Global RateLimit Xds translation

[arkodg]

• Enhance XdsIR with RateLimit to hold rate limiting config.

• Translate IR field into route level rate limit actions

This PR specifically implements this points

 * The xDS IR will be enhanced to hold the user facing rate limit intent.
 * The xDS Translator will be enhanced to translate the rate limit field within the xDS IR into Rate limit [Actions][] as well as instantiate the [rate limit filter][].

stated in #858

Relates to #670

Signed-off-by: Arko Dasgupta arko@tetrate.io

[codecov-commenter]

Codecov Report

Merging #726 (8a097f3) into main (a0be2d8) will increase coverage by 0.03%.
The diff coverage is 65.54%.

@@            Coverage Diff             @@
##             main     #726      +/-   ##
==========================================
+ Coverage   63.93%   63.97%   +0.03%     
==========================================
  Files          51       52       +1     
  Lines        6863     7136     +273     
==========================================
+ Hits         4388     4565     +177     
- Misses       2201     2286      +85     
- Partials      274      285      +11     

Impacted Files	Coverage Δ
internal/ir/xds.go	78.06% <0.00%> (-1.48%)	⬇️
internal/ir/zz_generated.deepcopy.go	14.84% <0.00%> (-2.47%)	⬇️
internal/xds/translator/route.go	84.78% <0.00%> (-1.13%)	⬇️
internal/xds/translator/listener.go	81.16% <25.00%> (-0.74%)	⬇️
internal/xds/translator/translator.go	74.12% <71.42%> (-0.47%)	⬇️
internal/xds/translator/ratelimit.go	96.36% <96.36%> (ø)
internal/provider/kubernetes/helpers.go	73.77% <0.00%> (-4.10%)	⬇️
internal/provider/kubernetes/controller.go	47.03% <0.00%> (ø)
internal/gatewayapi/validate.go	90.86% <0.00%> (+0.34%)	⬆️

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

[arkodg]

this PR tries to keep all API Gateway functionality in a separate file, to simplify the core xds translation logic using the pattern of patching xds resources, might be useful to peruse in #813 @danehans

[danehans]

@arkodg I don't understand why RateLimit doesn't use any of the RateLimitFilter fields. For example, #813 uses JwtAuthenticationFilterProvider instead of recreating the type in the IR. Since we own extension APIs, e.g. RateLimitFilter, we should leverage these types as much as possible.

[arkodg]

creating a decoupling from Front End as well as Back End API, that was the main goal of the IR, which is why we created custom structures even for known structures such as StringMatch

[arkodg]

as you mentioned, since the project owns the structure, should be safe to reuse it, but the structure fields are also arranged differently to facilitate better translation (more machine friendly than user friendly)

[danehans]

@arkodg regarding #726 (comment), thanks for the suggestion. #813 focuses solely on the xds IR changes. I plan to submit a follow-on PR that adds AuthenticationFilter support to the xds translator. I'll look at following the pattern here for the follow-on PR.