Add http_proxy_to_wsgi to api-paste

This sets up the HTTPProxyToWSGI middleware in front of senlin-api. The
purpose of this middleware is to set up the request URL correctly in
the case there is a proxy (For instance, a loadbalancer such as HAProxy)
in front of senlin-api.

So, when TLS connections are terminated at the proxy, and one tries to
get the versions from the '/' resource from senlin-api, one will notice
that the protocol is incorrect; It will show 'http' instead of 'https'.
So this middleware handles such cases, thus helping Keystone discovery
work correctly.

The HTTPProxyToWSGI is off by default and needs to be enabled via a
configuration value.

Change-Id: Ia65ecdcc07084514884258661f840e6edcb200a4
Closes-Bug: #1590608
Co-Authored-By: pallavi <pallavi.s@nectechnologies.in>

etc/senlin/api-paste.ini

@@ -1,7 +1,7 @@
 
 # senlin-api pipeline
 [pipeline:senlin-api]
-pipeline = request_id faultwrap ssl versionnegotiation osprofiler webhook authtoken context trust apiv1app
+pipeline = http_proxy_to_wsgi request_id faultwrap ssl versionnegotiation osprofiler webhook authtoken context trust apiv1app
 
 [app:apiv1app]
 paste.app_factory = senlin.api.common.wsgi:app_factory
@@ -34,6 +34,10 @@ senlin.filter_factory = senlin.api.middleware:trust_filter
 paste.filter_factory = senlin.api.common.wsgi:filter_factory
 senlin.filter_factory = senlin.api.middleware:webhook_filter
 
+[filter:http_proxy_to_wsgi]
+paste.filter_factory = oslo_middleware.http_proxy_to_wsgi:HTTPProxyToWSGI.factory
+oslo_config_project = senlin
+
 # Auth middleware that validates token against keystone
 [filter:authtoken]
 paste.filter_factory = keystonemiddleware.auth_token:filter_factory

tools/config-generator.conf

@@ -6,6 +6,7 @@ namespace = keystonemiddleware.auth_token
 namespace = oslo.db
 namespace = oslo.log
 namespace = oslo.messaging
+namespace = oslo.middleware.http_proxy_to_wsgi
 namespace = oslo.policy
 namespace = oslo.service.periodic_task
 namespace = oslo.service.service