Murano used to have a custom, always-enabled ssl middleware, to parse
X-Forwarded-Proto header, to let murano work correctly behind an SSL
proxy. There is now an oslo middleware, that does the
same thing, but more thoroughly.
This commit replaces custom implementation with oslo one.
Co-Authored-By: Kirill Zaitsev <k.zaitsev@me.com>
Change-Id: I5444542b878434fb656e19b12d0f6e71df1ab95f
1.Add the devstack support for new cfapi
2.service broker use separate paste file
3.service broker use separate db
Closes-Bug: #1500777
Closes-Bug: #1500827
Change-Id: I2842828fe14878e6ff5ac194473f2ffa619370df
partial-implement: bp separate-service-broker-from-murano
Create separate murano-cfapi-paste.ini for service broker,
Change service broker start command to:
`murano-cfapi --config-file etc/murano/murano-cfapi.conf`
And move service broker api to the top level.
Change-Id: Id56786f31c16da11019a2064cc4285bdd266f538
partial-implement: bp separate-service-broker-from-murano
The default values needed for murano's implementation of cors
middleware have been moved from paste.ini into the configuration
hooks provided by oslo.config. Furthermore, these values have been
added to the default initialization procedure. This ensures
that if a value remains unset in the configuration file, it will
fallback to using sane defaults. It also ensures that an operator
modifying the configuration will be presented with that same
set of defaults.
Change-Id: I50a204e27a43991d94cfb5f39c1dd3e904eb5696
Closes-Bug: #1551836
Now we can use keystonemiddleware and murano context middleware for requests
from outside OpenStack so we don't need to recreate keystoneclient for each
request and can easily get token from the request headers. That makes
authorization proccess a lot easier in terms of source code.
Change-Id: If937501074b85d43921fdb108f8af3babeded828
Closes-Bug: #1512254
New middleware will solve the problem with non-Openstack requests by
adding some minimal required headers.
Change-Id: I49986e73d0eb3da1ce13d22771c6bcb5a28ba846
Implements: bp external-request-middleware
Murano doesn't handle request properly if it is behind an SSL
termination proxy. In this case HTTP redirection and returned URLs
use http instead of https.
New middleware helps to handle the situation below properly. The purpose of the
SSLMiddleware is to update the wsgi.url_scheme environment variable of
the request with the value contained in an HTTP header that can be
configured in the configuration file (by default: 'X-Forwarded-Proto')
Closes-Bug: #1504610
Change-Id: Id7cfa1bce00c965b618a4f3e4ca2c915a57bbe52
In this commit we added new murano service called murano-cfapi.
It's Cloud Foundry Service Broker API implementation for OpenStack.
* add new entrypoint for murano-cfapi
* add provision/deprovision operations for Cloud Foundry.
partial-implement: bp cloudfoundry-api-support
Change-Id: I5cdb612774f5e46ec7fc787f961e5c7e16ed8501
This commit adds request-id filter to paste config and adds support for
request_id to the ContextMiddleware. This would mean, that request-id,
generated for each particular request to api would be returned to the
caller in the form of 'x-openstack-request-id' header
Targets blueprint: murano-x-openstack-request-id-support
Change-Id: Id3d593c33fd31bae7226052b908750e5c000f730
* Provide exceptions details in the response body
* Decode package exception message to keep correct formatting
Partly-Closes-Bug: #1328662
Change-Id: I28000ec42db644d5db75f92d968955f7dd620091