Wrong traffic policy rule for the declared one to insert X-Forwarded-Proto header with "http" value

[mikorshunov]

Environment

• Application Services Version: 3.51.0
• BIG-IP Version: 16.1.4.2 | 0.0.3

Summary

When I deploy the declaration below I get enabled HTTP in the first traffic rule instead of rule to insert X-Forwarded-Proto: http header and its value in request

Steps To Reproduce

Steps to reproduce the behavior:

1. Submit the following declaration:

   {
   "$schema": "https://raw.githubusercontent.com/F5Networks/f5-appsvcs-extension/main/schema/latest/as3-schema.json",
   "class": "AS3",
   "action": "deploy",
   "persist": true,
   "declaration": {
       "class": "ADC",
       "schemaVersion": "3.51.0",
       "AS3Tenant": {
           "class": "Tenant",
           "AS3-virtuals": {
               "class": "Application",
               "http_headers_policy": {
                   "class": "Endpoint_Policy",
                   "rules": [
                       {
                           "name": "headers_add",
                           "conditions": [
                               {
                                   "type": "httpUri",
                                   "path": {
                                       "values": [
                                           "/"
                                       ],
                                       "operand": "starts-with"
                                   }
                               }
                           ],
                           "actions": [
                               {
                                   "event": "request",
                                   "type": "httpHeader",
                                   "insert": {
                                       "name": "X-Forwarded-Proto",
                                       "value": "http"
                                   }
                               },
                               {
                                   "event": "request",
                                   "type": "httpHeader",
                                   "insert": {
                                       "name": "X-Forwarded-Host",
                                       "value": "tcl: [HTTP::host]"
                                   }
                               },
                               {
                                   "event": "request",
                                   "type": "httpHeader",
                                   "insert": {
                                       "name": "X-Forwarded-Prefix",
                                       "value": "tcl: [HTTP::uri]"
                                   }
                               }
                           ]
                       }
                   ],
                   "strategy": "all-match"
               }
           }
       }
   }
   }

2. Observe the following output

   {
   "id": "7aad83f8-9f90-4b56-bf38-54ebe630a6ab",
   "results": [
       {
           "code": 200,
           "message": "success",
           "lineCount": 19,
           "host": "localhost",
           "tenant": "AS3Tenant",
           "runTime": 3533,
           "declarationId": "autogen_4cb71b81-2795-436e-8334-944ea3d6fb8e"
       }
   ],
   "declaration": {
       "AS3Tenant": {
           "class": "Tenant",
           "AS3-virtuals": {
               "class": "Application",
               "http_headers_policy": {
                   "class": "Endpoint_Policy",
                   "rules": [
                       {
                           "name": "headers_add",
                           "conditions": [
                               {
                                   "type": "httpUri",
                                   "path": {
                                       "values": [
                                           "/"
                                       ],
                                       "operand": "starts-with"
                                   }
                               }
                           ],
                           "actions": [
                               {
                                   "event": "request",
                                   "type": "httpHeader",
                                   "insert": {
                                       "name": "X-Forwarded-Proto",
                                       "value": "http"
                                   }
                               },
                               {
                                   "event": "request",
                                   "type": "httpHeader",
                                   "insert": {
                                       "name": "X-Forwarded-Host",
                                       "value": "tcl: [HTTP::host]"
                                   }
                               },
                               {
                                   "event": "request",
                                   "type": "httpHeader",
                                   "insert": {
                                       "name": "X-Forwarded-Prefix",
                                       "value": "tcl: [HTTP::uri]"
                                   }
                               }
                           ]
                       }
                   ],
                   "strategy": "all-match"
               }
           }
       },
       "class": "ADC",
       "schemaVersion": "3.51.0",
       "controls": {
           "class": "Controls",
           "userAgent": "vscode-f5/3.16.1",
           "archiveTimestamp": "2024-07-24T15:37:07.989Z"
       },
       "id": "autogen_4cb71b81-2795-436e-8334-944ea3d6fb8e",
       "updateMode": "selective"
   }
   }

Expected Behavior

I would like to get the following traffic policy configuration: ltm policy /AS3Tenant/AS3-virtuals/http_headers_policy { partition AS3Tenant requires { http } rules { headers_add { actions { 0 { http-header insert name X-Forwarded-Proto value "http" } 1 { http-header insert name X-Forwarded-Host value "tcl: [HTTP::host]" } 2 { http-header insert name X-Forwarded-Prefix value "tcl: [HTTP::uri]" } } conditions { 0 { http-uri path starts-with values { / } } } } } status published strategy all-match }

Actual Behavior

First traffic policy rule comes up with HTTP enablement instead of header insertion: ltm policy /AS3Tenant/AS3-virtuals/http_headers_policy { last-modified 2024-07-24:18:31:25 partition AS3Tenant requires { http } rules { headers_add { actions { 0 { http enable } 1 { http-header insert name X-Forwarded-Host value "tcl: [HTTP::host]" } 2 { http-header insert name X-Forwarded-Prefix value "tcl: [HTTP::uri]" } } conditions { 0 { http-uri path starts-with values { / } } } } } status legacy strategy all-match }

[sunitharonan]

Thank you for reaching out. We have created a internal product backlog AUTOTOOL-4454 for this item, in order for us to prioritize please reach out to us at automation_toolchain_pm@f5.com