Skip to content

Commit

Permalink
Fix example 1 so it's clear the HTTPRouteMatch does not have to entir…
Browse files Browse the repository at this point in the history
…ely stated within the trigger matches, but only a portion of it will do (if that portion is enough to scope the limit)
  • Loading branch information
guicassolato committed Mar 21, 2023
1 parent 01b9a70 commit a775286
Showing 1 changed file with 1 addition and 6 deletions.
7 changes: 1 addition & 6 deletions rfcs/0000-rlp-v2.md
Original file line number Diff line number Diff line change
Expand Up @@ -164,7 +164,7 @@ spec:
In this example, a distinct limit will be associated ("bound") to each individual HTTPRouteRule of the targeted HTTPRoute, by using the `triggers` field for selecting (or "sub-targeting") the HTTPRouteRule.

The following limit definitions will be bound to each HTTPRouteRule:
- `GET|POST /toys*` → 50rpm, enforced per username (counter qualifier) and only in case the user is not an admin ("soft" condition).
- `/toys*` → 50rpm, enforced per username (counter qualifier) and only in case the user is not an admin ("soft" condition).
- `/assets/*` → 5rpm / 100rp12h

Each set of trigger matches in the RLP will be matched to **all** HTTPRouteRules whose HTTPRouteMatches is a superset of the set of trigger matches in the RLP. For every HTTPRouteRule matched, the HTTPRouteRule will be bound to the corresponding limit definition that specifies that trigger. In case no HTTPRouteRule is found containing at least one HTTPRouteMatch that is identical to some set of matching rules of a particular limit definition, the limit definition is considered invalid and reported as such in the status of RLP.
Expand Down Expand Up @@ -193,11 +193,6 @@ spec:
- path:
type: PathPrefix
value: "/toys"
method: GET
- path:
type: PathPrefix
value: "/toys"
method: POST
when:
- selector: auth.identity.group
operator: neq
Expand Down

0 comments on commit a775286

Please sign in to comment.