From 1912999c921eec23092c5e0d1613f4248fbc8517 Mon Sep 17 00:00:00 2001
From: Bart Smykla <bartek@smykla.com>
Date: Wed, 25 Oct 2023 08:01:32 +0200
Subject: [PATCH] fix(kuma-cp): fix Zone{In|E}gress sync when no mesh (#8129)

- Add ZoneEgresses to AggregatetMeshContexts when there is no mesh.
- Sync ZoneIngresses and ZoneEgresses only when the hash changes.
- Return an error with the correct resource type (ZoneEgress) when
  a ZoneEgress cannot be found.

Signed-off-by: Bart Smykla <bartek@smykla.com>
---
 pkg/xds/context/aggregate_mesh_context.go | 15 ++++++++++++++-
 pkg/xds/context/mesh_context_builder.go   | 10 +++++-----
 pkg/xds/sync/dataplane_watchdog.go        | 12 ++++++------
 pkg/xds/sync/egress_proxy_builder.go      |  2 +-
 4 files changed, 26 insertions(+), 13 deletions(-)

diff --git a/pkg/xds/context/aggregate_mesh_context.go b/pkg/xds/context/aggregate_mesh_context.go
index ad98935c051d..62b8b446fd03 100644
--- a/pkg/xds/context/aggregate_mesh_context.go
+++ b/pkg/xds/context/aggregate_mesh_context.go
@@ -32,15 +32,28 @@ func AggregateMeshContexts(
 		meshContextsByName[mesh.Meta.GetName()] = meshCtx
 	}
 
+	hash := aggregatedHash(meshContexts)
+
 	egressByName := map[string]*core_mesh.ZoneEgressResource{}
 	if len(meshContexts) > 0 {
 		for _, egress := range meshContexts[0].Resources.ZoneEgresses().Items {
 			egressByName[egress.Meta.GetName()] = egress
 		}
+	} else {
+		var egressList core_mesh.ZoneEgressResourceList
+		if err := resManager.List(ctx, &egressList, core_store.ListOrdered()); err != nil {
+			return AggregatedMeshContexts{}, err
+		}
+
+		for _, egress := range egressList.GetItems() {
+			egressByName[egress.GetMeta().GetName()] = egress.(*core_mesh.ZoneEgressResource)
+		}
+
+		hash = sha256.Hash(hashResources(egressList.GetItems()...))
 	}
 
 	result := AggregatedMeshContexts{
-		Hash:               aggregatedHash(meshContexts),
+		Hash:               hash,
 		Meshes:             meshList.Items,
 		MeshContextsByName: meshContextsByName,
 		ZoneEgressByName:   egressByName,
diff --git a/pkg/xds/context/mesh_context_builder.go b/pkg/xds/context/mesh_context_builder.go
index 295a649e59cc..d86a52096fdd 100644
--- a/pkg/xds/context/mesh_context_builder.go
+++ b/pkg/xds/context/mesh_context_builder.go
@@ -329,19 +329,19 @@ func (m *meshContextBuilder) hash(mesh *core_mesh.MeshResource, resources Resour
 			allResources = append(allResources, rl.GetItems()...)
 		}
 	}
-	return sha256.Hash(m.hashResources(allResources...))
+	return sha256.Hash(hashResources(allResources...))
 }
 
-func (m *meshContextBuilder) hashResources(rs ...core_model.Resource) string {
-	hashes := []string{}
+func hashResources(rs ...core_model.Resource) string {
+	var hashes []string
 	for _, r := range rs {
-		hashes = append(hashes, m.hashResource(r))
+		hashes = append(hashes, hashResource(r))
 	}
 	sort.Strings(hashes)
 	return strings.Join(hashes, ",")
 }
 
-func (m *meshContextBuilder) hashResource(r core_model.Resource) string {
+func hashResource(r core_model.Resource) string {
 	switch v := r.(type) {
 	// In case of hashing Dataplane we are also adding '.Spec.Networking.Address' and `.Spec.Networking.Ingress.PublicAddress` into hash.
 	// The address could be a domain name and right now we resolve it right after fetching
diff --git a/pkg/xds/sync/dataplane_watchdog.go b/pkg/xds/sync/dataplane_watchdog.go
index d01af15a99bc..fcc76ef394bc 100644
--- a/pkg/xds/sync/dataplane_watchdog.go
+++ b/pkg/xds/sync/dataplane_watchdog.go
@@ -180,9 +180,9 @@ func (d *DataplaneWatchdog) syncIngress(ctx context.Context, metadata *core_xds.
 		result.Status = SkipStatus
 		return result, nil
 	}
-	if syncForConfig {
-		d.log.V(1).Info("snapshot hash updated, reconcile", "prev", d.lastHash, "current", aggregatedMeshCtxs.Hash)
-	}
+
+	d.log.V(1).Info("snapshot hash updated, reconcile", "prev", d.lastHash, "current", aggregatedMeshCtxs.Hash)
+	d.lastHash = aggregatedMeshCtxs.Hash
 
 	proxy, err := d.IngressProxyBuilder.Build(ctx, d.key, aggregatedMeshCtxs)
 	if err != nil {
@@ -228,9 +228,9 @@ func (d *DataplaneWatchdog) syncEgress(ctx context.Context, metadata *core_xds.D
 		result.Status = SkipStatus
 		return result, nil
 	}
-	if syncForConfig {
-		d.log.V(1).Info("snapshot hash updated, reconcile", "prev", d.lastHash, "current", aggregatedMeshCtxs.Hash)
-	}
+
+	d.log.V(1).Info("snapshot hash updated, reconcile", "prev", d.lastHash, "current", aggregatedMeshCtxs.Hash)
+	d.lastHash = aggregatedMeshCtxs.Hash
 
 	proxy, err := d.EgressProxyBuilder.Build(ctx, d.key, aggregatedMeshCtxs)
 	if err != nil {
diff --git a/pkg/xds/sync/egress_proxy_builder.go b/pkg/xds/sync/egress_proxy_builder.go
index e773f758fb6d..395ff3c73637 100644
--- a/pkg/xds/sync/egress_proxy_builder.go
+++ b/pkg/xds/sync/egress_proxy_builder.go
@@ -30,7 +30,7 @@ func (p *EgressProxyBuilder) Build(
 ) (*core_xds.Proxy, error) {
 	zoneEgress, ok := aggregatedMeshCtxs.ZoneEgressByName[key.Name]
 	if !ok {
-		return nil, core_store.ErrorResourceNotFound(core_mesh.DataplaneType, key.Name, key.Mesh)
+		return nil, core_store.ErrorResourceNotFound(core_mesh.ZoneEgressType, key.Name, key.Mesh)
 	}
 
 	// As egress is using SNI to identify the services, we need to filter out