Multiple PlanPolicy scenario broken #1741
Description
When both HTTPRoute-level and Gateway-level PlanPolicies exist:
- PlanPolicy A (targeting HTTPRoute) creates → RateLimitPolicy A (targeting HTTPRoute). This RLP's status is Accepted and Enforced.
- PlanPolicy B (targeting Gateway) creates → RateLimitPolicy B (targeting Gateway). This RLP's status is Accepted and NOT Enforced. PlanPolicy B not Accepted.
So far so good. As expected. However, PlanPolicyA rules (which is Accepted and Enforced) no longer are enforced.
I checked the authconfig before and after applying the gateway level planpolicy. The controller has entirely replaced the mapping coming from route level planpolicy with the gateway level planpolicy. Thus, plan attribute is not correctly set in the authentication step and rate limiting gets broken.