enable support for cors params
Change-Id: I17beef615a50fdf2c8d8d805b5b6b37a2f6c48dd
diff --git a/README.rst b/README.rst
index da40458..2930b2a 100644
--- a/README.rst
+++ b/README.rst
@@ -67,6 +67,21 @@
virtual_host: '/openstack'
ha_queues: True
+Enable CORS parameters
+
+.. code-block:: yaml
+
+ heat:
+ server:
+ cors:
+ allowed_origin: https:localhost.local,http:localhost.local
+ expose_headers: X-Auth-Token,X-Openstack-Request-Id,X-Subject-Token
+ allow_methods: GET,PUT,POST,DELETE,PATCH
+ allow_headers: X-Auth-Token,X-Openstack-Request-Id,X-Subject-Token
+ allow_credentials: True
+ max_age: 86400
+
+
Heat client with specified git templates
.. code-block:: yaml
diff --git a/heat/files/mitaka/heat.conf.Debian b/heat/files/mitaka/heat.conf.Debian
index 62a9039..80f7ff3 100644
--- a/heat/files/mitaka/heat.conf.Debian
+++ b/heat/files/mitaka/heat.conf.Debian
@@ -765,3 +765,52 @@
api_port={{ client.api.port }}
{%- endif %}
+
+
+[cors]
+
+#
+# From oslo.middleware.cors
+#
+
+# Indicate whether this resource may be shared with the domain
+# received in the requests "origin" header. (list value)
+#allowed_origin = <None>
+{%- if server.cors.allowed_origin is defined %}
+allowed_origin = {{ server.cors.allowed_origin }}
+{%- endif %}
+
+# Indicate that the actual request can include user credentials
+# (boolean value)
+#allow_credentials = true
+{%- if server.cors.allow_credentials is defined %}
+allow_credentials = {{ server.cors.allow_credentials }}
+{%- endif %}
+
+# Indicate which headers are safe to expose to the API. Defaults to
+# HTTP Simple Headers. (list value)
+#expose_headers = X-Image-Meta-Checksum,X-Auth-Token,X-Subject-Token,X-Service-Token,X-OpenStack-Request-ID
+{%- if server.cors.expose_headers is defined %}
+expose_headers = {{ server.cors.expose_headers }}
+{%- endif %}
+
+
+# Maximum cache age of CORS preflight requests. (integer value)
+#max_age = 3600
+{%- if server.cors.max_age is defined %}
+max_age = {{ server.cors.max_age }}
+{%- endif %}
+
+# Indicate which methods can be used during the actual request. (list
+# value)
+#allow_methods = GET,PUT,POST,DELETE,PATCH
+{%- if server.cors.allow_methods is defined %}
+allow_methods = {{ server.cors.allow_methods }}
+{%- endif %}
+
+# Indicate which header field names may be used during the actual
+# request. (list value)
+#allow_headers = Content-MD5,X-Image-Meta-Checksum,X-Storage-Token,Accept-Encoding,X-Auth-Token,X-Identity-Status,X-Roles,X-Service-Catalog,X-User-Id,X-Tenant-Id,X-OpenStack-Request-ID
+{%- if server.cors.allow_headers is defined %}
+allow_headers = {{ server.cors.allow_headers }}
+{%- endif %}
\ No newline at end of file
diff --git a/heat/files/newton/heat.conf.Debian b/heat/files/newton/heat.conf.Debian
index 9931bab..be6e869 100644
--- a/heat/files/newton/heat.conf.Debian
+++ b/heat/files/newton/heat.conf.Debian
@@ -763,3 +763,52 @@
api_port={{ client.api.port }}
{%- endif %}
+
+
+[cors]
+
+#
+# From oslo.middleware.cors
+#
+
+# Indicate whether this resource may be shared with the domain
+# received in the requests "origin" header. (list value)
+#allowed_origin = <None>
+{%- if server.cors.allowed_origin is defined %}
+allowed_origin = {{ server.cors.allowed_origin }}
+{%- endif %}
+
+# Indicate that the actual request can include user credentials
+# (boolean value)
+#allow_credentials = true
+{%- if server.cors.allow_credentials is defined %}
+allow_credentials = {{ server.cors.allow_credentials }}
+{%- endif %}
+
+# Indicate which headers are safe to expose to the API. Defaults to
+# HTTP Simple Headers. (list value)
+#expose_headers = X-Image-Meta-Checksum,X-Auth-Token,X-Subject-Token,X-Service-Token,X-OpenStack-Request-ID
+{%- if server.cors.expose_headers is defined %}
+expose_headers = {{ server.cors.expose_headers }}
+{%- endif %}
+
+
+# Maximum cache age of CORS preflight requests. (integer value)
+#max_age = 3600
+{%- if server.cors.max_age is defined %}
+max_age = {{ server.cors.max_age }}
+{%- endif %}
+
+# Indicate which methods can be used during the actual request. (list
+# value)
+#allow_methods = GET,PUT,POST,DELETE,PATCH
+{%- if server.cors.allow_methods is defined %}
+allow_methods = {{ server.cors.allow_methods }}
+{%- endif %}
+
+# Indicate which header field names may be used during the actual
+# request. (list value)
+#allow_headers = Content-MD5,X-Image-Meta-Checksum,X-Storage-Token,Accept-Encoding,X-Auth-Token,X-Identity-Status,X-Roles,X-Service-Catalog,X-User-Id,X-Tenant-Id,X-OpenStack-Request-ID
+{%- if server.cors.allow_headers is defined %}
+allow_headers = {{ server.cors.allow_headers }}
+{%- endif %}
\ No newline at end of file
diff --git a/heat/files/ocata/heat.conf.Debian b/heat/files/ocata/heat.conf.Debian
index f7480f0..7504d28 100644
--- a/heat/files/ocata/heat.conf.Debian
+++ b/heat/files/ocata/heat.conf.Debian
@@ -1131,23 +1131,42 @@
# requests "origin" header. Format: "<protocol>://<host>[:<port>]", no trailing
# slash. Example: https://horizon.example.com (list value)
#allowed_origin = <None>
+{%- if server.cors.allowed_origin is defined %}
+allowed_origin = {{ server.cors.allowed_origin }}
+{%- endif %}
# Indicate that the actual request can include user credentials (boolean value)
#allow_credentials = true
+{%- if server.cors.allow_credentials is defined %}
+allow_credentials = {{ server.cors.allow_credentials }}
+{%- endif %}
# Indicate which headers are safe to expose to the API. Defaults to HTTP Simple
# Headers. (list value)
#expose_headers = X-Auth-Token,X-Subject-Token,X-Service-Token,X-OpenStack-Request-ID
+{%- if server.cors.expose_headers is defined %}
+expose_headers = {{ server.cors.expose_headers }}
+{%- endif %}
# Maximum cache age of CORS preflight requests. (integer value)
#max_age = 3600
+{%- if server.cors.max_age is defined %}
+max_age = {{ server.cors.max_age }}
+{%- endif %}
+
# Indicate which methods can be used during the actual request. (list value)
#allow_methods = GET,PUT,POST,DELETE,PATCH
+{%- if server.cors.allow_methods is defined %}
+allow_methods = {{ server.cors.allow_methods }}
+{%- endif %}
# Indicate which header field names may be used during the actual request.
# (list value)
#allow_headers = X-Auth-Token,X-Identity-Status,X-Roles,X-Service-Catalog,X-User-Id,X-Tenant-Id,X-OpenStack-Request-ID
+{%- if server.cors.allow_headers is defined %}
+allow_headers = {{ server.cors.allow_headers }}
+{%- endif %}
[cors.subdomain]
diff --git a/heat/map.jinja b/heat/map.jinja
index e62918c..f6c7a9f 100644
--- a/heat/map.jinja
+++ b/heat/map.jinja
@@ -3,12 +3,14 @@
'Debian': {
'pkgs': ['heat-api', 'heat-api-cfn', 'heat-api-cloudwatch', 'heat-engine', 'heat-common','python-heatclient', 'gettext-base'],
'services': ['heat-api', 'heat-api-cfn', 'heat-api-cloudwatch', 'heat-engine'],
- 'notification': False
+ 'notification': False,
+ 'cors': {}
},
'RedHat': {
'pkgs': ['openstack-heat-api', 'openstack-heat-api-cfn', 'openstack-heat-api-cloudwatch', 'openstack-heat-engine', 'openstack-heat-common'],
'services': ['openstack-heat-api', 'openstack-heat-api-cfn', 'openstack-heat-api-cloudwatch', 'openstack-heat-engine'],
- 'notification': False
+ 'notification': False,
+ 'cors': {}
},
}, merge=pillar.heat.get('server', {})) %}