proxy: Use source identity from L7 policy name

This commit is to use the source identity from L7 policy name if
available, instead of the global source identity.

Signed-off-by: Tam Mach <[email protected]>

Author: sayboras

cilium/bpf_metadata.cc

@@ -472,6 +472,10 @@ Config::extractSocketMetadata(Network::ConnectionSocket& socket) {
 
     // Resolve source identity for the Ingress address
     source_identity = resolvePolicyId(ingress_ip);
+    if (!l7lb_policy_name_.empty()) {
+      const auto* named_policy = &getPolicy(l7lb_policy_name_);
+      source_identity = named_policy->getEndpointID();
+    }
     if (source_identity == Cilium::ID::WORLD) {
       // No security ID available for the configured source IP
       ENVOY_LOG(warn,