Change CEL Path Strings to Support Only Major Policy Versions

policies/advanced-ratelimit/policy-definition.yaml

@@ -1,5 +1,5 @@
 name: advanced-ratelimit
-version: v0.1.3
+version: v0.1.4
 description: |
   Rate limiting policy supporting multiple algorithms (GCRA, Fixed Window), multi-dimensional quotas,
   weighted rate limiting, flexible key extraction, and both in-memory and Redis backends. Supports
@@ -317,7 +317,7 @@ systemParameters:
           but can allow up to 2x burst at window boundaries.
       enum: ["gcra", "fixed-window"]
       default: "gcra"
-      "wso2/defaultValue": "${config.policy_configurations.ratelimit_v010.algorithm}"
+      "wso2/defaultValue": "${config.policy_configurations.ratelimit_v0.algorithm}"
 
     backend:
       type: string
@@ -326,7 +326,7 @@ systemParameters:
         'redis' for distributed rate limiting across multiple gateway instances.
       enum: ["memory", "redis"]
       default: "memory"
-      "wso2/defaultValue": "${config.policy_configurations.ratelimit_v010.backend}"
+      "wso2/defaultValue": "${config.policy_configurations.ratelimit_v0.backend}"
 
     redis:
       type: object
@@ -337,39 +337,39 @@ systemParameters:
           type: string
           description: Redis server hostname or IP address
           default: "localhost"
-          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v010.redis.host}"
+          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v0.redis.host}"
 
         port:
           type: integer
           description: Redis server port
           minimum: 1
           maximum: 65535
           default: 6379
-          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v010.redis.port}"
+          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v0.redis.port}"
 
         password:
           type: string
           description: Redis authentication password (optional)
-          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v010.redis.password}"
+          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v0.redis.password}"
 
         username:
           type: string
           description: Redis ACL username (optional, Redis 6+)
-          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v010.redis.username}"
+          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v0.redis.username}"
 
         db:
           type: integer
           description: Redis database number
           minimum: 0
           maximum: 15
           default: 0
-          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v010.redis.db}"
+          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v0.redis.db}"
 
         keyPrefix:
           type: string
           description: Prefix for all Redis keys to avoid conflicts
           default: "ratelimit:v1:"
-          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v010.redis.key_prefix}"
+          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v0.redis.key_prefix}"
 
         failureMode:
           type: string
@@ -378,25 +378,25 @@ systemParameters:
             'closed' denies requests. Recommended: 'open' for availability.
           enum: ["open", "closed"]
           default: "open"
-          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v010.redis.failure_mode}"
+          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v0.redis.failure_mode}"
 
         connectionTimeout:
           type: string
           description: Redis connection timeout (Go duration string)
           default: "5s"
-          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v010.redis.connection_timeout}"
+          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v0.redis.connection_timeout}"
 
         readTimeout:
           type: string
           description: Redis read timeout (Go duration string)
           default: "3s"
-          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v010.redis.read_timeout}"
+          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v0.redis.read_timeout}"
 
         writeTimeout:
           type: string
           description: Redis write timeout (Go duration string)
           default: "3s"
-          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v010.redis.write_timeout}"
+          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v0.redis.write_timeout}"
 
     memory:
       type: object
@@ -411,15 +411,15 @@ systemParameters:
           minimum: 100
           maximum: 10000000
           default: 10000
-          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v010.memory.max_entries}"
+          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v0.memory.max_entries}"
 
         cleanupInterval:
           type: string
           description: |
             Interval for cleaning up expired entries (Go duration string).
             Use "0" to disable periodic cleanup.
           default: "5m"
-          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v010.memory.cleanup_interval}"
+          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v0.memory.cleanup_interval}"
 
     headers:
       type: object
@@ -432,20 +432,20 @@ systemParameters:
             Include X-RateLimit-* headers (de facto industry standard).
             Headers: X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset
           default: true
-          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v010.headers.include_x_rate_limit}"
+          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v0.headers.include_x_rate_limit}"
 
         includeIETF:
           type: boolean
           description: |
             Include IETF RateLimit headers (draft standard).
             Headers: RateLimit-Limit, RateLimit-Remaining, RateLimit-Reset, RateLimit-Policy
           default: true
-          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v010.headers.include_ietf}"
+          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v0.headers.include_ietf}"
 
         includeRetryAfter:
           type: boolean
           description: |
             Include Retry-After header when rate limited (RFC 7231).
             Only set on 429 responses.
           default: true
-          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v010.headers.include_retry_after}"
+          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v0.headers.include_retry_after}"

policies/basic-ratelimit/policy-definition.yaml

@@ -1,5 +1,5 @@
 name: basic-ratelimit
-version: v0.1.2
+version: v0.1.3
 description: |
   Simple request rate limiting policy that limits the number of requests per time window.
   Uses route name as the rate limit key. For advanced rate limiting with multi-dimensional
@@ -51,7 +51,7 @@ systemParameters:
           but can allow up to 2x burst at window boundaries.
       enum: ["gcra", "fixed-window"]
       default: "gcra"
-      "wso2/defaultValue": "${config.policy_configurations.ratelimit_v010.algorithm}"
+      "wso2/defaultValue": "${config.policy_configurations.ratelimit_v0.algorithm}"
 
     backend:
       type: string
@@ -60,7 +60,7 @@ systemParameters:
         'redis' for distributed rate limiting across multiple gateway instances.
       enum: ["memory", "redis"]
       default: "memory"
-      "wso2/defaultValue": "${config.policy_configurations.ratelimit_v010.backend}"
+      "wso2/defaultValue": "${config.policy_configurations.ratelimit_v0.backend}"
 
     redis:
       type: object
@@ -71,39 +71,39 @@ systemParameters:
           type: string
           description: Redis server hostname or IP address
           default: "localhost"
-          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v010.redis.host}"
+          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v0.redis.host}"
 
         port:
           type: integer
           description: Redis server port
           minimum: 1
           maximum: 65535
           default: 6379
-          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v010.redis.port}"
+          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v0.redis.port}"
 
         password:
           type: string
           description: Redis authentication password (optional)
-          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v010.redis.password}"
+          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v0.redis.password}"
 
         username:
           type: string
           description: Redis ACL username (optional, Redis 6+)
-          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v010.redis.username}"
+          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v0.redis.username}"
 
         db:
           type: integer
           description: Redis database number
           minimum: 0
           maximum: 15
           default: 0
-          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v010.redis.db}"
+          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v0.redis.db}"
 
         keyPrefix:
           type: string
           description: Prefix for all Redis keys to avoid conflicts
           default: "ratelimit:v1:"
-          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v010.redis.key_prefix}"
+          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v0.redis.key_prefix}"
 
         failureMode:
           type: string
@@ -112,25 +112,25 @@ systemParameters:
             'closed' denies requests. Recommended: 'open' for availability.
           enum: ["open", "closed"]
           default: "open"
-          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v010.redis.failure_mode}"
+          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v0.redis.failure_mode}"
 
         connectionTimeout:
           type: string
           description: Redis connection timeout (Go duration string)
           default: "5s"
-          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v010.redis.connection_timeout}"
+          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v0.redis.connection_timeout}"
 
         readTimeout:
           type: string
           description: Redis read timeout (Go duration string)
           default: "3s"
-          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v010.redis.read_timeout}"
+          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v0.redis.read_timeout}"
 
         writeTimeout:
           type: string
           description: Redis write timeout (Go duration string)
           default: "3s"
-          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v010.redis.write_timeout}"
+          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v0.redis.write_timeout}"
 
     memory:
       type: object
@@ -145,12 +145,12 @@ systemParameters:
           minimum: 100
           maximum: 10000000
           default: 10000
-          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v010.memory.max_entries}"
+          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v0.memory.max_entries}"
 
         cleanupInterval:
           type: string
           description: |
             Interval for cleaning up expired entries (Go duration string).
             Use "0" to disable periodic cleanup.
           default: "5m"
-          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v010.memory.cleanup_interval}"
+          "wso2/defaultValue": "${config.policy_configurations.ratelimit_v0.memory.cleanup_interval}"

policies/jwt-auth/policy-definition.yaml

@@ -1,5 +1,5 @@
 name: jwt-auth
-version: v0.1.2
+version: v0.1.3
 description: |
   Validates JWT access tokens using one or more JWKS providers (key managers).
   System-level configuration holds key manager endpoints and fetch behavior.
@@ -120,72 +120,72 @@ systemParameters:
                   certificatePath:
                     type: string
                     description: Path to certificate or public key file (e.g., /etc/certs/public.pem).
-      "wso2/defaultValue": "${config.policy_configurations.jwtauth_v010.keymanagers}"
+      "wso2/defaultValue": "${config.policy_configurations.jwtauth_v0.keymanagers}"
 
     jwksCacheTtl:
       type: string
       description: Duration string for JWKS caching (e.g., "5m"). If omitted a default is used.
-      "wso2/defaultValue": "${config.policy_configurations.jwtauth_v010.jwkscachettl}"
+      "wso2/defaultValue": "${config.policy_configurations.jwtauth_v0.jwkscachettl}"
 
     jwksFetchTimeout:
       type: string
       description: Timeout for HTTP fetch of JWKS, e.g., "5s".
-      "wso2/defaultValue": "${config.policy_configurations.jwtauth_v010.jwksfetchtimeout}"
+      "wso2/defaultValue": "${config.policy_configurations.jwtauth_v0.jwksfetchtimeout}"
 
     jwksFetchRetryCount:
       type: integer
       description: Number of retries for JWKS fetch on transient failures.
-      "wso2/defaultValue": "${config.policy_configurations.jwtauth_v010.jwksfetchretrycount}"
+      "wso2/defaultValue": "${config.policy_configurations.jwtauth_v0.jwksfetchretrycount}"
 
     jwksFetchRetryInterval:
       type: string
       description: Interval between JWKS fetch retries, e.g., "2s".
-      "wso2/defaultValue": "${config.policy_configurations.jwtauth_v010.jwksfetchretryinterval}"
+      "wso2/defaultValue": "${config.policy_configurations.jwtauth_v0.jwksfetchretryinterval}"
 
     allowedAlgorithms:
       type: array
       description: Allowed JWT signing algorithms (e.g., ["RS256","ES256"]).
       items:
         type: string
-      "wso2/defaultValue": "${config.policy_configurations.jwtauth_v010.allowedalgorithms}"
+      "wso2/defaultValue": "${config.policy_configurations.jwtauth_v0.allowedalgorithms}"
 
     leeway:
       type: string
       description: Clock skew allowance for exp/nbf checks, e.g., "30s".
-      "wso2/defaultValue": "${config.policy_configurations.jwtauth_v010.leeway}"
+      "wso2/defaultValue": "${config.policy_configurations.jwtauth_v0.leeway}"
 
     authHeaderScheme:
       type: string
       description: Expected scheme prefix in the authorization header (e.g., "Bearer"). If set, runtime enforces the scheme; if omitted, runtime may accept raw header values or strip known schemes.
       default: Bearer
-      "wso2/defaultValue": "${config.policy_configurations.jwtauth_v010.authheaderscheme}"
+      "wso2/defaultValue": "${config.policy_configurations.jwtauth_v0.authheaderscheme}"
 
     headerName:
       type: string
       description: Header name to extract token from (default "Authorization").
       default: Authorization
-      "wso2/defaultValue": "${config.policy_configurations.jwtauth_v010.headername}"
+      "wso2/defaultValue": "${config.policy_configurations.jwtauth_v0.headername}"
 
     onFailureStatusCode:
       type: integer
       description: HTTP status code to return on authentication failure (401 for Unauthorized, 403 for Forbidden).
       default: 401
-      "wso2/defaultValue": "${config.policy_configurations.jwtauth_v010.onfailurestatuscode}"
+      "wso2/defaultValue": "${config.policy_configurations.jwtauth_v0.onfailurestatuscode}"
 
     errorMessageFormat:
       type: string
       description: Format of error response on JWT validation failure. Supported values are "json" (structured error), "plain" (plain text), or "minimal" (minimal response).
       default: json
-      "wso2/defaultValue": "${config.policy_configurations.jwtauth_v010.errormessageformat}"
+      "wso2/defaultValue": "${config.policy_configurations.jwtauth_v0.errormessageformat}"
 
     errorMessage:
       type: string
       description: Custom error message to include in the response body on authentication failure.
-      "wso2/defaultValue": "${config.policy_configurations.jwtauth_v010.errormessage}"
+      "wso2/defaultValue": "${config.policy_configurations.jwtauth_v0.errormessage}"
 
     validateIssuer:
       type: boolean
       description: Whether to validate the token's issuer claim against configured key managers.
-      "wso2/defaultValue": "${config.policy_configurations.jwtauth_v010.validateissuer}"
+      "wso2/defaultValue": "${config.policy_configurations.jwtauth_v0.validateissuer}"
 
   required: ["keyManagers"]