feat(*): add traffic split in permissive mode

resolves #2527

Signed-off-by: Michelle Noorali <minooral@microsoft.com>

pkg/catalog/outbound_traffic_policies.go

@@ -18,18 +18,17 @@ import (
 // Note: ServiceIdentity must be in the format "name.namespace" [https://github.com/openservicemesh/osm/issues/3188]
 func (mc *MeshCatalog) ListOutboundTrafficPolicies(downstreamIdentity identity.ServiceIdentity) []*trafficpolicy.OutboundTrafficPolicy {
 	downstreamServiceAccount := downstreamIdentity.ToK8sServiceAccount()
-	if mc.configurator.IsPermissiveTrafficPolicyMode() {
-		var outboundPolicies []*trafficpolicy.OutboundTrafficPolicy
-		mergedPolicies := trafficpolicy.MergeOutboundPolicies(DisallowPartialHostnamesMatch, outboundPolicies, mc.buildOutboundPermissiveModePolicies(downstreamServiceAccount.Namespace)...)
-		outboundPolicies = mergedPolicies
-		return outboundPolicies
-	}
 
-	outbound := mc.listOutboundPoliciesForTrafficTargets(downstreamIdentity)
 	outboundPoliciesFromSplits := mc.listOutboundTrafficPoliciesForTrafficSplits(downstreamServiceAccount.Namespace)
-	outbound = trafficpolicy.MergeOutboundPolicies(AllowPartialHostnamesMatch, outbound, outboundPoliciesFromSplits...)
 
-	return outbound
+	if mc.configurator.IsPermissiveTrafficPolicyMode() {
+		permissiveOutboundPolicies := mc.buildOutboundPermissiveModePolicies(downstreamServiceAccount.Namespace)
+		//TODO: I don't see a reason to disallow partial hostname match. Will follow up on this.
+		return trafficpolicy.MergeOutboundPolicies(DisallowPartialHostnamesMatch, permissiveOutboundPolicies, outboundPoliciesFromSplits...)
+	}
+
+	allowedOutboundPolicies := mc.listOutboundPoliciesForTrafficTargets(downstreamIdentity)
+	return trafficpolicy.MergeOutboundPolicies(AllowPartialHostnamesMatch, allowedOutboundPolicies, outboundPoliciesFromSplits...)
 }
 
 // listOutboundPoliciesForTrafficTargets loops through all SMI Traffic Target resources and returns outbound traffic policies

pkg/catalog/outbound_traffic_policies_test.go

@@ -328,6 +328,95 @@ func TestListOutboundTrafficPolicies(t *testing.T) {
 			},
 			permissiveMode: true,
 		},
+		{
+			name:                "permissive mode with traffic splits",
+			downstreamSA:        tests.BookbuyerServiceIdentity,
+			apexMeshServices:    []service.MeshService{tests.BookstoreApexService},
+			meshServices:        []service.MeshService{tests.BookstoreV1Service, tests.BookstoreV2Service, tests.BookbuyerService},
+			meshServiceAccounts: []identity.K8sServiceAccount{tests.BookbuyerServiceAccount, tests.BookstoreServiceAccount},
+			trafficsplits:       []*split.TrafficSplit{&tests.TrafficSplit},
+			traffictargets:      []*access.TrafficTarget{},
+			trafficspecs:        []*spec.HTTPRouteGroup{},
+			expectedOutbound: []*trafficpolicy.OutboundTrafficPolicy{
+				{
+					Name:      "bookstore-apex.default.svc.cluster.local",
+					Hostnames: tests.BookstoreApexHostnames,
+					Routes: []*trafficpolicy.RouteWeightedClusters{
+						{
+							HTTPRouteMatch: tests.WildCardRouteMatch,
+							WeightedClusters: mapset.NewSetFromSlice([]interface{}{
+								service.WeightedCluster{ClusterName: "default/bookstore-v1", Weight: 90},
+								service.WeightedCluster{ClusterName: "default/bookstore-v2", Weight: 10},
+							}),
+						},
+					},
+				},
+				{
+					Name: "bookstore-v1.default.svc.cluster.local",
+					Hostnames: []string{
+						"bookstore-v1",
+						"bookstore-v1.default",
+						"bookstore-v1.default.svc",
+						"bookstore-v1.default.svc.cluster",
+						"bookstore-v1.default.svc.cluster.local",
+						"bookstore-v1:8888",
+						"bookstore-v1.default:8888",
+						"bookstore-v1.default.svc:8888",
+						"bookstore-v1.default.svc.cluster:8888",
+						"bookstore-v1.default.svc.cluster.local:8888",
+					},
+					Routes: []*trafficpolicy.RouteWeightedClusters{
+						{
+							HTTPRouteMatch:   tests.WildCardRouteMatch,
+							WeightedClusters: mapset.NewSet(tests.BookstoreV1DefaultWeightedCluster),
+						},
+					},
+				},
+				{
+					Name: "bookstore-v2.default.svc.cluster.local",
+					Hostnames: []string{
+						"bookstore-v2",
+						"bookstore-v2.default",
+						"bookstore-v2.default.svc",
+						"bookstore-v2.default.svc.cluster",
+						"bookstore-v2.default.svc.cluster.local",
+						"bookstore-v2:8888",
+						"bookstore-v2.default:8888",
+						"bookstore-v2.default.svc:8888",
+						"bookstore-v2.default.svc.cluster:8888",
+						"bookstore-v2.default.svc.cluster.local:8888",
+					},
+					Routes: []*trafficpolicy.RouteWeightedClusters{
+						{
+							HTTPRouteMatch:   tests.WildCardRouteMatch,
+							WeightedClusters: mapset.NewSet(tests.BookstoreV2DefaultWeightedCluster),
+						},
+					},
+				},
+				{
+					Name: "bookbuyer.default.svc.cluster.local",
+					Hostnames: []string{
+						"bookbuyer",
+						"bookbuyer.default",
+						"bookbuyer.default.svc",
+						"bookbuyer.default.svc.cluster",
+						"bookbuyer.default.svc.cluster.local",
+						"bookbuyer:8888",
+						"bookbuyer.default:8888",
+						"bookbuyer.default.svc:8888",
+						"bookbuyer.default.svc.cluster:8888",
+						"bookbuyer.default.svc.cluster.local:8888",
+					},
+					Routes: []*trafficpolicy.RouteWeightedClusters{
+						{
+							HTTPRouteMatch:   tests.WildCardRouteMatch,
+							WeightedClusters: mapset.NewSet(tests.BookbuyerDefaultWeightedCluster),
+						},
+					},
+				},
+			},
+			permissiveMode: true,
+		},
 	}
 
 	for _, tc := range testCases {
@@ -364,6 +453,7 @@ func TestListOutboundTrafficPolicies(t *testing.T) {
 				}
 				mockKubeController.EXPECT().ListServices().Return(services).AnyTimes()
 				mockKubeController.EXPECT().ListServiceAccounts().Return(serviceAccounts).AnyTimes()
+				mockMeshSpec.EXPECT().ListTrafficSplits().Return(tc.trafficsplits).AnyTimes()
 			} else {
 				mockMeshSpec.EXPECT().ListTrafficSplits().Return(tc.trafficsplits).AnyTimes()
 				mockMeshSpec.EXPECT().ListTrafficTargets().Return(tc.traffictargets).AnyTimes()