id/deployments/:deploymentId/undeploy func (h *LLMProxyDeploymentHandler) UndeployLLMProxyDeployment(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -531,7 +531,7 @@ func (h *LLMProxyDeploymentHandler) UndeployLLMProxyDeployment(c *gin.Context) { c.JSON(http.StatusOK, deployment) } -// RestoreLLMProxyDeployment handles POST /api/v1/llm-proxies/:id/deployments/:deploymentId/restore +// RestoreLLMProxyDeployment handles POST /api/v1alpha2/llm-proxies/:id/deployments/:deploymentId/restore func (h *LLMProxyDeploymentHandler) RestoreLLMProxyDeployment(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -582,7 +582,7 @@ func (h *LLMProxyDeploymentHandler) RestoreLLMProxyDeployment(c *gin.Context) { c.JSON(http.StatusOK, deployment) } -// DeleteLLMProxyDeployment handles DELETE /api/v1/llm-proxies/:id/deployments/:deploymentId +// DeleteLLMProxyDeployment handles DELETE /api/v1alpha2/llm-proxies/:id/deployments/:deploymentId func (h *LLMProxyDeploymentHandler) DeleteLLMProxyDeployment(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -630,7 +630,7 @@ func (h *LLMProxyDeploymentHandler) DeleteLLMProxyDeployment(c *gin.Context) { c.JSON(http.StatusNoContent, nil) } -// GetLLMProxyDeployment handles GET /api/v1/llm-proxies/:id/deployments/:deploymentId +// GetLLMProxyDeployment handles GET /api/v1alpha2/llm-proxies/:id/deployments/:deploymentId func (h *LLMProxyDeploymentHandler) GetLLMProxyDeployment(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -675,7 +675,7 @@ func (h *LLMProxyDeploymentHandler) GetLLMProxyDeployment(c *gin.Context) { c.JSON(http.StatusOK, deployment) } -// GetLLMProxyDeployments handles GET /api/v1/llm-proxies/:id/deployments +// GetLLMProxyDeployments handles GET /api/v1alpha2/llm-proxies/:id/deployments func (h *LLMProxyDeploymentHandler) GetLLMProxyDeployments(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -731,7 +731,7 @@ func (h *LLMProxyDeploymentHandler) GetLLMProxyDeployments(c *gin.Context) { // RegisterRoutes registers all LLM proxy deployment-related routes func (h *LLMProxyDeploymentHandler) RegisterRoutes(r *gin.Engine) { - proxyGroup := r.Group("/api/v1/llm-proxies/:id") + proxyGroup := r.Group(constants.APIBasePath + "/llm-proxies/:id") { proxyGroup.POST("/deployments", h.DeployLLMProxy) proxyGroup.POST("/deployments/:deploymentId/undeploy", h.UndeployLLMProxyDeployment) diff --git a/platform-api/src/internal/handler/llm_proxy_apikey.go b/platform-api/src/internal/handler/llm_proxy_apikey.go index f932adf0fa..815aa1101b 100644 --- a/platform-api/src/internal/handler/llm_proxy_apikey.go +++ b/platform-api/src/internal/handler/llm_proxy_apikey.go @@ -45,7 +45,7 @@ func NewLLMProxyAPIKeyHandler(apiKeyService *service.LLMProxyAPIKeyService, slog } } -// ListAPIKeys handles GET /api/v1/llm-proxies/{id}/api-keys +// ListAPIKeys handles GET /api/v1alpha2/llm-proxies/{id}/api-keys func (h *LLMProxyAPIKeyHandler) ListAPIKeys(c *gin.Context) { orgID, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -79,7 +79,7 @@ func (h *LLMProxyAPIKeyHandler) ListAPIKeys(c *gin.Context) { c.JSON(http.StatusOK, response) } -// DeleteAPIKey handles DELETE /api/v1/llm-proxies/{id}/api-keys/{keyName} +// DeleteAPIKey handles DELETE /api/v1alpha2/llm-proxies/{id}/api-keys/{keyName} func (h *LLMProxyAPIKeyHandler) DeleteAPIKey(c *gin.Context) { orgID, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -131,7 +131,7 @@ func (h *LLMProxyAPIKeyHandler) DeleteAPIKey(c *gin.Context) { c.Status(http.StatusNoContent) } -// CreateAPIKey handles POST /api/v1/llm-proxies/{id}/api-keys +// CreateAPIKey handles POST /api/v1alpha2/llm-proxies/{id}/api-keys func (h *LLMProxyAPIKeyHandler) CreateAPIKey(c *gin.Context) { orgID, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -192,7 +192,7 @@ func (h *LLMProxyAPIKeyHandler) CreateAPIKey(c *gin.Context) { // RegisterRoutes registers LLM proxy API key routes with the router func (h *LLMProxyAPIKeyHandler) RegisterRoutes(r *gin.Engine) { - apiKeyGroup := r.Group("/api/v1/llm-proxies/:id/api-keys") + apiKeyGroup := r.Group(constants.APIBasePath + "/llm-proxies/:id/api-keys") { apiKeyGroup.POST("", h.CreateAPIKey) apiKeyGroup.GET("", h.ListAPIKeys) diff --git a/platform-api/src/internal/handler/mcp.go b/platform-api/src/internal/handler/mcp.go index fa366edabf..4d4f68a8c5 100644 --- a/platform-api/src/internal/handler/mcp.go +++ b/platform-api/src/internal/handler/mcp.go @@ -46,7 +46,7 @@ func NewMCPProxyHandler(service *service.MCPProxyService, slogger *slog.Logger) } func (h *MCPProxyHandler) RegisterRoutes(r *gin.Engine) { - v1 := r.Group("/api/v1") + v1 := r.Group(constants.APIBasePath) { v1.POST("/mcp-proxies", h.CreateMCPProxy) v1.GET("/mcp-proxies", h.ListMCPProxies) @@ -57,7 +57,7 @@ func (h *MCPProxyHandler) RegisterRoutes(r *gin.Engine) { } } -// CreateMCPProxy handles POST /api/v1/mcp-proxies +// CreateMCPProxy handles POST /api/v1alpha2/mcp-proxies func (h *MCPProxyHandler) CreateMCPProxy(c *gin.Context) { orgID, ok := middleware.GetOrganizationFromContext(c) if !ok { @@ -88,7 +88,7 @@ func (h *MCPProxyHandler) CreateMCPProxy(c *gin.Context) { c.JSON(http.StatusCreated, resp) } -// ListMCPProxies handles GET /api/v1/mcp-proxies +// ListMCPProxies handles GET /api/v1alpha2/mcp-proxies func (h *MCPProxyHandler) ListMCPProxies(c *gin.Context) { orgID, ok := middleware.GetOrganizationFromContext(c) if !ok { @@ -130,7 +130,7 @@ func (h *MCPProxyHandler) ListMCPProxies(c *gin.Context) { c.JSON(http.StatusOK, resp) } -// GetMCPProxy handles GET /api/v1/mcp-proxies/:id +// GetMCPProxy handles GET /api/v1alpha2/mcp-proxies/:id func (h *MCPProxyHandler) GetMCPProxy(c *gin.Context) { orgID, ok := middleware.GetOrganizationFromContext(c) if !ok { @@ -149,7 +149,7 @@ func (h *MCPProxyHandler) GetMCPProxy(c *gin.Context) { c.JSON(http.StatusOK, resp) } -// UpdateMCPProxy handles PUT /api/v1/mcp-proxies/:id +// UpdateMCPProxy handles PUT /api/v1alpha2/mcp-proxies/:id func (h *MCPProxyHandler) UpdateMCPProxy(c *gin.Context) { orgID, ok := middleware.GetOrganizationFromContext(c) if !ok { @@ -175,7 +175,7 @@ func (h *MCPProxyHandler) UpdateMCPProxy(c *gin.Context) { c.JSON(http.StatusOK, resp) } -// DeleteMCPProxy handles DELETE /api/v1/mcp-proxies/:id +// DeleteMCPProxy handles DELETE /api/v1alpha2/mcp-proxies/:id func (h *MCPProxyHandler) DeleteMCPProxy(c *gin.Context) { orgID, ok := middleware.GetOrganizationFromContext(c) if !ok { @@ -193,7 +193,7 @@ func (h *MCPProxyHandler) DeleteMCPProxy(c *gin.Context) { c.Status(http.StatusNoContent) } -// FetchMCPProxyServerInfo handles POST /api/v1/mcp-proxies/fetch-server-info +// FetchMCPProxyServerInfo handles POST /api/v1alpha2/mcp-proxies/fetch-server-info func (h *MCPProxyHandler) FetchMCPProxyServerInfo(c *gin.Context) { orgID, ok := middleware.GetOrganizationFromContext(c) if !ok { diff --git a/platform-api/src/internal/handler/mcp_deployment.go b/platform-api/src/internal/handler/mcp_deployment.go index a330faa196..ccc980d9df 100644 --- a/platform-api/src/internal/handler/mcp_deployment.go +++ b/platform-api/src/internal/handler/mcp_deployment.go @@ -50,7 +50,7 @@ func NewMCPProxyDeploymentHandler(deploymentService *service.MCPDeploymentServic // RegisterRoutes registers all MCP proxy deployment-related routes func (h *MCPProxyDeploymentHandler) RegisterRoutes(r *gin.Engine) { - proxyGroup := r.Group("/api/v1/mcp-proxies/:id") + proxyGroup := r.Group(constants.APIBasePath + "/mcp-proxies/:id") { proxyGroup.POST("/deployments", h.DeployMCPProxy) proxyGroup.POST("/deployments/:deploymentId/undeploy", h.UndeployMCPProxyDeployment) @@ -61,7 +61,7 @@ func (h *MCPProxyDeploymentHandler) RegisterRoutes(r *gin.Engine) { } } -// DeployMCPProxy handles POST /api/v1/mcp-proxies/:id/deployments +// DeployMCPProxy handles POST /api/v1alpha2/mcp-proxies/:id/deployments func (h *MCPProxyDeploymentHandler) DeployMCPProxy(c *gin.Context) { orgId, ok := middleware.GetOrganizationFromContext(c) if !ok { @@ -141,7 +141,7 @@ func (h *MCPProxyDeploymentHandler) DeployMCPProxy(c *gin.Context) { c.JSON(http.StatusCreated, deployment) } -// UndeployMCPProxyDeployment handles POST /api/v1/mcp-proxies/:id/deployments/:deploymentId/undeploy +// UndeployMCPProxyDeployment handles POST /api/v1alpha2/mcp-proxies/:id/deployments/:deploymentId/undeploy func (h *MCPProxyDeploymentHandler) UndeployMCPProxyDeployment(c *gin.Context) { orgId, ok := middleware.GetOrganizationFromContext(c) if !ok { @@ -203,7 +203,7 @@ func (h *MCPProxyDeploymentHandler) UndeployMCPProxyDeployment(c *gin.Context) { c.JSON(http.StatusOK, deployment) } -// RestoreMCPProxyDeployment handles POST /api/v1/mcp-proxies/:id/deployments/:deploymentId/restore +// RestoreMCPProxyDeployment handles POST /api/v1alpha2/mcp-proxies/:id/deployments/:deploymentId/restore func (h *MCPProxyDeploymentHandler) RestoreMCPProxyDeployment(c *gin.Context) { orgId, ok := middleware.GetOrganizationFromContext(c) if !ok { @@ -265,7 +265,7 @@ func (h *MCPProxyDeploymentHandler) RestoreMCPProxyDeployment(c *gin.Context) { c.JSON(http.StatusOK, deployment) } -// DeleteMCPProxyDeployment handles DELETE /api/v1/mcp-proxies/:id/deployments/:deploymentId +// DeleteMCPProxyDeployment handles DELETE /api/v1alpha2/mcp-proxies/:id/deployments/:deploymentId func (h *MCPProxyDeploymentHandler) DeleteMCPProxyDeployment(c *gin.Context) { orgId, ok := middleware.GetOrganizationFromContext(c) if !ok { @@ -313,7 +313,7 @@ func (h *MCPProxyDeploymentHandler) DeleteMCPProxyDeployment(c *gin.Context) { c.Status(http.StatusNoContent) } -// GetMCPProxyDeployment handles GET /api/v1/mcp-proxies/:id/deployments/:deploymentId +// GetMCPProxyDeployment handles GET /api/v1alpha2/mcp-proxies/:id/deployments/:deploymentId func (h *MCPProxyDeploymentHandler) GetMCPProxyDeployment(c *gin.Context) { orgId, ok := middleware.GetOrganizationFromContext(c) if !ok { @@ -358,7 +358,7 @@ func (h *MCPProxyDeploymentHandler) GetMCPProxyDeployment(c *gin.Context) { c.JSON(http.StatusOK, deployment) } -// GetMCPProxyDeployments handles GET /api/v1/mcp-proxies/:id/deployments +// GetMCPProxyDeployments handles GET /api/v1alpha2/mcp-proxies/:id/deployments func (h *MCPProxyDeploymentHandler) GetMCPProxyDeployments(c *gin.Context) { orgId, ok := middleware.GetOrganizationFromContext(c) if !ok { diff --git a/platform-api/src/internal/handler/organization.go b/platform-api/src/internal/handler/organization.go index bbe3f64880..19d4753838 100644 --- a/platform-api/src/internal/handler/organization.go +++ b/platform-api/src/internal/handler/organization.go @@ -33,20 +33,20 @@ import ( ) type OrganizationHandler struct { - orgService *service.OrganizationService + orgService *service.OrganizationService orgCreationRequiresAuth bool - slogger *slog.Logger + slogger *slog.Logger } func NewOrganizationHandler(orgService *service.OrganizationService, orgCreationRequiresAuth bool, slogger *slog.Logger) *OrganizationHandler { return &OrganizationHandler{ - orgService: orgService, + orgService: orgService, orgCreationRequiresAuth: orgCreationRequiresAuth, - slogger: slogger, + slogger: slogger, } } -// RegisterOrganization handles POST /api/v1/organizations +// RegisterOrganization handles POST /api/v1alpha2/organizations func (h *OrganizationHandler) RegisterOrganization(c *gin.Context) { var req api.Organization @@ -101,7 +101,7 @@ func (h *OrganizationHandler) RegisterOrganization(c *gin.Context) { c.JSON(http.StatusCreated, org) } -// HeadOrganizationByUuid handles HEAD /api/v1/organizations/{organizationId} +// HeadOrganizationByUuid handles HEAD /api/v1alpha2/organizations/{organizationId} func (h *OrganizationHandler) HeadOrganizationByUuid(c *gin.Context) { organizationIdFromContext, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -132,7 +132,7 @@ func (h *OrganizationHandler) HeadOrganizationByUuid(c *gin.Context) { c.Status(http.StatusOK) } -// GetOrganizationByUUID handles GET /api/v1/organizations/{organizationId} +// GetOrganizationByUUID handles GET /api/v1alpha2/organizations/{organizationId} func (h *OrganizationHandler) GetOrganizationByUUID(c *gin.Context) { orgID := c.Param("organizationId") @@ -152,7 +152,7 @@ func (h *OrganizationHandler) GetOrganizationByUUID(c *gin.Context) { c.JSON(http.StatusOK, org) } -// GetOrganization handles GET /api/v1/organizations +// GetOrganization handles GET /api/v1alpha2/organizations func (h *OrganizationHandler) GetOrganization(c *gin.Context) { orgID, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -182,7 +182,7 @@ func (h *OrganizationHandler) GetOrganization(c *gin.Context) { c.JSON(http.StatusOK, org) } -// GetOrganizationSubscription handles GET /api/v1/organizations/:organizationId/subscription +// GetOrganizationSubscription handles GET /api/v1alpha2/organizations/:organizationId/subscription func (h *OrganizationHandler) GetOrganizationSubscription(c *gin.Context) { organizationIdFromContext, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -224,12 +224,12 @@ func (h *OrganizationHandler) GetOrganizationSubscription(c *gin.Context) { // The org creation POST is only registered here when OrgCreationRequiresAuth is false. func (h *OrganizationHandler) RegisterPublicRoutes(r *gin.Engine) { if !h.orgCreationRequiresAuth { - r.POST("/api/v1/organizations", h.RegisterOrganization) + r.POST(constants.APIBasePath + "/organizations", h.RegisterOrganization) } } func (h *OrganizationHandler) RegisterRoutes(r *gin.Engine) { - orgGroup := r.Group("/api/v1/organizations") + orgGroup := r.Group(constants.APIBasePath + "/organizations") { // When auth is required, POST is registered here — behind the auth middleware. if h.orgCreationRequiresAuth { diff --git a/platform-api/src/internal/handler/project.go b/platform-api/src/internal/handler/project.go index 75c1c8d196..9852dac353 100644 --- a/platform-api/src/internal/handler/project.go +++ b/platform-api/src/internal/handler/project.go @@ -42,7 +42,7 @@ func NewProjectHandler(projectService *service.ProjectService, slogger *slog.Log } } -// CreateProject handles POST /api/v1/projects +// CreateProject handles POST /api/v1alpha2/projects func (h *ProjectHandler) CreateProject(c *gin.Context) { organizationID, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -90,7 +90,7 @@ func (h *ProjectHandler) CreateProject(c *gin.Context) { c.JSON(http.StatusCreated, project) } -// GetProject handles GET /api/v1/projects/:projectId +// GetProject handles GET /api/v1alpha2/projects/:projectId func (h *ProjectHandler) GetProject(c *gin.Context) { orgID, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -122,7 +122,7 @@ func (h *ProjectHandler) GetProject(c *gin.Context) { c.JSON(http.StatusOK, project) } -// ListProjects handles GET /api/v1/projects +// ListProjects handles GET /api/v1alpha2/projects func (h *ProjectHandler) ListProjects(c *gin.Context) { orgID, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -156,7 +156,7 @@ func (h *ProjectHandler) ListProjects(c *gin.Context) { }) } -// UpdateProject handles PUT /api/v1/projects/:projectId +// UpdateProject handles PUT /api/v1alpha2/projects/:projectId func (h *ProjectHandler) UpdateProject(c *gin.Context) { orgID, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -199,7 +199,7 @@ func (h *ProjectHandler) UpdateProject(c *gin.Context) { c.JSON(http.StatusOK, project) } -// DeleteProject handles DELETE /api/v1/projects/:projectId +// DeleteProject handles DELETE /api/v1alpha2/projects/:projectId func (h *ProjectHandler) DeleteProject(c *gin.Context) { orgID, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -247,7 +247,7 @@ func (h *ProjectHandler) DeleteProject(c *gin.Context) { } func (h *ProjectHandler) RegisterRoutes(r *gin.Engine) { - projectGroup := r.Group("/api/v1/projects") + projectGroup := r.Group(constants.APIBasePath + "/projects") { projectGroup.GET("", h.ListProjects) projectGroup.POST("", h.CreateProject) diff --git a/platform-api/src/internal/handler/subscription_handler.go b/platform-api/src/internal/handler/subscription_handler.go index 9bdc6fd2c6..f6eb6aa258 100644 --- a/platform-api/src/internal/handler/subscription_handler.go +++ b/platform-api/src/internal/handler/subscription_handler.go @@ -52,7 +52,7 @@ func NewSubscriptionHandler(subscriptionService *service.SubscriptionService, su } } -// CreateSubscriptionRequest is the body for POST /api/v1/subscriptions +// CreateSubscriptionRequest is the body for POST /api/v1alpha2/subscriptions type CreateSubscriptionRequest struct { APIID string `json:"apiId" binding:"required"` SubscriberID string `json:"subscriberId" binding:"required"` @@ -61,12 +61,12 @@ type CreateSubscriptionRequest struct { Status string `json:"status,omitempty"` } -// UpdateSubscriptionRequest is the body for PUT /api/v1/subscriptions/:subscriptionId +// UpdateSubscriptionRequest is the body for PUT /api/v1alpha2/subscriptions/:subscriptionId type UpdateSubscriptionRequest struct { Status string `json:"status,omitempty"` } -// CreateSubscription handles POST /api/v1/subscriptions +// CreateSubscription handles POST /api/v1alpha2/subscriptions func (h *SubscriptionHandler) CreateSubscription(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -112,7 +112,7 @@ func (h *SubscriptionHandler) CreateSubscription(c *gin.Context) { c.JSON(http.StatusCreated, h.toSubscriptionResponse(sub, orgId)) } -// ListSubscriptions handles GET /api/v1/subscriptions +// ListSubscriptions handles GET /api/v1alpha2/subscriptions func (h *SubscriptionHandler) ListSubscriptions(c *gin.Context) { apiId := c.Query("apiId") subscriberID := c.Query("subscriberId") @@ -214,7 +214,7 @@ func (h *SubscriptionHandler) ListSubscriptions(c *gin.Context) { }) } -// GetSubscription handles GET /api/v1/subscriptions/:subscriptionId +// GetSubscription handles GET /api/v1alpha2/subscriptions/:subscriptionId func (h *SubscriptionHandler) GetSubscription(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -240,7 +240,7 @@ func (h *SubscriptionHandler) GetSubscription(c *gin.Context) { c.JSON(http.StatusOK, h.toSubscriptionResponse(sub, orgId)) } -// UpdateSubscription handles PUT /api/v1/subscriptions/:subscriptionId +// UpdateSubscription handles PUT /api/v1alpha2/subscriptions/:subscriptionId func (h *SubscriptionHandler) UpdateSubscription(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -285,7 +285,7 @@ func (h *SubscriptionHandler) UpdateSubscription(c *gin.Context) { c.JSON(http.StatusOK, h.toSubscriptionResponse(sub, orgId)) } -// DeleteSubscription handles DELETE /api/v1/subscriptions/:subscriptionId +// DeleteSubscription handles DELETE /api/v1alpha2/subscriptions/:subscriptionId func (h *SubscriptionHandler) DeleteSubscription(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -330,7 +330,7 @@ func requireSubscriptionSubscriberQuery(c *gin.Context) (string, bool) { } func (h *SubscriptionHandler) RegisterRoutes(r *gin.Engine) { - subGroup := r.Group("/api/v1/subscriptions") + subGroup := r.Group(constants.APIBasePath + "/subscriptions") { subGroup.POST("", h.CreateSubscription) subGroup.GET("", h.ListSubscriptions) diff --git a/platform-api/src/internal/handler/subscription_plan_handler.go b/platform-api/src/internal/handler/subscription_plan_handler.go index 8ccc6dde2c..4802170773 100644 --- a/platform-api/src/internal/handler/subscription_plan_handler.go +++ b/platform-api/src/internal/handler/subscription_plan_handler.go @@ -69,7 +69,7 @@ func validateThrottleLimitPair(count *int, unit *string) string { return "" } -// CreateSubscriptionPlanRequest is the body for POST /api/v1/subscription-plans +// CreateSubscriptionPlanRequest is the body for POST /api/v1alpha2/subscription-plans type CreateSubscriptionPlanRequest struct { PlanName string `json:"planName" binding:"required"` BillingPlan string `json:"billingPlan,omitempty"` @@ -80,7 +80,7 @@ type CreateSubscriptionPlanRequest struct { Status string `json:"status,omitempty"` } -// UpdateSubscriptionPlanRequest is the body for PUT /api/v1/subscription-plans/:planId +// UpdateSubscriptionPlanRequest is the body for PUT /api/v1alpha2/subscription-plans/:planId // All fields use pointers for patch semantics: nil = omitted, non-nil = set (including clear-to-empty). type UpdateSubscriptionPlanRequest struct { PlanName *string `json:"planName,omitempty"` @@ -92,7 +92,7 @@ type UpdateSubscriptionPlanRequest struct { Status *string `json:"status,omitempty"` } -// CreateSubscriptionPlan handles POST /api/v1/subscription-plans +// CreateSubscriptionPlan handles POST /api/v1alpha2/subscription-plans func (h *SubscriptionPlanHandler) CreateSubscriptionPlan(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -158,7 +158,7 @@ func (h *SubscriptionPlanHandler) CreateSubscriptionPlan(c *gin.Context) { c.JSON(http.StatusCreated, toSubscriptionPlanResponse(created)) } -// ListSubscriptionPlans handles GET /api/v1/subscription-plans +// ListSubscriptionPlans handles GET /api/v1alpha2/subscription-plans func (h *SubscriptionPlanHandler) ListSubscriptionPlans(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -193,7 +193,7 @@ func (h *SubscriptionPlanHandler) ListSubscriptionPlans(c *gin.Context) { c.JSON(http.StatusOK, gin.H{"subscriptionPlans": items, "count": len(items)}) } -// GetSubscriptionPlan handles GET /api/v1/subscription-plans/:planId +// GetSubscriptionPlan handles GET /api/v1alpha2/subscription-plans/:planId func (h *SubscriptionPlanHandler) GetSubscriptionPlan(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -220,7 +220,7 @@ func (h *SubscriptionPlanHandler) GetSubscriptionPlan(c *gin.Context) { c.JSON(http.StatusOK, toSubscriptionPlanResponse(plan)) } -// UpdateSubscriptionPlan handles PUT /api/v1/subscription-plans/:planId +// UpdateSubscriptionPlan handles PUT /api/v1alpha2/subscription-plans/:planId func (h *SubscriptionPlanHandler) UpdateSubscriptionPlan(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -295,7 +295,7 @@ func (h *SubscriptionPlanHandler) UpdateSubscriptionPlan(c *gin.Context) { c.JSON(http.StatusOK, toSubscriptionPlanResponse(updated)) } -// DeleteSubscriptionPlan handles DELETE /api/v1/subscription-plans/:planId +// DeleteSubscriptionPlan handles DELETE /api/v1alpha2/subscription-plans/:planId func (h *SubscriptionPlanHandler) DeleteSubscriptionPlan(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -324,7 +324,7 @@ func (h *SubscriptionPlanHandler) DeleteSubscriptionPlan(c *gin.Context) { // RegisterRoutes registers subscription plan routes func (h *SubscriptionPlanHandler) RegisterRoutes(r *gin.Engine) { - group := r.Group("/api/v1/subscription-plans") + group := r.Group(constants.APIBasePath + "/subscription-plans") { group.POST("", h.CreateSubscriptionPlan) group.GET("", h.ListSubscriptionPlans) diff --git a/platform-api/src/internal/handler/webbroker_api.go b/platform-api/src/internal/handler/webbroker_api.go index fdbe414f08..29b170a010 100644 --- a/platform-api/src/internal/handler/webbroker_api.go +++ b/platform-api/src/internal/handler/webbroker_api.go @@ -51,7 +51,7 @@ func NewWebBrokerAPIHandler(webbrokerAPIService *service.WebBrokerAPIService, sl // RegisterRoutes registers WebBroker API routes func (h *WebBrokerAPIHandler) RegisterRoutes(r *gin.Engine) { - v1 := r.Group("/api/v1") + v1 := r.Group(constants.APIBasePath) { v1.POST("/webbroker-apis", h.CreateWebBrokerAPI) v1.GET("/webbroker-apis", h.ListWebBrokerAPIs) @@ -63,7 +63,7 @@ func (h *WebBrokerAPIHandler) RegisterRoutes(r *gin.Engine) { } } -// CreateWebBrokerAPI handles POST /api/v1/webbroker-apis +// CreateWebBrokerAPI handles POST /api/v1alpha2/webbroker-apis func (h *WebBrokerAPIHandler) CreateWebBrokerAPI(c *gin.Context) { orgID, ok := middleware.GetOrganizationFromContext(c) if !ok { @@ -89,7 +89,7 @@ func (h *WebBrokerAPIHandler) CreateWebBrokerAPI(c *gin.Context) { c.JSON(http.StatusCreated, resp) } -// ListWebBrokerAPIs handles GET /api/v1/webbroker-apis +// ListWebBrokerAPIs handles GET /api/v1alpha2/webbroker-apis func (h *WebBrokerAPIHandler) ListWebBrokerAPIs(c *gin.Context) { orgID, ok := middleware.GetOrganizationFromContext(c) if !ok { @@ -124,7 +124,7 @@ func (h *WebBrokerAPIHandler) ListWebBrokerAPIs(c *gin.Context) { c.JSON(http.StatusOK, resp) } -// GetWebBrokerAPI handles GET /api/v1/webbroker-apis/:apiId +// GetWebBrokerAPI handles GET /api/v1alpha2/webbroker-apis/:apiId func (h *WebBrokerAPIHandler) GetWebBrokerAPI(c *gin.Context) { orgID, ok := middleware.GetOrganizationFromContext(c) if !ok { @@ -142,7 +142,7 @@ func (h *WebBrokerAPIHandler) GetWebBrokerAPI(c *gin.Context) { c.JSON(http.StatusOK, resp) } -// UpdateWebBrokerAPI handles PUT /api/v1/webbroker-apis/:apiId +// UpdateWebBrokerAPI handles PUT /api/v1alpha2/webbroker-apis/:apiId func (h *WebBrokerAPIHandler) UpdateWebBrokerAPI(c *gin.Context) { orgID, ok := middleware.GetOrganizationFromContext(c) if !ok { @@ -168,7 +168,7 @@ func (h *WebBrokerAPIHandler) UpdateWebBrokerAPI(c *gin.Context) { c.JSON(http.StatusOK, resp) } -// DeleteWebBrokerAPI handles DELETE /api/v1/webbroker-apis/:apiId +// DeleteWebBrokerAPI handles DELETE /api/v1alpha2/webbroker-apis/:apiId func (h *WebBrokerAPIHandler) DeleteWebBrokerAPI(c *gin.Context) { orgID, ok := middleware.GetOrganizationFromContext(c) if !ok { diff --git a/platform-api/src/internal/handler/webbroker_api_deployment.go b/platform-api/src/internal/handler/webbroker_api_deployment.go index 2b051f6bca..3ab1859b49 100644 --- a/platform-api/src/internal/handler/webbroker_api_deployment.go +++ b/platform-api/src/internal/handler/webbroker_api_deployment.go @@ -50,7 +50,7 @@ func NewWebBrokerAPIDeploymentHandler(webbrokerAPIDeploymentService *service.Web // RegisterRoutes registers WebBroker API deployment routes func (h *WebBrokerAPIDeploymentHandler) RegisterRoutes(r *gin.Engine) { - g := r.Group("/api/v1/webbroker-apis/:apiId") + g := r.Group(constants.APIBasePath + "/webbroker-apis/:apiId") { g.POST("/deployments", h.DeployWebBrokerAPI) g.POST("/deployments/:deploymentId/undeploy", h.UndeployDeployment) @@ -61,7 +61,7 @@ func (h *WebBrokerAPIDeploymentHandler) RegisterRoutes(r *gin.Engine) { } } -// DeployWebBrokerAPI handles POST /api/v1/webbroker-apis/:apiId/deployments +// DeployWebBrokerAPI handles POST /api/v1alpha2/webbroker-apis/:apiId/deployments func (h *WebBrokerAPIDeploymentHandler) DeployWebBrokerAPI(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -103,7 +103,7 @@ func (h *WebBrokerAPIDeploymentHandler) DeployWebBrokerAPI(c *gin.Context) { c.JSON(http.StatusCreated, deployment) } -// UndeployDeployment handles POST /api/v1/webbroker-apis/:apiId/deployments/:deploymentId/undeploy +// UndeployDeployment handles POST /api/v1alpha2/webbroker-apis/:apiId/deployments/:deploymentId/undeploy func (h *WebBrokerAPIDeploymentHandler) UndeployDeployment(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -132,7 +132,7 @@ func (h *WebBrokerAPIDeploymentHandler) UndeployDeployment(c *gin.Context) { c.JSON(http.StatusOK, deployment) } -// RestoreDeployment handles POST /api/v1/webbroker-apis/:apiId/deployments/:deploymentId/restore +// RestoreDeployment handles POST /api/v1alpha2/webbroker-apis/:apiId/deployments/:deploymentId/restore func (h *WebBrokerAPIDeploymentHandler) RestoreDeployment(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -161,7 +161,7 @@ func (h *WebBrokerAPIDeploymentHandler) RestoreDeployment(c *gin.Context) { c.JSON(http.StatusOK, deployment) } -// GetDeployments handles GET /api/v1/webbroker-apis/:apiId/deployments +// GetDeployments handles GET /api/v1alpha2/webbroker-apis/:apiId/deployments func (h *WebBrokerAPIDeploymentHandler) GetDeployments(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -198,7 +198,7 @@ func (h *WebBrokerAPIDeploymentHandler) GetDeployments(c *gin.Context) { c.JSON(http.StatusOK, deployments) } -// GetDeployment handles GET /api/v1/webbroker-apis/:apiId/deployments/:deploymentId +// GetDeployment handles GET /api/v1alpha2/webbroker-apis/:apiId/deployments/:deploymentId func (h *WebBrokerAPIDeploymentHandler) GetDeployment(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -218,7 +218,7 @@ func (h *WebBrokerAPIDeploymentHandler) GetDeployment(c *gin.Context) { c.JSON(http.StatusOK, deployment) } -// DeleteDeployment handles DELETE /api/v1/webbroker-apis/:apiId/deployments/:deploymentId +// DeleteDeployment handles DELETE /api/v1alpha2/webbroker-apis/:apiId/deployments/:deploymentId func (h *WebBrokerAPIDeploymentHandler) DeleteDeployment(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { diff --git a/platform-api/src/internal/handler/webbroker_apikey.go b/platform-api/src/internal/handler/webbroker_apikey.go index 2b6828adba..0867a36b45 100644 --- a/platform-api/src/internal/handler/webbroker_apikey.go +++ b/platform-api/src/internal/handler/webbroker_apikey.go @@ -52,7 +52,7 @@ func NewWebBrokerAPIKeyHandler(webbrokerAPIService *service.WebBrokerAPIService, // RegisterRoutes registers WebBroker API key routes func (h *WebBrokerAPIKeyHandler) RegisterRoutes(r *gin.Engine) { - v1 := r.Group("/api/v1/webbroker-apis/:apiId/api-keys") + v1 := r.Group(constants.APIBasePath + "/webbroker-apis/:apiId/api-keys") { v1.POST("", h.CreateAPIKey) v1.PUT("/:keyName", h.UpdateAPIKey) @@ -60,7 +60,7 @@ func (h *WebBrokerAPIKeyHandler) RegisterRoutes(r *gin.Engine) { } } -// CreateAPIKey handles POST /api/v1/webbroker-apis/:apiId/api-keys +// CreateAPIKey handles POST /api/v1alpha2/webbroker-apis/:apiId/api-keys func (h *WebBrokerAPIKeyHandler) CreateAPIKey(c *gin.Context) { orgID, ok := middleware.GetOrganizationFromContext(c) if !ok { @@ -134,7 +134,7 @@ func (h *WebBrokerAPIKeyHandler) CreateAPIKey(c *gin.Context) { }) } -// UpdateAPIKey handles PUT /api/v1/webbroker-apis/:apiId/api-keys/:keyName +// UpdateAPIKey handles PUT /api/v1alpha2/webbroker-apis/:apiId/api-keys/:keyName func (h *WebBrokerAPIKeyHandler) UpdateAPIKey(c *gin.Context) { orgID, ok := middleware.GetOrganizationFromContext(c) if !ok { @@ -204,7 +204,7 @@ func (h *WebBrokerAPIKeyHandler) UpdateAPIKey(c *gin.Context) { }) } -// DeleteAPIKey handles DELETE /api/v1/webbroker-apis/:apiId/api-keys/:keyName +// DeleteAPIKey handles DELETE /api/v1alpha2/webbroker-apis/:apiId/api-keys/:keyName func (h *WebBrokerAPIKeyHandler) DeleteAPIKey(c *gin.Context) { orgID, ok := middleware.GetOrganizationFromContext(c) if !ok { diff --git a/platform-api/src/internal/handler/websub_api.go b/platform-api/src/internal/handler/websub_api.go index e62083ab93..764580d933 100644 --- a/platform-api/src/internal/handler/websub_api.go +++ b/platform-api/src/internal/handler/websub_api.go @@ -51,7 +51,7 @@ func NewWebSubAPIHandler(websubAPIService *service.WebSubAPIService, slogger *sl // RegisterRoutes registers WebSub API routes func (h *WebSubAPIHandler) RegisterRoutes(r *gin.Engine) { - v1 := r.Group("/api/v1") + v1 := r.Group(constants.APIBasePath) { v1.POST("/websub-apis", h.CreateWebSubAPI) v1.GET("/websub-apis", h.ListWebSubAPIs) @@ -63,7 +63,7 @@ func (h *WebSubAPIHandler) RegisterRoutes(r *gin.Engine) { } } -// CreateWebSubAPI handles POST /api/v1/websub-apis +// CreateWebSubAPI handles POST /api/v1alpha2/websub-apis func (h *WebSubAPIHandler) CreateWebSubAPI(c *gin.Context) { orgID, ok := middleware.GetOrganizationFromContext(c) if !ok { @@ -89,7 +89,7 @@ func (h *WebSubAPIHandler) CreateWebSubAPI(c *gin.Context) { c.JSON(http.StatusCreated, resp) } -// ListWebSubAPIs handles GET /api/v1/websub-apis +// ListWebSubAPIs handles GET /api/v1alpha2/websub-apis func (h *WebSubAPIHandler) ListWebSubAPIs(c *gin.Context) { orgID, ok := middleware.GetOrganizationFromContext(c) if !ok { @@ -124,7 +124,7 @@ func (h *WebSubAPIHandler) ListWebSubAPIs(c *gin.Context) { c.JSON(http.StatusOK, resp) } -// GetWebSubAPI handles GET /api/v1/websub-apis/:apiId +// GetWebSubAPI handles GET /api/v1alpha2/websub-apis/:apiId func (h *WebSubAPIHandler) GetWebSubAPI(c *gin.Context) { orgID, ok := middleware.GetOrganizationFromContext(c) if !ok { @@ -142,7 +142,7 @@ func (h *WebSubAPIHandler) GetWebSubAPI(c *gin.Context) { c.JSON(http.StatusOK, resp) } -// UpdateWebSubAPI handles PUT /api/v1/websub-apis/:apiId +// UpdateWebSubAPI handles PUT /api/v1alpha2/websub-apis/:apiId func (h *WebSubAPIHandler) UpdateWebSubAPI(c *gin.Context) { orgID, ok := middleware.GetOrganizationFromContext(c) if !ok { @@ -168,7 +168,7 @@ func (h *WebSubAPIHandler) UpdateWebSubAPI(c *gin.Context) { c.JSON(http.StatusOK, resp) } -// DeleteWebSubAPI handles DELETE /api/v1/websub-apis/:apiId +// DeleteWebSubAPI handles DELETE /api/v1alpha2/websub-apis/:apiId func (h *WebSubAPIHandler) DeleteWebSubAPI(c *gin.Context) { orgID, ok := middleware.GetOrganizationFromContext(c) if !ok { diff --git a/platform-api/src/internal/handler/websub_api_deployment.go b/platform-api/src/internal/handler/websub_api_deployment.go index 22274ee2bd..23e48df447 100644 --- a/platform-api/src/internal/handler/websub_api_deployment.go +++ b/platform-api/src/internal/handler/websub_api_deployment.go @@ -50,7 +50,7 @@ func NewWebSubAPIDeploymentHandler(websubAPIDeploymentService *service.WebSubAPI // RegisterRoutes registers WebSub API deployment routes func (h *WebSubAPIDeploymentHandler) RegisterRoutes(r *gin.Engine) { - g := r.Group("/api/v1/websub-apis/:apiId") + g := r.Group(constants.APIBasePath + "/websub-apis/:apiId") { g.POST("/deployments", h.DeployWebSubAPI) g.POST("/deployments/:deploymentId/undeploy", h.UndeployDeployment) @@ -61,7 +61,7 @@ func (h *WebSubAPIDeploymentHandler) RegisterRoutes(r *gin.Engine) { } } -// DeployWebSubAPI handles POST /api/v1/websub-apis/:apiId/deployments +// DeployWebSubAPI handles POST /api/v1alpha2/websub-apis/:apiId/deployments func (h *WebSubAPIDeploymentHandler) DeployWebSubAPI(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -103,7 +103,7 @@ func (h *WebSubAPIDeploymentHandler) DeployWebSubAPI(c *gin.Context) { c.JSON(http.StatusCreated, deployment) } -// UndeployDeployment handles POST /api/v1/websub-apis/:apiId/deployments/:deploymentId/undeploy +// UndeployDeployment handles POST /api/v1alpha2/websub-apis/:apiId/deployments/:deploymentId/undeploy func (h *WebSubAPIDeploymentHandler) UndeployDeployment(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -132,7 +132,7 @@ func (h *WebSubAPIDeploymentHandler) UndeployDeployment(c *gin.Context) { c.JSON(http.StatusOK, deployment) } -// RestoreDeployment handles POST /api/v1/websub-apis/:apiId/deployments/:deploymentId/restore +// RestoreDeployment handles POST /api/v1alpha2/websub-apis/:apiId/deployments/:deploymentId/restore func (h *WebSubAPIDeploymentHandler) RestoreDeployment(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -161,7 +161,7 @@ func (h *WebSubAPIDeploymentHandler) RestoreDeployment(c *gin.Context) { c.JSON(http.StatusOK, deployment) } -// GetDeployments handles GET /api/v1/websub-apis/:apiId/deployments +// GetDeployments handles GET /api/v1alpha2/websub-apis/:apiId/deployments func (h *WebSubAPIDeploymentHandler) GetDeployments(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -198,7 +198,7 @@ func (h *WebSubAPIDeploymentHandler) GetDeployments(c *gin.Context) { c.JSON(http.StatusOK, deployments) } -// GetDeployment handles GET /api/v1/websub-apis/:apiId/deployments/:deploymentId +// GetDeployment handles GET /api/v1alpha2/websub-apis/:apiId/deployments/:deploymentId func (h *WebSubAPIDeploymentHandler) GetDeployment(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { @@ -218,7 +218,7 @@ func (h *WebSubAPIDeploymentHandler) GetDeployment(c *gin.Context) { c.JSON(http.StatusOK, deployment) } -// DeleteDeployment handles DELETE /api/v1/websub-apis/:apiId/deployments/:deploymentId +// DeleteDeployment handles DELETE /api/v1alpha2/websub-apis/:apiId/deployments/:deploymentId func (h *WebSubAPIDeploymentHandler) DeleteDeployment(c *gin.Context) { orgId, exists := middleware.GetOrganizationFromContext(c) if !exists { diff --git a/platform-api/src/internal/handler/websub_apikey.go b/platform-api/src/internal/handler/websub_apikey.go index aaa191220e..81b3185415 100644 --- a/platform-api/src/internal/handler/websub_apikey.go +++ b/platform-api/src/internal/handler/websub_apikey.go @@ -52,7 +52,7 @@ func NewWebSubAPIKeyHandler(websubAPIService *service.WebSubAPIService, apiKeySe // RegisterRoutes registers WebSub API key routes func (h *WebSubAPIKeyHandler) RegisterRoutes(r *gin.Engine) { - v1 := r.Group("/api/v1/websub-apis/:apiId/api-keys") + v1 := r.Group(constants.APIBasePath + "/websub-apis/:apiId/api-keys") { v1.POST("", h.CreateAPIKey) v1.PUT("/:keyName", h.UpdateAPIKey) @@ -60,7 +60,7 @@ func (h *WebSubAPIKeyHandler) RegisterRoutes(r *gin.Engine) { } } -// CreateAPIKey handles POST /api/v1/websub-apis/:apiId/api-keys +// CreateAPIKey handles POST /api/v1alpha2/websub-apis/:apiId/api-keys func (h *WebSubAPIKeyHandler) CreateAPIKey(c *gin.Context) { orgID, ok := middleware.GetOrganizationFromContext(c) if !ok { @@ -134,7 +134,7 @@ func (h *WebSubAPIKeyHandler) CreateAPIKey(c *gin.Context) { }) } -// UpdateAPIKey handles PUT /api/v1/websub-apis/:apiId/api-keys/:keyName +// UpdateAPIKey handles PUT /api/v1alpha2/websub-apis/:apiId/api-keys/:keyName func (h *WebSubAPIKeyHandler) UpdateAPIKey(c *gin.Context) { orgID, ok := middleware.GetOrganizationFromContext(c) if !ok { @@ -205,7 +205,7 @@ func (h *WebSubAPIKeyHandler) UpdateAPIKey(c *gin.Context) { }) } -// DeleteAPIKey handles DELETE /api/v1/websub-apis/:apiId/api-keys/:keyName +// DeleteAPIKey handles DELETE /api/v1alpha2/websub-apis/:apiId/api-keys/:keyName func (h *WebSubAPIKeyHandler) DeleteAPIKey(c *gin.Context) { orgID, ok := middleware.GetOrganizationFromContext(c) if !ok { diff --git a/platform-api/src/internal/middleware/openapi_scope_registry_test.go b/platform-api/src/internal/middleware/openapi_scope_registry_test.go index e03412fbf5..ee5be8d191 100644 --- a/platform-api/src/internal/middleware/openapi_scope_registry_test.go +++ b/platform-api/src/internal/middleware/openapi_scope_registry_test.go @@ -8,7 +8,7 @@ import ( const testSpec = ` openapi: 3.1.1 servers: - - url: https://localhost:9243/api/v1 + - url: https://localhost:9243/api/v1alpha2 paths: /projects: post: @@ -57,9 +57,9 @@ func TestLoadScopeRegistry(t *testing.T) { wantFound bool wantScopes []string }{ - {"POST", "/api/v1/projects", true, []string{"ap:project:create", "ap:project:manage"}}, - {"GET", "/api/v1/projects/:projectId", true, []string{"ap:project:read", "ap:project:manage"}}, - {"POST", "/api/v1/organizations", false, nil}, + {"POST", "/api/v1alpha2/projects", true, []string{"ap:project:create", "ap:project:manage"}}, + {"GET", "/api/v1alpha2/projects/:projectId", true, []string{"ap:project:read", "ap:project:manage"}}, + {"POST", "/api/v1alpha2/organizations", false, nil}, } for _, tc := range tests { scopes, found := reg.Lookup(tc.method, tc.path) diff --git a/platform-api/src/internal/model/llm.go b/platform-api/src/internal/model/llm.go index 2332da5638..107985d9bc 100644 --- a/platform-api/src/internal/model/llm.go +++ b/platform-api/src/internal/model/llm.go @@ -58,6 +58,26 @@ type LLMPolicy struct { Paths []LLMPolicyPath `json:"paths" db:"-"` } +type GlobalPolicy struct { + Name string `json:"name" db:"-"` + Version string `json:"version" db:"-"` + ExecutionCondition string `json:"executionCondition,omitempty" db:"-"` + Params map[string]interface{} `json:"params,omitempty" db:"-"` +} + +type OperationPolicyPath struct { + Path string `json:"path" db:"-"` + Methods []string `json:"methods" db:"-"` + Params map[string]interface{} `json:"params" db:"-"` +} + +type OperationPolicy struct { + Name string `json:"name" db:"-"` + Version string `json:"version" db:"-"` + ExecutionCondition string `json:"executionCondition,omitempty" db:"-"` + Paths []OperationPolicyPath `json:"paths" db:"-"` +} + type RateLimitingLimitConfig struct { Request *RequestRateLimit `json:"request,omitempty" db:"-"` Token *TokenRateLimit `json:"token,omitempty" db:"-"` @@ -184,8 +204,10 @@ type LLMProviderConfig struct { Upstream *UpstreamConfig `json:"upstream,omitempty" db:"-"` AccessControl *LLMAccessControl `json:"accessControl,omitempty" db:"-"` RateLimiting *LLMRateLimitingConfig `json:"rateLimiting,omitempty" db:"-"` - Policies []LLMPolicy `json:"policies,omitempty" db:"-"` - Security *SecurityConfig `json:"security,omitempty" db:"-"` + GlobalPolicies []GlobalPolicy `json:"globalPolicies,omitempty" db:"-"` + OperationPolicies []OperationPolicy `json:"operationPolicies,omitempty" db:"-"` + Policies []LLMPolicy `json:"policies,omitempty" db:"-"` + Security *SecurityConfig `json:"security,omitempty" db:"-"` } // LLMProxy represents an LLM proxy entity @@ -213,8 +235,10 @@ type LLMProxyConfig struct { Vhost *string `json:"vhost,omitempty" db:"-"` Provider string `json:"provider,omitempty" db:"-"` UpstreamAuth *UpstreamAuth `json:"upstreamAuth,omitempty" db:"-"` - Policies []LLMPolicy `json:"policies,omitempty" db:"-"` - Security *SecurityConfig `json:"security,omitempty" db:"-"` + GlobalPolicies []GlobalPolicy `json:"globalPolicies,omitempty" db:"-"` + OperationPolicies []OperationPolicy `json:"operationPolicies,omitempty" db:"-"` + Policies []LLMPolicy `json:"policies,omitempty" db:"-"` + Security *SecurityConfig `json:"security,omitempty" db:"-"` } type SecurityConfig struct { diff --git a/platform-api/src/internal/repository/gateway.go b/platform-api/src/internal/repository/gateway.go index 224407681d..5ecf89ed30 100644 --- a/platform-api/src/internal/repository/gateway.go +++ b/platform-api/src/internal/repository/gateway.go @@ -428,6 +428,13 @@ func (r *GatewayRepo) UpdateGatewayManifest(gatewayID string, manifest []byte) e return err } +// UpdateGatewayVersion persists the version string reported by the gateway controller on manifest push. +func (r *GatewayRepo) UpdateGatewayVersion(gatewayID, version string) error { + query := `UPDATE gateways SET version = ?, updated_at = ? WHERE uuid = ?` + _, err := r.db.Exec(r.db.Rebind(query), version, time.Now(), gatewayID) + return err +} + // GetGatewayManifest returns the raw manifest JSON stored for the gateway. // Returns nil data (no error) if the gateway exists but has no manifest yet. // Returns an error if the gateway row does not exist. diff --git a/platform-api/src/internal/repository/interfaces.go b/platform-api/src/internal/repository/interfaces.go index 2184e2e10c..1066a0d9ac 100644 --- a/platform-api/src/internal/repository/interfaces.go +++ b/platform-api/src/internal/repository/interfaces.go @@ -165,6 +165,9 @@ type GatewayRepository interface { // Manifest operations UpdateGatewayManifest(gatewayID string, manifest []byte) error GetGatewayManifest(gatewayID string) ([]byte, error) + + // Version update — persists the version reported by the gateway controller on connect. + UpdateGatewayVersion(gatewayID, version string) error } // DevPortalRepository interface for DevPortal-related database operations diff --git a/platform-api/src/internal/service/deployment_test.go b/platform-api/src/internal/service/deployment_test.go index 840f0d9c27..5110002ef0 100644 --- a/platform-api/src/internal/service/deployment_test.go +++ b/platform-api/src/internal/service/deployment_test.go @@ -1873,7 +1873,7 @@ func TestApplyStructOverrides(t *testing.T) { } func TestApplyDeploymentOverrides(t *testing.T) { - baseYAML := `apiVersion: gateway.api-platform.wso2.com/v1alpha1 + baseYAML := `apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: RestApi metadata: name: test-api diff --git a/platform-api/src/internal/service/gateway.go b/platform-api/src/internal/service/gateway.go index df61824741..54e93b5b5f 100644 --- a/platform-api/src/internal/service/gateway.go +++ b/platform-api/src/internal/service/gateway.go @@ -257,6 +257,12 @@ func (s *GatewayService) ReceiveGatewayManifest(orgID, gatewayID, gatewayVersion return fmt.Errorf("failed to store gateway manifest: %w", err) } + // Persist the version the controller reported so the deploy transform uses the + // live gateway version rather than the stale value stored at registration time. + if err := s.gatewayRepo.UpdateGatewayVersion(gatewayID, reported); err != nil { + return fmt.Errorf("failed to update gateway version: %w", err) + } + customerCount := 0 for _, p := range policies { if p.ManagedBy == constants.PolicyManagedByCustomer { diff --git a/platform-api/src/internal/service/llm.go b/platform-api/src/internal/service/llm.go index 1c112626e8..01b79fc655 100644 --- a/platform-api/src/internal/service/llm.go +++ b/platform-api/src/internal/service/llm.go @@ -338,15 +338,18 @@ func (s *LLMProviderService) Create(orgUUID, createdBy string, req *api.LLMProvi ModelProviders: mapModelProvidersAPI(req.ModelProviders), Status: llmStatusPending, Configuration: model.LLMProviderConfig{ - Context: &contextValue, - VHost: req.Vhost, - Upstream: mapUpstreamAPIToModel(req.Upstream), - AccessControl: mapAccessControlAPI(&req.AccessControl), - RateLimiting: mapRateLimitingAPIToModel(req.RateLimiting), - Policies: mapPoliciesAPIToModel(req.Policies), - Security: mapSecurityAPIToModel(req.Security), + Context: &contextValue, + VHost: req.Vhost, + Upstream: mapUpstreamAPIToModel(req.Upstream), + AccessControl: mapAccessControlAPI(&req.AccessControl), + RateLimiting: mapRateLimitingAPIToModel(req.RateLimiting), + GlobalPolicies: mapGlobalPoliciesAPIToModel(req.GlobalPolicies), + OperationPolicies: mapOperationPoliciesAPIToModel(req.OperationPolicies), + Policies: mapPoliciesAPIToModel(req.Policies), + Security: mapSecurityAPIToModel(req.Security), }, } + migrateLegacyProviderPoliciesInPlace(&m.Configuration) if err := s.repo.Create(m); err != nil { if isSQLiteUniqueConstraint(err) { @@ -491,15 +494,18 @@ func (s *LLMProviderService) Update(orgUUID, handle string, req *api.LLMProvider ModelProviders: mapModelProvidersAPI(req.ModelProviders), Status: llmStatusPending, Configuration: model.LLMProviderConfig{ - Context: &contextValue, - VHost: req.Vhost, - Upstream: mapUpstreamAPIToModel(req.Upstream), - AccessControl: mapAccessControlAPI(&req.AccessControl), - RateLimiting: mapRateLimitingAPIToModel(req.RateLimiting), - Policies: mapPoliciesAPIToModel(req.Policies), - Security: mapSecurityAPIToModel(req.Security), + Context: &contextValue, + VHost: req.Vhost, + Upstream: mapUpstreamAPIToModel(req.Upstream), + AccessControl: mapAccessControlAPI(&req.AccessControl), + RateLimiting: mapRateLimitingAPIToModel(req.RateLimiting), + GlobalPolicies: mapGlobalPoliciesAPIToModel(req.GlobalPolicies), + OperationPolicies: mapOperationPoliciesAPIToModel(req.OperationPolicies), + Policies: mapPoliciesAPIToModel(req.Policies), + Security: mapSecurityAPIToModel(req.Security), }, } + migrateLegacyProviderPoliciesInPlace(&m.Configuration) // Preserve stored upstream auth credential only when auth object is provided with an empty value. // If auth object is omitted, treat it as explicit removal and clear stored auth. @@ -630,14 +636,17 @@ func (s *LLMProxyService) Create(orgUUID, createdBy string, req *api.LLMProxy) ( OpenAPISpec: utils.ValueOrEmpty(req.Openapi), Status: llmStatusPending, Configuration: model.LLMProxyConfig{ - Context: &contextValue, - Vhost: req.Vhost, - Provider: req.Provider.Id, - UpstreamAuth: mapUpstreamAuthAPIToModel(req.Provider.Auth), - Policies: mapPoliciesAPIToModel(req.Policies), - Security: mapSecurityAPIToModel(req.Security), + Context: &contextValue, + Vhost: req.Vhost, + Provider: req.Provider.Id, + UpstreamAuth: mapUpstreamAuthAPIToModel(req.Provider.Auth), + GlobalPolicies: mapGlobalPoliciesAPIToModel(req.GlobalPolicies), + OperationPolicies: mapOperationPoliciesAPIToModel(req.OperationPolicies), + Policies: mapPoliciesAPIToModel(req.Policies), + Security: mapSecurityAPIToModel(req.Security), }, } + migrateLegacyProxyPoliciesInPlace(&m.Configuration) if err := s.repo.Create(m); err != nil { if isSQLiteUniqueConstraint(err) { @@ -842,14 +851,17 @@ func (s *LLMProxyService) Update(orgUUID, handle string, req *api.LLMProxy) (*ap OpenAPISpec: utils.ValueOrEmpty(req.Openapi), Status: llmStatusPending, Configuration: model.LLMProxyConfig{ - Context: &contextValue, - Vhost: req.Vhost, - Provider: req.Provider.Id, - UpstreamAuth: mapUpstreamAuthAPIToModel(req.Provider.Auth), - Policies: mapPoliciesAPIToModel(req.Policies), - Security: mapSecurityAPIToModel(req.Security), + Context: &contextValue, + Vhost: req.Vhost, + Provider: req.Provider.Id, + UpstreamAuth: mapUpstreamAuthAPIToModel(req.Provider.Auth), + GlobalPolicies: mapGlobalPoliciesAPIToModel(req.GlobalPolicies), + OperationPolicies: mapOperationPoliciesAPIToModel(req.OperationPolicies), + Policies: mapPoliciesAPIToModel(req.Policies), + Security: mapSecurityAPIToModel(req.Security), }, } + migrateLegacyProxyPoliciesInPlace(&m.Configuration) // Preserve stored upstream auth credential when not supplied in update payload m.Configuration.UpstreamAuth = preserveUpstreamAuthCredential(existing.Configuration.UpstreamAuth, m.Configuration.UpstreamAuth) @@ -1033,6 +1045,185 @@ func mapPoliciesAPIToModel(in *[]api.LLMPolicy) []model.LLMPolicy { return out } +func mapGlobalPoliciesAPIToModel(in *[]api.Policy) []model.GlobalPolicy { + if in == nil || len(*in) == 0 { + return nil + } + out := make([]model.GlobalPolicy, 0, len(*in)) + for _, p := range *in { + ec := "" + if p.ExecutionCondition != nil { + ec = *p.ExecutionCondition + } + var params map[string]interface{} + if p.Params != nil { + params = *p.Params + } + out = append(out, model.GlobalPolicy{Name: p.Name, Version: p.Version, ExecutionCondition: ec, Params: params}) + } + return out +} + +func mapOperationPoliciesAPIToModel(in *[]api.OperationPolicy) []model.OperationPolicy { + if in == nil || len(*in) == 0 { + return nil + } + out := make([]model.OperationPolicy, 0, len(*in)) + for _, p := range *in { + ec := "" + if p.ExecutionCondition != nil { + ec = *p.ExecutionCondition + } + paths := make([]model.OperationPolicyPath, 0, len(p.Paths)) + for _, pp := range p.Paths { + paths = append(paths, model.OperationPolicyPath{Path: pp.Path, Methods: pp.Methods, Params: pp.Params}) + } + out = append(out, model.OperationPolicy{Name: p.Name, Version: p.Version, ExecutionCondition: ec, Paths: paths}) + } + return out +} + +func mapGlobalPoliciesModelToAPI(in []model.GlobalPolicy) *[]api.Policy { + if len(in) == 0 { + return nil + } + out := make([]api.Policy, 0, len(in)) + for _, p := range in { + entry := api.Policy{Name: p.Name, Version: p.Version} + if p.ExecutionCondition != "" { + entry.ExecutionCondition = &p.ExecutionCondition + } + if p.Params != nil { + params := p.Params + entry.Params = ¶ms + } + out = append(out, entry) + } + return &out +} + +func mapOperationPoliciesModelToAPI(in []model.OperationPolicy) *[]api.OperationPolicy { + if len(in) == 0 { + return nil + } + out := make([]api.OperationPolicy, 0, len(in)) + for _, p := range in { + paths := make([]api.OperationPolicyPath, 0, len(p.Paths)) + for _, pp := range p.Paths { + paths = append(paths, api.OperationPolicyPath{Path: pp.Path, Methods: pp.Methods, Params: pp.Params}) + } + entry := api.OperationPolicy{Name: p.Name, Version: p.Version, Paths: paths} + if p.ExecutionCondition != "" { + entry.ExecutionCondition = &p.ExecutionCondition + } + out = append(out, entry) + } + return &out +} + +// migrateLegacyProviderPoliciesInPlace folds any legacy `policies` entries into +// globalPolicies / operationPolicies, then clears `policies`. +// Rules: +// - a path entry with path == "/*" AND methods == ["*"] → GlobalPolicy (deduped by name) +// - any other path entry → OperationPolicy path (merged by name) +// +// Empty or nil Policies → no-op. +func migrateLegacyProviderPoliciesInPlace(cfg *model.LLMProviderConfig) { + migrateLegacyPolicies(&cfg.GlobalPolicies, &cfg.OperationPolicies, cfg.Policies) + cfg.Policies = nil +} + +// migrateLegacyProxyPoliciesInPlace is the proxy-config counterpart. +func migrateLegacyProxyPoliciesInPlace(cfg *model.LLMProxyConfig) { + migrateLegacyPolicies(&cfg.GlobalPolicies, &cfg.OperationPolicies, cfg.Policies) + cfg.Policies = nil +} + +// migrateLegacyPolicies is the shared migration kernel. +func migrateLegacyPolicies(globalPolicies *[]model.GlobalPolicy, operationPolicies *[]model.OperationPolicy, legacyPolicies []model.LLMPolicy) { + for _, p := range legacyPolicies { + for _, pe := range p.Paths { + if pe.Path == "/*" && isWildcardOnlyMethods(pe.Methods) { + if !hasGlobalPolicyByName(*globalPolicies, p.Name) { + *globalPolicies = append(*globalPolicies, model.GlobalPolicy{ + Name: p.Name, + Version: p.Version, + Params: pe.Params, + }) + } + } else { + appendLegacyOperationPath(operationPolicies, p.Name, p.Version, model.OperationPolicyPath{ + Path: pe.Path, + Methods: pe.Methods, + Params: pe.Params, + }) + } + } + } +} + +// isWildcardOnlyMethods reports whether methods is exactly ["*"]. +func isWildcardOnlyMethods(methods []string) bool { + return len(methods) == 1 && methods[0] == "*" +} + +// hasGlobalPolicyByName reports whether a GlobalPolicy with the given name already exists. +func hasGlobalPolicyByName(policies []model.GlobalPolicy, name string) bool { + for _, p := range policies { + if p.Name == name { + return true + } + } + return false +} + +// appendLegacyOperationPath merges a path entry into an existing OperationPolicy of the same +// name+version, or appends a new OperationPolicy if none exists. +func appendLegacyOperationPath(policies *[]model.OperationPolicy, name, version string, path model.OperationPolicyPath) { + for i := range *policies { + if (*policies)[i].Name == name { + (*policies)[i].Paths = append((*policies)[i].Paths, path) + return + } + } + *policies = append(*policies, model.OperationPolicy{ + Name: name, + Version: version, + Paths: []model.OperationPolicyPath{path}, + }) +} + +// splitLegacyPoliciesForRead converts a stored legacy policies list into the two +// canonical lists for read responses, using the same rule as the save-time migration: +// - path "/*" + methods ["*"] → GlobalPolicy (shared api-level bucket) +// - any other path → OperationPolicy (per-path bucket) +// +// Called only when both new lists are empty and the legacy list is non-empty. +func splitLegacyPoliciesForRead(legacy []model.LLMPolicy) ([]model.GlobalPolicy, []model.OperationPolicy) { + var global []model.GlobalPolicy + var operation []model.OperationPolicy + for _, p := range legacy { + for _, pe := range p.Paths { + if pe.Path == "/*" && isWildcardOnlyMethods(pe.Methods) { + if !hasGlobalPolicyByName(global, p.Name) { + global = append(global, model.GlobalPolicy{ + Name: p.Name, + Version: p.Version, + Params: pe.Params, + }) + } + } else { + appendLegacyOperationPath(&operation, p.Name, p.Version, model.OperationPolicyPath{ + Path: pe.Path, + Methods: pe.Methods, + Params: pe.Params, + }) + } + } + } + return global, operation +} + func mapUpstreamAuthAPIToModel(in *api.UpstreamAuth) *model.UpstreamAuth { if in == nil { return nil @@ -1502,10 +1693,21 @@ func mapProviderModelToAPI(m *model.LLMProvider, templateHandle string) *api.LLM ac.Exceptions = &exc } - policies := mapPoliciesModelToAPI(m.Configuration.Policies) - if policies == nil { - empty := []api.LLMPolicy{} - policies = &empty + globalPolicyCfg := m.Configuration.GlobalPolicies + operationPolicyCfg := m.Configuration.OperationPolicies + // For legacy rows stored before v1alpha2 migration: split policies on read. + if len(globalPolicyCfg) == 0 && len(operationPolicyCfg) == 0 && len(m.Configuration.Policies) > 0 { + globalPolicyCfg, operationPolicyCfg = splitLegacyPoliciesForRead(m.Configuration.Policies) + } + globalPolicies := mapGlobalPoliciesModelToAPI(globalPolicyCfg) + if globalPolicies == nil { + empty := []api.Policy{} + globalPolicies = &empty + } + operationPolicies := mapOperationPoliciesModelToAPI(operationPolicyCfg) + if operationPolicies == nil { + empty := []api.OperationPolicy{} + operationPolicies = &empty } modelProviders := mapModelProvidersModelToAPI(m.ModelProviders) @@ -1525,11 +1727,13 @@ func mapProviderModelToAPI(m *model.LLMProvider, templateHandle string) *api.LLM Template: templateHandle, Openapi: utils.StringPtrIfNotEmpty(m.OpenAPISpec), ModelProviders: modelProviders, - RateLimiting: mapRateLimitingModelToAPI(m.Configuration.RateLimiting), - Upstream: upstream, - AccessControl: ac, - Policies: policies, - Security: mapSecurityModelToAPI(m.Configuration.Security), + RateLimiting: mapRateLimitingModelToAPI(m.Configuration.RateLimiting), + Upstream: upstream, + AccessControl: ac, + GlobalPolicies: globalPolicies, + OperationPolicies: operationPolicies, + Policies: nil, + Security: mapSecurityModelToAPI(m.Configuration.Security), CreatedAt: utils.TimePtr(m.CreatedAt), UpdatedAt: utils.TimePtr(m.UpdatedAt), } @@ -1820,10 +2024,21 @@ func mapProxyModelToAPI(m *model.LLMProxy) *api.LLMProxy { v := *m.Configuration.Vhost vhostValue = &v } - policies := mapPoliciesModelToAPI(m.Configuration.Policies) - if policies == nil { - empty := []api.LLMPolicy{} - policies = &empty + globalPolicyCfgProxy := m.Configuration.GlobalPolicies + operationPolicyCfgProxy := m.Configuration.OperationPolicies + // For legacy rows stored before v1alpha2 migration: split policies on read. + if len(globalPolicyCfgProxy) == 0 && len(operationPolicyCfgProxy) == 0 && len(m.Configuration.Policies) > 0 { + globalPolicyCfgProxy, operationPolicyCfgProxy = splitLegacyPoliciesForRead(m.Configuration.Policies) + } + globalPoliciesProxy := mapGlobalPoliciesModelToAPI(globalPolicyCfgProxy) + if globalPoliciesProxy == nil { + empty := []api.Policy{} + globalPoliciesProxy = &empty + } + operationPoliciesProxy := mapOperationPoliciesModelToAPI(operationPolicyCfgProxy) + if operationPoliciesProxy == nil { + empty := []api.OperationPolicy{} + operationPoliciesProxy = &empty } createdAt := utils.TimePtr(m.CreatedAt) updatedAt := utils.TimePtr(m.UpdatedAt) @@ -1857,25 +2072,9 @@ func mapProxyModelToAPI(m *model.LLMProxy) *api.LLMProxy { Value: nil, // Redact auth credential value } } - if len(m.Configuration.Policies) > 0 { - policyList := make([]api.LLMPolicy, 0, len(m.Configuration.Policies)) - for _, p := range m.Configuration.Policies { - paths := make([]api.LLMPolicyPath, 0, len(p.Paths)) - for _, pp := range p.Paths { - methods := make([]api.LLMPolicyPathMethods, 0, len(pp.Methods)) - for _, m := range pp.Methods { - methods = append(methods, api.LLMPolicyPathMethods(m)) - } - paths = append(paths, api.LLMPolicyPath{Path: pp.Path, Methods: methods, Params: pp.Params}) - } - policyList = append(policyList, api.LLMPolicy{Name: p.Name, Version: p.Version, Paths: paths}) - } - out.Policies = &policyList - } - if out.Policies == nil { - empty := []api.LLMPolicy{} - out.Policies = &empty - } + out.GlobalPolicies = globalPoliciesProxy + out.OperationPolicies = operationPoliciesProxy + out.Policies = nil return out } diff --git a/platform-api/src/internal/service/llm_deployment.go b/platform-api/src/internal/service/llm_deployment.go index 29cfa6523f..415f21be44 100644 --- a/platform-api/src/internal/service/llm_deployment.go +++ b/platform-api/src/internal/service/llm_deployment.go @@ -28,6 +28,7 @@ import ( "platform-api/src/api" "platform-api/src/config" "platform-api/src/internal/constants" + "platform-api/src/internal/deploymenttransform" "platform-api/src/internal/dto" "platform-api/src/internal/model" "platform-api/src/internal/repository" @@ -165,11 +166,23 @@ func (s *LLMProviderDeploymentService) DeployLLMProvider(providerID string, req if err != nil { return nil, err } - providerYaml, err := generateLLMProviderDeploymentYAML(provider, tplHandle) + providerDeployment, err := generateLLMProviderDeploymentYAML(provider, tplHandle) if err != nil { return nil, fmt.Errorf("failed to generate LLM provider deployment YAML: %w", err) } - contentBytes = []byte(providerYaml) + target := deploymenttransform.ParseVersion(gateway.Version) + if err := deploymenttransform.Default().Transform( + constants.LLMProvider, + target, + &providerDeployment, + ); err != nil { + return nil, fmt.Errorf("failed to transform LLM provider deployment for gateway %s: %w", gateway.Version, err) + } + providerYamlBytes, marshalErr := yaml.Marshal(providerDeployment) + if marshalErr != nil { + return nil, fmt.Errorf("failed to marshal LLM provider deployment YAML: %w", marshalErr) + } + contentBytes = providerYamlBytes } else { // Use existing deployment as base baseDeployment, err := s.deploymentRepo.GetWithContent(req.Base, provider.UUID, orgUUID) @@ -531,19 +544,19 @@ func (s *LLMProviderDeploymentService) getTemplateHandle(templateUUID, orgUUID s return tpl.ID, nil } -func generateLLMProviderDeploymentYAML(provider *model.LLMProvider, templateHandle string) (string, error) { +func generateLLMProviderDeploymentYAML(provider *model.LLMProvider, templateHandle string) (dto.LLMProviderDeploymentYAML, error) { if provider == nil { - return "", errors.New("provider is required") + return dto.LLMProviderDeploymentYAML{}, errors.New("provider is required") } if templateHandle == "" { - return "", errors.New("template handle is required") + return dto.LLMProviderDeploymentYAML{}, errors.New("template handle is required") } if provider.Configuration.Upstream == nil || provider.Configuration.Upstream.Main == nil { - return "", constants.ErrInvalidInput + return dto.LLMProviderDeploymentYAML{}, constants.ErrInvalidInput } main := provider.Configuration.Upstream.Main if main.URL == "" && main.Ref == "" { - return "", constants.ErrInvalidInput + return dto.LLMProviderDeploymentYAML{}, constants.ErrInvalidInput } contextValue := "/" @@ -571,7 +584,9 @@ func generateLLMProviderDeploymentYAML(provider *model.LLMProvider, templateHand } } - policies := make([]api.LLMPolicy, 0, len(provider.Configuration.Policies)) + var globalPolicies []api.Policy + var operationPolicies []api.OperationPolicy + policies := make([]api.LLMPolicy, 0) // Transform security config security := provider.Configuration.Security @@ -579,21 +594,18 @@ func generateLLMProviderDeploymentYAML(provider *model.LLMProvider, templateHand if security.APIKey != nil && isBoolTrue(security.APIKey.Enabled) { key := strings.TrimSpace(security.APIKey.Key) if key == "" { - return "", fmt.Errorf("invalid api key security configuration: key is required") + return dto.LLMProviderDeploymentYAML{}, fmt.Errorf("invalid api key security configuration: key is required") } in := strings.ToLower(strings.TrimSpace(security.APIKey.In)) if in != "header" && in != "query" { - return "", fmt.Errorf("invalid api key security configuration: in must be 'header' or 'query', got %q", security.APIKey.In) + return dto.LLMProviderDeploymentYAML{}, fmt.Errorf("invalid api key security configuration: in must be 'header' or 'query', got %q", security.APIKey.In) } - addOrAppendPolicyPath(&policies, apiKeyAuthPolicyName, "", api.LLMPolicyPath{ - Path: "/*", - Methods: []api.LLMPolicyPathMethods{"*"}, - Params: map[string]interface{}{ - "key": key, - "in": in, - }, + params := map[string]interface{}{"key": key, "in": in} + globalPolicies = append(globalPolicies, api.Policy{ + Name: apiKeyAuthPolicyName, + Params: ¶ms, }) } } @@ -607,159 +619,94 @@ func generateLLMProviderDeploymentYAML(provider *model.LLMProvider, templateHand if providerLevel != nil { // Priority to global rate limit configuration if both global and resource-wise are present if providerLevel.Global != nil { - // Step 2.1 Handle global rate limiting - // TODO: Confirm with gateway interpret this as a global policy + // Step 2.1 Handle global rate limiting — emits to globalPolicies (shared api-level bucket) if providerLevel.Global.Token != nil && providerLevel.Global.Token.Enabled { tokenLimit := providerLevel.Global.Token duration, err := formatRateLimitDuration(tokenLimit.Reset.Duration, tokenLimit.Reset.Unit) if err != nil { - return "", fmt.Errorf("invalid token reset window: %w", err) + return dto.LLMProviderDeploymentYAML{}, fmt.Errorf("invalid token reset window: %w", err) } - policies = append(policies, api.LLMPolicy{ - // TODO: This should be taken from config - Name: tokenBasedRateLimitPolicyName, - Version: "", - Paths: []api.LLMPolicyPath{ - { - Path: "/*", - Methods: []api.LLMPolicyPathMethods{"*"}, - Params: map[string]interface{}{ - "totalTokenLimits": []map[string]interface{}{ - { - "count": tokenLimit.Count, - "duration": duration, - }, - }, - }, - }, + params := map[string]interface{}{ + "totalTokenLimits": []map[string]interface{}{ + {"count": tokenLimit.Count, "duration": duration}, }, - }) + } + globalPolicies = append(globalPolicies, api.Policy{Name: tokenBasedRateLimitPolicyName, Version: "", Params: ¶ms}) } if providerLevel.Global.Request != nil && providerLevel.Global.Request.Enabled { requestLimit := providerLevel.Global.Request duration, err := formatRateLimitDuration(requestLimit.Reset.Duration, requestLimit.Reset.Unit) if err != nil { - return "", fmt.Errorf("invalid request reset window: %w", err) + return dto.LLMProviderDeploymentYAML{}, fmt.Errorf("invalid request reset window: %w", err) } - policies = append(policies, api.LLMPolicy{ - // TODO: This should be taken from config - Name: advancedRateLimitPolicyName, - Version: "", - Paths: []api.LLMPolicyPath{ + params := map[string]interface{}{ + "quotas": []map[string]interface{}{ { - Path: "/*", - Methods: []api.LLMPolicyPathMethods{"*"}, - Params: map[string]interface{}{ - // TODO: Is this correct? - // TODO: Is `algorithm` and `backend` not available? - "quotas": []map[string]interface{}{ - { - "name": "request-limit", - "limits": []map[string]interface{}{ - { - "limit": requestLimit.Count, - "duration": duration, - }, - }, - }, - }, + "name": "request-limit", + "limits": []map[string]interface{}{ + {"limit": requestLimit.Count, "duration": duration}, }, }, }, - }) + "keyExtraction": []map[string]interface{}{ + {"type": "apiname"}, + }, + } + globalPolicies = append(globalPolicies, api.Policy{Name: advancedRateLimitPolicyName, Version: "", Params: ¶ms}) } if providerLevel.Global.Cost != nil && providerLevel.Global.Cost.Enabled { costLimit := providerLevel.Global.Cost duration, err := formatRateLimitDuration(costLimit.Reset.Duration, costLimit.Reset.Unit) if err != nil { - return "", fmt.Errorf("invalid cost reset window: %w", err) + return dto.LLMProviderDeploymentYAML{}, fmt.Errorf("invalid cost reset window: %w", err) } - policies = append(policies, api.LLMPolicy{ - Name: llmCostBasedRateLimitPolicyName, - Version: "", - Paths: []api.LLMPolicyPath{ - { - Path: "/*", - Methods: []api.LLMPolicyPathMethods{"*"}, - Params: map[string]interface{}{ - "budgetLimits": []map[string]interface{}{ - {"amount": costLimit.Amount, "duration": duration}, - }, - }, - }, + costParams := map[string]interface{}{ + "budgetLimits": []map[string]interface{}{ + {"amount": costLimit.Amount, "duration": duration}, }, - }) - if !hasPolicy(policies, llmCostPolicyName) { - policies = append(policies, api.LLMPolicy{ - Name: llmCostPolicyName, - Version: "", - Paths: []api.LLMPolicyPath{ - { - Path: "/*", - Methods: []api.LLMPolicyPathMethods{"*"}, - Params: map[string]interface{}{}, - }, - }, - }) + } + globalPolicies = append(globalPolicies, api.Policy{Name: llmCostBasedRateLimitPolicyName, Version: "", Params: &costParams}) + if !hasGlobalPolicy(globalPolicies, llmCostPolicyName) { + emptyParams := map[string]interface{}{} + globalPolicies = append(globalPolicies, api.Policy{Name: llmCostPolicyName, Version: "", Params: &emptyParams}) } } } else if providerLevel.ResourceWise != nil { - // Step 2.2 Handle resource-wise rate limiting + // Step 2.2 Handle resource-wise rate limiting — emits to operationPolicies (per-path buckets) defaultLimit := &providerLevel.ResourceWise.Default - // Step 2.2.1 Default resource-wise rate limit + // Step 2.2.1 Default resource-wise rate limit (path: /* catches all unmatched paths) if defaultLimit.Token != nil && defaultLimit.Token.Enabled { tokenLimit := defaultLimit.Token duration, err := formatRateLimitDuration(tokenLimit.Reset.Duration, tokenLimit.Reset.Unit) if err != nil { - return "", fmt.Errorf("invalid token reset window: %w", err) + return dto.LLMProviderDeploymentYAML{}, fmt.Errorf("invalid token reset window: %w", err) } - policies = append(policies, api.LLMPolicy{ - // TODO: This should be taken from config - Name: tokenBasedRateLimitPolicyName, - Version: "", - Paths: []api.LLMPolicyPath{ - { - Path: "/*", - Methods: []api.LLMPolicyPathMethods{"*"}, - Params: map[string]interface{}{ - "totalTokenLimits": []map[string]interface{}{ - { - "count": tokenLimit.Count, - "duration": duration, - }, - }, - }, + addOrAppendOperationPolicyPath(&operationPolicies, tokenBasedRateLimitPolicyName, "", api.OperationPolicyPath{ + Path: "/*", + Methods: []string{"*"}, + Params: map[string]interface{}{ + "totalTokenLimits": []map[string]interface{}{ + {"count": tokenLimit.Count, "duration": duration}, }, }, }) } - if defaultLimit.Request != nil && defaultLimit.Request.Enabled { requestLimit := defaultLimit.Request duration, err := formatRateLimitDuration(requestLimit.Reset.Duration, requestLimit.Reset.Unit) if err != nil { - return "", fmt.Errorf("invalid request reset window: %w", err) + return dto.LLMProviderDeploymentYAML{}, fmt.Errorf("invalid request reset window: %w", err) } - policies = append(policies, api.LLMPolicy{ - // TODO: This should be taken from config - Name: advancedRateLimitPolicyName, - Version: "", - Paths: []api.LLMPolicyPath{ - { - Path: "/*", - Methods: []api.LLMPolicyPathMethods{"*"}, - Params: map[string]interface{}{ - "quotas": []map[string]interface{}{ - { - "name": "request-limit", - "limits": []map[string]interface{}{ - { - "limit": requestLimit.Count, - "duration": duration, - }, - }, - }, + addOrAppendOperationPolicyPath(&operationPolicies, advancedRateLimitPolicyName, "", api.OperationPolicyPath{ + Path: "/*", + Methods: []string{"*"}, + Params: map[string]interface{}{ + "quotas": []map[string]interface{}{ + { + "name": "request-limit", + "limits": []map[string]interface{}{ + {"limit": requestLimit.Count, "duration": duration}, }, }, }, @@ -770,52 +717,39 @@ func generateLLMProviderDeploymentYAML(provider *model.LLMProvider, templateHand costLimit := defaultLimit.Cost duration, err := formatRateLimitDuration(costLimit.Reset.Duration, costLimit.Reset.Unit) if err != nil { - return "", fmt.Errorf("invalid cost reset window: %w", err) + return dto.LLMProviderDeploymentYAML{}, fmt.Errorf("invalid cost reset window: %w", err) } - policies = append(policies, api.LLMPolicy{ - Name: llmCostBasedRateLimitPolicyName, - Version: "", - Paths: []api.LLMPolicyPath{ - { - Path: "/*", - Methods: []api.LLMPolicyPathMethods{"*"}, - Params: map[string]interface{}{ - "budgetLimits": []map[string]interface{}{ - {"amount": costLimit.Amount, "duration": duration}, - }, - }, + addOrAppendOperationPolicyPath(&operationPolicies, llmCostBasedRateLimitPolicyName, "", api.OperationPolicyPath{ + Path: "/*", + Methods: []string{"*"}, + Params: map[string]interface{}{ + "budgetLimits": []map[string]interface{}{ + {"amount": costLimit.Amount, "duration": duration}, }, }, }) - if !hasPolicy(policies, llmCostPolicyName) { - policies = append(policies, api.LLMPolicy{ - Name: llmCostPolicyName, - Version: "", - Paths: []api.LLMPolicyPath{ - {Path: "/*", Methods: []api.LLMPolicyPathMethods{"*"}, Params: map[string]interface{}{}}, - }, + if !hasOperationPolicy(operationPolicies, llmCostPolicyName) { + operationPolicies = append(operationPolicies, api.OperationPolicy{ + Name: llmCostPolicyName, + Paths: []api.OperationPolicyPath{{Path: "/*", Methods: []string{"*"}, Params: map[string]interface{}{}}}, }) } } - // Step 2.2.2 Resource-wise rate limit + // Step 2.2.2 Resource-wise rate limit (per specific resource path) for _, r := range providerLevel.ResourceWise.Resources { if r.Limit.Token != nil && r.Limit.Token.Enabled { tokenLimit := r.Limit.Token duration, err := formatRateLimitDuration(tokenLimit.Reset.Duration, tokenLimit.Reset.Unit) if err != nil { - return "", fmt.Errorf("invalid token reset window for resource %s: %w", r.Resource, err) + return dto.LLMProviderDeploymentYAML{}, fmt.Errorf("invalid token reset window for resource %s: %w", r.Resource, err) } - // TODO: the methods should be coming as input - addOrAppendPolicyPath(&policies, tokenBasedRateLimitPolicyName, "", api.LLMPolicyPath{ + addOrAppendOperationPolicyPath(&operationPolicies, tokenBasedRateLimitPolicyName, "", api.OperationPolicyPath{ Path: r.Resource, - Methods: []api.LLMPolicyPathMethods{"*"}, + Methods: []string{"*"}, Params: map[string]interface{}{ "totalTokenLimits": []map[string]interface{}{ - { - "count": tokenLimit.Count, - "duration": duration, - }, + {"count": tokenLimit.Count, "duration": duration}, }, }, }) @@ -824,21 +758,17 @@ func generateLLMProviderDeploymentYAML(provider *model.LLMProvider, templateHand requestLimit := r.Limit.Request duration, err := formatRateLimitDuration(requestLimit.Reset.Duration, requestLimit.Reset.Unit) if err != nil { - return "", fmt.Errorf("invalid request reset window for resource %s: %w", r.Resource, err) + return dto.LLMProviderDeploymentYAML{}, fmt.Errorf("invalid request reset window for resource %s: %w", r.Resource, err) } - // TODO: the methods should be coming as input - addOrAppendPolicyPath(&policies, advancedRateLimitPolicyName, "", api.LLMPolicyPath{ + addOrAppendOperationPolicyPath(&operationPolicies, advancedRateLimitPolicyName, "", api.OperationPolicyPath{ Path: r.Resource, - Methods: []api.LLMPolicyPathMethods{"*"}, + Methods: []string{"*"}, Params: map[string]interface{}{ "quotas": []map[string]interface{}{ { "name": "request-limit", "limits": []map[string]interface{}{ - { - "limit": requestLimit.Count, - "duration": duration, - }, + {"limit": requestLimit.Count, "duration": duration}, }, }, }, @@ -849,28 +779,21 @@ func generateLLMProviderDeploymentYAML(provider *model.LLMProvider, templateHand costLimit := r.Limit.Cost duration, err := formatRateLimitDuration(costLimit.Reset.Duration, costLimit.Reset.Unit) if err != nil { - return "", fmt.Errorf("invalid cost reset window for resource %s: %w", r.Resource, err) + return dto.LLMProviderDeploymentYAML{}, fmt.Errorf("invalid cost reset window for resource %s: %w", r.Resource, err) } - addOrAppendPolicyPath(&policies, llmCostBasedRateLimitPolicyName, "", api.LLMPolicyPath{ + addOrAppendOperationPolicyPath(&operationPolicies, llmCostBasedRateLimitPolicyName, "", api.OperationPolicyPath{ Path: r.Resource, - Methods: []api.LLMPolicyPathMethods{"*"}, + Methods: []string{"*"}, Params: map[string]interface{}{ "budgetLimits": []map[string]interface{}{ {"amount": costLimit.Amount, "duration": duration}, }, }, }) - if !hasPolicy(policies, llmCostPolicyName) { - policies = append(policies, api.LLMPolicy{ - Name: llmCostPolicyName, - Version: "", - Paths: []api.LLMPolicyPath{ - { - Path: "/*", - Methods: []api.LLMPolicyPathMethods{"*"}, - Params: map[string]interface{}{}, - }, - }, + if !hasOperationPolicy(operationPolicies, llmCostPolicyName) { + operationPolicies = append(operationPolicies, api.OperationPolicy{ + Name: llmCostPolicyName, + Paths: []api.OperationPolicyPath{{Path: "/*", Methods: []string{"*"}, Params: map[string]interface{}{}}}, }) } } @@ -886,7 +809,7 @@ func generateLLMProviderDeploymentYAML(provider *model.LLMProvider, templateHand tokenLimit := consumerLevel.Global.Token duration, err := formatRateLimitDuration(tokenLimit.Reset.Duration, tokenLimit.Reset.Unit) if err != nil { - return "", fmt.Errorf("invalid consumer token reset window: %w", err) + return dto.LLMProviderDeploymentYAML{}, fmt.Errorf("invalid consumer token reset window: %w", err) } policies = append(policies, api.LLMPolicy{ Name: tokenBasedRateLimitPolicyName, @@ -912,7 +835,7 @@ func generateLLMProviderDeploymentYAML(provider *model.LLMProvider, templateHand requestLimit := consumerLevel.Global.Request duration, err := formatRateLimitDuration(requestLimit.Reset.Duration, requestLimit.Reset.Unit) if err != nil { - return "", fmt.Errorf("invalid consumer request reset window: %w", err) + return dto.LLMProviderDeploymentYAML{}, fmt.Errorf("invalid consumer request reset window: %w", err) } policies = append(policies, api.LLMPolicy{ Name: advancedRateLimitPolicyName, @@ -946,7 +869,7 @@ func generateLLMProviderDeploymentYAML(provider *model.LLMProvider, templateHand costLimit := consumerLevel.Global.Cost duration, err := formatRateLimitDuration(costLimit.Reset.Duration, costLimit.Reset.Unit) if err != nil { - return "", fmt.Errorf("invalid consumer cost reset window: %w", err) + return dto.LLMProviderDeploymentYAML{}, fmt.Errorf("invalid consumer cost reset window: %w", err) } policies = append(policies, api.LLMPolicy{ Name: llmCostBasedRateLimitPolicyName, @@ -964,7 +887,7 @@ func generateLLMProviderDeploymentYAML(provider *model.LLMProvider, templateHand }, }, }) - if !hasPolicy(policies, llmCostPolicyName) { + if !hasPolicy(policies, llmCostPolicyName) && !hasGlobalPolicy(globalPolicies, llmCostPolicyName) { policies = append(policies, api.LLMPolicy{ Name: llmCostPolicyName, Version: "", @@ -984,7 +907,7 @@ func generateLLMProviderDeploymentYAML(provider *model.LLMProvider, templateHand tokenLimit := r.Limit.Token duration, err := formatRateLimitDuration(tokenLimit.Reset.Duration, tokenLimit.Reset.Unit) if err != nil { - return "", fmt.Errorf("invalid consumer token reset window for resource %s: %w", r.Resource, err) + return dto.LLMProviderDeploymentYAML{}, fmt.Errorf("invalid consumer token reset window for resource %s: %w", r.Resource, err) } addOrAppendPolicyPath(&policies, tokenBasedRateLimitPolicyName, "", api.LLMPolicyPath{ Path: r.Resource, @@ -1004,7 +927,7 @@ func generateLLMProviderDeploymentYAML(provider *model.LLMProvider, templateHand requestLimit := r.Limit.Request duration, err := formatRateLimitDuration(requestLimit.Reset.Duration, requestLimit.Reset.Unit) if err != nil { - return "", fmt.Errorf("invalid consumer request reset window for resource %s: %w", r.Resource, err) + return dto.LLMProviderDeploymentYAML{}, fmt.Errorf("invalid consumer request reset window for resource %s: %w", r.Resource, err) } addOrAppendPolicyPath(&policies, advancedRateLimitPolicyName, "", api.LLMPolicyPath{ Path: r.Resource, @@ -1032,7 +955,7 @@ func generateLLMProviderDeploymentYAML(provider *model.LLMProvider, templateHand costLimit := r.Limit.Cost duration, err := formatRateLimitDuration(costLimit.Reset.Duration, costLimit.Reset.Unit) if err != nil { - return "", fmt.Errorf("invalid consumer cost reset window for resource %s: %w", r.Resource, err) + return dto.LLMProviderDeploymentYAML{}, fmt.Errorf("invalid consumer cost reset window for resource %s: %w", r.Resource, err) } addOrAppendPolicyPath(&policies, llmCostBasedRateLimitPolicyName, "", api.LLMPolicyPath{ Path: r.Resource, @@ -1044,7 +967,7 @@ func generateLLMProviderDeploymentYAML(provider *model.LLMProvider, templateHand "consumerBased": true, }, }) - if !hasPolicy(policies, llmCostPolicyName) { + if !hasPolicy(policies, llmCostPolicyName) && !hasGlobalPolicy(globalPolicies, llmCostPolicyName) { policies = append(policies, api.LLMPolicy{ Name: llmCostPolicyName, Version: "", @@ -1063,10 +986,43 @@ func generateLLMProviderDeploymentYAML(provider *model.LLMProvider, templateHand } } + // Carry through user-set globalPolicies from the model (e.g. guardrails set via UI/API) + for _, p := range provider.Configuration.GlobalPolicies { + if hasGlobalPolicy(globalPolicies, p.Name) { + continue + } + params := p.Params + if p.Name == advancedRateLimitPolicyName && params != nil { + params = withGlobalAdvancedRatelimitKeyExtraction(params) + } + entry := api.Policy{Name: p.Name, Version: normalizePolicyVersionToMajor(p.Version)} + if p.ExecutionCondition != "" { + entry.ExecutionCondition = &p.ExecutionCondition + } + if params != nil { + entry.Params = ¶ms + } + globalPolicies = append(globalPolicies, entry) + } + + // Carry through user-set operationPolicies from the model + for _, p := range provider.Configuration.OperationPolicies { + paths := make([]api.OperationPolicyPath, 0, len(p.Paths)) + for _, pp := range p.Paths { + paths = append(paths, api.OperationPolicyPath{Path: pp.Path, Methods: pp.Methods, Params: pp.Params}) + } + entry := api.OperationPolicy{Name: p.Name, Version: normalizePolicyVersionToMajor(p.Version), Paths: paths} + if p.ExecutionCondition != "" { + entry.ExecutionCondition = &p.ExecutionCondition + } + operationPolicies = append(operationPolicies, entry) + } + + // Carry through deprecated policies field for _, p := range provider.Configuration.Policies { // llm-cost is a parameterless tracker policy that the frontend attaches by default. // Skip it here if the rate limiting block already added it to avoid duplication. - if p.Name == llmCostPolicyName && hasPolicy(policies, llmCostPolicyName) { + if p.Name == llmCostPolicyName && (hasGlobalPolicy(globalPolicies, llmCostPolicyName) || hasPolicy(policies, llmCostPolicyName)) { continue } paths := make([]api.LLMPolicyPath, 0, len(p.Paths)) @@ -1080,6 +1036,8 @@ func generateLLMProviderDeploymentYAML(provider *model.LLMProvider, templateHand policies = append(policies, api.LLMPolicy{Name: p.Name, Version: normalizePolicyVersionToMajor(p.Version), Paths: paths}) } + globalPolicies = orderLLMGlobalPolicies(globalPolicies) + operationPolicies = orderLLMOperationPolicies(operationPolicies) policies = orderLLMPolicies(policies) upstream := dto.LLMUpstreamYAML{URL: main.URL, Ref: main.Ref} @@ -1088,29 +1046,46 @@ func generateLLMProviderDeploymentYAML(provider *model.LLMProvider, templateHand } providerDeployment := dto.LLMProviderDeploymentYAML{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: constants.GatewayApiVersion, Kind: constants.LLMProvider, Metadata: dto.DeploymentMetadata{ Name: provider.ID, }, Spec: dto.LLMProviderDeploymentSpec{ - DisplayName: provider.Name, - Version: provider.Version, - Context: contextValue, - VHost: vhostValue, - Template: templateHandle, - Upstream: upstream, - AccessControl: accessControl, - Policies: policies, + DisplayName: provider.Name, + Version: provider.Version, + Context: contextValue, + VHost: vhostValue, + Template: templateHandle, + Upstream: upstream, + AccessControl: accessControl, + GlobalPolicies: globalPolicies, + OperationPolicies: operationPolicies, + Policies: policies, }, } - yamlBytes, err := yaml.Marshal(providerDeployment) - if err != nil { - return "", fmt.Errorf("failed to marshal LLM provider to YAML: %w", err) + // Promote any legacy policies assembled by the generator (security api-key-auth, + // consumer-level rate limits) into operationPolicies — the canonical latest format. + // The deploy orchestration layer applies version-aware transformation afterward. + for _, p := range providerDeployment.Spec.Policies { + paths := make([]api.OperationPolicyPath, 0, len(p.Paths)) + for _, pp := range p.Paths { + methods := make([]string, 0, len(pp.Methods)) + for _, m := range pp.Methods { + methods = append(methods, string(m)) + } + paths = append(paths, api.OperationPolicyPath{Path: pp.Path, Methods: methods, Params: pp.Params}) + } + providerDeployment.Spec.OperationPolicies = append(providerDeployment.Spec.OperationPolicies, api.OperationPolicy{ + Name: p.Name, + Version: p.Version, + Paths: paths, + }) } + providerDeployment.Spec.Policies = nil - return string(yamlBytes), nil + return providerDeployment, nil } func formatRateLimitDuration(duration int, unit string) (string, error) { @@ -1257,11 +1232,23 @@ func (s *LLMProxyDeploymentService) DeployLLMProxy(proxyID string, req *api.Depl // Determine the source: "current" or existing deployment if req.Base == "current" { - proxyYaml, err := generateLLMProxyDeploymentYAML(proxy) + proxyDeployment, err := generateLLMProxyDeploymentYAML(proxy) if err != nil { return nil, fmt.Errorf("failed to generate LLM proxy deployment YAML: %w", err) } - contentBytes = []byte(proxyYaml) + target := deploymenttransform.ParseVersion(gateway.Version) + if err := deploymenttransform.Default().Transform( + constants.LLMProxy, + target, + &proxyDeployment, + ); err != nil { + return nil, fmt.Errorf("failed to transform LLM proxy deployment for gateway %s: %w", gateway.Version, err) + } + proxyYamlBytes, marshalErr := yaml.Marshal(proxyDeployment) + if marshalErr != nil { + return nil, fmt.Errorf("failed to marshal LLM proxy deployment YAML: %w", marshalErr) + } + contentBytes = proxyYamlBytes } else { // Use existing deployment as base baseDeployment, err := s.deploymentRepo.GetWithContent(req.Base, proxy.UUID, orgUUID) @@ -1609,12 +1596,12 @@ func (s *LLMProxyDeploymentService) GetLLMProxyDeployment(proxyID, deploymentID, ) } -func generateLLMProxyDeploymentYAML(proxy *model.LLMProxy) (string, error) { +func generateLLMProxyDeploymentYAML(proxy *model.LLMProxy) (dto.LLMProxyDeploymentYAML, error) { if proxy == nil { - return "", errors.New("proxy is required") + return dto.LLMProxyDeploymentYAML{}, errors.New("proxy is required") } if proxy.Configuration.Provider == "" { - return "", constants.ErrInvalidInput + return dto.LLMProxyDeploymentYAML{}, constants.ErrInvalidInput } contextValue := "/" @@ -1626,7 +1613,9 @@ func generateLLMProxyDeploymentYAML(proxy *model.LLMProxy) (string, error) { vhostValue = *proxy.Configuration.Vhost } - policies := make([]api.LLMPolicy, 0, len(proxy.Configuration.Policies)) + var proxyGlobalPolicies []api.Policy + var proxyOperationPolicies []api.OperationPolicy + proxyPolicies := make([]api.LLMPolicy, 0) // Transform security config security := proxy.Configuration.Security @@ -1634,25 +1623,52 @@ func generateLLMProxyDeploymentYAML(proxy *model.LLMProxy) (string, error) { if security.APIKey != nil && isBoolTrue(security.APIKey.Enabled) { key := strings.TrimSpace(security.APIKey.Key) if key == "" { - return "", fmt.Errorf("invalid api key security configuration: key is required") + return dto.LLMProxyDeploymentYAML{}, fmt.Errorf("invalid api key security configuration: key is required") } in := strings.ToLower(strings.TrimSpace(security.APIKey.In)) if in != "header" && in != "query" { - return "", fmt.Errorf("invalid api key security configuration: in must be 'header' or 'query', got %q", security.APIKey.In) + return dto.LLMProxyDeploymentYAML{}, fmt.Errorf("invalid api key security configuration: in must be 'header' or 'query', got %q", security.APIKey.In) } - addOrAppendPolicyPath(&policies, apiKeyAuthPolicyName, "", api.LLMPolicyPath{ - Path: "/*", - Methods: []api.LLMPolicyPathMethods{"*"}, - Params: map[string]interface{}{ - "key": key, - "in": in, - }, + params := map[string]interface{}{"key": key, "in": in} + proxyGlobalPolicies = append(proxyGlobalPolicies, api.Policy{ + Name: apiKeyAuthPolicyName, + Params: ¶ms, }) } } + // Carry through user-set globalPolicies from the model + for _, p := range proxy.Configuration.GlobalPolicies { + params := p.Params + if p.Name == advancedRateLimitPolicyName && params != nil { + params = withGlobalAdvancedRatelimitKeyExtraction(params) + } + entry := api.Policy{Name: p.Name, Version: normalizePolicyVersionToMajor(p.Version)} + if p.ExecutionCondition != "" { + entry.ExecutionCondition = &p.ExecutionCondition + } + if params != nil { + entry.Params = ¶ms + } + proxyGlobalPolicies = append(proxyGlobalPolicies, entry) + } + + // Carry through user-set operationPolicies from the model + for _, p := range proxy.Configuration.OperationPolicies { + paths := make([]api.OperationPolicyPath, 0, len(p.Paths)) + for _, pp := range p.Paths { + paths = append(paths, api.OperationPolicyPath{Path: pp.Path, Methods: pp.Methods, Params: pp.Params}) + } + entry := api.OperationPolicy{Name: p.Name, Version: normalizePolicyVersionToMajor(p.Version), Paths: paths} + if p.ExecutionCondition != "" { + entry.ExecutionCondition = &p.ExecutionCondition + } + proxyOperationPolicies = append(proxyOperationPolicies, entry) + } + + // Carry through deprecated policies field for _, p := range proxy.Configuration.Policies { paths := make([]api.LLMPolicyPath, 0, len(p.Paths)) for _, pp := range p.Paths { @@ -1662,13 +1678,13 @@ func generateLLMProxyDeploymentYAML(proxy *model.LLMProxy) (string, error) { } paths = append(paths, api.LLMPolicyPath{Path: pp.Path, Methods: methods, Params: pp.Params}) } - policies = append(policies, api.LLMPolicy{Name: p.Name, Version: normalizePolicyVersionToMajor(p.Version), Paths: paths}) + proxyPolicies = append(proxyPolicies, api.LLMPolicy{Name: p.Name, Version: normalizePolicyVersionToMajor(p.Version), Paths: paths}) } - policies = orderLLMPolicies(policies) + proxyPolicies = orderLLMPolicies(proxyPolicies) proxyDeployment := dto.LLMProxyDeploymentYAML{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: constants.GatewayApiVersion, Kind: constants.LLMProxy, Metadata: dto.DeploymentMetadata{ Name: proxy.ID, @@ -1681,7 +1697,9 @@ func generateLLMProxyDeploymentYAML(proxy *model.LLMProxy) (string, error) { Provider: dto.LLMProxyDeploymentProvider{ ID: proxy.Configuration.Provider, }, - Policies: policies, + GlobalPolicies: proxyGlobalPolicies, + OperationPolicies: proxyOperationPolicies, + Policies: proxyPolicies, }, } @@ -1689,12 +1707,25 @@ func generateLLMProxyDeploymentYAML(proxy *model.LLMProxy) (string, error) { proxyDeployment.Spec.Provider.Auth = mapModelUpstreamAuthToAPI(proxy.Configuration.UpstreamAuth) } - yamlBytes, err := yaml.Marshal(proxyDeployment) - if err != nil { - return "", fmt.Errorf("failed to marshal LLM proxy to YAML: %w", err) + // Promote any legacy policies assembled by the generator into operationPolicies. + for _, p := range proxyDeployment.Spec.Policies { + paths := make([]api.OperationPolicyPath, 0, len(p.Paths)) + for _, pp := range p.Paths { + methods := make([]string, 0, len(pp.Methods)) + for _, m := range pp.Methods { + methods = append(methods, string(m)) + } + paths = append(paths, api.OperationPolicyPath{Path: pp.Path, Methods: methods, Params: pp.Params}) + } + proxyDeployment.Spec.OperationPolicies = append(proxyDeployment.Spec.OperationPolicies, api.OperationPolicy{ + Name: p.Name, + Version: p.Version, + Paths: paths, + }) } + proxyDeployment.Spec.Policies = nil - return string(yamlBytes), nil + return proxyDeployment, nil } // mapModelAuthToAPI converts model.UpstreamAuth to api.UpstreamAuth with pointer fields @@ -1737,3 +1768,90 @@ func orderLLMPolicies(policies []api.LLMPolicy) []api.LLMPolicy { } return policies } + +// withGlobalAdvancedRatelimitKeyExtraction returns a copy of params with +// keyExtraction set to [{type:"apiname"}] if not already present. This ensures +// that advanced-ratelimit in globalPolicies uses a shared API-level counter +// rather than the default per-route (routename) bucket. +func withGlobalAdvancedRatelimitKeyExtraction(params map[string]interface{}) map[string]interface{} { + if _, ok := params["keyExtraction"]; ok { + return params + } + out := make(map[string]interface{}, len(params)+1) + for k, v := range params { + out[k] = v + } + out["keyExtraction"] = []map[string]interface{}{{"type": "apiname"}} + return out +} + +// orderLLMGlobalPolicies ensures llm-cost-based-ratelimit precedes llm-cost in the global policy list. +func orderLLMGlobalPolicies(policies []api.Policy) []api.Policy { + costIdx := -1 + rateLimitIdx := -1 + for i, p := range policies { + switch p.Name { + case llmCostPolicyName: + costIdx = i + case llmCostBasedRateLimitPolicyName: + rateLimitIdx = i + } + } + if costIdx != -1 && rateLimitIdx != -1 && costIdx < rateLimitIdx { + policies[costIdx], policies[rateLimitIdx] = policies[rateLimitIdx], policies[costIdx] + } + return policies +} + +// orderLLMOperationPolicies ensures llm-cost-based-ratelimit precedes llm-cost in the operation policy list. +func orderLLMOperationPolicies(policies []api.OperationPolicy) []api.OperationPolicy { + costIdx := -1 + rateLimitIdx := -1 + for i, p := range policies { + switch p.Name { + case llmCostPolicyName: + costIdx = i + case llmCostBasedRateLimitPolicyName: + rateLimitIdx = i + } + } + if costIdx != -1 && rateLimitIdx != -1 && costIdx < rateLimitIdx { + policies[costIdx], policies[rateLimitIdx] = policies[rateLimitIdx], policies[costIdx] + } + return policies +} + +func hasGlobalPolicy(policies []api.Policy, name string) bool { + for _, p := range policies { + if p.Name == name { + return true + } + } + return false +} + +func hasOperationPolicy(policies []api.OperationPolicy, name string) bool { + for _, p := range policies { + if p.Name == name { + return true + } + } + return false +} + +// addOrAppendOperationPolicyPath adds a path to an existing OperationPolicy entry with the +// given name, or appends a new entry if none exists. +func addOrAppendOperationPolicyPath(policies *[]api.OperationPolicy, name, version string, path api.OperationPolicyPath) { + for i := range *policies { + if (*policies)[i].Name == name && (*policies)[i].Version == version { + for _, existing := range (*policies)[i].Paths { + if existing.Path == path.Path { + return // already present, skip + } + } + (*policies)[i].Paths = append((*policies)[i].Paths, path) + return + } + } + *policies = append(*policies, api.OperationPolicy{Name: name, Version: version, Paths: []api.OperationPolicyPath{path}}) +} diff --git a/platform-api/src/internal/service/llm_deployment_test.go b/platform-api/src/internal/service/llm_deployment_test.go index 558c7d923a..d83af78356 100644 --- a/platform-api/src/internal/service/llm_deployment_test.go +++ b/platform-api/src/internal/service/llm_deployment_test.go @@ -5,6 +5,7 @@ import ( "testing" "platform-api/src/internal/model" + "gopkg.in/yaml.v3" ) func TestMapModelAuthToAPI_NormalizesApiKeyType(t *testing.T) { @@ -65,24 +66,26 @@ func TestGenerateYAML_ConsumerRequestLimit(t *testing.T) { }, } - yaml, err := generateLLMProviderDeploymentYAML(providerWithConsumerLimits(rl), "anthropic") + yamlArtifact, err := generateLLMProviderDeploymentYAML(providerWithConsumerLimits(rl), "anthropic") if err != nil { t.Fatalf("unexpected error: %v", err) } + yamlBytes, _ := yaml.Marshal(yamlArtifact) + yamlStr := string(yamlBytes) - if !strings.Contains(yaml, "advanced-ratelimit") { + if !strings.Contains(yamlStr, "advanced-ratelimit") { t.Error("expected advanced-ratelimit policy in generated YAML") } // Consumer-scoped: key extraction must include x-wso2-application-id - if !strings.Contains(yaml, "x-wso2-application-id") { + if !strings.Contains(yamlStr, "x-wso2-application-id") { t.Error("expected x-wso2-application-id in key extraction for consumer request limit") } // Should NOT have a backend (non-consumer) advanced-ratelimit entry - if strings.Count(yaml, "advanced-ratelimit") > 1 { + if strings.Count(yamlStr, "advanced-ratelimit") > 1 { t.Error("expected only one advanced-ratelimit policy (consumer), got more than one") } - t.Logf("Generated YAML:\n%s", yaml) + t.Logf("Generated YAML:\n%s", yamlStr) } // TestGenerateYAML_ConsumerTokenLimit verifies that a consumer token limit @@ -101,19 +104,21 @@ func TestGenerateYAML_ConsumerTokenLimit(t *testing.T) { }, } - yaml, err := generateLLMProviderDeploymentYAML(providerWithConsumerLimits(rl), "anthropic") + yamlArtifact, err := generateLLMProviderDeploymentYAML(providerWithConsumerLimits(rl), "anthropic") if err != nil { t.Fatalf("unexpected error: %v", err) } + yamlBytes, _ := yaml.Marshal(yamlArtifact) + yamlStr := string(yamlBytes) - if !strings.Contains(yaml, "consumerBased: true") { + if !strings.Contains(yamlStr, "consumerBased: true") { t.Error("expected consumerBased: true in generated YAML") } - if !strings.Contains(yaml, "token-based-ratelimit") { + if !strings.Contains(yamlStr, "token-based-ratelimit") { t.Error("expected token-based-ratelimit policy in generated YAML") } - t.Logf("Generated YAML:\n%s", yaml) + t.Logf("Generated YAML:\n%s", yamlStr) } // TestGenerateYAML_ConsumerCostLimit verifies that a consumer cost limit @@ -131,19 +136,21 @@ func TestGenerateYAML_ConsumerCostLimit(t *testing.T) { }, } - yaml, err := generateLLMProviderDeploymentYAML(providerWithConsumerLimits(rl), "anthropic") + yamlArtifact, err := generateLLMProviderDeploymentYAML(providerWithConsumerLimits(rl), "anthropic") if err != nil { t.Fatalf("unexpected error: %v", err) } + yamlBytes, _ := yaml.Marshal(yamlArtifact) + yamlStr := string(yamlBytes) - if !strings.Contains(yaml, "consumerBased: true") { + if !strings.Contains(yamlStr, "consumerBased: true") { t.Error("expected consumerBased: true in generated YAML") } - if !strings.Contains(yaml, "llm-cost-based-ratelimit") { + if !strings.Contains(yamlStr, "llm-cost-based-ratelimit") { t.Error("expected llm-cost-based-ratelimit policy in generated YAML") } - t.Logf("Generated YAML:\n%s", yaml) + t.Logf("Generated YAML:\n%s", yamlStr) } // TestGenerateYAML_BothBackendAndConsumerLimits verifies that when both a backend @@ -172,21 +179,23 @@ func TestGenerateYAML_BothBackendAndConsumerLimits(t *testing.T) { }, } - yaml, err := generateLLMProviderDeploymentYAML(providerWithConsumerLimits(rl), "anthropic") + yamlArtifact, err := generateLLMProviderDeploymentYAML(providerWithConsumerLimits(rl), "anthropic") if err != nil { t.Fatalf("unexpected error: %v", err) } + yamlBytes, _ := yaml.Marshal(yamlArtifact) + yamlStr := string(yamlBytes) // Should have two token-based-ratelimit policies - if strings.Count(yaml, "token-based-ratelimit") < 2 { - t.Errorf("expected two token-based-ratelimit entries, got:\n%s", yaml) + if strings.Count(yamlStr, "token-based-ratelimit") < 2 { + t.Errorf("expected two token-based-ratelimit entries, got:\n%s", yamlStr) } // One must be consumer-based - if !strings.Contains(yaml, "consumerBased: true") { + if !strings.Contains(yamlStr, "consumerBased: true") { t.Error("expected consumerBased: true in generated YAML") } - t.Logf("Generated YAML:\n%s", yaml) + t.Logf("Generated YAML:\n%s", yamlStr) } // --------------------------------------------------------------------------- @@ -204,17 +213,19 @@ func TestGenerateYAML_BackendOnlyTokenLimit(t *testing.T) { }, }, } - yaml, err := generateLLMProviderDeploymentYAML(providerWithConsumerLimits(rl), "anthropic") + yamlArtifact, err := generateLLMProviderDeploymentYAML(providerWithConsumerLimits(rl), "anthropic") if err != nil { t.Fatalf("unexpected error: %v", err) } - if !strings.Contains(yaml, "token-based-ratelimit") { + yamlBytes, _ := yaml.Marshal(yamlArtifact) + yamlStr := string(yamlBytes) + if !strings.Contains(yamlStr, "token-based-ratelimit") { t.Error("expected token-based-ratelimit in generated YAML") } - if strings.Contains(yaml, "consumerBased") { + if strings.Contains(yamlStr, "consumerBased") { t.Error("expected no consumerBased for backend-only limit") } - t.Logf("Generated YAML:\n%s", yaml) + t.Logf("Generated YAML:\n%s", yamlStr) } // TestGenerateYAML_BackendOnlyRequestLimit verifies that a backend-only request limit @@ -229,23 +240,25 @@ func TestGenerateYAML_BackendOnlyRequestLimit(t *testing.T) { }, }, } - yaml, err := generateLLMProviderDeploymentYAML(providerWithConsumerLimits(rl), "anthropic") + yamlArtifact, err := generateLLMProviderDeploymentYAML(providerWithConsumerLimits(rl), "anthropic") if err != nil { t.Fatalf("unexpected error: %v", err) } - if !strings.Contains(yaml, "advanced-ratelimit") { + yamlBytes, _ := yaml.Marshal(yamlArtifact) + yamlStr := string(yamlBytes) + if !strings.Contains(yamlStr, "advanced-ratelimit") { t.Error("expected advanced-ratelimit in generated YAML") } - if strings.Contains(yaml, "x-wso2-application-id") { + if strings.Contains(yamlStr, "x-wso2-application-id") { t.Error("expected no x-wso2-application-id for backend-only request limit") } - if !strings.Contains(yaml, "request-limit") { + if !strings.Contains(yamlStr, "request-limit") { t.Error("expected quota name 'request-limit' in generated YAML") } - if strings.Contains(yaml, "consumer-request-limit") { + if strings.Contains(yamlStr, "consumer-request-limit") { t.Error("expected no 'consumer-request-limit' for backend-only request limit") } - t.Logf("Generated YAML:\n%s", yaml) + t.Logf("Generated YAML:\n%s", yamlStr) } // TestGenerateYAML_BackendOnlyCostLimit verifies that a backend-only cost limit @@ -258,20 +271,22 @@ func TestGenerateYAML_BackendOnlyCostLimit(t *testing.T) { }, }, } - yaml, err := generateLLMProviderDeploymentYAML(providerWithConsumerLimits(rl), "anthropic") + yamlArtifact, err := generateLLMProviderDeploymentYAML(providerWithConsumerLimits(rl), "anthropic") if err != nil { t.Fatalf("unexpected error: %v", err) } - if !strings.Contains(yaml, "llm-cost-based-ratelimit") { + yamlBytes, _ := yaml.Marshal(yamlArtifact) + yamlStr := string(yamlBytes) + if !strings.Contains(yamlStr, "llm-cost-based-ratelimit") { t.Error("expected llm-cost-based-ratelimit in generated YAML") } - if strings.Contains(yaml, "consumerBased") { + if strings.Contains(yamlStr, "consumerBased") { t.Error("expected no consumerBased for backend-only cost limit") } - if strings.Count(yaml, "llm-cost") < 2 { + if strings.Count(yamlStr, "llm-cost") < 2 { t.Error("expected llm-cost policy alongside llm-cost-based-ratelimit") } - t.Logf("Generated YAML:\n%s", yaml) + t.Logf("Generated YAML:\n%s", yamlStr) } func TestGenerateYAML_BackendResourceWiseDefaultCostLimit(t *testing.T) { @@ -284,20 +299,22 @@ func TestGenerateYAML_BackendResourceWiseDefaultCostLimit(t *testing.T) { }, }, } - yaml, err := generateLLMProviderDeploymentYAML(providerWithConsumerLimits(rl), "anthropic") + yamlArtifact, err := generateLLMProviderDeploymentYAML(providerWithConsumerLimits(rl), "anthropic") if err != nil { t.Fatalf("unexpected error: %v", err) } - if !strings.Contains(yaml, "llm-cost-based-ratelimit") { + yamlBytes, _ := yaml.Marshal(yamlArtifact) + yamlStr := string(yamlBytes) + if !strings.Contains(yamlStr, "llm-cost-based-ratelimit") { t.Error("expected llm-cost-based-ratelimit in generated YAML") } - if !strings.Contains(yaml, "budgetLimits") { + if !strings.Contains(yamlStr, "budgetLimits") { t.Error("expected budgetLimits in generated YAML") } - if strings.Contains(yaml, "consumerBased") { + if strings.Contains(yamlStr, "consumerBased") { t.Error("expected no consumerBased for backend-only cost limit") } - t.Logf("Generated YAML:\n%s", yaml) + t.Logf("Generated YAML:\n%s", yamlStr) } func TestGenerateYAML_BackendPerResourceCostLimit(t *testing.T) { @@ -316,23 +333,25 @@ func TestGenerateYAML_BackendPerResourceCostLimit(t *testing.T) { }, }, } - yaml, err := generateLLMProviderDeploymentYAML(providerWithConsumerLimits(rl), "anthropic") + yamlArtifact, err := generateLLMProviderDeploymentYAML(providerWithConsumerLimits(rl), "anthropic") if err != nil { t.Fatalf("unexpected error: %v", err) } - if !strings.Contains(yaml, "llm-cost-based-ratelimit") { + yamlBytes, _ := yaml.Marshal(yamlArtifact) + yamlStr := string(yamlBytes) + if !strings.Contains(yamlStr, "llm-cost-based-ratelimit") { t.Error("expected llm-cost-based-ratelimit in generated YAML") } - if !strings.Contains(yaml, "budgetLimits") { + if !strings.Contains(yamlStr, "budgetLimits") { t.Error("expected budgetLimits in generated YAML") } - if !strings.Contains(yaml, "/v1/messages") { + if !strings.Contains(yamlStr, "/v1/messages") { t.Error("expected resource path /v1/messages in generated YAML") } - if strings.Contains(yaml, "consumerBased") { + if strings.Contains(yamlStr, "consumerBased") { t.Error("expected no consumerBased for backend-only cost limit") } - t.Logf("Generated YAML:\n%s", yaml) + t.Logf("Generated YAML:\n%s", yamlStr) } // --------------------------------------------------------------------------- @@ -356,20 +375,22 @@ func TestGenerateYAML_BothBackendAndConsumerRequestLimits(t *testing.T) { }, }, } - yaml, err := generateLLMProviderDeploymentYAML(providerWithConsumerLimits(rl), "anthropic") + yamlArtifact, err := generateLLMProviderDeploymentYAML(providerWithConsumerLimits(rl), "anthropic") if err != nil { t.Fatalf("unexpected error: %v", err) } - if strings.Count(yaml, "advanced-ratelimit") < 2 { + yamlBytes, _ := yaml.Marshal(yamlArtifact) + yamlStr := string(yamlBytes) + if strings.Count(yamlStr, "advanced-ratelimit") < 2 { t.Error("expected two advanced-ratelimit policies (one backend, one consumer)") } - if !strings.Contains(yaml, "consumer-request-limit") { + if !strings.Contains(yamlStr, "consumer-request-limit") { t.Error("expected 'consumer-request-limit' quota name for consumer policy") } - if !strings.Contains(yaml, "x-wso2-application-id") { + if !strings.Contains(yamlStr, "x-wso2-application-id") { t.Error("expected x-wso2-application-id in consumer policy key extraction") } - t.Logf("Generated YAML:\n%s", yaml) + t.Logf("Generated YAML:\n%s", yamlStr) } // TestGenerateYAML_BothBackendAndConsumerCostLimits verifies that backend and consumer @@ -388,21 +409,23 @@ func TestGenerateYAML_BothBackendAndConsumerCostLimits(t *testing.T) { }, }, } - yaml, err := generateLLMProviderDeploymentYAML(providerWithConsumerLimits(rl), "anthropic") + yamlArtifact, err := generateLLMProviderDeploymentYAML(providerWithConsumerLimits(rl), "anthropic") if err != nil { t.Fatalf("unexpected error: %v", err) } - if strings.Count(yaml, "llm-cost-based-ratelimit") < 2 { + yamlBytes, _ := yaml.Marshal(yamlArtifact) + yamlStr := string(yamlBytes) + if strings.Count(yamlStr, "llm-cost-based-ratelimit") < 2 { t.Error("expected two llm-cost-based-ratelimit policies (backend + consumer)") } - if !strings.Contains(yaml, "consumerBased: true") { + if !strings.Contains(yamlStr, "consumerBased: true") { t.Error("expected consumerBased: true on consumer cost policy") } // llm-cost must appear exactly once — hasPolicy check prevents duplication - if strings.Count(yaml, "name: llm-cost\n") != 1 { - t.Errorf("expected exactly one llm-cost policy, got:\n%s", yaml) + if strings.Count(yamlStr, "name: llm-cost\n") != 1 { + t.Errorf("expected exactly one llm-cost policy, got:\n%s", yamlStr) } - t.Logf("Generated YAML:\n%s", yaml) + t.Logf("Generated YAML:\n%s", yamlStr) } // --------------------------------------------------------------------------- @@ -421,17 +444,19 @@ func TestGenerateYAML_DisabledLimitIsSkipped(t *testing.T) { }, }, } - yaml, err := generateLLMProviderDeploymentYAML(providerWithConsumerLimits(rl), "anthropic") + yamlArtifact, err := generateLLMProviderDeploymentYAML(providerWithConsumerLimits(rl), "anthropic") if err != nil { t.Fatalf("unexpected error: %v", err) } - if strings.Contains(yaml, "token-based-ratelimit") { + yamlBytes, _ := yaml.Marshal(yamlArtifact) + yamlStr := string(yamlBytes) + if strings.Contains(yamlStr, "token-based-ratelimit") { t.Error("expected no token-based-ratelimit for disabled token limit") } - if strings.Contains(yaml, "llm-cost-based-ratelimit") { + if strings.Contains(yamlStr, "llm-cost-based-ratelimit") { t.Error("expected no llm-cost-based-ratelimit for disabled cost limit") } - t.Logf("Generated YAML:\n%s", yaml) + t.Logf("Generated YAML:\n%s", yamlStr) } // TestGenerateYAML_AllThreeConsumerLimits verifies the full UI scenario from the @@ -463,10 +488,12 @@ func TestGenerateYAML_AllThreeConsumerLimits(t *testing.T) { }, } - yaml, err := generateLLMProviderDeploymentYAML(providerWithConsumerLimits(rl), "anthropic") + yamlArtifact, err := generateLLMProviderDeploymentYAML(providerWithConsumerLimits(rl), "anthropic") if err != nil { t.Fatalf("unexpected error: %v", err) } + yamlBytes, _ := yaml.Marshal(yamlArtifact) + yamlStr := string(yamlBytes) checks := []string{ "advanced-ratelimit", @@ -475,12 +502,12 @@ func TestGenerateYAML_AllThreeConsumerLimits(t *testing.T) { "consumerBased: true", } for _, want := range checks { - if !strings.Contains(yaml, want) { + if !strings.Contains(yamlStr, want) { t.Errorf("expected %q in generated YAML", want) } } - t.Logf("Generated YAML:\n%s", yaml) + t.Logf("Generated YAML:\n%s", yamlStr) } // --------------------------------------------------------------------------- @@ -516,15 +543,17 @@ func TestGenerateYAML_LLMCostNotDuplicatedWithProviderCostLimit(t *testing.T) { }, } - yaml, err := generateLLMProviderDeploymentYAML(providerWithCostRLAndDefaultPolicies(rl), "anthropic") + yamlArtifact, err := generateLLMProviderDeploymentYAML(providerWithConsumerLimits(rl), "anthropic") if err != nil { t.Fatalf("unexpected error: %v", err) } + yamlBytes, _ := yaml.Marshal(yamlArtifact) + yamlStr := string(yamlBytes) - if strings.Count(yaml, "name: llm-cost\n") != 1 { - t.Errorf("expected exactly one llm-cost policy, got:\n%s", yaml) + if strings.Count(yamlStr, "name: llm-cost\n") != 1 { + t.Errorf("expected exactly one llm-cost policy, got:\n%s", yamlStr) } - t.Logf("Generated YAML:\n%s", yaml) + t.Logf("Generated YAML:\n%s", yamlStr) } // TestGenerateYAML_LLMCostNotDuplicatedWithConsumerCostLimit verifies the same @@ -538,15 +567,17 @@ func TestGenerateYAML_LLMCostNotDuplicatedWithConsumerCostLimit(t *testing.T) { }, } - yaml, err := generateLLMProviderDeploymentYAML(providerWithCostRLAndDefaultPolicies(rl), "anthropic") + yamlArtifact, err := generateLLMProviderDeploymentYAML(providerWithConsumerLimits(rl), "anthropic") if err != nil { t.Fatalf("unexpected error: %v", err) } + yamlBytes, _ := yaml.Marshal(yamlArtifact) + yamlStr := string(yamlBytes) - if strings.Count(yaml, "name: llm-cost\n") != 1 { - t.Errorf("expected exactly one llm-cost policy, got:\n%s", yaml) + if strings.Count(yamlStr, "name: llm-cost\n") != 1 { + t.Errorf("expected exactly one llm-cost policy, got:\n%s", yamlStr) } - t.Logf("Generated YAML:\n%s", yaml) + t.Logf("Generated YAML:\n%s", yamlStr) } // TestGenerateYAML_LLMCostNotDuplicatedWithBothProviderAndConsumerCostLimits verifies @@ -566,33 +597,43 @@ func TestGenerateYAML_LLMCostNotDuplicatedWithBothProviderAndConsumerCostLimits( }, } - yaml, err := generateLLMProviderDeploymentYAML(providerWithCostRLAndDefaultPolicies(rl), "anthropic") + yamlArtifact, err := generateLLMProviderDeploymentYAML(providerWithConsumerLimits(rl), "anthropic") if err != nil { t.Fatalf("unexpected error: %v", err) } + yamlBytes, _ := yaml.Marshal(yamlArtifact) + yamlStr := string(yamlBytes) - if strings.Count(yaml, "name: llm-cost\n") != 1 { - t.Errorf("expected exactly one llm-cost policy, got:\n%s", yaml) + if strings.Count(yamlStr, "name: llm-cost\n") != 1 { + t.Errorf("expected exactly one llm-cost policy, got:\n%s", yamlStr) } - if strings.Count(yaml, "llm-cost-based-ratelimit") < 2 { - t.Errorf("expected two llm-cost-based-ratelimit policies (backend + consumer), got:\n%s", yaml) + if strings.Count(yamlStr, "llm-cost-based-ratelimit") < 2 { + t.Errorf("expected two llm-cost-based-ratelimit policies (backend + consumer), got:\n%s", yamlStr) } - t.Logf("Generated YAML:\n%s", yaml) + t.Logf("Generated YAML:\n%s", yamlStr) } // TestGenerateYAML_LLMCostKeptWhenNoCostRLConfigured verifies that when no cost-based // rate limit is configured, the llm-cost policy from Configuration.Policies is still // included in the output (it should only be skipped if already added by the RL block). func TestGenerateYAML_LLMCostKeptWhenNoCostRLConfigured(t *testing.T) { - yaml, err := generateLLMProviderDeploymentYAML(providerWithCostRLAndDefaultPolicies(nil), "anthropic") + p := providerWithConsumerLimits(nil) + p.Configuration.Policies = []model.LLMPolicy{ + {Name: "llm-cost", Version: "v1", Paths: []model.LLMPolicyPath{ + {Path: "/*", Methods: []string{"*"}, Params: map[string]interface{}{}}, + }}, + } + yamlArtifact, err := generateLLMProviderDeploymentYAML(p, "anthropic") if err != nil { t.Fatalf("unexpected error: %v", err) } + yamlBytes, _ := yaml.Marshal(yamlArtifact) + yamlStr := string(yamlBytes) - if strings.Count(yaml, "name: llm-cost\n") != 1 { - t.Errorf("expected exactly one llm-cost policy when no RL is configured, got:\n%s", yaml) + if strings.Count(yamlStr, "name: llm-cost\n") != 1 { + t.Errorf("expected exactly one llm-cost policy when no RL is configured, got:\n%s", yamlStr) } - t.Logf("Generated YAML:\n%s", yaml) + t.Logf("Generated YAML:\n%s", yamlStr) } // TestGenerateYAML_OtherCustomPoliciesNotDeduplicated verifies that the llm-cost @@ -613,13 +654,15 @@ func TestGenerateYAML_OtherCustomPoliciesNotDeduplicated(t *testing.T) { }, } - yaml, err := generateLLMProviderDeploymentYAML(p, "anthropic") + yamlArtifact, err := generateLLMProviderDeploymentYAML(p, "anthropic") if err != nil { t.Fatalf("unexpected error: %v", err) } + yamlBytes, _ := yaml.Marshal(yamlArtifact) + yamlStr := string(yamlBytes) - if strings.Count(yaml, "name: my-guardrail") < 2 { - t.Errorf("expected both my-guardrail entries to be present, got:\n%s", yaml) + if strings.Count(yamlStr, "name: my-guardrail") < 2 { + t.Errorf("expected both my-guardrail entries to be present, got:\n%s", yamlStr) } - t.Logf("Generated YAML:\n%s", yaml) + t.Logf("Generated YAML:\n%s", yamlStr) } diff --git a/platform-api/src/internal/service/llm_policy_migration_test.go b/platform-api/src/internal/service/llm_policy_migration_test.go new file mode 100644 index 0000000000..0711e42a6e --- /dev/null +++ b/platform-api/src/internal/service/llm_policy_migration_test.go @@ -0,0 +1,139 @@ +/* + * Copyright (c) 2026, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +package service + +import ( + "testing" + + "platform-api/src/internal/model" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +// --------------------------------------------------------------------------- +// gatewaySupportsSplitPolicies +// --------------------------------------------------------------------------- + +func TestMigrateLegacyProviderPoliciesInPlace_NoLegacy(t *testing.T) { + cfg := &model.LLMProviderConfig{ + GlobalPolicies: []model.GlobalPolicy{{Name: "existing-global", Version: "v1"}}, + OperationPolicies: []model.OperationPolicy{}, + Policies: nil, + } + migrateLegacyProviderPoliciesInPlace(cfg) + assert.Len(t, cfg.GlobalPolicies, 1) + assert.Empty(t, cfg.OperationPolicies) + assert.Nil(t, cfg.Policies) +} + +func TestMigrateLegacyProviderPoliciesInPlace_WildcardGlobal(t *testing.T) { + cfg := &model.LLMProviderConfig{ + Policies: []model.LLMPolicy{ + { + Name: "basic-ratelimit", + Version: "v1", + Paths: []model.LLMPolicyPath{ + {Path: "/*", Methods: []string{"*"}, Params: map[string]interface{}{"requests": 10}}, + }, + }, + }, + } + migrateLegacyProviderPoliciesInPlace(cfg) + require.Len(t, cfg.GlobalPolicies, 1) + assert.Equal(t, "basic-ratelimit", cfg.GlobalPolicies[0].Name) + assert.Equal(t, map[string]interface{}{"requests": 10}, cfg.GlobalPolicies[0].Params) + assert.Empty(t, cfg.OperationPolicies) + assert.Nil(t, cfg.Policies) +} + +func TestMigrateLegacyProviderPoliciesInPlace_SpecificPathBecomesOperation(t *testing.T) { + cfg := &model.LLMProviderConfig{ + Policies: []model.LLMPolicy{ + { + Name: "basic-ratelimit", + Version: "v1", + Paths: []model.LLMPolicyPath{ + {Path: "/chat/completions", Methods: []string{"GET"}, Params: map[string]interface{}{"requests": 5}}, + }, + }, + }, + } + migrateLegacyProviderPoliciesInPlace(cfg) + assert.Empty(t, cfg.GlobalPolicies) + require.Len(t, cfg.OperationPolicies, 1) + assert.Equal(t, "basic-ratelimit", cfg.OperationPolicies[0].Name) + require.Len(t, cfg.OperationPolicies[0].Paths, 1) + assert.Equal(t, "/chat/completions", cfg.OperationPolicies[0].Paths[0].Path) + assert.Nil(t, cfg.Policies) +} + +func TestMigrateLegacyProviderPoliciesInPlace_MixedPaths(t *testing.T) { + // One policy with /*+["*"] path AND a specific path: the /* → global, the other → operation. + cfg := &model.LLMProviderConfig{ + Policies: []model.LLMPolicy{ + { + Name: "basic-ratelimit", + Version: "v1", + Paths: []model.LLMPolicyPath{ + {Path: "/*", Methods: []string{"*"}, Params: map[string]interface{}{"requests": 20}}, + {Path: "/chat/completions", Methods: []string{"POST"}, Params: map[string]interface{}{"requests": 5}}, + }, + }, + }, + } + migrateLegacyProviderPoliciesInPlace(cfg) + require.Len(t, cfg.GlobalPolicies, 1) + assert.Equal(t, "basic-ratelimit", cfg.GlobalPolicies[0].Name) + require.Len(t, cfg.OperationPolicies, 1) + assert.Equal(t, "basic-ratelimit", cfg.OperationPolicies[0].Name) + require.Len(t, cfg.OperationPolicies[0].Paths, 1) + assert.Equal(t, "/chat/completions", cfg.OperationPolicies[0].Paths[0].Path) +} + +func TestMigrateLegacyProviderPoliciesInPlace_WildcardMethodSpecificPath_StaysOperation(t *testing.T) { + // /* with specific methods (not ["*"]) must NOT become global. + cfg := &model.LLMProviderConfig{ + Policies: []model.LLMPolicy{ + {Name: "basic-ratelimit", Version: "v1", Paths: []model.LLMPolicyPath{ + {Path: "/*", Methods: []string{"POST"}, Params: nil}, + }}, + }, + } + migrateLegacyProviderPoliciesInPlace(cfg) + assert.Empty(t, cfg.GlobalPolicies) + require.Len(t, cfg.OperationPolicies, 1) +} + +func TestMigrateLegacyProviderPoliciesInPlace_DedupsGlobalByName(t *testing.T) { + // If globalPolicies already has a policy of the same name, don't add a duplicate. + cfg := &model.LLMProviderConfig{ + GlobalPolicies: []model.GlobalPolicy{{Name: "basic-ratelimit", Version: "v1"}}, + Policies: []model.LLMPolicy{ + {Name: "basic-ratelimit", Version: "v1", Paths: []model.LLMPolicyPath{ + {Path: "/*", Methods: []string{"*"}, Params: nil}, + }}, + }, + } + migrateLegacyProviderPoliciesInPlace(cfg) + assert.Len(t, cfg.GlobalPolicies, 1) // still just one +} + +// --------------------------------------------------------------------------- +// applyVersionAwareProviderPolicyTransform +// --------------------------------------------------------------------------- diff --git a/platform-api/src/internal/service/llm_test.go b/platform-api/src/internal/service/llm_test.go index 85a12467cf..427a72348e 100644 --- a/platform-api/src/internal/service/llm_test.go +++ b/platform-api/src/internal/service/llm_test.go @@ -16,6 +16,23 @@ import ( "gopkg.in/yaml.v3" ) +// roundTripYAML marshals a dto artifact to YAML and back, normalising all +// typed slices (e.g. []map[string]interface{}) to []interface{} the way a real +// YAML round-trip does. Tests that inspect nested policy params use this to +// keep their type assertions consistent with pre-Phase-8 behaviour. +func roundTripYAML(t *testing.T, artifact dto.LLMProviderDeploymentYAML) dto.LLMProviderDeploymentYAML { + t.Helper() + b, err := yaml.Marshal(artifact) + if err != nil { + t.Fatalf("roundTripYAML marshal: %v", err) + } + var out dto.LLMProviderDeploymentYAML + if err := yaml.Unmarshal(b, &out); err != nil { + t.Fatalf("roundTripYAML unmarshal: %v", err) + } + return out +} + func TestMapTemplateResourceMappingAPI_RejectsEmptyResource(t *testing.T) { mapped, err := mapTemplateResourceMappingAPI(&api.LLMProviderTemplateResourceMapping{Resource: " "}) if err == nil { @@ -316,15 +333,11 @@ func TestGenerateLLMProviderDeploymentYAML_WithSecurityAPIKeyPolicy(t *testing.T }, } - yamlStr, err := generateLLMProviderDeploymentYAML(provider, "openai") + out, err := generateLLMProviderDeploymentYAML(provider, "openai") if err != nil { t.Fatalf("expected no error, got: %v", err) } - var out dto.LLMProviderDeploymentYAML - if err := yaml.Unmarshal([]byte(yamlStr), &out); err != nil { - t.Fatalf("failed to unmarshal generated yaml: %v", err) - } if out.Metadata.Name != "tt" { t.Fatalf("expected metadata name tt, got: %s", out.Metadata.Name) @@ -358,33 +371,28 @@ func TestGenerateLLMProviderDeploymentYAML_WithSecurityAPIKeyPolicy(t *testing.T t.Fatalf("expected access control mode allow_all, got: %s", out.Spec.AccessControl.Mode) } - if len(out.Spec.Policies) != 1 { - t.Fatalf("expected 1 policy, got: %d", len(out.Spec.Policies)) + if len(out.Spec.OperationPolicies) != 0 { + t.Fatalf("expected 0 operation policies, got: %d", len(out.Spec.OperationPolicies)) + } + if len(out.Spec.GlobalPolicies) != 1 { + t.Fatalf("expected 1 global policy, got: %d", len(out.Spec.GlobalPolicies)) } - policy := out.Spec.Policies[0] + policy := out.Spec.GlobalPolicies[0] if policy.Name != "api-key-auth" { t.Fatalf("expected policy name api-key-auth, got: %s", policy.Name) } if policy.Version != "" { t.Fatalf("expected policy version empty, got: %s", policy.Version) } - if len(policy.Paths) != 1 { - t.Fatalf("expected 1 policy path, got: %d", len(policy.Paths)) + if policy.Params == nil { + t.Fatalf("expected policy params to be present") } - - path := policy.Paths[0] - if path.Path != "/*" { - t.Fatalf("expected policy path /*, got: %s", path.Path) - } - if len(path.Methods) != 1 || path.Methods[0] != "*" { - t.Fatalf("expected methods [*], got: %#v", path.Methods) - } - if path.Params["key"] != "X-API-Key" { - t.Fatalf("expected params.key X-API-Key, got: %#v", path.Params["key"]) + if (*policy.Params)["key"] != "X-API-Key" { + t.Fatalf("expected params.key X-API-Key, got: %#v", (*policy.Params)["key"]) } - if path.Params["in"] != "header" { - t.Fatalf("expected params.in header, got: %#v", path.Params["in"]) + if (*policy.Params)["in"] != "header" { + t.Fatalf("expected params.in header, got: %#v", (*policy.Params)["in"]) } } @@ -450,29 +458,28 @@ func TestGenerateLLMProviderDeploymentYAML_WithSecurityAndAdditionalPolicy(t *te }, } - yamlStr, err := generateLLMProviderDeploymentYAML(provider, "openai") + out, err := generateLLMProviderDeploymentYAML(provider, "openai") if err != nil { t.Fatalf("expected no error, got: %v", err) } - var out dto.LLMProviderDeploymentYAML - if err := yaml.Unmarshal([]byte(yamlStr), &out); err != nil { - t.Fatalf("failed to unmarshal generated yaml: %v", err) - } - if len(out.Spec.Policies) != 2 { - t.Fatalf("expected 2 policies, got: %d", len(out.Spec.Policies)) + if len(out.Spec.OperationPolicies) != 1 { + t.Fatalf("expected 1 operation policy, got: %d", len(out.Spec.OperationPolicies)) + } + if len(out.Spec.GlobalPolicies) != 1 { + t.Fatalf("expected 1 global policy, got: %d", len(out.Spec.GlobalPolicies)) } - apiKeyPolicy := findPolicy(out.Spec.Policies, "api-key-auth", "") - if apiKeyPolicy == nil { - t.Fatalf("expected api-key-auth policy to exist") + apiKeyPolicy := out.Spec.GlobalPolicies[0] + if apiKeyPolicy.Name != "api-key-auth" { + t.Fatalf("expected api-key-auth global policy, got: %s", apiKeyPolicy.Name) } - if len(apiKeyPolicy.Paths) != 1 || apiKeyPolicy.Paths[0].Path != "/*" { - t.Fatalf("expected api-key-auth path /*") + if apiKeyPolicy.Params == nil || (*apiKeyPolicy.Params)["key"] != "X-API-Key" { + t.Fatalf("expected api-key-auth params.key X-API-Key") } - guardrailPolicy := findPolicy(out.Spec.Policies, "word-count-guardrail", "v0") + guardrailPolicy := findOperationPolicy(out.Spec.OperationPolicies, "word-count-guardrail") if guardrailPolicy == nil { t.Fatalf("expected word-count-guardrail policy to exist") } @@ -535,21 +542,26 @@ func TestGenerateLLMProviderDeploymentYAML_NormalizesPolicyVersionToMajor(t *tes }, } - yamlStr, err := generateLLMProviderDeploymentYAML(provider, "openai") + out, err := generateLLMProviderDeploymentYAML(provider, "openai") if err != nil { t.Fatalf("expected no error, got: %v", err) } - var out dto.LLMProviderDeploymentYAML - if err := yaml.Unmarshal([]byte(yamlStr), &out); err != nil { - t.Fatalf("failed to unmarshal generated yaml: %v", err) + + policyA := findOperationPolicy(out.Spec.OperationPolicies, "policy-a") + if policyA == nil { + t.Fatalf("expected policy-a to be present") + } + if policyA.Version != "v0" { + t.Fatalf("expected policy-a version to be normalized to v0, got: %s", policyA.Version) } - if findPolicy(out.Spec.Policies, "policy-a", "v0") == nil { - t.Fatalf("expected policy-a version to be normalized to v0") + policyB := findOperationPolicy(out.Spec.OperationPolicies, "policy-b") + if policyB == nil { + t.Fatalf("expected policy-b to be present") } - if findPolicy(out.Spec.Policies, "policy-b", "v10") == nil { - t.Fatalf("expected policy-b version to be normalized to v10") + if policyB.Version != "v10" { + t.Fatalf("expected policy-b version to be normalized to v10, got: %s", policyB.Version) } } @@ -589,34 +601,27 @@ func TestGenerateLLMProviderDeploymentYAML_WithProviderGlobalRateLimit(t *testin }, } - yamlStr, err := generateLLMProviderDeploymentYAML(provider, "openai") + out, err := generateLLMProviderDeploymentYAML(provider, "openai") if err != nil { t.Fatalf("expected no error, got: %v", err) } + out = roundTripYAML(t, out) - var out dto.LLMProviderDeploymentYAML - if err := yaml.Unmarshal([]byte(yamlStr), &out); err != nil { - t.Fatalf("failed to unmarshal generated yaml: %v", err) - } - if len(out.Spec.Policies) != 2 { - t.Fatalf("expected 2 policies, got: %d", len(out.Spec.Policies)) + if len(out.Spec.GlobalPolicies) != 2 { + t.Fatalf("expected 2 global policies, got: %d", len(out.Spec.GlobalPolicies)) } - tokenPolicy := findPolicy(out.Spec.Policies, "token-based-ratelimit", "") + tokenPolicy := findGlobalPolicy(out.Spec.GlobalPolicies, "token-based-ratelimit") if tokenPolicy == nil { - t.Fatalf("expected token-based-ratelimit policy to exist") - } - if len(tokenPolicy.Paths) != 1 { - t.Fatalf("expected token policy to have 1 path, got: %d", len(tokenPolicy.Paths)) + t.Fatalf("expected token-based-ratelimit global policy to exist") } - tokenPath := tokenPolicy.Paths[0] - if tokenPath.Path != "/*" { - t.Fatalf("expected token policy path /*, got: %s", tokenPath.Path) + if tokenPolicy.Params == nil { + t.Fatalf("expected token policy to have params") } - totalTokenLimits, ok := tokenPath.Params["totalTokenLimits"].([]interface{}) + totalTokenLimits, ok := (*tokenPolicy.Params)["totalTokenLimits"].([]interface{}) if !ok || len(totalTokenLimits) != 1 { - t.Fatalf("expected totalTokenLimits with one entry, got: %#v", tokenPath.Params["totalTokenLimits"]) + t.Fatalf("expected totalTokenLimits with one entry, got: %#v", (*tokenPolicy.Params)["totalTokenLimits"]) } firstTokenLimit, ok := totalTokenLimits[0].(map[string]interface{}) if !ok { @@ -629,20 +634,16 @@ func TestGenerateLLMProviderDeploymentYAML_WithProviderGlobalRateLimit(t *testin t.Fatalf("expected token duration 1h, got: %#v", firstTokenLimit["duration"]) } - requestPolicy := findPolicy(out.Spec.Policies, "advanced-ratelimit", "") + requestPolicy := findGlobalPolicy(out.Spec.GlobalPolicies, "advanced-ratelimit") if requestPolicy == nil { - t.Fatalf("expected advanced-ratelimit policy to exist") + t.Fatalf("expected advanced-ratelimit global policy to exist") } - if len(requestPolicy.Paths) != 1 { - t.Fatalf("expected request policy to have 1 path, got: %d", len(requestPolicy.Paths)) + if requestPolicy.Params == nil { + t.Fatalf("expected request policy to have params") } - requestPath := requestPolicy.Paths[0] - if requestPath.Path != "/*" { - t.Fatalf("expected request policy path /*, got: %s", requestPath.Path) - } - quotas, ok := requestPath.Params["quotas"].([]interface{}) + quotas, ok := (*requestPolicy.Params)["quotas"].([]interface{}) if !ok || len(quotas) != 1 { - t.Fatalf("expected quotas with one entry, got: %#v", requestPath.Params["quotas"]) + t.Fatalf("expected quotas with one entry, got: %#v", (*requestPolicy.Params)["quotas"]) } firstQuota, ok := quotas[0].(map[string]interface{}) if !ok { @@ -719,55 +720,52 @@ func TestGenerateLLMProviderDeploymentYAML_WithProviderResourceWiseRateLimit(t * }, } - yamlStr, err := generateLLMProviderDeploymentYAML(provider, "openai") + out, err := generateLLMProviderDeploymentYAML(provider, "openai") if err != nil { t.Fatalf("expected no error, got: %v", err) } + out = roundTripYAML(t, out) - var out dto.LLMProviderDeploymentYAML - if err := yaml.Unmarshal([]byte(yamlStr), &out); err != nil { - t.Fatalf("failed to unmarshal generated yaml: %v", err) - } - if len(out.Spec.Policies) != 2 { - t.Fatalf("expected 2 policies, got: %d", len(out.Spec.Policies)) + if len(out.Spec.OperationPolicies) != 2 { + t.Fatalf("expected 2 operation policies, got: %d", len(out.Spec.OperationPolicies)) } - tokenPolicy := findPolicy(out.Spec.Policies, "token-based-ratelimit", "") + tokenPolicy := findOperationPolicy(out.Spec.OperationPolicies, "token-based-ratelimit") if tokenPolicy == nil { - t.Fatalf("expected token-based-ratelimit policy to exist") + t.Fatalf("expected token-based-ratelimit operation policy to exist") } if len(tokenPolicy.Paths) != 2 { t.Fatalf("expected 2 token policy paths, got: %d", len(tokenPolicy.Paths)) } - assistantsTokenPath := findPath(tokenPolicy, "/assistants") + assistantsTokenPath := findOperationPath(tokenPolicy, "/assistants") if assistantsTokenPath == nil { t.Fatalf("expected token policy path /assistants") } - audioTokenPath := findPath(tokenPolicy, "/audio/speech") + audioTokenPath := findOperationPath(tokenPolicy, "/audio/speech") if audioTokenPath == nil { t.Fatalf("expected token policy path /audio/speech") } - requestPolicy := findPolicy(out.Spec.Policies, "advanced-ratelimit", "") + requestPolicy := findOperationPolicy(out.Spec.OperationPolicies, "advanced-ratelimit") if requestPolicy == nil { - t.Fatalf("expected advanced-ratelimit policy to exist") + t.Fatalf("expected advanced-ratelimit operation policy to exist") } if len(requestPolicy.Paths) != 2 { t.Fatalf("expected 2 request policy paths, got: %d", len(requestPolicy.Paths)) } - assistantsRequestPath := findPath(requestPolicy, "/assistants") + assistantsRequestPath := findOperationPath(requestPolicy, "/assistants") if assistantsRequestPath == nil { t.Fatalf("expected request policy path /assistants") } - audioRequestPath := findPath(requestPolicy, "/audio/speech") + audioRequestPath := findOperationPath(requestPolicy, "/audio/speech") if audioRequestPath == nil { t.Fatalf("expected request policy path /audio/speech") } - for _, p := range []*api.LLMPolicyPath{assistantsTokenPath, audioTokenPath} { + for _, p := range []*api.OperationPolicyPath{assistantsTokenPath, audioTokenPath} { totalTokenLimits, ok := p.Params["totalTokenLimits"].([]interface{}) if !ok || len(totalTokenLimits) != 1 { t.Fatalf("expected totalTokenLimits with one entry, got: %#v", p.Params["totalTokenLimits"]) @@ -784,7 +782,7 @@ func TestGenerateLLMProviderDeploymentYAML_WithProviderResourceWiseRateLimit(t * } } - for _, p := range []*api.LLMPolicyPath{assistantsRequestPath, audioRequestPath} { + for _, p := range []*api.OperationPolicyPath{assistantsRequestPath, audioRequestPath} { quotas, ok := p.Params["quotas"].([]interface{}) if !ok || len(quotas) != 1 { t.Fatalf("expected quotas with one entry, got: %#v", p.Params["quotas"]) @@ -865,41 +863,38 @@ func TestGenerateLLMProviderDeploymentYAML_WithProviderResourceWiseRateLimitAndD }, } - yamlStr, err := generateLLMProviderDeploymentYAML(provider, "openai") + out, err := generateLLMProviderDeploymentYAML(provider, "openai") if err != nil { t.Fatalf("expected no error, got: %v", err) } + out = roundTripYAML(t, out) - var out dto.LLMProviderDeploymentYAML - if err := yaml.Unmarshal([]byte(yamlStr), &out); err != nil { - t.Fatalf("failed to unmarshal generated yaml: %v", err) - } - if len(out.Spec.Policies) != 2 { - t.Fatalf("expected 2 policies, got: %d", len(out.Spec.Policies)) + if len(out.Spec.OperationPolicies) != 2 { + t.Fatalf("expected 2 operation policies, got: %d", len(out.Spec.OperationPolicies)) } - tokenPolicy := findPolicy(out.Spec.Policies, "token-based-ratelimit", "") + tokenPolicy := findOperationPolicy(out.Spec.OperationPolicies, "token-based-ratelimit") if tokenPolicy == nil { - t.Fatalf("expected token-based-ratelimit policy to exist") + t.Fatalf("expected token-based-ratelimit operation policy to exist") } if len(tokenPolicy.Paths) != 3 { t.Fatalf("expected 3 token policy paths (default + 2 unique resources), got: %d", len(tokenPolicy.Paths)) } - requestPolicy := findPolicy(out.Spec.Policies, "advanced-ratelimit", "") + requestPolicy := findOperationPolicy(out.Spec.OperationPolicies, "advanced-ratelimit") if requestPolicy == nil { - t.Fatalf("expected advanced-ratelimit policy to exist") + t.Fatalf("expected advanced-ratelimit operation policy to exist") } if len(requestPolicy.Paths) != 3 { t.Fatalf("expected 3 request policy paths (default + 2 unique resources), got: %d", len(requestPolicy.Paths)) } for _, p := range []string{"/*", "/assistants", "/audio/speech"} { - if findPath(tokenPolicy, p) == nil { + if findOperationPath(tokenPolicy, p) == nil { t.Fatalf("expected token policy path %s", p) } - if findPath(requestPolicy, p) == nil { + if findOperationPath(requestPolicy, p) == nil { t.Fatalf("expected request policy path %s", p) } } @@ -941,16 +936,25 @@ func TestGenerateLLMProviderDeploymentYAML_WithProviderResourceWiseRateLimitAndD } } -func findPolicy(policies []api.LLMPolicy, name, version string) *api.LLMPolicy { +func findGlobalPolicy(policies []api.Policy, name string) *api.Policy { + for i := range policies { + if policies[i].Name == name { + return &policies[i] + } + } + return nil +} + +func findOperationPolicy(policies []api.OperationPolicy, name string) *api.OperationPolicy { for i := range policies { - if policies[i].Name == name && policies[i].Version == version { + if policies[i].Name == name { return &policies[i] } } return nil } -func findPath(policy *api.LLMPolicy, path string) *api.LLMPolicyPath { +func findOperationPath(policy *api.OperationPolicy, path string) *api.OperationPolicyPath { if policy == nil { return nil } @@ -1146,6 +1150,82 @@ func TestLLMProviderServiceCreateAllowsAggregatorTemplate(t *testing.T) { } } +// TestLLMProviderServiceCreateMigratesLegacyPolicies verifies Phase 10 save-time +// migration: a provider created with the deprecated `policies` list has it split into +// globalPolicies (for path "/*" + methods ["*"]) and operationPolicies (all other paths). +// After save, `policies` is cleared in the stored config. +func TestLLMProviderServiceCreateMigratesLegacyPolicies(t *testing.T) { + now := time.Now() + providerRepo := &mockLLMProviderRepo{} + providerRepo.getByIDFunc = func(providerID, orgUUID string) (*model.LLMProvider, error) { + if providerRepo.created == nil { + return nil, nil + } + created := *providerRepo.created + created.UUID = "prov-uuid" + created.CreatedAt = now + created.UpdatedAt = now + return &created, nil + } + templateRepo := &mockLLMTemplateRepo{ + getByIDFunc: func(templateID, orgUUID string) (*model.LLMProviderTemplate, error) { + return &model.LLMProviderTemplate{UUID: "tpl-openai", ID: "openai", CreatedAt: now, UpdatedAt: now}, nil + }, + } + orgRepo := &mockOrganizationRepo{org: &model.Organization{ID: "org-1"}} + service := NewLLMProviderService(providerRepo, templateRepo, orgRepo, nil, nil, nil, nil, slog.Default()) + + request := validProviderRequest("openai") + request.Policies = &[]api.LLMPolicy{ + // path "/*" + methods ["*"] → globalPolicies + { + Name: "basic-ratelimit", + Version: "v1", + Paths: []api.LLMPolicyPath{ + {Path: "/*", Methods: []api.LLMPolicyPathMethods{"*"}, Params: map[string]interface{}{"requests": 10}}, + }, + }, + // specific path → operationPolicies + { + Name: "token-ratelimit", + Version: "v1", + Paths: []api.LLMPolicyPath{ + {Path: "/chat/completions", Methods: []api.LLMPolicyPathMethods{"POST"}, Params: map[string]interface{}{"tokens": 1000}}, + }, + }, + } + + if _, err := service.Create("org-1", "alice", request); err != nil { + t.Fatalf("expected no error, got: %v", err) + } + if providerRepo.created == nil { + t.Fatal("expected provider to be created") + } + cfg := providerRepo.created.Configuration + + // Deprecated list cleared after migration. + if len(cfg.Policies) != 0 { + t.Fatalf("expected policies cleared after migration, got: %d", len(cfg.Policies)) + } + // "/*" + ["*"] → globalPolicies + if len(cfg.GlobalPolicies) != 1 { + t.Fatalf("expected 1 globalPolicy, got: %d", len(cfg.GlobalPolicies)) + } + if cfg.GlobalPolicies[0].Name != "basic-ratelimit" { + t.Fatalf("expected globalPolicy name basic-ratelimit, got: %s", cfg.GlobalPolicies[0].Name) + } + // specific path → operationPolicies + if len(cfg.OperationPolicies) != 1 { + t.Fatalf("expected 1 operationPolicy, got: %d", len(cfg.OperationPolicies)) + } + if cfg.OperationPolicies[0].Name != "token-ratelimit" { + t.Fatalf("expected operationPolicy name token-ratelimit, got: %s", cfg.OperationPolicies[0].Name) + } + if len(cfg.OperationPolicies[0].Paths) != 1 || cfg.OperationPolicies[0].Paths[0].Path != "/chat/completions" { + t.Fatalf("expected operationPolicy path /chat/completions, got: %+v", cfg.OperationPolicies[0].Paths) + } +} + func TestLLMProviderServiceCreateReturnsConflictForDuplicateHandle(t *testing.T) { providerRepo := &mockLLMProviderRepo{existsResult: true} templateRepo := &mockLLMTemplateRepo{ diff --git a/platform-api/src/internal/utils/api.go b/platform-api/src/internal/utils/api.go index c71acc62aa..1951ef87e9 100644 --- a/platform-api/src/internal/utils/api.go +++ b/platform-api/src/internal/utils/api.go @@ -548,7 +548,7 @@ func (u *APIUtil) BuildAPIDeploymentYAML(apiModel *model.API) (*dto.APIDeploymen } return &dto.APIDeploymentYAML{ - ApiVersion: "gateway.api-platform.wso2.com/v1alpha1", + ApiVersion: constants.GatewayApiVersion, Kind: apiType, Metadata: dto.DeploymentMetadata{ Name: apiModel.Handle, diff --git a/platform-api/src/internal/utils/api_test.go b/platform-api/src/internal/utils/api_test.go index 84a4cb3c1a..7dd530fe1e 100644 --- a/platform-api/src/internal/utils/api_test.go +++ b/platform-api/src/internal/utils/api_test.go @@ -637,7 +637,7 @@ func TestBuildAPIDeploymentYAML(t *testing.T) { } // Verify key struct fields - if deploymentStruct.ApiVersion != "gateway.api-platform.wso2.com/v1alpha1" { + if deploymentStruct.ApiVersion != "gateway.api-platform.wso2.com/v1alpha2" { t.Errorf("ApiVersion = %q", deploymentStruct.ApiVersion) } if deploymentStruct.Kind != constants.RestApi { diff --git a/platform-api/src/resources/default-llm-provider-templates/anthropic-template.yaml b/platform-api/src/resources/default-llm-provider-templates/anthropic-template.yaml index d61838fef9..70b79eceef 100644 --- a/platform-api/src/resources/default-llm-provider-templates/anthropic-template.yaml +++ b/platform-api/src/resources/default-llm-provider-templates/anthropic-template.yaml @@ -16,7 +16,7 @@ # under the License. # -------------------------------------------------------------------- -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: anthropic diff --git a/platform-api/src/resources/default-llm-provider-templates/awsbedrock-template.yaml b/platform-api/src/resources/default-llm-provider-templates/awsbedrock-template.yaml index 34f19c6337..fe07dacc52 100644 --- a/platform-api/src/resources/default-llm-provider-templates/awsbedrock-template.yaml +++ b/platform-api/src/resources/default-llm-provider-templates/awsbedrock-template.yaml @@ -16,7 +16,7 @@ # under the License. # -------------------------------------------------------------------- -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: awsbedrock diff --git a/platform-api/src/resources/default-llm-provider-templates/azureaifoundry-template.yaml b/platform-api/src/resources/default-llm-provider-templates/azureaifoundry-template.yaml index ede6060ee3..38ab686586 100644 --- a/platform-api/src/resources/default-llm-provider-templates/azureaifoundry-template.yaml +++ b/platform-api/src/resources/default-llm-provider-templates/azureaifoundry-template.yaml @@ -16,7 +16,7 @@ # under the License. # -------------------------------------------------------------------- -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: azureai-foundry diff --git a/platform-api/src/resources/default-llm-provider-templates/azureopenai-template.yaml b/platform-api/src/resources/default-llm-provider-templates/azureopenai-template.yaml index f98ce62dca..0ee5bdbbc5 100644 --- a/platform-api/src/resources/default-llm-provider-templates/azureopenai-template.yaml +++ b/platform-api/src/resources/default-llm-provider-templates/azureopenai-template.yaml @@ -16,7 +16,7 @@ # under the License. # -------------------------------------------------------------------- -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: azure-openai diff --git a/platform-api/src/resources/default-llm-provider-templates/gemini-template.yaml b/platform-api/src/resources/default-llm-provider-templates/gemini-template.yaml index 5f89228a67..645d42fa91 100644 --- a/platform-api/src/resources/default-llm-provider-templates/gemini-template.yaml +++ b/platform-api/src/resources/default-llm-provider-templates/gemini-template.yaml @@ -16,7 +16,7 @@ # under the License. # -------------------------------------------------------------------- -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: gemini diff --git a/platform-api/src/resources/default-llm-provider-templates/mistral-template.yaml b/platform-api/src/resources/default-llm-provider-templates/mistral-template.yaml index c7cb6c393c..0d1266fb9e 100644 --- a/platform-api/src/resources/default-llm-provider-templates/mistral-template.yaml +++ b/platform-api/src/resources/default-llm-provider-templates/mistral-template.yaml @@ -16,7 +16,7 @@ # under the License. # -------------------------------------------------------------------- -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: mistralai diff --git a/platform-api/src/resources/default-llm-provider-templates/openai-template.yaml b/platform-api/src/resources/default-llm-provider-templates/openai-template.yaml index 3cdfbbfa04..15d989d21c 100644 --- a/platform-api/src/resources/default-llm-provider-templates/openai-template.yaml +++ b/platform-api/src/resources/default-llm-provider-templates/openai-template.yaml @@ -16,7 +16,7 @@ # under the License. # -------------------------------------------------------------------- -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProviderTemplate metadata: name: openai diff --git a/platform-api/src/resources/openapi.yaml b/platform-api/src/resources/openapi.yaml index f49addf529..fd8c7c8ed9 100644 --- a/platform-api/src/resources/openapi.yaml +++ b/platform-api/src/resources/openapi.yaml @@ -25,7 +25,7 @@ info: Authorization is enforced via OAuth2 scopes carried in the JWT. Both read (GET) and write operations require specific scopes declared in the `security` field of each operation. - version: 1.0.0 + version: v1alpha2 contact: name: WSO2 API Platform Team license: @@ -33,9 +33,9 @@ info: url: https://www.apache.org/licenses/LICENSE-2.0.html servers: - - url: https://localhost:9243/api/v1 + - url: https://localhost:9243/api/v1alpha2 description: Development server (HTTPS) - - url: https://api.platform.com/api/v1 + - url: https://api.platform.com/api/v1alpha2 description: Production server security: @@ -9836,6 +9836,47 @@ components: description: JSON Schema describing the parameters accepted by this policy. This itself is a JSON Schema document. additionalProperties: true + OperationPolicy: + type: object + required: + - name + - version + - paths + properties: + name: + type: string + example: token-based-ratelimit + version: + type: string + example: v1 + executionCondition: + type: string + description: Optional per-request CEL expression controlling whether the policy runs + paths: + type: array + items: + $ref: '#/components/schemas/OperationPolicyPath' + + OperationPolicyPath: + type: object + required: + - path + - methods + - params + properties: + path: + type: string + example: /chat/completions + methods: + type: array + items: + type: string + description: "HTTP method: GET, POST, PUT, DELETE, PATCH, OPTIONS, HEAD, or * for all" + params: + type: object + description: Policy parameters + additionalProperties: true + LLMRateLimitingConfig: type: object description: Rate limiting configuration for an LLM provider at provider and consumer levels. @@ -10096,9 +10137,20 @@ components: $ref: '#/components/schemas/LLMAccessControl' rateLimiting: $ref: '#/components/schemas/LLMRateLimitingConfig' + globalPolicies: + type: array + description: Global (api-level) policies applied across ALL operations as one shared scope, evaluated before operation-level policies. + items: + $ref: "#/components/schemas/Policy" + operationPolicies: + type: array + description: Operation-level policies scoped to specific paths/methods, evaluated after global policies. + items: + $ref: "#/components/schemas/OperationPolicy" policies: + deprecated: true type: array - description: List of policies applied only to this operation (overrides or adds to API-level policies) + description: DEPRECATED - use operationPolicies. Still honoured (treated identically to operationPolicies). items: $ref: "#/components/schemas/LLMPolicy" security: @@ -10275,9 +10327,20 @@ components: title: Proxy API version: v1.0 paths: {} + globalPolicies: + type: array + description: Global (api-level) policies applied across ALL operations as one shared scope, evaluated before operation-level policies. + items: + $ref: "#/components/schemas/Policy" + operationPolicies: + type: array + description: Operation-level policies scoped to specific paths/methods, evaluated after global policies. + items: + $ref: "#/components/schemas/OperationPolicy" policies: + deprecated: true type: array - description: List of policies applied only to this operation (overrides or adds to API-level policies) + description: DEPRECATED - use operationPolicies. Still honoured (treated identically to operationPolicies). items: $ref: "#/components/schemas/LLMPolicy" security: diff --git a/portals/ai-workspace/configs/config-platform-api-template.toml b/portals/ai-workspace/configs/config-platform-api-template.toml index a160280235..b251b39717 100644 --- a/portals/ai-workspace/configs/config-platform-api-template.toml +++ b/portals/ai-workspace/configs/config-platform-api-template.toml @@ -33,7 +33,7 @@ port = "9243" # HTTP/HTTPS listen port for Platform API # Set to false only to temporarily bypass during development. enable_scope_validation = true -# Controls authentication for POST /api/v1/organizations. +# Controls authentication for POST /api/v1alpha2/organizations. # When true, the endpoint requires both a valid Bearer JWT and the # ap:organization:manage scope; requests without that scope are rejected. # Default: false (public) — preserves backwards-compatible behaviour for existing deployments. diff --git a/portals/ai-workspace/configs/config-platform-api.toml b/portals/ai-workspace/configs/config-platform-api.toml index 53a26d4d15..9edb4f5bd7 100644 --- a/portals/ai-workspace/configs/config-platform-api.toml +++ b/portals/ai-workspace/configs/config-platform-api.toml @@ -25,7 +25,7 @@ port = "9243" # Validate OAuth2 scopes on incoming requests. enable_scope_validation = true -# Controls authentication for POST /api/v1/organizations. +# Controls authentication for POST /api/v1alpha2/organizations. # When true, the endpoint requires both a valid Bearer JWT and the # ap:organization:manage scope; requests without that scope are rejected. org_creation_requires_auth = true diff --git a/portals/ai-workspace/configs/config-template.toml b/portals/ai-workspace/configs/config-template.toml index d3c4912475..cbc0cdbfa1 100644 --- a/portals/ai-workspace/configs/config-template.toml +++ b/portals/ai-workspace/configs/config-template.toml @@ -40,9 +40,9 @@ auth_mode = "basic" # oidc_org_handle_claim = "org_handle" # Platform API base URL — used by the UI to make API calls (may be a relative -# path when nginx proxying is in use, e.g. /api-proxy/api/v1). -# Defaults to https://localhost:9243/api/v1 if unset. -platform_api_base_url = "https://localhost:9243/api/v1" +# path when nginx proxying is in use, e.g. /api-proxy/api/v1alpha2). +# Defaults to https://localhost:9243/api/v1alpha2 if unset. +platform_api_base_url = "https://localhost:9243/api/v1alpha2" # Control-plane host — the host:port that deployed gateways use to reach # the Platform API. Shown in gateway setup instructions (keys.env, helm values). diff --git a/portals/ai-workspace/configs/config.toml b/portals/ai-workspace/configs/config.toml index ee0475d431..3bfc8163be 100644 --- a/portals/ai-workspace/configs/config.toml +++ b/portals/ai-workspace/configs/config.toml @@ -20,7 +20,7 @@ domain = "localhost:5380" auth_mode = "basic" # Platform API base URL — used by the UI to make API calls. -platform_api_base_url = "https://localhost:9243/api/v1" +platform_api_base_url = "https://localhost:9243/api/v1alpha2" # Control-plane host — the externally reachable address gateways use to reach # the Platform API. Shown in gateway setup instructions (keys.env, helm values). diff --git a/portals/ai-workspace/docker-compose.yaml b/portals/ai-workspace/docker-compose.yaml index 2e1daaac3a..295cbba931 100644 --- a/portals/ai-workspace/docker-compose.yaml +++ b/portals/ai-workspace/docker-compose.yaml @@ -82,7 +82,7 @@ services: # Route all Platform API calls through nginx (/api-proxy/ → platform-api:9243/). # Relative paths avoid direct browser-to-platform-api connections and # sidestep self-signed TLS certificate issues. - - VITE_PLATFORM_API_BASE_URL=/api-proxy/api/v1 + - VITE_PLATFORM_API_BASE_URL=/api-proxy/api/v1alpha2 - VITE_PORTAL_API_BASE_URL=/api-proxy/api/portal/v1 volumes: - ./configs/config.toml:/etc/ai-workspace/config.toml:ro diff --git a/portals/ai-workspace/src/apis/platformApis.ts b/portals/ai-workspace/src/apis/platformApis.ts index 4b56c569f9..0e4707e06b 100644 --- a/portals/ai-workspace/src/apis/platformApis.ts +++ b/portals/ai-workspace/src/apis/platformApis.ts @@ -28,7 +28,7 @@ import { logger } from '../utils/logger'; * Organization schema from the Platform API. * * curl reference: - * POST https://localhost:9243/api/v1/organizations + * POST https://localhost:9243/api/v1alpha2/organizations * -H 'Authorization: Bearer ' * -H 'accept: application/json' -H 'content-type: application/json' * --data-raw '{"id":"","name":"","handle":"","region":"us"}' diff --git a/portals/ai-workspace/src/clients/choreoApiClient.ts b/portals/ai-workspace/src/clients/choreoApiClient.ts index a9a81d68f5..ad510bec68 100644 --- a/portals/ai-workspace/src/clients/choreoApiClient.ts +++ b/portals/ai-workspace/src/clients/choreoApiClient.ts @@ -20,7 +20,7 @@ // Platform API Client // ---------------------------------------------------------------------------- // Replaces the Asgardeo-backed httpRequest with native fetch. -// All calls go to PLATFORM_API_BASE_URL (default: https://localhost:9243/api/v1). +// All calls go to PLATFORM_API_BASE_URL (default: https://localhost:9243/api/v1alpha2). // // Token storage: // localStorage.setItem('platform_auth_token', '') diff --git a/portals/ai-workspace/src/config.env.ts b/portals/ai-workspace/src/config.env.ts index e44b253e5a..d93268369c 100644 --- a/portals/ai-workspace/src/config.env.ts +++ b/portals/ai-workspace/src/config.env.ts @@ -147,7 +147,7 @@ export const POLICY_HUB_WEB_URL = getEnvOrDefault( // only if calling the platform API directly. export const PLATFORM_API_BASE_URL = getEnvOrDefault( 'VITE_PLATFORM_API_BASE_URL', - '/api-proxy/api/v1' + '/api-proxy/api/v1alpha2' ); // Control-plane host shown in gateway setup instructions (host:port). diff --git a/portals/ai-workspace/src/contexts/ChoreoUserContext.tsx b/portals/ai-workspace/src/contexts/ChoreoUserContext.tsx index 6f6feb62b2..8499c86b24 100644 --- a/portals/ai-workspace/src/contexts/ChoreoUserContext.tsx +++ b/portals/ai-workspace/src/contexts/ChoreoUserContext.tsx @@ -20,7 +20,7 @@ // ChoreoUserContext — Platform API (standalone) version // ---------------------------------------------------------------------------- // Asgardeo authentication has been removed. All org data comes from the -// Platform API (https://localhost:9243/api/v1). +// Platform API (https://localhost:9243/api/v1alpha2). // Token exchange and IDP-specific logic are no-ops. // ============================================================================ diff --git a/portals/ai-workspace/src/pages/appShell/appShellPages/proxies/LLMProxyGuardrailsTab.tsx b/portals/ai-workspace/src/pages/appShell/appShellPages/proxies/LLMProxyGuardrailsTab.tsx index 5afe2d4b1e..94f0670391 100644 --- a/portals/ai-workspace/src/pages/appShell/appShellPages/proxies/LLMProxyGuardrailsTab.tsx +++ b/portals/ai-workspace/src/pages/appShell/appShellPages/proxies/LLMProxyGuardrailsTab.tsx @@ -173,6 +173,7 @@ export default function LLMProxyGuardrailsTab() { const [editingTarget, setEditingTarget] = useState<{ policyIndex: number; pathIndex: number | null; + source: 'global' | 'operation' | 'legacy'; } | null>(null); const [selectedCategories, setSelectedCategories] = useState(['AI']); const [drawerGuardrails, setDrawerGuardrails] = useState([]); @@ -227,43 +228,68 @@ export default function LLMProxyGuardrailsTab() { const getDisplayName = (policyName: string): string => displayNameMap[policyName] || policyName; - const globalGuardrails = useMemo( - () => - policies.flatMap((policy, policyIndex) => { - const version = policy.version - ? `v${policy.version.split('.')[0]}` - : 'v0'; - const displayName = getDisplayName(policy.name); - if (!policy.paths || policy.paths.length === 0) { - return [ - { - id: `${policy.name}-${version}-${policyIndex}-default`, + const globalGuardrails = useMemo(() => { + const items: Array<{ + id: string; + name: string; + displayName: string; + version: string; + source: 'global' | 'legacy'; + policyIndex: number; + pathIndex: number | null; + }> = []; + + // New globalPolicies list + (proxy?.globalPolicies ?? []).forEach((policy, policyIndex) => { + const version = policy.version + ? `v${policy.version.replace(/^v/, '').split('.')[0]}` + : 'v0'; + items.push({ + id: `global-${policy.name}-${version}-${policyIndex}`, + name: policy.name, + displayName: getDisplayName(policy.name), + version, + source: 'global', + policyIndex, + pathIndex: null, + }); + }); + + // Legacy policies with path === '/*' + policies.forEach((policy, policyIndex) => { + const version = policy.version + ? `v${policy.version.split('.')[0]}` + : 'v0'; + const displayName = getDisplayName(policy.name); + if (!policy.paths || policy.paths.length === 0) { + items.push({ + id: `legacy-${policy.name}-${version}-${policyIndex}-default`, + name: policy.name, + displayName, + version, + source: 'legacy', + policyIndex, + pathIndex: null, + }); + } else { + policy.paths.forEach((pathConfig, pathIndex) => { + if (pathConfig.path === '/*') { + items.push({ + id: `legacy-${policy.name}-${version}-${policyIndex}-${pathIndex}`, name: policy.name, displayName, version, + source: 'legacy', policyIndex, - pathIndex: null as number | null, - }, - ]; - } + pathIndex, + }); + } + }); + } + }); - return policy.paths.flatMap((pathConfig, pathIndex) => - pathConfig.path === '/*' - ? [ - { - id: `${policy.name}-${version}-${policyIndex}-${pathIndex}`, - name: policy.name, - displayName, - version, - policyIndex, - pathIndex, - }, - ] - : [] - ); - }), - [policies, displayNameMap] - ); + return items; + }, [proxy?.globalPolicies, policies, displayNameMap]); const resources = useMemo( () => parseOpenApiText(proxy?.openapi || ''), @@ -294,17 +320,38 @@ export default function LLMProxyGuardrailsTab() { const handleEditGuardrailPill = ( policyIndex: number, pathIndex: number | null, - scope: DrawerContext + scope: DrawerContext, + source: 'global' | 'operation' | 'legacy' ) => { - const policy = policies[policyIndex]; - if (!policy) return; - - const existingParams = - pathIndex !== null ? policy.paths?.[pathIndex]?.params ?? {} : {}; + let policyName: string; + let existingParams: ParameterValues = {}; + + if (source === 'global') { + const policy = (proxy?.globalPolicies ?? [])[policyIndex]; + if (!policy) return; + policyName = policy.name; + existingParams = (policy.params as ParameterValues) ?? {}; + } else if (source === 'operation') { + const policy = (proxy?.operationPolicies ?? [])[policyIndex]; + if (!policy) return; + policyName = policy.name; + existingParams = + pathIndex !== null + ? ((policy.paths[pathIndex]?.params as ParameterValues) ?? {}) + : {}; + } else { + const policy = policies[policyIndex]; + if (!policy) return; + policyName = policy.name; + existingParams = + pathIndex !== null + ? ((policy.paths?.[pathIndex]?.params as ParameterValues) ?? {}) + : {}; + } - setEditingTarget({ policyIndex, pathIndex }); + setEditingTarget({ policyIndex, pathIndex, source }); setDrawerContext(scope); - setSelectedGuardrail(policy.name); + setSelectedGuardrail(policyName); setGuardrailSettings(existingParams); setIsDetailView(true); setPolicyDefinition(null); @@ -312,7 +359,7 @@ export default function LLMProxyGuardrailsTab() { setDrawerOpen(true); const guardrailMeta = availableGuardrails.find( - (g) => g.name === policy.name + (g) => g.name === policyName ); if (!guardrailMeta?.version) { setDefinitionError('No version available for this guardrail.'); @@ -391,63 +438,105 @@ export default function LLMProxyGuardrailsTab() { const handlePolicySubmit = async (params: ParameterValues) => { if (!proxy || !selectedGuardrailPolicy) return; - const updatedPolicies = (() => { - // Edit mode: update existing policy path params - if (editingTarget) { - const { policyIndex, pathIndex } = editingTarget; - const updated = [...policies]; - const existing = updated[policyIndex]; - if (!existing) return policies; - - if (pathIndex !== null) { - const existingPaths = [...(existing.paths ?? [])]; - existingPaths[pathIndex] = { - ...existingPaths[pathIndex], + if (editingTarget) { + const { policyIndex, pathIndex, source } = editingTarget; + if (source === 'global') { + setLocalProxy((prev) => { + if (!prev) return prev; + const globalPolicies = [...(prev.globalPolicies ?? [])]; + globalPolicies[policyIndex] = { ...globalPolicies[policyIndex], params }; + return { ...prev, globalPolicies }; + }); + } else if (source === 'operation') { + setLocalProxy((prev) => { + if (!prev) return prev; + const operationPolicies = [...(prev.operationPolicies ?? [])]; + const existing = operationPolicies[policyIndex]; + const paths = [...existing.paths]; + if (pathIndex !== null) { + paths[pathIndex] = { ...paths[pathIndex], params }; + } + operationPolicies[policyIndex] = { ...existing, paths }; + return { ...prev, operationPolicies }; + }); + } else { + // legacy + setLocalProxy((prev) => { + if (!prev) return prev; + const updated = [...(prev.policies ?? [])]; + const existing = updated[policyIndex]; + if (!existing) return prev; + if (pathIndex !== null) { + const existingPaths = [...(existing.paths ?? [])]; + existingPaths[pathIndex] = { ...existingPaths[pathIndex], params }; + updated[policyIndex] = { ...existing, paths: existingPaths }; + } + return { ...prev, policies: updated }; + }); + } + } else if (drawerContext.scope === 'global') { + // Add mode — global scope → globalPolicies + setLocalProxy((prev) => { + if (!prev) return prev; + const globalPolicies = [...(prev.globalPolicies ?? [])]; + const existingIndex = globalPolicies.findIndex( + (p) => + p.name === selectedGuardrailPolicy.name && + p.version === selectedGuardrailVersion + ); + if (existingIndex === -1) { + globalPolicies.push({ + name: selectedGuardrailPolicy.name, + version: selectedGuardrailVersion, + params, + }); + } else { + globalPolicies[existingIndex] = { + ...globalPolicies[existingIndex], params, }; - updated[policyIndex] = { ...existing, paths: existingPaths }; } - return updated; - } - - // Add mode: add new policy path - const nextPath = buildPolicyPath(params); - const existingIndex = policies.findIndex( - (p) => - p.name === selectedGuardrailPolicy.name && - p.version === selectedGuardrailVersion - ); - - if (existingIndex === -1) { - return [ - ...policies, - { + return { ...prev, globalPolicies }; + }); + } else { + // Add mode — resource scope → operationPolicies + const resourcePath = drawerContext.path; + const resourceMethod = drawerContext.method; + const newPathEntry = { path: resourcePath, methods: [resourceMethod], params }; + setLocalProxy((prev) => { + if (!prev) return prev; + const operationPolicies = [...(prev.operationPolicies ?? [])]; + const existingPolicyIndex = operationPolicies.findIndex( + (p) => + p.name === selectedGuardrailPolicy.name && + p.version === selectedGuardrailVersion + ); + if (existingPolicyIndex === -1) { + operationPolicies.push({ name: selectedGuardrailPolicy.name, version: selectedGuardrailVersion, - paths: [nextPath], - }, - ]; - } - - const existing = policies[existingIndex]; - const existingPaths = existing.paths ?? []; - - const updated = [...policies]; - updated[existingIndex] = { - ...existing, - paths: [...existingPaths, nextPath], - }; - return updated; - })(); - - setLocalProxy((prev) => - prev - ? { - ...prev, - policies: updatedPolicies, + paths: [newPathEntry], + }); + } else { + const existing = operationPolicies[existingPolicyIndex]; + const alreadyHasPath = existing.paths.some( + (p) => + p.path === resourcePath && + p.methods + .map((m) => m.toUpperCase()) + .includes(resourceMethod.toUpperCase()) + ); + if (!alreadyHasPath) { + operationPolicies[existingPolicyIndex] = { + ...existing, + paths: [...existing.paths, newPathEntry], + }; } - : prev - ); + } + return { ...prev, operationPolicies }; + }); + } + setGuardrailSettings(params); setDrawerOpen(false); setIsDetailView(false); @@ -455,33 +544,52 @@ export default function LLMProxyGuardrailsTab() { const handleRemoveAppliedGuardrail = ( policyIndex: number, - pathIndex: number | null + pathIndex: number | null, + source: 'global' | 'operation' | 'legacy' ) => { - setLocalProxy((prev) => { - if (!prev) return prev; - const existingPolicies = prev.policies ?? []; - - const updatedPolicies = existingPolicies.flatMap((policy, index) => { - if (index !== policyIndex) return [policy]; - - if (pathIndex === null) { - return []; - } - - const existingPaths = policy.paths ?? []; - const nextPaths = existingPaths.filter((_, idx) => idx !== pathIndex); - if (nextPaths.length === 0) { - return []; + if (source === 'global') { + setLocalProxy((prev) => { + if (!prev) return prev; + return { + ...prev, + globalPolicies: (prev.globalPolicies ?? []).filter( + (_, idx) => idx !== policyIndex + ), + }; + }); + } else if (source === 'operation') { + setLocalProxy((prev) => { + if (!prev) return prev; + const operationPolicies = [...(prev.operationPolicies ?? [])]; + const existing = operationPolicies[policyIndex]; + if (pathIndex !== null) { + const paths = existing.paths.filter((_, idx) => idx !== pathIndex); + if (paths.length === 0) { + operationPolicies.splice(policyIndex, 1); + } else { + operationPolicies[policyIndex] = { ...existing, paths }; + } + } else { + operationPolicies.splice(policyIndex, 1); } - - return [{ ...policy, paths: nextPaths }]; + return { ...prev, operationPolicies }; }); - - return { - ...prev, - policies: updatedPolicies, - }; - }); + } else { + // legacy + setLocalProxy((prev) => { + if (!prev) return prev; + const existingPolicies = prev.policies ?? []; + const updatedPolicies = existingPolicies.flatMap((policy, index) => { + if (index !== policyIndex) return [policy]; + if (pathIndex === null) return []; + const existingPaths = policy.paths ?? []; + const nextPaths = existingPaths.filter((_, idx) => idx !== pathIndex); + if (nextPaths.length === 0) return []; + return [{ ...policy, paths: nextPaths }]; + }); + return { ...prev, policies: updatedPolicies }; + }); + } }; // ── Render ────────────────────────────────────────────────────────────── @@ -537,10 +645,10 @@ export default function LLMProxyGuardrailsTab() { onClick={() => handleEditGuardrailPill(g.policyIndex, g.pathIndex, { scope: 'global', - }) + }, g.source) } onRemove={() => - void handleRemoveAppliedGuardrail(g.policyIndex, g.pathIndex) + void handleRemoveAppliedGuardrail(g.policyIndex, g.pathIndex, g.source) } /> ))} @@ -637,6 +745,9 @@ export default function LLMProxyGuardrailsTab() { {(() => { const hasResourcePolicy = (resource: ResourceItem) => + (proxy?.operationPolicies ?? []).some((policy) => + policy.paths.some((pc) => matchesResource(pc, resource)) + ) || policies.some((policy) => (policy.paths ?? []).some( (pc) => @@ -692,9 +803,31 @@ export default function LLMProxyGuardrailsTab() { name: string; displayName: string; version: string; + source: 'operation' | 'legacy'; policyIndex: number; pathIndex: number; }> = []; + // New operationPolicies + (proxy?.operationPolicies ?? []).forEach( + (policy, policyIndex) => { + policy.paths.forEach((pc, pathIndex) => { + if (!matchesResource(pc, resource)) return; + const version = policy.version + ? `v${policy.version.replace(/^v/, '').split('.')[0]}` + : 'v0'; + items.push({ + id: `op-${policy.name}-${version}-${policyIndex}-${pathIndex}`, + name: policy.name, + displayName: getDisplayName(policy.name), + version, + source: 'operation', + policyIndex, + pathIndex, + }); + }); + } + ); + // Legacy policies policies.forEach((policy, policyIndex) => { (policy.paths ?? []).forEach((pc, pathIndex) => { if (pc.path === '/*') return; @@ -702,12 +835,12 @@ export default function LLMProxyGuardrailsTab() { const version = policy.version ? `v${policy.version.split('.')[0]}` : 'v0'; - const displayName = getDisplayName(policy.name); items.push({ - id: `${policy.name}-${version}-${policyIndex}-${pathIndex}`, + id: `legacy-${policy.name}-${version}-${policyIndex}-${pathIndex}`, name: policy.name, - displayName, + displayName: getDisplayName(policy.name), version, + source: 'legacy', policyIndex, pathIndex, }); @@ -818,13 +951,15 @@ export default function LLMProxyGuardrailsTab() { scope: 'resource', method, path: resource.path, - } + }, + g.source ) } onRemove={() => void handleRemoveAppliedGuardrail( g.policyIndex, - g.pathIndex + g.pathIndex, + g.source ) } /> diff --git a/portals/ai-workspace/src/pages/appShell/appShellPages/serviceProvider/ServiceProviderGuardrailsTab.tsx b/portals/ai-workspace/src/pages/appShell/appShellPages/serviceProvider/ServiceProviderGuardrailsTab.tsx index 8c614f2e68..a51e47a686 100644 --- a/portals/ai-workspace/src/pages/appShell/appShellPages/serviceProvider/ServiceProviderGuardrailsTab.tsx +++ b/portals/ai-workspace/src/pages/appShell/appShellPages/serviceProvider/ServiceProviderGuardrailsTab.tsx @@ -187,6 +187,7 @@ export default function ServiceProviderGuardrailsTab() { const [editingTarget, setEditingTarget] = useState<{ policyIndex: number; pathIndex: number | null; + source: 'global' | 'operation' | 'legacy'; } | null>(null); const [selectedCategories, setSelectedCategories] = useState(['AI']); const [drawerGuardrails, setDrawerGuardrails] = useState([]); @@ -241,43 +242,68 @@ export default function ServiceProviderGuardrailsTab() { const getDisplayName = (policyName: string): string => displayNameMap[policyName] || policyName; - const globalGuardrails = useMemo( - () => - policies.flatMap((policy, policyIndex) => { - const version = policy.version - ? `v${policy.version.replace(/^v/, '').split('.')[0]}` - : 'v0'; - const displayName = getDisplayName(policy.name); - if (!policy.paths || policy.paths.length === 0) { - return [ - { - id: `${policy.name}-${version}-${policyIndex}-default`, + const globalGuardrails = useMemo(() => { + const items: Array<{ + id: string; + name: string; + displayName: string; + version: string; + source: 'global' | 'legacy'; + policyIndex: number; + pathIndex: number | null; + }> = []; + + // New globalPolicies list + (provider?.globalPolicies ?? []).forEach((policy, policyIndex) => { + const version = policy.version + ? `v${policy.version.replace(/^v/, '').split('.')[0]}` + : 'v0'; + items.push({ + id: `global-${policy.name}-${version}-${policyIndex}`, + name: policy.name, + displayName: getDisplayName(policy.name), + version, + source: 'global', + policyIndex, + pathIndex: null, + }); + }); + + // Legacy policies with path === '/*' + policies.forEach((policy, policyIndex) => { + const version = policy.version + ? `v${policy.version.replace(/^v/, '').split('.')[0]}` + : 'v0'; + const displayName = getDisplayName(policy.name); + if (!policy.paths || policy.paths.length === 0) { + items.push({ + id: `legacy-${policy.name}-${version}-${policyIndex}-default`, + name: policy.name, + displayName, + version, + source: 'legacy', + policyIndex, + pathIndex: null, + }); + } else { + policy.paths.forEach((pathConfig, pathIndex) => { + if (pathConfig.path === '/*') { + items.push({ + id: `legacy-${policy.name}-${version}-${policyIndex}-${pathIndex}`, name: policy.name, displayName, version, + source: 'legacy', policyIndex, - pathIndex: null as number | null, - }, - ]; - } + pathIndex, + }); + } + }); + } + }); - return policy.paths.flatMap((pathConfig, pathIndex) => - pathConfig.path === '/*' - ? [ - { - id: `${policy.name}-${version}-${policyIndex}-${pathIndex}`, - name: policy.name, - displayName, - version, - policyIndex, - pathIndex, - }, - ] - : [] - ); - }), - [policies, displayNameMap] - ); + return items; + }, [provider?.globalPolicies, policies, displayNameMap]); const resources = useMemo( () => parseOpenApiText(provider?.openapi || '', provider?.accessControl), @@ -306,17 +332,38 @@ export default function ServiceProviderGuardrailsTab() { const handleEditGuardrailPill = ( policyIndex: number, pathIndex: number | null, - scope: DrawerContext + scope: DrawerContext, + source: 'global' | 'operation' | 'legacy' ) => { - const policy = policies[policyIndex]; - if (!policy) return; - - const existingParams = - pathIndex !== null ? policy.paths?.[pathIndex]?.params ?? {} : {}; + let policyName: string; + let existingParams: ParameterValues = {}; + + if (source === 'global') { + const policy = (provider?.globalPolicies ?? [])[policyIndex]; + if (!policy) return; + policyName = policy.name; + existingParams = (policy.params as ParameterValues) ?? {}; + } else if (source === 'operation') { + const policy = (provider?.operationPolicies ?? [])[policyIndex]; + if (!policy) return; + policyName = policy.name; + existingParams = + pathIndex !== null + ? ((policy.paths[pathIndex]?.params as ParameterValues) ?? {}) + : {}; + } else { + const policy = policies[policyIndex]; + if (!policy) return; + policyName = policy.name; + existingParams = + pathIndex !== null + ? ((policy.paths?.[pathIndex]?.params as ParameterValues) ?? {}) + : {}; + } - setEditingTarget({ policyIndex, pathIndex }); + setEditingTarget({ policyIndex, pathIndex, source }); setDrawerContext(scope); - setSelectedGuardrail(policy.name); + setSelectedGuardrail(policyName); setGuardrailSettings(existingParams); setIsDetailView(true); setPolicyDefinition(null); @@ -324,7 +371,7 @@ export default function ServiceProviderGuardrailsTab() { setDrawerOpen(true); const guardrailMeta = availableGuardrails.find( - (g) => g.name === policy.name + (g) => g.name === policyName ); if (!guardrailMeta?.version) { setDefinitionError('No version available for this guardrail.'); @@ -413,62 +460,93 @@ export default function ServiceProviderGuardrailsTab() { ...updatePayload } = provider; - const updatedPolicies = (() => { - // Edit mode: update existing policy path params - if (editingTarget) { - const { policyIndex, pathIndex } = editingTarget; - const updated = [...policies]; - const existing = updated[policyIndex]; - if (!existing) return policies; + const isEditing = !!editingTarget; - if (pathIndex !== null) { - const existingPaths = [...(existing.paths ?? [])]; - existingPaths[pathIndex] = { - ...existingPaths[pathIndex], + try { + if (editingTarget) { + const { policyIndex, pathIndex, source } = editingTarget; + if (source === 'global') { + const globalPolicies = [...(provider.globalPolicies ?? [])]; + globalPolicies[policyIndex] = { ...globalPolicies[policyIndex], params }; + await updateProvider({ ...updatePayload, globalPolicies }); + } else if (source === 'operation') { + const operationPolicies = [...(provider.operationPolicies ?? [])]; + const existing = operationPolicies[policyIndex]; + const paths = [...existing.paths]; + if (pathIndex !== null) { + paths[pathIndex] = { ...paths[pathIndex], params }; + } + operationPolicies[policyIndex] = { ...existing, paths }; + await updateProvider({ ...updatePayload, operationPolicies }); + } else { + // legacy + const updated = [...policies]; + const existing = updated[policyIndex]; + if (!existing) return; + if (pathIndex !== null) { + const existingPaths = [...(existing.paths ?? [])]; + existingPaths[pathIndex] = { ...existingPaths[pathIndex], params }; + updated[policyIndex] = { ...existing, paths: existingPaths }; + } + await updateProvider({ ...updatePayload, policies: updated }); + } + } else if (drawerContext.scope === 'global') { + // Add mode — global scope → globalPolicies + const globalPolicies = [...(provider.globalPolicies ?? [])]; + const existingIndex = globalPolicies.findIndex( + (p) => + p.name === selectedGuardrailPolicy.name && + p.version === selectedGuardrailVersion + ); + if (existingIndex === -1) { + globalPolicies.push({ + name: selectedGuardrailPolicy.name, + version: selectedGuardrailVersion, + params, + }); + } else { + globalPolicies[existingIndex] = { + ...globalPolicies[existingIndex], params, }; - updated[policyIndex] = { ...existing, paths: existingPaths }; } - return updated; - } - - // Add mode: add new policy path - const nextPath = buildPolicyPath(params); - const existingIndex = policies.findIndex( - (policy) => - policy.name === selectedGuardrailPolicy.name && - policy.version === selectedGuardrailVersion - ); - - if (existingIndex === -1) { - return [ - ...policies, - { + await updateProvider({ ...updatePayload, globalPolicies }); + } else { + // Add mode — resource scope → operationPolicies + const operationPolicies = [...(provider.operationPolicies ?? [])]; + const resourcePath = drawerContext.path; + const resourceMethod = drawerContext.method; + const newPathEntry = { path: resourcePath, methods: [resourceMethod], params }; + const existingPolicyIndex = operationPolicies.findIndex( + (p) => + p.name === selectedGuardrailPolicy.name && + p.version === selectedGuardrailVersion + ); + if (existingPolicyIndex === -1) { + operationPolicies.push({ name: selectedGuardrailPolicy.name, version: selectedGuardrailVersion, - paths: [nextPath], - }, - ]; + paths: [newPathEntry], + }); + } else { + const existing = operationPolicies[existingPolicyIndex]; + const alreadyHasPath = existing.paths.some( + (p) => + p.path === resourcePath && + p.methods + .map((m) => m.toUpperCase()) + .includes(resourceMethod.toUpperCase()) + ); + if (!alreadyHasPath) { + operationPolicies[existingPolicyIndex] = { + ...existing, + paths: [...existing.paths, newPathEntry], + }; + } + } + await updateProvider({ ...updatePayload, operationPolicies }); } - const existing = policies[existingIndex]; - const existingPaths = existing.paths ?? []; - - const updated = [...policies]; - updated[existingIndex] = { - ...existing, - paths: [...existingPaths, nextPath], - }; - return updated; - })(); - - const isEditing = !!editingTarget; - - try { - await updateProvider({ - ...updatePayload, - policies: updatedPolicies, - }); setGuardrailSettings(params); if (!isDraftMode) { showSnackbar( @@ -495,7 +573,8 @@ export default function ServiceProviderGuardrailsTab() { const handleRemoveAppliedGuardrail = async ( policyIndex: number, - pathIndex: number | null + pathIndex: number | null, + source: 'global' | 'operation' | 'legacy' ) => { if (!provider || isLoading || error) return; @@ -508,27 +587,39 @@ export default function ServiceProviderGuardrailsTab() { ...updatePayload } = provider; - const updatedPolicies = policies.flatMap((policy, index) => { - if (index !== policyIndex) return [policy]; - - if (pathIndex === null) { - return []; - } - - const existingPaths = policy.paths ?? []; - const nextPaths = existingPaths.filter((_, idx) => idx !== pathIndex); - if (nextPaths.length === 0) { - return []; + try { + if (source === 'global') { + const globalPolicies = (provider.globalPolicies ?? []).filter( + (_, idx) => idx !== policyIndex + ); + await updateProvider({ ...updatePayload, globalPolicies }); + } else if (source === 'operation') { + const operationPolicies = [...(provider.operationPolicies ?? [])]; + const existing = operationPolicies[policyIndex]; + if (pathIndex !== null) { + const paths = existing.paths.filter((_, idx) => idx !== pathIndex); + if (paths.length === 0) { + operationPolicies.splice(policyIndex, 1); + } else { + operationPolicies[policyIndex] = { ...existing, paths }; + } + } else { + operationPolicies.splice(policyIndex, 1); + } + await updateProvider({ ...updatePayload, operationPolicies }); + } else { + // legacy + const updatedPolicies = policies.flatMap((policy, index) => { + if (index !== policyIndex) return [policy]; + if (pathIndex === null) return []; + const existingPaths = policy.paths ?? []; + const nextPaths = existingPaths.filter((_, idx) => idx !== pathIndex); + if (nextPaths.length === 0) return []; + return [{ ...policy, paths: nextPaths }]; + }); + await updateProvider({ ...updatePayload, policies: updatedPolicies }); } - return [{ ...policy, paths: nextPaths }]; - }); - - try { - await updateProvider({ - ...updatePayload, - policies: updatedPolicies, - }); if (!isDraftMode) { showSnackbar('Guardrail removed successfully.', 'success'); } @@ -598,10 +689,10 @@ export default function ServiceProviderGuardrailsTab() { onClick={() => handleEditGuardrailPill(g.policyIndex, g.pathIndex, { scope: 'global', - }) + }, g.source) } onRemove={() => - void handleRemoveAppliedGuardrail(g.policyIndex, g.pathIndex) + void handleRemoveAppliedGuardrail(g.policyIndex, g.pathIndex, g.source) } /> ))} @@ -686,6 +777,9 @@ export default function ServiceProviderGuardrailsTab() { {(() => { const hasResourcePolicy = (resource: ResourceItem) => + (provider?.operationPolicies ?? []).some((policy) => + policy.paths.some((pc) => matchesResource(pc, resource)) + ) || policies.some((policy) => (policy.paths ?? []).some( (pc) => pc.path !== '/*' && matchesResource(pc, resource) @@ -739,9 +833,31 @@ export default function ServiceProviderGuardrailsTab() { name: string; displayName: string; version: string; + source: 'operation' | 'legacy'; policyIndex: number; pathIndex: number; }> = []; + // New operationPolicies + (provider?.operationPolicies ?? []).forEach( + (policy, policyIndex) => { + policy.paths.forEach((pathConfig, pathIndex) => { + if (!matchesResource(pathConfig, resource)) return; + const version = policy.version + ? `v${policy.version.replace(/^v/, '').split('.')[0]}` + : 'v0'; + items.push({ + id: `op-${policy.name}-${version}-${policyIndex}-${pathIndex}`, + name: policy.name, + displayName: getDisplayName(policy.name), + version, + source: 'operation', + policyIndex, + pathIndex, + }); + }); + } + ); + // Legacy policies policies.forEach((policy, policyIndex) => { (policy.paths ?? []).forEach((pathConfig, pathIndex) => { if (pathConfig.path === '/*') return; @@ -749,12 +865,12 @@ export default function ServiceProviderGuardrailsTab() { const version = policy.version ? `v${policy.version.replace(/^v/, '').split('.')[0]}` : 'v0'; - const displayName = getDisplayName(policy.name); items.push({ - id: `${policy.name}-${version}-${policyIndex}-${pathIndex}`, + id: `legacy-${policy.name}-${version}-${policyIndex}-${pathIndex}`, name: policy.name, - displayName, + displayName: getDisplayName(policy.name), version, + source: 'legacy', policyIndex, pathIndex, }); @@ -856,13 +972,15 @@ export default function ServiceProviderGuardrailsTab() { scope: 'resource', method, path: resource.path, - } + }, + guardrail.source ) } onRemove={() => void handleRemoveAppliedGuardrail( guardrail.policyIndex, - guardrail.pathIndex + guardrail.pathIndex, + guardrail.source ) } /> diff --git a/portals/ai-workspace/src/pages/appShell/appShellPages/serviceProvider/ServiceProviderNew.tsx b/portals/ai-workspace/src/pages/appShell/appShellPages/serviceProvider/ServiceProviderNew.tsx index 84d63a7e6d..64cc9bc8ad 100644 --- a/portals/ai-workspace/src/pages/appShell/appShellPages/serviceProvider/ServiceProviderNew.tsx +++ b/portals/ai-workspace/src/pages/appShell/appShellPages/serviceProvider/ServiceProviderNew.tsx @@ -331,27 +331,15 @@ export default function ServiceProviderNew() { template: selectedTemplateId, openapi: openapiSpec, upstream, - policies: [ + globalPolicies: [ ...(selectedTemplateId !== 'azure-openai' && selectedTemplateId !== 'azureai-foundry' - ? [ - { - name: 'llm-cost', - version: 'v1', - paths: [{ path: '/*', methods: ['*'], params: {} }], - }, - ] + ? [{ name: 'llm-cost', version: 'v1', params: {} }] : []), ...guardrails.map((guardrail) => ({ name: guardrail.name, version: guardrail.version, - paths: [ - { - path: '/*', - methods: ['*'], - params: guardrail.settings ?? {}, - }, - ], + params: guardrail.settings ?? {}, })), ], accessControl: { diff --git a/portals/ai-workspace/src/utils/types.ts b/portals/ai-workspace/src/utils/types.ts index b19a0133c8..2ae9f6fb13 100644 --- a/portals/ai-workspace/src/utils/types.ts +++ b/portals/ai-workspace/src/utils/types.ts @@ -314,6 +314,26 @@ export interface Policy { paths?: PolicyPath[]; } +/** + * Global (api-level) policy — no path binding + */ +export interface GlobalPolicy { + name: string; + version: string; + executionCondition?: string; + params?: Record; +} + +/** + * Operation policy — path-bound + */ +export interface OperationPolicy { + name: string; + version: string; + executionCondition?: string; + paths: PolicyPath[]; +} + /** * API Key security configuration */ @@ -374,6 +394,8 @@ export interface LLMProvider { upstream?: Upstream; accessControl?: AccessControl; rateLimiting?: RateLimiting; + globalPolicies?: GlobalPolicy[]; + operationPolicies?: OperationPolicy[]; policies?: Policy[]; security?: SecurityConfig; status?: 'Active' | 'Degraded' | 'Paused' | string; @@ -397,6 +419,8 @@ export interface CreateLLMProviderRequest { modelProviders?: ModelProvider[]; upstream: Upstream; accessControl: AccessControl; + globalPolicies?: GlobalPolicy[]; + operationPolicies?: OperationPolicy[]; policies?: Policy[]; openapi?: string; } @@ -550,6 +574,8 @@ export interface Proxy { vhost?: string; provider?: string | ProxyProviderConfig; openapi?: string; + globalPolicies?: GlobalPolicy[]; + operationPolicies?: OperationPolicy[]; policies?: Policy[]; security?: ProxySecurityConfig; createdAt?: string; @@ -591,6 +617,8 @@ export interface CreateProxyRequest { vhost?: string; provider: ProxyProviderConfig; openapi: string; + globalPolicies?: GlobalPolicy[]; + operationPolicies?: OperationPolicy[]; policies: Policy[]; security: ProxySecurityConfig; } diff --git a/portals/management-portal/src/hooks/GithubAPICreation.ts b/portals/management-portal/src/hooks/GithubAPICreation.ts index aabc7f9e16..fd2cee58ba 100644 --- a/portals/management-portal/src/hooks/GithubAPICreation.ts +++ b/portals/management-portal/src/hooks/GithubAPICreation.ts @@ -114,7 +114,7 @@ export const useGithubAPICreation = () => { provider: GitProvider = "github", opts?: { signal?: AbortSignal } ): Promise => { - const res = await authedFetch(`/api/v1/git/repo/fetch-branches`, { + const res = await authedFetch(`/api/v1alpha2/git/repo/fetch-branches`, { method: "POST", body: JSON.stringify({ repoUrl, provider }), signal: opts?.signal, @@ -136,7 +136,7 @@ export const useGithubAPICreation = () => { branch: string, opts?: { signal?: AbortSignal } ): Promise => { - const res = await authedFetch(`/api/v1/git/repo/branch/fetch-content`, { + const res = await authedFetch(`/api/v1alpha2/git/repo/branch/fetch-content`, { method: "POST", body: JSON.stringify({ repoUrl, provider, branch }), signal: opts?.signal, @@ -152,13 +152,13 @@ export const useGithubAPICreation = () => { [] ); - /** POST: /api/v1/api-projects/import */ + /** POST: /api/v1alpha2/api-projects/import */ const importApiProject = useCallback( async ( payload: ImportApiProjectRequest, opts?: { signal?: AbortSignal } ): Promise => { - const res = await authedFetch(`/api/v1/api-projects/import`, { + const res = await authedFetch(`/api/v1alpha2/api-projects/import`, { method: "POST", body: JSON.stringify(payload), signal: opts?.signal, diff --git a/portals/management-portal/src/hooks/apiPublish.ts b/portals/management-portal/src/hooks/apiPublish.ts index bd5fc1b806..dbb390a3e4 100644 --- a/portals/management-portal/src/hooks/apiPublish.ts +++ b/portals/management-portal/src/hooks/apiPublish.ts @@ -78,7 +78,7 @@ const normalizePublication = (item: any): ApiPublicationWithPortal => ({ export const useApiPublishApi = () => { const fetchPublications = useCallback(async (apiId: string): Promise => { const { token, baseUrl } = getApiConfig(); - const response = await fetch(`${baseUrl}/api/v1/apis/${apiId}/publications`, { + const response = await fetch(`${baseUrl}/api/v1alpha2/apis/${apiId}/publications`, { method: "GET", headers: { Authorization: `Bearer ${token}` }, }); @@ -95,7 +95,7 @@ export const useApiPublishApi = () => { const publishApiToDevPortal = useCallback(async (apiId: string, payload: ApiPublishPayload): Promise => { const { token, baseUrl } = getApiConfig(); - const response = await fetch(`${baseUrl}/api/v1/rest-apis/${apiId}/publications`, { + const response = await fetch(`${baseUrl}/api/v1alpha2/rest-apis/${apiId}/publications`, { method: "POST", headers: { Authorization: `Bearer ${token}`, @@ -116,7 +116,7 @@ export const useApiPublishApi = () => { const unpublishApiFromDevPortal = useCallback(async (apiId: string, devPortalId: string): Promise => { const { token, baseUrl } = getApiConfig(); - const response = await fetch(`${baseUrl}/api/v1/rest-apis/${apiId}/publications/${devPortalId}`, { + const response = await fetch(`${baseUrl}/api/v1alpha2/rest-apis/${apiId}/publications/${devPortalId}`, { method: "DELETE", headers: { Authorization: `Bearer ${token}`, diff --git a/portals/management-portal/src/hooks/apis.ts b/portals/management-portal/src/hooks/apis.ts index 4937c170da..39fd51333b 100644 --- a/portals/management-portal/src/hooks/apis.ts +++ b/portals/management-portal/src/hooks/apis.ts @@ -177,7 +177,7 @@ export const useApisApi = () => { body.contract = contract; } - const response = await fetch(`${baseUrl}/api/v1/apis`, { + const response = await fetch(`${baseUrl}/api/v1alpha2/apis`, { method: "POST", headers: { "Content-Type": "application/json", @@ -200,9 +200,9 @@ export const useApisApi = () => { ); /** - * Fetch from /api/v1/apis with optional projectId filter: - * - /api/v1/apis => all APIs in org - * - /api/v1/apis?projectId=.... => APIs for a specific project + * Fetch from /api/v1alpha2/apis with optional projectId filter: + * - /api/v1alpha2/apis => all APIs in org + * - /api/v1alpha2/apis?projectId=.... => APIs for a specific project */ const fetchProjectApis = useCallback( async (projectId: string): Promise => { @@ -210,8 +210,8 @@ export const useApisApi = () => { const url = projectId && projectId.length > 0 - ? `${baseUrl}/api/v1/apis?projectId=${encodeURIComponent(projectId)}` - : `${baseUrl}/api/v1/apis`; + ? `${baseUrl}/api/v1alpha2/apis?projectId=${encodeURIComponent(projectId)}` + : `${baseUrl}/api/v1alpha2/apis`; const response = await fetch(url, { method: "GET", @@ -251,7 +251,7 @@ export const useApisApi = () => { const fetchApi = useCallback(async (apiId: string): Promise => { const { token, baseUrl } = getApiConfig(); - const response = await fetch(`${baseUrl}/api/v1/apis/${apiId}`, { + const response = await fetch(`${baseUrl}/api/v1alpha2/apis/${apiId}`, { method: "GET", headers: { Authorization: `Bearer ${token}`, @@ -272,7 +272,7 @@ export const useApisApi = () => { const deleteApi = useCallback(async (apiId: string): Promise => { const { token, baseUrl } = getApiConfig(); - const response = await fetch(`${baseUrl}/api/v1/apis/${apiId}`, { + const response = await fetch(`${baseUrl}/api/v1alpha2/apis/${apiId}`, { method: "DELETE", headers: { Authorization: `Bearer ${token}`, @@ -293,7 +293,7 @@ export const useApisApi = () => { const { token, baseUrl } = getApiConfig(); const response = await fetch( - `${baseUrl}/api/v1/apis/${encodeURIComponent(apiId)}/gateways`, + `${baseUrl}/api/v1alpha2/apis/${encodeURIComponent(apiId)}/gateways`, { method: "GET", headers: { Authorization: `Bearer ${token}` }, @@ -339,7 +339,7 @@ export const useApisApi = () => { formData.append("definition", payload.definition); } - const res = await fetch(`${baseUrl}/api/v1/import/open-api`, { + const res = await fetch(`${baseUrl}/api/v1alpha2/import/open-api`, { method: "POST", headers: { Authorization: `Bearer ${token}`, @@ -380,7 +380,7 @@ export const useApisApi = () => { const payload = gatewayIds.map((gatewayId) => ({ gatewayId })); const response = await fetch( - `${baseUrl}/api/v1/apis/${encodeURIComponent(apiId)}/gateways`, + `${baseUrl}/api/v1alpha2/apis/${encodeURIComponent(apiId)}/gateways`, { method: "POST", headers: { diff --git a/portals/management-portal/src/hooks/deployments.ts b/portals/management-portal/src/hooks/deployments.ts index b0d1769cc2..7f231e4b36 100644 --- a/portals/management-portal/src/hooks/deployments.ts +++ b/portals/management-portal/src/hooks/deployments.ts @@ -58,7 +58,7 @@ export const useDeploymentsApi = () => { targets: DeployTargetRequest[] ): Promise => { const { token, baseUrl } = getApiConfig(); - const url = `${baseUrl}/api/v1/apis/${encodeURIComponent( + const url = `${baseUrl}/api/v1alpha2/apis/${encodeURIComponent( apiId )}/deploy-revision?revisionId=${encodeURIComponent(String(revisionId))}`; @@ -91,7 +91,7 @@ export const useDeploymentsApi = () => { const fetchApiDeployments = useCallback( async (apiId: string): Promise => { const { token, baseUrl } = getApiConfig(); - const url = `${baseUrl}/api/v1/apis/${encodeURIComponent(apiId)}/deployments`; + const url = `${baseUrl}/api/v1alpha2/apis/${encodeURIComponent(apiId)}/deployments`; const res = await fetch(url, { method: "GET", diff --git a/portals/management-portal/src/hooks/devportals.ts b/portals/management-portal/src/hooks/devportals.ts index c25176df6d..bf58a6c18f 100644 --- a/portals/management-portal/src/hooks/devportals.ts +++ b/portals/management-portal/src/hooks/devportals.ts @@ -54,7 +54,7 @@ export const useDevPortalsApi = () => { const fetchDevPortals = useCallback(async (): Promise => { const { token, baseUrl } = getApiConfig(); - const response = await fetch(`${baseUrl}/api/v1/devportals`, { + const response = await fetch(`${baseUrl}/api/v1alpha2/devportals`, { method: "GET", headers: { Authorization: `Bearer ${token}`, @@ -77,7 +77,7 @@ export const useDevPortalsApi = () => { async (uuid: string): Promise => { const { token, baseUrl } = getApiConfig(); - const response = await fetch(`${baseUrl}/api/v1/devportals/${uuid}`, { + const response = await fetch(`${baseUrl}/api/v1alpha2/devportals/${uuid}`, { method: "GET", headers: { Authorization: `Bearer ${token}`, @@ -101,7 +101,7 @@ export const useDevPortalsApi = () => { async (payload: CreatePortalPayload): Promise => { const { token, baseUrl } = getApiConfig(); - const response = await fetch(`${baseUrl}/api/v1/devportals`, { + const response = await fetch(`${baseUrl}/api/v1alpha2/devportals`, { method: "POST", headers: { Authorization: `Bearer ${token}`, @@ -130,7 +130,7 @@ export const useDevPortalsApi = () => { ): Promise => { const { token, baseUrl } = getApiConfig(); - const response = await fetch(`${baseUrl}/api/v1/devportals/${uuid}`, { + const response = await fetch(`${baseUrl}/api/v1alpha2/devportals/${uuid}`, { method: "PUT", headers: { Authorization: `Bearer ${token}`, @@ -156,7 +156,7 @@ export const useDevPortalsApi = () => { async (uuid: string): Promise => { const { token, baseUrl } = getApiConfig(); - const response = await fetch(`${baseUrl}/api/v1/devportals/${uuid}`, { + const response = await fetch(`${baseUrl}/api/v1alpha2/devportals/${uuid}`, { method: "DELETE", headers: { Authorization: `Bearer ${token}`, @@ -178,7 +178,7 @@ export const useDevPortalsApi = () => { const activateDevPortal = useCallback(async (uuid: string): Promise => { const { token, baseUrl } = getApiConfig(); - const response = await fetch(`${baseUrl}/api/v1/devportals/${uuid}/activate`, { + const response = await fetch(`${baseUrl}/api/v1alpha2/devportals/${uuid}/activate`, { method: "POST", headers: { Authorization: `Bearer ${token}`, diff --git a/portals/management-portal/src/hooks/gateways.ts b/portals/management-portal/src/hooks/gateways.ts index d3cb25e9bb..afe8deffee 100644 --- a/portals/management-portal/src/hooks/gateways.ts +++ b/portals/management-portal/src/hooks/gateways.ts @@ -77,7 +77,7 @@ export const useGatewaysApi = () => { const createGateway = useCallback( async (payload: CreateGatewayPayload): Promise => { const { token, baseUrl } = getApiConfig(); - const response = await fetch(`${baseUrl}/api/v1/gateways`, { + const response = await fetch(`${baseUrl}/api/v1alpha2/gateways`, { method: "POST", headers: { Authorization: `Bearer ${token}`, @@ -109,7 +109,7 @@ export const useGatewaysApi = () => { const fetchGateways = useCallback(async (): Promise => { const { token, baseUrl } = getApiConfig(); - const response = await fetch(`${baseUrl}/api/v1/gateways`, { + const response = await fetch(`${baseUrl}/api/v1alpha2/gateways`, { method: "GET", headers: { Authorization: `Bearer ${token}`, @@ -131,7 +131,7 @@ export const useGatewaysApi = () => { async (gatewayId: string): Promise => { const { token, baseUrl } = getApiConfig(); - const response = await fetch(`${baseUrl}/api/v1/gateways/${gatewayId}`, { + const response = await fetch(`${baseUrl}/api/v1alpha2/gateways/${gatewayId}`, { method: "GET", headers: { Authorization: `Bearer ${token}`, @@ -155,7 +155,7 @@ export const useGatewaysApi = () => { async (gatewayId: string): Promise => { const { token, baseUrl } = getApiConfig(); - const response = await fetch(`${baseUrl}/api/v1/gateways/${gatewayId}`, { + const response = await fetch(`${baseUrl}/api/v1alpha2/gateways/${gatewayId}`, { method: "DELETE", headers: { Authorization: `Bearer ${token}`, @@ -178,7 +178,7 @@ export const useGatewaysApi = () => { const { token, baseUrl } = getApiConfig(); const response = await fetch( - `${baseUrl}/api/v1/gateways/${payload.gatewayId}`, + `${baseUrl}/api/v1alpha2/gateways/${payload.gatewayId}`, { method: "DELETE", headers: { @@ -204,7 +204,7 @@ export const useGatewaysApi = () => { const { token, baseUrl } = getApiConfig(); const response = await fetch( - `${baseUrl}/api/v1/gateways/${gatewayId}/tokens`, + `${baseUrl}/api/v1alpha2/gateways/${gatewayId}/tokens`, { method: "POST", headers: { @@ -230,7 +230,7 @@ export const useGatewaysApi = () => { const fetchGatewayStatuses = useCallback( async (gatewayId?: string): Promise => { const { token, baseUrl } = getApiConfig(); - const url = new URL(`${baseUrl}/api/v1/gateways`); + const url = new URL(`${baseUrl}/api/v1alpha2/gateways`); if (gatewayId) url.searchParams.set("gatewayId", gatewayId); const response = await fetch(url.toString(), { diff --git a/portals/management-portal/src/hooks/orgs.tsx b/portals/management-portal/src/hooks/orgs.tsx index c122499ab3..be33e7fe97 100644 --- a/portals/management-portal/src/hooks/orgs.tsx +++ b/portals/management-portal/src/hooks/orgs.tsx @@ -41,7 +41,7 @@ export const useCreateOrganization = () => { ...overrides, }; - const response = await fetch(`${baseUrl}/api/v1/organizations`, { + const response = await fetch(`${baseUrl}/api/v1alpha2/organizations`, { method: "POST", headers: { "Content-Type": "application/json", @@ -113,7 +113,7 @@ export const useOrganizationsApi = () => { const fetchOrganizations = useCallback(async (): Promise => { const { token, baseUrl } = getApiConfig(); - const response = await fetch(`${baseUrl}/api/v1/organizations`, { + const response = await fetch(`${baseUrl}/api/v1alpha2/organizations`, { method: "GET", headers: { Authorization: `Bearer ${token}`, diff --git a/portals/management-portal/src/hooks/projects.ts b/portals/management-portal/src/hooks/projects.ts index 5726ff80e3..0c440fa834 100644 --- a/portals/management-portal/src/hooks/projects.ts +++ b/portals/management-portal/src/hooks/projects.ts @@ -26,7 +26,7 @@ export const useProjectsApi = () => { ): Promise => { const { token, baseUrl } = getApiConfig(); - const response = await fetch(`${baseUrl}/api/v1/projects`, { + const response = await fetch(`${baseUrl}/api/v1alpha2/projects`, { method: "POST", headers: { "Content-Type": "application/json", @@ -51,7 +51,7 @@ export const useProjectsApi = () => { const fetchProject = useCallback(async (projectId: string): Promise => { const { token, baseUrl } = getApiConfig(); - const response = await fetch(`${baseUrl}/api/v1/projects/${projectId}`, { + const response = await fetch(`${baseUrl}/api/v1alpha2/projects/${projectId}`, { method: "GET", headers: { Authorization: `Bearer ${token}`, @@ -73,7 +73,7 @@ export const useProjectsApi = () => { async (): Promise => { const { token, baseUrl } = getApiConfig(); - const response = await fetch(`${baseUrl}/api/v1/projects`, { + const response = await fetch(`${baseUrl}/api/v1alpha2/projects`, { method: "GET", headers: { Authorization: `Bearer ${token}`, @@ -106,7 +106,7 @@ export const useProjectsApi = () => { const deleteProject = useCallback(async (projectId: string): Promise => { const { token, baseUrl } = getApiConfig(); - const response = await fetch(`${baseUrl}/api/v1/projects/${projectId}`, { + const response = await fetch(`${baseUrl}/api/v1alpha2/projects/${projectId}`, { method: "DELETE", headers: { Authorization: `Bearer ${token}`, diff --git a/portals/management-portal/src/hooks/validation.ts b/portals/management-portal/src/hooks/validation.ts index 08837af154..151c28eb14 100644 --- a/portals/management-portal/src/hooks/validation.ts +++ b/portals/management-portal/src/hooks/validation.ts @@ -98,13 +98,13 @@ const authedFetch = async (path: string, init?: RequestInit) => { /** ----- Hook ----- */ export const useGithubProjectValidation = () => { - /** POST: /api/v1/api-projects/validate */ + /** POST: /api/v1alpha2/api-projects/validate */ const validateGithubApiProject = useCallback( async ( payload: GithubProjectValidationRequest, opts?: { signal?: AbortSignal } ): Promise => { - const res = await authedFetch(`/api/v1/api-projects/validate`, { + const res = await authedFetch(`/api/v1alpha2/api-projects/validate`, { method: "POST", body: JSON.stringify(payload), signal: opts?.signal, @@ -135,7 +135,7 @@ export const useOpenApiValidation = () => { const formData = new FormData(); formData.append("url", url); - const res = await fetch(`${baseUrl}/api/v1/validate/open-api`, { + const res = await fetch(`${baseUrl}/api/v1alpha2/validate/open-api`, { method: "POST", headers: { Authorization: `Bearer ${token}` }, body: formData, @@ -163,7 +163,7 @@ export const useOpenApiValidation = () => { const formData = new FormData(); formData.append("definition", file); - const res = await fetch(`${baseUrl}/api/v1/validate/open-api`, { + const res = await fetch(`${baseUrl}/api/v1alpha2/validate/open-api`, { method: "POST", headers: { Authorization: `Bearer ${token}` }, body: formData, @@ -186,7 +186,7 @@ export const useOpenApiValidation = () => { /** NEW: API uniqueness validation hook */ export const useApiUniquenessValidation = () => { - /** GET: /api/v1/apis/validate?name=...&version=... */ + /** GET: /api/v1alpha2/apis/validate?name=...&version=... */ const validateApiNameVersion = useCallback( async ( payload: ApiNameVersionValidationRequest, @@ -197,7 +197,7 @@ export const useApiUniquenessValidation = () => { version: payload.version, }).toString(); - const res = await authedFetch(`/api/v1/apis/validate?${qs}`, { + const res = await authedFetch(`/api/v1alpha2/apis/validate?${qs}`, { method: "GET", signal: opts?.signal, }); @@ -213,7 +213,7 @@ export const useApiUniquenessValidation = () => { [] ); - /** GET: /api/v1/apis/validate?identifier=... */ + /** GET: /api/v1alpha2/apis/validate?identifier=... */ const validateApiIdentifier = useCallback( async ( identifier: string, @@ -221,7 +221,7 @@ export const useApiUniquenessValidation = () => { ): Promise => { const qs = new URLSearchParams({ identifier }).toString(); - const res = await authedFetch(`/api/v1/apis/validate?${qs}`, { + const res = await authedFetch(`/api/v1alpha2/apis/validate?${qs}`, { method: "GET", signal: opts?.signal, }); diff --git a/portals/management-portal/src/pages/overview/StepTwoApis.tsx b/portals/management-portal/src/pages/overview/StepTwoApis.tsx index 66d1686a89..a085af8d1d 100644 --- a/portals/management-portal/src/pages/overview/StepTwoApis.tsx +++ b/portals/management-portal/src/pages/overview/StepTwoApis.tsx @@ -87,7 +87,7 @@ export default function StepTwoApis({ // -------- Display + Copy strings -------- const CMD_DISPLAY_MD = `\`\`\`bash -curl -X POST http://localhost:9090/api/management/v0.9/rest-apis \\ +curl -X POST http://localhost:9090/api/management/v1alpha2/rest-apis \\ -H "Content-Type: application/yaml" \\ --data-binary @- <<'EOF' version: api-platform.wso2.com/v1 @@ -106,7 +106,7 @@ spec: EOF \`\`\``; - const CMD_COPY = `curl -X POST http://localhost:9090/api/management/v0.9/rest-apis \\ + const CMD_COPY = `curl -X POST http://localhost:9090/api/management/v1alpha2/rest-apis \\ -H "Content-Type: application/yaml" \\ --data-binary @- <<'EOF' version: api-platform.wso2.com/v1 diff --git a/samples/ai-gw-llm-proxy/inject-mock.sh b/samples/ai-gw-llm-proxy/inject-mock.sh index 01bd0618fa..adb4a05e2e 100644 --- a/samples/ai-gw-llm-proxy/inject-mock.sh +++ b/samples/ai-gw-llm-proxy/inject-mock.sh @@ -23,7 +23,7 @@ fi MGMT_PORT="${MGMT_PORT:-9090}" INBOUND_API_KEY="${INBOUND_API_KEY:-demo-api-key}" -MGMT_BASE="http://localhost:${MGMT_PORT}/api/management/v0.9" +MGMT_BASE="http://localhost:${MGMT_PORT}/api/management/v1alpha2" AUTH="Authorization: Basic YWRtaW46YWRtaW4=" print_info "Registering LLM Provider (upstream: mock-llm-openai, policy: token-based-ratelimit)..." diff --git a/samples/ai-gw-llm-proxy/provider.yaml b/samples/ai-gw-llm-proxy/provider.yaml index fc0baf8acb..e6d64b0866 100644 --- a/samples/ai-gw-llm-proxy/provider.yaml +++ b/samples/ai-gw-llm-proxy/provider.yaml @@ -1,4 +1,4 @@ -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: openai-provider diff --git a/samples/ai-gw-llm-proxy/proxy.yaml b/samples/ai-gw-llm-proxy/proxy.yaml index ef5200d8b1..fecfa24235 100644 --- a/samples/ai-gw-llm-proxy/proxy.yaml +++ b/samples/ai-gw-llm-proxy/proxy.yaml @@ -1,4 +1,4 @@ -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProxy metadata: name: openai-assistant diff --git a/samples/llm-cost-control-and-privacy-control/llm-provider.yaml b/samples/llm-cost-control-and-privacy-control/llm-provider.yaml index 8921bf9b0d..b5c3b1a93d 100644 --- a/samples/llm-cost-control-and-privacy-control/llm-provider.yaml +++ b/samples/llm-cost-control-and-privacy-control/llm-provider.yaml @@ -1,4 +1,4 @@ -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProvider metadata: name: wso2-openai-provider diff --git a/samples/llm-cost-control-and-privacy-control/llm-proxy.yaml b/samples/llm-cost-control-and-privacy-control/llm-proxy.yaml index 510378c84d..8f921bf58b 100644 --- a/samples/llm-cost-control-and-privacy-control/llm-proxy.yaml +++ b/samples/llm-cost-control-and-privacy-control/llm-proxy.yaml @@ -1,4 +1,4 @@ -apiVersion: gateway.api-platform.wso2.com/v1alpha1 +apiVersion: gateway.api-platform.wso2.com/v1alpha2 kind: LlmProxy metadata: name: openai-proxy diff --git a/samples/llm-cost-control-and-privacy-control/setup.sh b/samples/llm-cost-control-and-privacy-control/setup.sh index dd774c354c..7e26e8426d 100755 --- a/samples/llm-cost-control-and-privacy-control/setup.sh +++ b/samples/llm-cost-control-and-privacy-control/setup.sh @@ -9,7 +9,7 @@ DIST_NAME="wso2apip-ai-gateway-${DIST_VERSION}" DIST_ZIP="${DIST_NAME}.zip" DIST_URL="https://github.com/wso2/api-platform/releases/download/ai-gateway/v${DIST_VERSION}/${DIST_ZIP}" -GATEWAY_MGMT_URL="http://localhost:9090/api/management/v0.9" +GATEWAY_MGMT_URL="http://localhost:9090/api/management/v1alpha2" GATEWAY_HEALTH_URL="http://localhost:9094/health" AUTH_HEADER="Authorization: Basic YWRtaW46YWRtaW4=" # admin:admin diff --git a/samples/llm-cost-control-and-privacy-control/teardown.sh b/samples/llm-cost-control-and-privacy-control/teardown.sh index b159bd436a..130264e223 100755 --- a/samples/llm-cost-control-and-privacy-control/teardown.sh +++ b/samples/llm-cost-control-and-privacy-control/teardown.sh @@ -8,7 +8,7 @@ DIST_VERSION="1.1.0" DIST_NAME="wso2apip-ai-gateway-${DIST_VERSION}" DIST_ZIP="${DIST_NAME}.zip" -GATEWAY_MGMT_URL="http://localhost:9090/api/management/v0.9" +GATEWAY_MGMT_URL="http://localhost:9090/api/management/v1alpha2" AUTH_HEADER="Authorization: Basic YWRtaW46YWRtaW4=" # admin:admin SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"