Fix intentions wildcard dest (#13397)

* when enterprise meta are wildcard assume it's a service intention

* fix partition and namespace

* move kind outside the loops

* get the kind check outside the loop and add a comment

Co-authored-by: github-team-consul-core <github-team-consul-core@hashicorp.com>

agent/consul/state/config_entry_intention.go

@@ -286,13 +286,18 @@ func readSourceIntentionsFromConfigEntriesForServiceTxn(
 
 	for v := iter.Next(); v != nil; v = iter.Next() {
 		entry := v.(*structs.ServiceIntentionsConfigEntry)
+		entMeta := entry.DestinationServiceName().EnterpriseMeta
+		// if we have a wildcard namespace or partition assume we are querying a service intention
+		// as destination intentions will never be queried as wildcard
+		kind := structs.GatewayServiceKindService
+		if entMeta.NamespaceOrDefault() != acl.WildcardName && entMeta.PartitionOrDefault() != acl.WildcardName {
+			kind, err = GatewayServiceKind(tx, entry.DestinationServiceName().Name, &entMeta)
+			if err != nil {
+				return nil, err
+			}
+		}
 		for _, src := range entry.Sources {
 			if src.SourceServiceName() == sn {
-				entMeta := entry.DestinationServiceName().EnterpriseMeta
-				kind, err := GatewayServiceKind(tx, entry.DestinationServiceName().Name, &entMeta)
-				if err != nil {
-					return nil, err
-				}
 				switch targetType {
 				case structs.IntentionTargetService:
 					if kind == structs.GatewayServiceKindService || kind == structs.GatewayServiceKindUnknown {