bookinfo fixes

[krancour]

Fixes #7047

Important: requires #7098 to be merged first since that make some critical fixes to the bookinfo sample app's build process, which fails in its current state.

This PR corrects unrealistic behavior in the sample app.

Currently, the productpage app stores user identity in a cookie that is neither encrypted nor signed. It is easily tampered with by even the most novice attacker. Additionally, the productpage app forwards that same cookie to the downstream reviews service. This is also bad. Both of these, however, were obviously done to facilitate an impactful demo that shows request routing decisions being done on the basis of user identity.

This PR transforms the example to use more realistic behavior without compromising on the demo's impact. The cookie is now encoded and digitally signed (the flask framework automatically encodes any session data that is kept in a cookie-based session store). It can be decoded, but tampering with it (successfully) is not possible due to the signature. The productinfo page also ceases to share this cookie with the downstream review service. Instead, it injects the end-user's username into a custom end-user header on the outbound requests to the reviews service. The end result is that there is still a plain text header present that routing decisions can be based on, but from start to finish, we didn't have to compromise on security to make that possible.

All sample routing rules (used by tasks in the documentation) are also updated by this PR.

Note that the images referenced in the various yaml files do not exist yet in dockerhub because I don't have permissions to push them and, as far as I can tell, there isn't any automated build/push process for those. So someone else needs to build and push these, I guess?

Will open a complementary PR in the docs repo momentarily.

[rshriram]

@krancour Thanks for this PR. Can you push the changes to your dockerhub account and update the bookinfo YAMLs to point to your version ? Once they pass, I can copy and push them into istio's official docker hub and update the YAML references in a separate PR

[rshriram]

Also, please rebase the PR to release-1.0 branch

[krancour]

@rshriram sure thing. Will wait for #7152 to be merged first.

[rshriram]

I have merged the other PR. Please rebase this to release-1.0 branch

[krancour]

@rshriram working on it. Seems I did break the e2e tests, so I am trying to resolve that before continuing.

[googlebot]

So there's good news and bad news.

👍 The good news is that everyone that needs to sign a CLA (the pull request submitter and all commit authors) have done so. Everything is all good there.

😕 The bad news is that it appears that one or more commits were authored or co-authored by someone other than the pull request submitter. We need to confirm that all authors are ok with their commits being contributed to this project. Please have them confirm that here in the pull request.

Note to project maintainer: This is a terminal state, meaning the cla/google commit status will not change from this state. It's up to you to confirm consent of the commit author(s) and merge this pull request when appropriate.

[rshriram]

You have to close this PR and open a new PR for release-1.0 branch.. changing the target branch in Github doesn't seem to work properly (if thats what you did).

[krancour]

changing the target branch in Github doesn't seem to work properly (if thats what you did).

I changed the target branch, but didn't push anything that I have rebased yet. That's why this looks all screwy.

I'll have this all fixed up as soon as I get those e2e tests fixed.

[rshriram]

/ok-to-test

[rshriram]

@krancour please debug fro release-1.0 branch. Lots of fixes went in. Master may be very much outdated.

[codecov]

Codecov Report

Merging #7109 into release-1.0 will decrease coverage by 1%.
The diff coverage is n/a.

@@             Coverage Diff              @@
##           release-1.0   #7109    +/-   ##
============================================
- Coverage           72%     72%   -<1%     
============================================
  Files              356     356            
  Lines            30537   30534     -3     
============================================
- Hits             21780   21741    -39     
- Misses            7853    7887    +34     
- Partials           904     906     +2

Impacted Files	Coverage Δ
mixer/adapter/rbac/controller.go	29% <0%> (-24%)	⬇️
...olarwinds/internal/papertrail/papertrail_logger.go	59% <0%> (-21%)	⬇️
mixer/adapter/servicecontrol/handler.go	39% <0%> (-8%)	⬇️
mixer/adapter/stackdriver/trace/exporter.go	71% <0%> (-4%)	⬇️
mixer/adapter/rbac/rbacStore.go	76% <0%> (-3%)	⬇️
mixer/adapter/signalfx/metrics.go	41% <0%> (-2%)	⬇️
mixer/adapter/statsd/statsd.go	96% <0%> (-1%)	⬇️
mixer/pkg/protobuf/yaml/castUtil.go	94% <0%> (ø)	⬇️
mixer/adapter/list/list.go	100% <0%> (ø)	⬇️
mixer/pkg/protobuf/yaml/encoder.go	99% <0%> (ø)	⬇️
... and 10 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 7ca1b06...8396033. Read the comment docs.

[krancour]

@rshriram updating e2e tests took me a little while, but I think this should be g2g now. lmk

[rshriram]

Please fix lint..
Also, I am unable to build the reviews image

~/go/src/istio.io/istio/samples/bookinfo/src/reviews ~/go/src/istio.io/istio/samples/bookinfo
src/build-services.sh: line 42: PWD: command not found
Unable to find image 'gradle:4.8.1' locally
4.8.1: Pulling from library/gradle
55cbf04beb70: Already exists 
1607093a898c: Pull complete 
9a8ea045c926: Pull complete 
d4eee24d4dac: Pull complete 
c58988e753d7: Pull complete 
794a04897db9: Pull complete 
70fcfa476f73: Pull complete 
0539c80a02be: Pull complete 
54fefc6dcf80: Pull complete 
facf6a71baf4: Pull complete 
38ca283ac663: Pull complete 
Digest: sha256:2963e0798bf2c32630485a0ef8000ca17fd220be1ebacbdeb880ca29e97fbf88
Status: Downloaded newer image for gradle:4.8.1

Welcome to Gradle 4.8.1!

Here are the highlights of this release:
 - Dependency locking
 - Maven Publish and Ivy Publish plugins improved and marked stable
 - Incremental annotation processing enhancements
 - APIs to configure tasks at creation time

For more details see https://docs.gradle.org/4.8.1/release-notes.html

Starting a Gradle Daemon (subsequent builds will be faster)

FAILURE: Build failed with an exception.

* What went wrong:
Could not create service of type ScriptPluginFactory using BuildScopeServices.createScriptPluginFactory().
> Could not create service of type CrossBuildFileHashCache using BuildSessionScopeServices.createCrossBuildFileHashCache().

* Try:
Run with --stacktrace option to get the stack trace. Run with --info or --debug option to get more log output. Run with --scan to get full insights.

* Get more help at https://help.gradle.org

BUILD FAILED in 1s

[krancour]

@rshriram your issue with building reviews images seems to have been introduced by a recent PR other than my own:

b0a1c95#diff-030573cbbec06dc83bf87af67b0ae74eR42

I'm happy to fix this, however.

Ack on lint error.

[rshriram]

I see this in release-1.0 branch

pushd $SCRIPTDIR/reviews
  #java build the app.
  docker run --rm -v $(PWD):/home/gradle/project -w /home/gradle/project gradle:4.8.1 gradle clean build
  pushd reviews-wlpcfg
    #plain build -- no ratings
    docker build -t istio/examples-bookinfo-reviews-v1:${VERSION} -t istio/examples-bookinfo-reviews-v1:latest --build-arg service_version=v1 .
    #with ratings black stars
    docker build -t istio/examples-bookinfo-reviews-v2:${VERSION} -t istio/examples-bookinfo-reviews-v2:latest --build-arg service_version=v2 \
           --build-arg enable_ratings=true .
    #with ratings red stars
    docker build -t istio/examples-bookinfo-reviews-v3:${VERSION} -t istio/examples-bookinfo-reviews-v3:latest --build-arg service_version=v3 \
           --build-arg enable_ratings=true --build-arg star_color=red .
  popd
popd

[rshriram]

which came from your prior PR https://github.com/istio/istio/blob/release-1.0/samples/bookinfo/src/build-services.sh#L42 ?

[krancour]

@rshriram I changed that line, yes, but the problem you are facing (pwd related) came from #6988

[istio-testing]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: krancour
To fully approve this pull request, please assign additional approvers.
We suggest the following additional approvers: chxchx, frankbu

Assign the PR to them by writing /assign @chxchx @frankbu in a comment when ready.

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• samples/OWNERS
• tests/OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[googlebot]

CLAs look good, thanks!

[krancour]

Also, make lint passed for me. It's not clear to me why that stage failed in the CI pipeline.

[krancour]

@rshriram thanks for the help with this!

[krancour]

@rshriram just a reminder that official Docker images still need to be published and references to my dockerhub repos need to be corrected in a follow-up. If you publish the updated images, I'd be happy to submit that follow-up.