Deleting page rule action doesn't work with inline updates #198
Comments
|
@patryk is currently on leave. If I understand your point in the 2nd paragraph for the For now, yes both is likely what would be necessary. I'll dig up some about the |
Apologies on the extra ping 😛 I only found out he was off for a while the other day after I mentioned him here. This isn't a time sensitive discussion at the moment, so anytime async feedback is 👌 .
Correct. The PATCH endpoint will only update the attributes you change whereas the PUT will replace the entire rule. Here is an example to solidify things: Original rule {
"result": {
"id": "eafa1a0d520e3d86d225f7f79c54d391",
"targets": [
{
"target": "url",
"constraint": {
"operator": "matches",
"value": "https://example.com"
}
}
],
"actions": [
{
"id": "ssl",
"value": "full"
},
{
"id": "cache_key",
"value": "${header:authorization}::${scheme}://${host_header}${uri}"
}
],
"priority": 3,
"status": "active",
"created_on": "2019-01-23T22:08:16.000000Z",
"modified_on": "2019-01-23T22:55:06.000000Z"
}
}And to update The rule now looks like this. {
"result": {
"id": "eafa1a0d520e3d86d225f7f79c54d391",
"targets": [
{
"target": "url",
"constraint": {
"operator": "matches",
"value": "https://example.com"
}
}
],
"actions": [
{
"id": "ssl",
"value": "strict"
},
{
"id": "cache_key",
"value": "${header:authorization}::${scheme}://${host_header}${uri}"
}
],
"priority": 3,
"status": "active",
"created_on": "2019-01-23T22:08:16.000000Z",
"modified_on": "2019-01-23T22:55:06.000000Z"
}
}However, attempting a PUT request (with the full request structure) will fail due to it containing the Results in an API error about not being able to processes the rule.
I don't want to focus too much on the specific The way I'm seeing this, can't really have a usable solution for when an action is deleted and and cache key is defined, as is with the API. In order to cater for that, I think we need a way to instruct the PATCH endpoint to remove a field (potentially by passing in an empty value or nil/null). If we can pass empty values for fields into the payload, the code could remain the same and we'd be able to continue using the PATCH endpoint. Without the API changes, the code branching would look a little something like this: if changesetIncludesDeletedAttribute && changesetIncludesCacheKey {
// Fail out as we can't set the cache key value
} else if changesetIncludesDeleteAttribute {
// Use PUT endpoint
} else {
// Use PATCH endpoint
}
From what I remember about our previous conversations with our TAM and SE's on this, it was restricted to Cloudflare SE's to prevent setting cache keys that would overpopulate the cache systems due to having a cache key component with a high cardinality. |
|
There seems to be lots of issue with opening up the cache key action as customers can easily shoot themselves in the foot, so not likely to get opened up anytime soon. I agree that the ability to nil out in PATCH would be the way to do it, but isn't very feasible given the schema used for page rules. Changing the schema is a much bigger discussion and not likely something we will undertake - we are more likely to replace page rules with a new system at some point. I'll log an issue internally about your first if case, but I'm not sure what we are likely to do anytime soon. |
A little while ago, Cloudflare fixed the page rule PATCH endpoint[1] to handle individual attribute updates however this unearthed a few problems. Most notably, you're unable to delete an individual page rule attribute withou calling the PUT endpoint and replacing the rule itself[2] (which has it's own issues in some cases). To get the acceptance test suite green, I'm ripping the unitary test assertion out as it's currently broken and without a fix from Cloudflare's API, there isn't much we can do about it so there is little point testing it as-is. [1]: cloudflare#176 [2]: cloudflare#198
Use /accounts prefix for some organization API calls
This morning I was looking to apply a routine change to some page rules and noticed that actions which are removed cannot be performed using the current implementation of
resourceCloudflarePageRuleUpdatedue to it usingChangePageRulewhich performs a HTTP PATCH request (and was recently fixed to match the documented behaviour). The reason page rule actions cannot be removed using this API call is that the endpoint accepts partial updates to replace the existing action and to remove an action, it cannot be present or pass in an empty value (which the API doesn't allow). The Cloudflare Dashboard works around this issue by only using HTTP PUT requests and replace the rules each time.This leaves us in a bit of a conundrum. If we swap to using the PUT endpoint, we can restore the previous functionality where deleting actions works but we can't perform partial updates to work around issues such as using actions like
cache_key(due to requiring a Cloudflare Solutions Engineer to implement). If we leave the functionality as is, individual actions cannot be deleted but we can perform in place updates without recreating page rules each time.I have considered a third option where we use a hybrid of the two but I'm unsure if the complexity is worth it as we might end up in a situation with lots of path branching to account for each scenario.
Thoughts?
cc @patryk as you might have some insight and thoughts here.
The text was updated successfully, but these errors were encountered: