rough validation

regex's might need more work

Author: pdabelf5

pkg/apis/configuration/v1/types.go

@@ -600,27 +600,32 @@ type AccessControl struct {
 
 // RateLimit defines a rate limit policy.
 type RateLimit struct {
-	Rate       string              `json:"rate"`
-	Key        string              `json:"key"`
-	Delay      *int                `json:"delay"`
-	NoDelay    *bool               `json:"noDelay"`
-	Burst      *int                `json:"burst"`
-	ZoneSize   string              `json:"zoneSize"`
-	DryRun     *bool               `json:"dryRun"`
-	LogLevel   string              `json:"logLevel"`
-	RejectCode *int                `json:"rejectCode"`
-	Scale      bool                `json:"scale"`
-	Condition  *RateLimitCondition `json:"condition"`
-}
-
-// TODO: add valition at CRD level
+	Rate       string `json:"rate"`
+	Key        string `json:"key"`
+	Delay      *int   `json:"delay"`
+	NoDelay    *bool  `json:"noDelay"`
+	Burst      *int   `json:"burst"`
+	ZoneSize   string `json:"zoneSize"`
+	DryRun     *bool  `json:"dryRun"`
+	LogLevel   string `json:"logLevel"`
+	RejectCode *int   `json:"rejectCode"`
+	Scale      bool   `json:"scale"`
+	// +kubebuilder:validation:Optional
+	Condition *RateLimitCondition `json:"condition"`
+}
+
 type RateLimitCondition struct {
-	JWT     JWTCondition `json:"jwt"`
-	Default bool         `json:"default"`
+	JWT JWTCondition `json:"jwt"`
+	// +kubebuilder:validation:Optional
+	Default bool `json:"default"`
 }
 
 type JWTCondition struct {
+	// +kubebuilder:validation:Required
+	// +kubebuilder:validation:Pattern=^([^$\s"'])*$
 	Claim string `json:"claim"`
+	// +kubebuilder:validation:Required
+	// +kubebuilder:validation:Pattern=^([^$\s."'])*$
 	Match string `json:"match"`
 }