From 1bb86dd4ce7cd7b795ffa4b9c36d5a3a15150f74 Mon Sep 17 00:00:00 2001 From: Jens Rosenboom Date: Fri, 10 Feb 2017 16:53:36 +0100 Subject: [PATCH] Fix wsgi app creation The use of the keystone_wsgi_file that we copy in order to create our keystone apps is deprecated and the file will be removed for Ocata. So we switch to using the variant provided by upstream instead. Change-Id: I8970d4ee9692fd13d52b2304ff3a1ae93b693500 --- recipes/server-apache.rb | 18 ++---------------- spec/server-apache_spec.rb | 22 ++-------------------- templates/default/wsgi-keystone.conf.erb | 4 ++++ 3 files changed, 8 insertions(+), 36 deletions(-) diff --git a/recipes/server-apache.rb b/recipes/server-apache.rb index dfc02d6..2d18291 100644 --- a/recipes/server-apache.rb +++ b/recipes/server-apache.rb @@ -274,30 +274,16 @@ directory keystone_apache_dir do mode 00755 end -server_entry_main = "#{keystone_apache_dir}/main" -server_entry_admin = "#{keystone_apache_dir}/admin" - -# Note: Using lazy here as the wsgi file is not available until after -# the keystone package is installed during execution phase. -[server_entry_main, server_entry_admin].each do |server_entry| - file server_entry do - content lazy { IO.read(platform_options['keystone_wsgi_file']) } - owner 'root' - group 'root' - mode 00755 - end -end - wsgi_apps = { 'main' => { server_host: main_bind_address, server_port: main_bind_service.port, - server_entry: server_entry_main + server_entry: '/usr/bin/keystone-wsgi-public' }, 'admin' => { server_host: admin_bind_address, server_port: admin_bind_service.port, - server_entry: server_entry_admin + server_entry: '/usr/bin/keystone-wsgi-admin' } } diff --git a/spec/server-apache_spec.rb b/spec/server-apache_spec.rb index 3387c92..7416dc7 100644 --- a/spec/server-apache_spec.rb +++ b/spec/server-apache_spec.rb @@ -357,24 +357,6 @@ describe 'openstack-identity::server-apache' do end end - it 'creates directory /var/www/html/keystone' do - expect(chef_run).to create_directory('/var/www/html/keystone').with( - user: 'root', - group: 'root', - mode: 00755 - ) - end - - it 'creates wsgi files' do - %w(main admin).each do |file| - expect(chef_run).to create_file("/var/www/html/keystone/#{file}").with( - user: 'root', - group: 'root', - mode: 00755 - ) - end - end - describe 'apache wsgi' do ['/etc/apache2/sites-available/keystone-main.conf', '/etc/apache2/sites-available/keystone-admin.conf'].each do |file| @@ -446,7 +428,7 @@ describe 'openstack-identity::server-apache' do [/^$/, /^ WSGIDaemonProcess keystone-main/, /^ WSGIProcessGroup keystone-main$/, - %r{^ WSGIScriptAlias / /var/www/html/keystone/main$}].each do |line| + %r{^ WSGIScriptAlias / /usr/bin/keystone-wsgi-public$}].each do |line| expect(chef_run).to render_file('/etc/apache2/sites-available/keystone-main.conf').with_content(line) end end @@ -457,7 +439,7 @@ describe 'openstack-identity::server-apache' do [/^$/, /^ WSGIDaemonProcess keystone-admin/, /^ WSGIProcessGroup keystone-admin$/, - %r{^ WSGIScriptAlias / /var/www/html/keystone/admin$}].each do |line| + %r{^ WSGIScriptAlias / /usr/bin/keystone-wsgi-admin$}].each do |line| expect(chef_run).to render_file('/etc/apache2/sites-available/keystone-admin.conf').with_content(line) end end diff --git a/templates/default/wsgi-keystone.conf.erb b/templates/default/wsgi-keystone.conf.erb index 3f40553..e7bbcfb 100644 --- a/templates/default/wsgi-keystone.conf.erb +++ b/templates/default/wsgi-keystone.conf.erb @@ -14,6 +14,10 @@ LogLevel debug <% end -%> + + Require all granted + + <% if @params[:use_ssl] -%> SSLEngine On SSLCertificateFile <%= @params[:cert_file] %>