enable support for cors params Change-Id: I3e27c9a459fd2bc614643e55f583c241a363ce7a

commit: e695fe8eae7012be2739ff60f9c17dba393930c8 [log] [tgz]
author: Ondrej Smola <ondrej.smola@tcpcloud.eu> Fri Apr 28 12:22:28 2017 +0200
committer: Ondrej Smola <ondrej.smola@tcpcloud.eu> Tue May 02 14:16:17 2017 +0200
tree: a0786ffba7ed247e6db61bdccf28cafabfd67d30
parent: f55a3ede7c7586ba2d1c5c7226077fec94f60ec7 [diff]
diff --git a/README.rst b/README.rst
index 2a2693f..62b8986 100644
--- a/README.rst
+++ b/README.rst

@@ -160,6 +160,19 @@
               user: 2ec7966596504f59acc3a76b3b9d9291:glance-user
               key: someRandomPassword
 
+Enable CORS parameters
+
+.. code-block:: yaml
+
+    glance:
+      server:
+        cors:
+          allowed_origin: https:localhost.local,http:localhost.local
+          expose_headers: X-Auth-Token,X-Openstack-Request-Id,X-Subject-Token
+          allow_methods: GET,PUT,POST,DELETE,PATCH
+          allow_headers: X-Auth-Token,X-Openstack-Request-Id,X-Subject-Token
+          allow_credentials: True
+          max_age: 86400
 
 Client role
 -----------

diff --git a/glance/files/mitaka/glance-api.conf.Debian b/glance/files/mitaka/glance-api.conf.Debian
index 9254fca..1fef2e8 100644
--- a/glance/files/mitaka/glance-api.conf.Debian
+++ b/glance/files/mitaka/glance-api.conf.Debian

@@ -586,25 +586,45 @@
 # Indicate whether this resource may be shared with the domain
 # received in the requests "origin" header. (list value)
 #allowed_origin = <None>
+{%- if server.cors.allowed_origin is defined %}
+allowed_origin = {{ server.cors.allowed_origin }}
+{%- endif %}
 
 # Indicate that the actual request can include user credentials
 # (boolean value)
 #allow_credentials = true
+{%- if server.cors.allow_credentials is defined %}
+allow_credentials = {{ server.cors.allow_credentials }}
+{%- endif %}
 
 # Indicate which headers are safe to expose to the API. Defaults to
 # HTTP Simple Headers. (list value)
 #expose_headers = X-Image-Meta-Checksum,X-Auth-Token,X-Subject-Token,X-Service-Token,X-OpenStack-Request-ID
+{%- if server.cors.expose_headers is defined %}
+expose_headers = {{ server.cors.expose_headers }}
+{%- endif %}
+
 
 # Maximum cache age of CORS preflight requests. (integer value)
 #max_age = 3600
+{%- if server.cors.max_age is defined %}
+max_age = {{ server.cors.max_age }}
+{%- endif %}
 
 # Indicate which methods can be used during the actual request. (list
 # value)
 #allow_methods = GET,PUT,POST,DELETE,PATCH
+{%- if server.cors.allow_methods is defined %}
+allow_methods = {{ server.cors.allow_methods }}
+{%- endif %}
 
 # Indicate which header field names may be used during the actual
 # request. (list value)
 #allow_headers = Content-MD5,X-Image-Meta-Checksum,X-Storage-Token,Accept-Encoding,X-Auth-Token,X-Identity-Status,X-Roles,X-Service-Catalog,X-User-Id,X-Tenant-Id,X-OpenStack-Request-ID
+{%- if server.cors.allow_headers is defined %}
+allow_headers = {{ server.cors.allow_headers }}
+{%- endif %}
+
 
 
 [cors.subdomain]

diff --git a/glance/files/newton/glance-api.conf.Debian b/glance/files/newton/glance-api.conf.Debian
index 793f4d5..7998526 100644
--- a/glance/files/newton/glance-api.conf.Debian
+++ b/glance/files/newton/glance-api.conf.Debian

@@ -1707,23 +1707,42 @@
 # requests "origin" header. Format: "<protocol>://<host>[:<port>]", no trailing
 # slash. Example: https://horizon.example.com (list value)
 #allowed_origin = <None>
+{%- if server.cors.allowed_origin is defined %}
+allowed_origin = {{ server.cors.allowed_origin }}
+{%- endif %}
 
 # Indicate that the actual request can include user credentials (boolean value)
 #allow_credentials = true
+{%- if server.cors.allow_credentials is defined %}
+allow_credentials = {{ server.cors.allow_credentials }}
+{%- endif %}
 
 # Indicate which headers are safe to expose to the API. Defaults to HTTP Simple
 # Headers. (list value)
 #expose_headers = X-Image-Meta-Checksum,X-Auth-Token,X-Subject-Token,X-Service-Token,X-OpenStack-Request-ID
+{%- if server.cors.expose_headers is defined %}
+expose_headers = {{ server.cors.expose_headers }}
+{%- endif %}
 
 # Maximum cache age of CORS preflight requests. (integer value)
 #max_age = 3600
+{%- if server.cors.max_age is defined %}
+max_age = {{ server.cors.max_age }}
+{%- endif %}
+
 
 # Indicate which methods can be used during the actual request. (list value)
 #allow_methods = GET,PUT,POST,DELETE,PATCH
+{%- if server.cors.allow_methods is defined %}
+allow_methods = {{ server.cors.allow_methods }}
+{%- endif %}
 
 # Indicate which header field names may be used during the actual request. (list
 # value)
 #allow_headers = Content-MD5,X-Image-Meta-Checksum,X-Storage-Token,Accept-Encoding,X-Auth-Token,X-Identity-Status,X-Roles,X-Service-Catalog,X-User-Id,X-Tenant-Id,X-OpenStack-Request-ID
+{%- if server.cors.allow_headers is defined %}
+allow_headers = {{ server.cors.allow_headers }}
+{%- endif %}
 
 
 [cors.subdomain]

diff --git a/glance/files/ocata/glance-api.conf.Debian b/glance/files/ocata/glance-api.conf.Debian
index 1f8c71a..c7ed5c9 100644
--- a/glance/files/ocata/glance-api.conf.Debian
+++ b/glance/files/ocata/glance-api.conf.Debian

@@ -1774,23 +1774,41 @@
 # requests "origin" header. Format: "<protocol>://<host>[:<port>]", no trailing
 # slash. Example: https://horizon.example.com (list value)
 #allowed_origin = <None>
+{%- if server.cors.allowed_origin is defined %}
+allowed_origin = {{ server.cors.allowed_origin }}
+{%- endif %}
 
 # Indicate that the actual request can include user credentials (boolean value)
 #allow_credentials = true
+{%- if server.cors.allow_credentials is defined %}
+allow_credentials = {{ server.cors.allow_credentials }}
+{%- endif %}
 
 # Indicate which headers are safe to expose to the API. Defaults to HTTP Simple
 # Headers. (list value)
 #expose_headers = X-Image-Meta-Checksum,X-Auth-Token,X-Subject-Token,X-Service-Token,X-OpenStack-Request-ID
+{%- if server.cors.expose_headers is defined %}
+expose_headers = {{ server.cors.expose_headers }}
+{%- endif %}
 
 # Maximum cache age of CORS preflight requests. (integer value)
 #max_age = 3600
+{%- if server.cors.max_age is defined %}
+max_age = {{ server.cors.max_age }}
+{%- endif %}
 
 # Indicate which methods can be used during the actual request. (list value)
 #allow_methods = GET,PUT,POST,DELETE,PATCH
+{%- if server.cors.allow_methods is defined %}
+allow_methods = {{ server.cors.allow_methods }}
+{%- endif %}
 
 # Indicate which header field names may be used during the actual request. (list
 # value)
 #allow_headers = Content-MD5,X-Image-Meta-Checksum,X-Storage-Token,Accept-Encoding,X-Auth-Token,X-Identity-Status,X-Roles,X-Service-Catalog,X-User-Id,X-Tenant-Id,X-OpenStack-Request-ID
+{%- if server.cors.allow_headers is defined %}
+allow_headers = {{ server.cors.allow_headers }}
+{%- endif %}
 
 
 [cors.subdomain]

diff --git a/glance/map.jinja b/glance/map.jinja
index 6e7133c..6483c9b 100644
--- a/glance/map.jinja
+++ b/glance/map.jinja

@@ -4,6 +4,7 @@
         'pkgs': ['glance', 'glance-api', 'glance-registry', 'glance-common', 'python-glance', 'python-glance-store', 'python-glanceclient', 'gettext-base', 'python-memcache', 'python-pycadf'],
         'services': ['glance-api', 'glance-registry'],
         'notification': False,
+        'cors': {},
         'audit': {
           'enabled': false
         }
@@ -12,6 +13,7 @@
         'pkgs': ['openstack-glance', 'python-glanceclient','python-pycadf'],
         'services': ['openstack-glance-api', 'openstack-glance-registry'],
         'notification': False,
+        'cors': {},
         'audit': {
           'enabled': false
         }
commit	e695fe8eae7012be2739ff60f9c17dba393930c8	[log] [tgz]
author	Ondrej Smola <ondrej.smola@tcpcloud.eu>	Fri Apr 28 12:22:28 2017 +0200
committer	Ondrej Smola <ondrej.smola@tcpcloud.eu>	Tue May 02 14:16:17 2017 +0200
tree	a0786ffba7ed247e6db61bdccf28cafabfd67d30
parent	f55a3ede7c7586ba2d1c5c7226077fec94f60ec7 [diff]