Support {*} and {**} operators in APIRule v2alpha1 path

[strekm]

Description

Based on outcome of POC and requirements from #1297 extends APIRule v2alpha1 path to support {*} and {**}. {*} and {**} behaviour is matching the one described in AP. It should be possible to use mentioned operators accordingly as described in AP docu. /* is considered secial case in APIRule and it represents wildcard match.

Supported validation examples:

• /headers
• /status/{*}
• /anything/{**}/hello
• /*

Not supported:

• /a/* -> this was not working in v1beta1, so there is no reason to support this use case.

For more information see the paths field description in Istio documentation.

TODOs:

• Extend CRD validation
• Improve path validation
• Integration tests for different scenarios
• Check VS and AP builders if they need adapting
• Report issue to Istio about when {**} is used twice --> email sent

ACs:

• it is possible to use {*} and {**} in path
• {*} and {**} behaviour is matching Istio AuthorizationPolicy behaviour
• /* matches anything
• path is validated including above rules
• path is documented

PRs:

• Introduce support for the path operators {*} and {**} #1411

Reasons
Provide convenience for users exposing their workloads

DoD:

• Provide unit and integration tests.
• Provide documentation.
• Verify if the solution works for both open-source Kyma and SAP BTP, Kyma runtime.
• If you changed the resource limits, explain why it was needed.
• Verify that your contributions don't decrease code coverage. If they do, explain why this is the case.
• Add release notes.

Attachments
https://istio.io/latest/docs/reference/config/security/authorization-policy/#Operation
fixes: #1297