Open IkueMoto opened 2 years ago
Managed to workaround the issue by modifying the function passToTcw in restWorker.js, changed .setIsSetBasicAuthHeader(true) to .setIsSetBasicAuthHeader(false).
BIG-IQ: /var/config/rest/iapps/f5-declarative-onboarding/nodejs/restWorker.js
function passToTcw(wrapper, taskId, incomingRestOp) { // Rest framework complains about 'this' because of 'strict', but we use call(this) / jshint validthis: true /
const restOperation = this.restOperationFactory.createRestOperationInstance()
.setUri(this.restHelper.makeRestjavadUri('/cm/global/tasks/declarative-onboarding'))
.setIsSetBasicAuthHeader(true) <------------!! Modify to .setIsSetBasicAuthHeader(false)
.setReferer(incomingRestOp.getUri().href)
.setContentType('application/json')
.setBody({
id: taskId,
declaration: wrapper
});
return this.restRequestSender.sendPost(restOperation)
.then(response => response.getBody().id);
}
Restart the services for the changes to take effect:
tmsh restart /sys service restjavad restnoded
Thank you for reporting this issue. I have added it to our internal product backlog as AUTOTOOL-2766.
Environment
BIG-IQ v7.1.0 (DO 1.16), BIG-IQ v8.1.0.1 (DO 1.23)
Summary
When connecting to the BIG-IQ using a remote provider such as AD, I see the follow error logged in /var/log/restnoded/restnoded.log:
Remote user is indeed missing from shared/authz/users/ however it's defined in the BIG-IQ with admin role GUI: System Tab -> USER MANAGEMENT -> Users (not local)
When connecting to BIG-IQ using a local admin user DO is working as expected. Only remote users are impacted.
Remote auth users should be able to deploy DO declarations via BIG-IQ (in the same way as AS3) as part of an automation workflow and this issue is blocking this effort.
Steps To Reproduce
Steps to reproduce the behavior:
Submit the following declaration to BIG-IQ, replacing with actual IP address of BIG-IP:
Observe the following error response:
The BIG-IQ returns the following response:
Expected Behavior
DO Declaration to be processed by BIG-IQ when POST by remote auth users to configure BIG-IP targetHost. This is currently working with AS3
Actual Behavior
The DO operation hangs and does not complete.
Seeing the follow error logged in /var/log/restnoded/restnoded.log:
Fri, 10 Sep 2021 15:42:16 GMT - info: [f5-declarative-onboarding: doUtil.js] Platform: BIG-IQ Fri, 10 Sep 2021 15:42:16 GMT - finest: [f5-declarative-onboarding: restWorker.js] done w/ initial account setup Fri, 10 Sep 2021 15:42:16 GMT - finest: [f5-declarative-onboarding: restWorker.js] Passing to TCW Fri, 10 Sep 2021 15:42:16 GMT - info: [f5-declarative-onboarding: restWorker.js] TCW task failed: [RestOperationNetWorkerHandler]: bad response received: 400 - Get document for key: shared/authz/users/remoteuser returned nothing Fri, 10 Sep 2021 15:42:16 GMT - severe: [f5-declarative-onboarding: configManager.js] Error getting current config: Cannot read property 'list' of undefined