Service mesh detection fails for pods using Kubernetes native sidecars

[rishabhkailey]

The current helper function isServiceMeshEnabledForPod only iterates through pod.Spec.Containers to detect if a pod is part of a service mesh. With the introduction of Kubernetes Native Sidecars, sidecar containers are now often injected as InitContainers with a specific restart policy. the current logic fails to detect service meshes when ENABLE_NATIVE_SIDECARS is used in istio.

Current Behavior

The logic checks only the main containers for specific keywords ("istio", "envoy"):
ref

var serviceMesh = []string{"istio", "envoy"}

func isServiceMeshEnabledForPod(pod apiv1.Pod) bool {
	for _, c := range pod.Spec.Containers {
		if common.SubStringExistsInSlice(c.Name, serviceMesh) {
			return true
		}
	}
	return false
}

Expected Behavior

The logic should check both pod.Spec.InitContainers and pod.Spec.Containers to ensure pods using the native sidecar feature are correctly identified as having a service mesh enabled.
Proposed Solution

Update the isServiceMeshEnabledForPod function to iterate over init containers as well:
Pull Request

func isServiceMeshEnabledForPod(pod apiv1.Pod) bool {
	// Check InitContainers to support K8s native sidecars
	for _, c := range pod.Spec.InitContainers {
		if common.SubStringExistsInSlice(c.Name, serviceMesh) {
			return true
		}
	}
	
	// Check standard Containers
	for _, c := range pod.Spec.Containers {
		if common.SubStringExistsInSlice(c.Name, serviceMesh) {
			return true
		}
	}
	return false
}

References

• Kubernetes SidecarContainers
• Istio ENABLE_NATIVE_SIDECARS configuration.