Moved CORS middleware configuration into set_defaults
The default values needed for trove's implementation of cors middleware have been moved from paste.ini into a common set_defaults method, invoked on load. Unlike similar patches on other services, this patch does not include config-generation hooks, as trove doesn't use them yet. Change-Id: Id8e04249498f63e42dadcacbd2c08b525adc0958 Closes-Bug: 1551836
This commit is contained in:
parent
cc18985814
commit
552f1f2070
|
@ -22,9 +22,6 @@ paste.filter_factory = trove.common.auth:AuthorizationMiddleware.factory
|
|||
[filter:cors]
|
||||
paste.filter_factory = oslo_middleware.cors:filter_factory
|
||||
oslo_config_project = trove
|
||||
latent_allow_headers = X-Auth-Token, X-Identity-Status, X-Roles, X-Service-Catalog, X-User-Id, X-Tenant-Id, X-OpenStack-Request-ID
|
||||
latent_expose_headers = X-Auth-Token, X-Subject-Token, X-Service-Token, X-OpenStack-Request-ID
|
||||
latent_allow_methods = GET, PUT, POST, DELETE, PATCH
|
||||
|
||||
[filter:contextwrapper]
|
||||
paste.filter_factory = trove.common.wsgi:ContextMiddleware.factory
|
||||
|
|
|
@ -262,35 +262,54 @@ api_strategy = trove.common.strategies.cluster.experimental.vertica.api.VerticaA
|
|||
[cors]
|
||||
|
||||
#
|
||||
# Options defined in oslo_middleware.cors.CORS.
|
||||
# This entire section is optional.
|
||||
# From oslo.middleware.cors
|
||||
#
|
||||
|
||||
# The default protocol, domain, and port from which HTTP requests are
|
||||
# permitted.
|
||||
# allowed_origin=https://localhost:443
|
||||
# Indicate whether this resource may be shared with the domain received in the
|
||||
# requests "origin" header. (list value)
|
||||
#allowed_origin = <None>
|
||||
|
||||
# Whether to permit credential headers on CORS requests.
|
||||
# allow_credentials = True
|
||||
# Indicate that the actual request can include user credentials (boolean value)
|
||||
#allow_credentials = true
|
||||
|
||||
# CORS preflight responses may be cached. This setting allows you to tell the
|
||||
# client how many seconds that cache should persist.
|
||||
# max_age=3600
|
||||
# Indicate which headers are safe to expose to the API. Defaults to HTTP Simple
|
||||
# Headers. (list value)
|
||||
#expose_headers = X-Auth-Token, X-Subject-Token, X-Service-Token, X-OpenStack-Request-ID
|
||||
|
||||
# The list of HTTP methods which clients may access. These may be overridden by
|
||||
# the software itself.
|
||||
# allow_methods=GET,POST,PUT,DELETE,PATCH
|
||||
# Maximum cache age of CORS preflight requests. (integer value)
|
||||
#max_age = 3600
|
||||
|
||||
# The default list of headers each CORS client may access.
|
||||
# allow_headers=X-Custom-Header
|
||||
# Indicate which methods can be used during the actual request. (list value)
|
||||
#allow_methods = GET,PUT,POST,DELETE,PATCH
|
||||
|
||||
# The default list of headers exposed on each CORS request. To allow proper
|
||||
# microversion detection, please ensure that the 'X-OpenStack-Ironic-API-Version
|
||||
# header is included in this list.
|
||||
# expose_headers=X-Custom-Header
|
||||
# Indicate which header field names may be used during the actual request.
|
||||
# (list value)
|
||||
#allow_headers = X-Auth-Token, X-Identity-Status, X-Roles, X-Service-Catalog, X-User-Id, X-Tenant-Id, X-OpenStack-Request-ID
|
||||
|
||||
[cors.optional]
|
||||
|
||||
# An additional domain from which CORS requests are permitted, which defaults
|
||||
# to settings set above.
|
||||
# allowed_origin=https://otherhost:443
|
||||
[cors.subdomain]
|
||||
|
||||
#
|
||||
# From oslo.middleware.cors
|
||||
#
|
||||
|
||||
# Indicate whether this resource may be shared with the domain received in the
|
||||
# requests "origin" header. (list value)
|
||||
#allowed_origin = <None>
|
||||
|
||||
# Indicate that the actual request can include user credentials (boolean value)
|
||||
#allow_credentials = true
|
||||
|
||||
# Indicate which headers are safe to expose to the API. Defaults to HTTP Simple
|
||||
# Headers. (list value)
|
||||
#expose_headers = X-Auth-Token, X-Subject-Token, X-Service-Token, X-OpenStack-Request-ID
|
||||
|
||||
# Maximum cache age of CORS preflight requests. (integer value)
|
||||
#max_age = 3600
|
||||
|
||||
# Indicate which methods can be used during the actual request. (list value)
|
||||
#allow_methods = GET,PUT,POST,DELETE,PATCH
|
||||
|
||||
# Indicate which header field names may be used during the actual request.
|
||||
# (list value)
|
||||
#allow_headers = X-Auth-Token, X-Identity-Status, X-Roles, X-Service-Catalog, X-User-Id, X-Tenant-Id, X-OpenStack-Request-ID
|
|
@ -19,7 +19,10 @@ from trove.common import profile
|
|||
|
||||
@with_initialize
|
||||
def main(CONF):
|
||||
from trove.common import cfg
|
||||
from trove.common import wsgi
|
||||
|
||||
cfg.set_api_config_defaults()
|
||||
profile.setup_profiler('api', CONF.host)
|
||||
conf_file = CONF.find_file(CONF.api_paste_config)
|
||||
workers = CONF.trove_api_workers or processutils.get_worker_count()
|
||||
|
|
|
@ -20,6 +20,7 @@ import os.path
|
|||
from oslo_config import cfg
|
||||
from oslo_config.cfg import NoSuchOptError
|
||||
from oslo_log import log as logging
|
||||
from oslo_middleware import cors
|
||||
from osprofiler import opts as profiler
|
||||
|
||||
from trove.version import version_info as version
|
||||
|
@ -1396,3 +1397,28 @@ def get_configuration_property(property_name, manager=None):
|
|||
return CONF.get(datastore_manager).get(property_name)
|
||||
except NoSuchOptError:
|
||||
return CONF.get(property_name)
|
||||
|
||||
|
||||
def set_api_config_defaults():
|
||||
"""This method updates all configuration default values."""
|
||||
|
||||
# CORS Middleware Defaults
|
||||
# TODO(krotscheck): Update with https://review.openstack.org/#/c/285368/
|
||||
cfg.set_defaults(cors.CORS_OPTS,
|
||||
allow_headers=['X-Auth-Token',
|
||||
'X-Identity-Status',
|
||||
'X-Roles',
|
||||
'X-Service-Catalog',
|
||||
'X-User-Id',
|
||||
'X-Tenant-Id',
|
||||
'X-OpenStack-Request-ID'],
|
||||
expose_headers=['X-Auth-Token',
|
||||
'X-Subject-Token',
|
||||
'X-Service-Token',
|
||||
'X-OpenStack-Request-ID'],
|
||||
allow_methods=['GET',
|
||||
'PUT',
|
||||
'POST',
|
||||
'DELETE',
|
||||
'PATCH']
|
||||
)
|
||||
|
|
Loading…
Reference in New Issue