Documentation and configuration issues

[AmiSMB]

I have been going through the README.md but I feel there are some issues with this as I cannot get this working.

1. The wasmplugin docker build shows these variables for the docker build but does not suggest what they should be ${HUB}/${IMAGE_NAME}:${TAG} Only the e2e/Makefile seems to indicate what is expected.
2. There is no mention about using the istio/mod-wasm-deploy.yaml which I presume line 10 should be changed so that it is pointing at the docker plugin build.
3. There does not seem to be any EnvoyFilter files to enable the wasm plugin deployment. There are some envoy yaml files but these are not what I was expecting.
4. Because of the above issues when you get to step 4 all of the requests end up with http status code 200 as nothing has gone via wasm modsecurity.

I really am excited about the prospect of being able to have modsecurity inside Istio and really hope you can answer these current issues.

[M4tteoP]

Hi @AmiSMB, to initially grasp the behavior of the filter I would suggest you build its static version and run the e2e, or any manual requests, against just an envoy.

# build the filter
make -C e2e build-wasm-plugin-static extract-wasm-plugin-static
# spin up envoy
func-e run -c e2e/envoy-config.yaml --log-level info --component-log-level wasm:debug
# run e2e
./e2e/tests.sh

Just please be aware that this filter relies on an experimental, and not first class concern, ModSecurity version. For some context, you may refer to PRs in the official ModSec repo.