Redirecting requests to a mock server in @azure/arm-network@26.0.0

[superneminator]

We use the arm-network client in our test project and it works like a charm.

We now want to use the same client in the mock TS tests. For that, we have to redirect the traffic to a nodejs mock server.

The IaaS team managed to do that. They use the @azure/arm-network@22.0.0. As can be seen here and here, they achived that by using requestPolicyFactorie and adding 4 headers and modifying the endpoint.

We use a newer client version @azure/arm-network@26.0.0. This client has different optional parameters so the IaaS' solution doesn't work for us. I couldn't find an equivalent to requestPolicyFactories in the newer client version.

Question: how could we redirect requests in the new client version?

[xirzec]

Hi @superneminator,

I think the best way to do something like this would be to use the additionalPolicies option when configuring your SDK client. You can see how we accomplish something very similar with our test recorder here:

azure-sdk-for-js/sdk/test-utils/recorder/src/recorder.ts

Line 395 in 90f8b8a

options.additionalPolicies.push({

The format for pipeline policies has changed slightly (they now have mandatory name properties in addition to a sendRequest method) but they are still very similar to before:

azure-sdk-for-js/sdk/test-utils/recorder/src/recorder.ts

Line 424 in 90f8b8a

private recorderHttpPolicy(): PipelinePolicy {

Let me know if that all makes sense or if you have additional questions!

[MaryGao]

@superneminator Jeff's right, after upgrading from v22 to v26, the way we add policy is changed.

Simply speacking you could build your policy first(remember to install dependency @azure/core-rest-pipeline):

function mockHeaderPolicyFactory(): PipelinePolicy {
  return {
    name: "mock header policy",
    sendRequest: async (
      request: PipelineRequest,
      next: SendRequest
    ): Promise<PipelineResponse> => {
      const actualArmEndpoint = await TestContext.getActualArmEndpoint();
      request.headers.set(MockFx.Headers.RUN_ID, TestContext.getRunId());
      request.headers.set(MockFx.Headers.TEST_ID, TestContext.getTestId());
      request.headers.set(MockFx.Headers.ORIGINAL_HOST, actualArmEndpoint);
      request.headers.set(MockFx.Headers.SOURCE, "ARMClient");

      // Sanitize any URLs that might be going out to actual arm endpoint to
      // direct them to mock server instead
      if (request.url.toString().startsWith(actualArmEndpoint)) {
        const mockServerUrl = `https://localhost:${TestConstants.MockFxPort}/`;
        request.url = request.url.toString().replace(actualArmEndpoint, mockServerUrl);
      }
      const response = await next(request);
      return response;
    },
  };
}

And then add this policy into your options or your getClientOptions() method:

const client = new NetworkManagementClient(credential, subscriptionId, {
    additionalPolicies: [{
      policy: mockHeaderPolicyFactory(),
      position: "perRetry",
    }]
  });

[ghost]

Hi, we're sending this friendly reminder because we haven't heard back from you in a while. We need more information about this issue to help address it. Please be sure to give us your input within the next 7 days. If we don't hear back from you within 14 days of this comment the issue will be automatically closed. Thank you!

[superneminator]

Hi @MaryGao / @xirzec, after making the change you suggested, I started getting the following error:

{
    "name": "RestError",
    "code": "SELF_SIGNED_CERT_IN_CHAIN",
    "request": {
        "url": "...,
        "headers": {
            "accept": "application/json",
            "accept-encoding": "gzip,deflate",
            "user-agent": "...",
            "x-ms-client-request-id": "...",
            "authorization": "",
            "x-mockfx-run-id": "run123",
            "x-mockfx-test-id": "test123",
            "x-mockfx-original-host": "[https://management.azure.com/"](https://management.azure.com/%22),
            "x-mockfx-source": "ARMClient"
        },
       ...
    }
}

To solve it, I had to make this change, as @tommyfrazier suggested.

Now, everything works like a charm.

Thank you all for helping me out with this.

[xirzec]

Glad it's working for you!

To solve it, I had to make this change, as @tommyfrazier suggested.

A few other options to consider:

1. Add the self-signed certificate that signed your local SSL server to your machine's trusted certificate store, this will resolve the error without having to turn off signature checks
2. Not use SSL when doing the redirects, which is what we do for our own test recorder:

   azure-sdk-for-js/sdk/test-utils/recorder/src/recorder.ts

   Line 120 in 863a3ec

   request.allowInsecureConnection = true;

3. Use a custom Node Agent that uses checkServerIdentity to handle the error