f5-appsvcs-extension
f5-appsvcs-extension copied to clipboard
F5Networks
Wrong traffic policy rule for the declared one to insert X-Forwarded-Proto header with "http" value
Environment
- Application Services Version: 3.51.0
- BIG-IP Version: 16.1.4.2 | 0.0.3
Summary
When I deploy the declaration below I get enabled HTTP in the first traffic rule instead of rule to insert X-Forwarded-Proto: http header and its value in request
Steps To Reproduce
Steps to reproduce the behavior:
- Submit the following declaration:
{
"$schema": "https://raw.githubusercontent.com/F5Networks/f5-appsvcs-extension/main/schema/latest/as3-schema.json",
"class": "AS3",
"action": "deploy",
"persist": true,
"declaration": {
"class": "ADC",
"schemaVersion": "3.51.0",
"AS3Tenant": {
"class": "Tenant",
"AS3-virtuals": {
"class": "Application",
"http_headers_policy": {
"class": "Endpoint_Policy",
"rules": [
{
"name": "headers_add",
"conditions": [
{
"type": "httpUri",
"path": {
"values": [
"/"
],
"operand": "starts-with"
}
}
],
"actions": [
{
"event": "request",
"type": "httpHeader",
"insert": {
"name": "X-Forwarded-Proto",
"value": "http"
}
},
{
"event": "request",
"type": "httpHeader",
"insert": {
"name": "X-Forwarded-Host",
"value": "tcl: [HTTP::host]"
}
},
{
"event": "request",
"type": "httpHeader",
"insert": {
"name": "X-Forwarded-Prefix",
"value": "tcl: [HTTP::uri]"
}
}
]
}
],
"strategy": "all-match"
}
}
}
}
}
- Observe the following output
{
"id": "7aad83f8-9f90-4b56-bf38-54ebe630a6ab",
"results": [
{
"code": 200,
"message": "success",
"lineCount": 19,
"host": "localhost",
"tenant": "AS3Tenant",
"runTime": 3533,
"declarationId": "autogen_4cb71b81-2795-436e-8334-944ea3d6fb8e"
}
],
"declaration": {
"AS3Tenant": {
"class": "Tenant",
"AS3-virtuals": {
"class": "Application",
"http_headers_policy": {
"class": "Endpoint_Policy",
"rules": [
{
"name": "headers_add",
"conditions": [
{
"type": "httpUri",
"path": {
"values": [
"/"
],
"operand": "starts-with"
}
}
],
"actions": [
{
"event": "request",
"type": "httpHeader",
"insert": {
"name": "X-Forwarded-Proto",
"value": "http"
}
},
{
"event": "request",
"type": "httpHeader",
"insert": {
"name": "X-Forwarded-Host",
"value": "tcl: [HTTP::host]"
}
},
{
"event": "request",
"type": "httpHeader",
"insert": {
"name": "X-Forwarded-Prefix",
"value": "tcl: [HTTP::uri]"
}
}
]
}
],
"strategy": "all-match"
}
}
},
"class": "ADC",
"schemaVersion": "3.51.0",
"controls": {
"class": "Controls",
"userAgent": "vscode-f5/3.16.1",
"archiveTimestamp": "2024-07-24T15:37:07.989Z"
},
"id": "autogen_4cb71b81-2795-436e-8334-944ea3d6fb8e",
"updateMode": "selective"
}
}
Expected Behavior
I would like to get the following traffic policy configuration: ltm policy /AS3Tenant/AS3-virtuals/http_headers_policy { partition AS3Tenant requires { http } rules { headers_add { actions { 0 { http-header insert name X-Forwarded-Proto value "http" } 1 { http-header insert name X-Forwarded-Host value "tcl: [HTTP::host]" } 2 { http-header insert name X-Forwarded-Prefix value "tcl: [HTTP::uri]" } } conditions { 0 { http-uri path starts-with values { / } } } } } status published strategy all-match }
Actual Behavior
First traffic policy rule comes up with HTTP enablement instead of header insertion: ltm policy /AS3Tenant/AS3-virtuals/http_headers_policy { last-modified 2024-07-24:18:31:25 partition AS3Tenant requires { http } rules { headers_add { actions { 0 { http enable } 1 { http-header insert name X-Forwarded-Host value "tcl: [HTTP::host]" } 2 { http-header insert name X-Forwarded-Prefix value "tcl: [HTTP::uri]" } } conditions { 0 { http-uri path starts-with values { / } } } } } status legacy strategy all-match }
