Add a filter for applying Android socket tags

[RyanTheOptimist]

Add a filter for applying Android socket tags

Testing: Functionality verified as part of the run of the experimentation example app. Also filed #2494 to track improvements.
Docs Changes: Updated docs/root/api/starting_envoy.rst
Release Notes: Added

[RyanTheOptimist]

@alyssawilk can you take a look? I know I need tests, but hopefully I can lean on whatever testing gets set up for the cleartext check.

[alyssawilk]

wohoo progress!
high level pass because I feel guilty for prioritizing my FINALLY PASSING factory PR.
let's sort out where the code should live filter-wise with Lyfties since I'm hoping we can remove some of the boilerplate

[alyssawilk]

Sweet, very cool. Next pass comments :-)

[alyssawilk]

StopIteration or sendLocalReply with error? I'd think we wanted the latter? do we have an e2e test for this?

[RyanTheOptimist]

Good question. sendLocalReply sounds like a good idea. I think I've done the needful.

There are no end-to-end tests because the socket tagging code, like isCleartextPermitted, needs to run in a simulator and I think we're waiting on Lyft to sort that out?

[alyssawilk]

Oh but this is a failure case based on getting bad headers from the API - you should totally be able to test sending an invalid request with the filter configured, and getting the local response you expect, so let's do that!

you could also optionally add a test for the happy path, which would create the custom transport socket and make sure hashing works, if we don't have that tested upstream. even if the tagging is a no-op it would at least cover that the memory model works.

also clean up the commented out return value above this line?

[RyanTheOptimist]

Ah, ok. Java tests added and removed the commented out code.

I looked at test/common/integration/client_integration_test.cc, which we discussed offline. I wasn't quite sure how to configure it to add the socket tagging support. Maybe we can discuss that offine?

[Augustyniak]

1. I opened a GH issue to track the work related to adding support for running tests on Android emulator An ability to run tests on Android emulator #2450.
2. In the meantime you can run Envoy Mobile example app to verify your changes following the setup steps from https://envoymobile.io/docs/envoy-mobile/latest/development/debugging/android_local.html
3. It's strongly recommended that you enable your changes in Android experimental app. You can do this following this change from one of the previous PRs https://github.com/envoyproxy/envoy-mobile/pull/2379/files#diff-b15ec59c29644d8c6089ad0ea7370859a690563f75d02c819679270b61ab9520R60. This experimental app as runs on an Android emulator.

[RyanTheOptimist]

Thanks for the issue! I'll give the demo app a shot. Updated test/kotlin/apps/experimental/MainActivity.kt per that previous commit. Thanks!

[Augustyniak]

Thank you. I am happy to help with the setup of the demo app if you run into any issues with it. It's also possible that the documentation is lacking or making some assumptions - let me know and I am happy to help.

Re experimental app - I think that you can go even one step further (sorry for not pointing this out in my previous comment) and adding a socket-tag header to requests performed by the experimental app. This way you would get an end-to-end confirmation that requests with socket-tag go through (we verify whether our experimental example is getting 200 from the server). You could add the header somewhere in here

[RyanTheOptimist]

Thanks for the great review! Sorry for misunderstanding the API.

[RyanTheOptimist]

Good question. sendLocalReply sounds like a good idea. I think I've done the needful.

There are no end-to-end tests because the socket tagging code, like isCleartextPermitted, needs to run in a simulator and I think we're waiting on Lyft to sort that out?

[alyssawilk]

Looking good! FWIW I really only glanced over the Java as I'm not a useful reviewer for that. tests (when we have the infra) will verify if it's all good.

[alyssawilk]

Oh but this is a failure case based on getting bad headers from the API - you should totally be able to test sending an invalid request with the filter configured, and getting the local response you expect, so let's do that!

you could also optionally add a test for the happy path, which would create the custom transport socket and make sure hashing works, if we don't have that tested upstream. even if the tagging is a no-op it would at least cover that the memory model works.

also clean up the commented out return value above this line?

[RyanTheOptimist]

/retest

[alyssawilk]

Ok I think I'm hitting the end of my useful review comments, so let's see if we can get a Lyft volunteer to take it from here :-)
LGTM modulo the few remaining comments

[RyanTheOptimist]

Thanks for the review! Github didn't seem to properly sign-off the commits it landed so I ended up having to force merge :/

[RyanTheOptimist]

I'd be inclined to avoid the "x-" prefix because of RFC 6648, "Deprecating the "X-" Prefix and Similar Constructs in Application Protocols". But happy to use it if that's the convention.

https://datatracker.ietf.org/doc/html/rfc6648

[RyanTheOptimist]

Good idea. Done.

[RyanTheOptimist]

Thanks for the issue! I'll give the demo app a shot. Updated test/kotlin/apps/experimental/MainActivity.kt per that previous commit. Thanks!

[Augustyniak]

Thank you for addressing/responding to comments. Tests looks so much cleaner/simpler now. 💯

Left a few more comments

[Augustyniak]

can we reorganize the code to avoid having to call equest_headers.get(socket_tag_header) twice?

[RyanTheOptimist]

Good point. Done.

[RyanTheOptimist]

I'm really confused by GitHub. I see an email from 2:04 PM Pacific today (2022-08-11) with a few comments that were sent after I uploaded a few new commits. But github says the commits were yesterday, and some of my comments are missing from the conversation view, or at least hidden. And some seem completely lost. I'm not sure what happened.

In any case, @Augustyniak I tried to explain that I updated the sample app to set socket tags, but end up with a java class not found error for the class org.chromium.net.AndroidNetworkLibrary which implements the tagSocket() method. I'm not quite sure how to resolve this. Any advice?

[Augustyniak]

Suggested change

	Specify whether to enable support for Android socket tagging. Defaults to false.
	Specify whether to enable support for Android socket tagging. Unavailable on iOS. Defaults to false.

[Augustyniak]

Can we add this note to make it clear that it's no intended for iOS?

[RyanTheOptimist]

Oh, whoops. I missed your suggestion earlier. Done.

[Augustyniak]

I do not want to be annoying but i still do not see it being updated.

[RyanTheOptimist]

Really? Hm. If I go to https://github.com/envoyproxy/envoy-mobile/pull/2423/files I see:

~~~~~~~~~~~~~~~~~~~~~~~
``enableSocketTagging``
~~~~~~~~~~~~~~~~~~~~~~~

Specify whether to enable support for Android socket tagging. Unavailable on iOS. Defaults to false.

**Example**::

  // Kotlin
  builder.enableSocketTagging(true)

I wonder if this is one of the many different ways that the github UI hides comments and changes by default :(

[Augustyniak]

@RyanTheOptimist I modified the example app locally to enable socket tagging and run it to see whether I can repro the crashes that you mentioned locally. This is what I got:

That's despite your BUILD file changes in here https://github.com/envoyproxy/envoy-mobile/pull/2423/files#diff-bee4aeb6cd03b6684900f7c2d8bd51dec467011c33929eb3b34008a2a44deb23R19. This issue seems to be exactly the same issue as the one that's related is_cleartext_permitted and which was detailed in #2432.

[jpsim]

/retest

[Augustyniak]

The one thing that you need to do here is to start using the find_class that was introduced in #2483

Suggested change

	jclass jcls_AndroidNetworkLibrary = env->FindClass("org/chromium/net/AndroidNetworkLibrary");
	jclass jcls_AndroidNetworkLibrary = find_class("org.chromium.net.AndroidNetworkLibrary");

[RyanTheOptimist]

Done!

[Augustyniak]

NICE! Great to see it working - this is awesome.

Left a few comments related to tests - apologies for not catching whatever I commented on earlier but I was focused on the functionality more.

General comment: Can we update the description of the PR, please? In particular, for testing can we mention that the functionality is verified as part of the run of the experimentation example app?

[Augustyniak]

Can we add this note to make it clear that it's no intended for iOS?

[Augustyniak]

RequestScenario becomes a little bit of a leaky abstraction as in real application we are not supposed to call addHeader("x-envoy-mobile-socket-tag", "0,0"); directly (since we added addSocketTag).

In fact, I am not sure whether this test works the way it's intended too as it tries to add x-envoy-mobile-socket-tag header in

envoy-mobile/test/java/io/envoyproxy/envoymobile/engine/testing/RequestScenario.java

Line 53 in 0d7b43e

headers.forEach(entry -> requestHeadersBuilder.add(entry.getKey(), entry.getValue()));

and add(...) call does not accept headers that start with x-envoy-mobile prefix

envoy-mobile/library/kotlin/io/envoyproxy/envoymobile/HeadersBuilder.kt

Line 80 in 0d7b43e

name.startsWith("x-envoy-mobile", ignoreCase = true) || name.equals("host", ignoreCase = true)

Maybe we could

[RyanTheOptimist]

Blergh! Yes, good point. Ok, I've added an addSocketTag() method to RequestScenario which delegates to the underlying builder. I verified (via printf) that the socket tagging code is in fact called.

[Augustyniak]

great, thank you - I think that adding addSocketTag method to the test scenario is a way to go 👍 . That being said, I think that the right final solution in here is to change the underlying implementation of TestScenario so that it stores test state inside of RequestHeadersBuilder as opposed to on-the-side headers map. Only with RequestHeadersBuilder we can ensure that our tests simulate real-life condition.

I do not think that this has to be done as part of your PR so I am fine with it being merged the way it is now.

[RyanTheOptimist]

Thanks! I'm certainly not going to argue with "fine with it being merged the way it is now" :) I'm happy to do the needful in a followup.

That being said, I'm not entirely sure I understand the suggestion. The implementation in RequestScenario currently calls addSocketTag() on RequestHeadersBuilder which sounds like what you were asking for? Or is it not the socket tagging stuff that is problematic, but rather the general header stuff? Are you thinking we should get rid of the headers member in RequestScenario and use the RequestHeadersBuilder directly?

[Augustyniak]

Or is it not the socket tagging stuff that is problematic, but rather the general header stuff?

Yes, that's what I meant

Are you thinking we should get rid of the headers member in RequestScenario and use the RequestHeadersBuilder directly?

That was my idea. This way our tests would be guaranteed to "get an update" every time we update RequestHeadersBuilder.

[Augustyniak]

why is it expected to be equal to null if we set a valid socket tag on the request?

[Augustyniak]

ah, because we remove it when we detect that it's present

[RyanTheOptimist]

Yup, exactly!

[Augustyniak]

Any way we could ensure that we are really adding x-envoy-mobile-socket-tag at some point? As it is now this test is always green - even if socket tagging is not enabled / does not end up adding a tag.

[RyanTheOptimist]

Filed #2494 as a result of offline discussions. Thanks for working through this!

[Augustyniak]

Left 3 more comments related to your responses/updates from the previous iterations of my review. Happy to approve once you respond to my comments.

[Augustyniak]

Thanks for working on this. Really excited to see this landing 🎉 Congratz - great job.