Not setting modifiedQueryString still results in a rewrite rule that sets the query string to empty

[cristicalin]

Describe the bug
We are using rewrite rules on ingress to rewrite paths but would like to preserve the query string. The AppGW ingress controller updates the rewrite rule to update both URL and query string always.

To Reproduce

apiVersion: appgw.ingress.azure.io/v1beta1
kind: AzureApplicationGatewayRewrite
metadata:
  name: test
  namespace: dev
spec:
  rewriteRules:
    - actions:
        urlConfiguration:
          modifiedPath: /api/v{var_uri_path_1}/{var_uri_path_2}
          reroute: false
      conditions:
        - ignoreCase: false
          negate: false
          pattern: /api/v([0-9]+)/r/(.*)
          variable: var_uri_path
      name: test
      ruleSequence: 1

This should set the Components to URL path but it results in setting it to Both URL path and URL query string.
Expected outcome:

Actual outcome:

This breaks our application's rewrite logic.

Ingress Controller details

• Output of kubectl describe pod <ingress controller> . The pod name can be obtained by running helm list.

Name:             ingress-appgw-deployment-cc567775f-ktls9
Namespace:        kube-system
Priority:         0
Service Account:  ingress-appgw-sa
Node:             aks-sys98249edv1-10300639-vmss000000/10.10.16.10
Start Time:       Thu, 12 Sep 2024 10:52:30 +0300
Labels:           app=ingress-appgw
                  kubernetes.azure.com/managedby=aks
                  pod-template-hash=cc567775f
Annotations:      checksum/config: 4840ca8162703375ec3ba0d56802035b3908f91ccafe16b51a81ee01a87c741a
                  cluster-autoscaler.kubernetes.io/safe-to-evict: true
                  kubernetes.azure.com/metrics-scrape: true
                  prometheus.io/path: /metrics
                  prometheus.io/port: 8123
                  prometheus.io/scrape: true
                  resource-id:
                    /subscriptions/<redactred>/resourceGroups/<redacted>/providers/Microsoft.ContainerService/managedCluste...
Status:           Running
IP:               10.10.16.109
IPs:
  IP:           10.10.16.109
Controlled By:  ReplicaSet/ingress-appgw-deployment-cc567775f
Containers:
  ingress-appgw-container:
    Container ID:   containerd://6f9b92b8b028947ebf52426fe5f75a52948c08fcaa7783527571316d08dbf57f
    Image:          mcr.microsoft.com/azure-application-gateway/kubernetes-ingress:1.7.4
    Image ID:       mcr.microsoft.com/azure-application-gateway/kubernetes-ingress@sha256:92cb29fe2583e4e332f4a6610dd3cd812c2c975d388817934c5c33ff50452a75
    Port:           <none>
    Host Port:      <none>
    State:          Running
      Started:      Thu, 12 Sep 2024 10:58:22 +0300
    Last State:     Terminated
      Reason:       Error
      Exit Code:    255
      Started:      Thu, 12 Sep 2024 10:56:26 +0300
      Finished:     Thu, 12 Sep 2024 10:56:57 +0300
    Ready:          True
    Restart Count:  5
    Limits:
      cpu:     700m
      memory:  600Mi
    Requests:
      cpu:      100m
      memory:   20Mi
    Liveness:   http-get http://:8123/health/alive delay=15s timeout=1s period=20s #success=1 #failure=3
    Readiness:  http-get http://:8123/health/ready delay=5s timeout=1s period=10s #success=1 #failure=3
    Environment Variables from:
      ingress-appgw-cm  ConfigMap  Optional: false
    Environment:
      KUBERNETES_SERVICE_HOST:       <redacted>.hcp.westeurope.azmk8s.io
      KUBERNETES_PORT:                tcp://<redacted>.hcp.westeurope.azmk8s.io:443
      KUBERNETES_PORT_443_TCP:        tcp://<redacted>.hcp.westeurope.azmk8s.io:443
      KUBERNETES_PORT_443_TCP_ADDR:   <redacted>.hcp.westeurope.azmk8s.io
      AZURE_CLOUD_PROVIDER_LOCATION:  /etc/kubernetes/azure.json
      AGIC_POD_NAME:                  ingress-appgw-deployment-cc567775f-ktls9 (v1:metadata.name)
      AGIC_POD_NAMESPACE:             kube-system (v1:metadata.namespace)
      AZURE_ENVIRONMENT:              AZUREPUBLICCLOUD
    Mounts:
      /etc/kubernetes/azure.json from cloud-provider-config (ro)
      /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-ffhg5 (ro)
Conditions:
  Type                        Status
  PodReadyToStartContainers   True 
  Initialized                 True 
  Ready                       True 
  ContainersReady             True 
  PodScheduled                True 
Volumes:
  cloud-provider-config:
    Type:          HostPath (bare host directory volume)
    Path:          /etc/kubernetes/azure.json
    HostPathType:  File
  kube-api-access-ffhg5:
    Type:                    Projected (a volume that contains injected data from multiple sources)
    TokenExpirationSeconds:  3607
    ConfigMapName:           kube-root-ca.crt
    ConfigMapOptional:       <nil>
    DownwardAPI:             true
QoS Class:                   Burstable
Node-Selectors:              <none>
Tolerations:                 CriticalAddonsOnly op=Exists
                             node.kubernetes.io/memory-pressure:NoSchedule op=Exists
                             node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
                             node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:                      <none>

• Output of `kubectl logs .

...
-- App Gwy config --            {
-- App Gwy config --                "id": "/subscriptions/<redacred>/resourceGroups/MC_RG-<redacted>_westeurope/providers/Microsoft.Network/applicationGateways/<redacted>/rewriteRuleSets/crd-dev-gw-ingress-dev-<redacted>",
-- App Gwy config --                "name": "crd-dev-gw-ingress-dev-<redacted>",
-- App Gwy config --                "properties": {
-- App Gwy config --                    "rewriteRules": [
-- App Gwy config --                        {
-- App Gwy config --                            "actionSet": {
-- App Gwy config --                                "requestHeaderConfigurations": [],
-- App Gwy config --                                "responseHeaderConfigurations": [],
-- App Gwy config --                                "urlConfiguration": {
-- App Gwy config --                                    "modifiedPath": "/api/v{var_uri_path_1}/{var_uri_path_2}",
-- App Gwy config --                                    "modifiedQueryString": "",
-- App Gwy config --                                    "reroute": false
-- App Gwy config --                                }
-- App Gwy config --                            },
-- App Gwy config --                            "conditions": [
-- App Gwy config --                                {
-- App Gwy config --                                    "ignoreCase": false,
-- App Gwy config --                                    "negate": false,
-- App Gwy config --                                    "pattern": "/api/v([0-9]+)/r/(.*)",
-- App Gwy config --                                    "variable": "var_uri_path"
-- App Gwy config --                                }
-- App Gwy config --                            ],
-- App Gwy config --                            "name": "gateforce-biller",
-- App Gwy config --                            "ruleSequence": 1
-- App Gwy config --                        }
-- App Gwy config --                    ]
-- App Gwy config --                }
-- App Gwy config --            },
...

• Any Azure support tickets associated with this issue.

[cristicalin]

Found a workaround for this, I can set the modifiedQueryString: '{var_query_string}' and that keeps the original query string