address comments

Author: steeling

pkg/envoy/ads/profile.go

@@ -28,23 +28,23 @@ func xdsPathTimeTrack(startedAt time.Time, typeURI envoy.TypeURI, proxy *envoy.P
 		Observe(elapsed.Seconds())
 }
 
-func (s *Server) trackXDSLog(proxyID string, typeURL envoy.TypeURI) {
+func (s *Server) trackXDSLog(proxyUUID string, typeURL envoy.TypeURI) {
 	s.withXdsLogMutex(func() {
-		if _, ok := s.xdsLog[proxyID]; !ok {
-			s.xdsLog[proxyID] = make(map[envoy.TypeURI][]time.Time)
+		if _, ok := s.xdsLog[proxyUUID]; !ok {
+			s.xdsLog[proxyUUID] = make(map[envoy.TypeURI][]time.Time)
 		}
 
-		timeSlice, ok := s.xdsLog[proxyID][typeURL]
+		timeSlice, ok := s.xdsLog[proxyUUID][typeURL]
 		if !ok {
-			s.xdsLog[proxyID][typeURL] = []time.Time{time.Now()}
+			s.xdsLog[proxyUUID][typeURL] = []time.Time{time.Now()}
 			return
 		}
 
 		timeSlice = append(timeSlice, time.Now())
 		if len(timeSlice) > MaxXdsLogsPerProxy {
 			timeSlice = timeSlice[1:]
 		}
-		s.xdsLog[proxyID][typeURL] = timeSlice
+		s.xdsLog[proxyUUID][typeURL] = timeSlice
 	})
 }
 

pkg/envoy/ads/stream.go

@@ -333,7 +333,8 @@ func isCNforProxy(proxy *envoy.Proxy, cn certificate.CommonName) bool {
 }
 
 func getCertificateCommonNameMeta(cn certificate.CommonName) (envoy.ProxyKind, uuid.UUID, identity.ServiceIdentity, error) {
-	// XDS cert CN is of the form <proxy-UUID>.<kind>.<proxy-identity>.<namespace>.<trust-domain>
+	// XDS cert CN is of the form <proxy-UUID>.<kind>.<proxy-identity>, where proxy-identity is of the
+	// form <name>.<namespace>
 	chunks := strings.SplitN(cn.String(), constants.DomainDelimiter, 5)
 	if len(chunks) < 4 {
 		return "", uuid.UUID{}, "", errInvalidCertificateCN

pkg/envoy/proxy.go

@@ -231,7 +231,8 @@ func NewProxy(kind ProxyKind, uuid uuid.UUID, svcIdentity identity.ServiceIdenti
 	}
 }
 
-// NewXDSCertCommonName returns a newly generated CommonName for a certificate of the form: <ProxyUUID>.<kind>.<serviceAccount>.<namespace>
+// NewXDSCertCommonName returns a newly generated CommonName for a certificate of the form: <ProxyUUID>.<kind>.<identity>
+// where identity itself is of the form <name>.<namespace>.cluster.local
 func NewXDSCertCommonName(proxyUUID uuid.UUID, kind ProxyKind, serviceAccount, namespace string) certificate.CommonName {
 	return certificate.CommonName(fmt.Sprintf("%s.%s.%s.%s.%s", proxyUUID.String(), kind, serviceAccount, namespace, identity.ClusterLocalTrustDomain))
 }

pkg/identity/types.go

@@ -61,7 +61,6 @@ func (sa K8sServiceAccount) String() string {
 }
 
 // ToServiceIdentity converts K8sServiceAccount to the newer ServiceIdentity
-// TODO(draychev): ToServiceIdentity is used in many places to ease with transition from K8sServiceAccount to ServiceIdentity and should be removed (not everywhere) - [https://github.com/openservicemesh/osm/issues/2218]
 func (sa K8sServiceAccount) ToServiceIdentity() ServiceIdentity {
 	return New(sa.Name, sa.Namespace)
 }