Merge "added cors support into nova controller"

commit: ecd5bf64f307cd6b6acb69f36e0a72b8d7c4ac4c [log] [tgz]
author: Ales Komarek <akomarek@mirantis.com> Wed May 03 13:03:17 2017 +0000
committer: Gerrit Code Review <gerrit2@5776b83a74fe> Wed May 03 13:03:18 2017 +0000
tree: b61e731996deca8af273d49cae32f34e07695414
parent: a3be3761be2b4a308c7801ad24e2821927e6ab6a [diff]
parent: 25b53cb45e2f568ed95899b71713143cc2709cf3 [diff]
diff --git a/README.rst b/README.rst
index dd27877..252f845 100644
--- a/README.rst
+++ b/README.rst

@@ -118,6 +118,21 @@
       ....
 
 
+Enable CORS parameters
+
+.. code-block:: yaml
+
+    nova:
+      controller:
+        cors:
+          allowed_origin: https:localhost.local,http:localhost.local
+          expose_headers: X-Auth-Token,X-Openstack-Request-Id,X-Subject-Token
+          allow_methods: GET,PUT,POST,DELETE,PATCH
+          allow_headers: X-Auth-Token,X-Openstack-Request-Id,X-Subject-Token
+          allow_credentials: True
+          max_age: 86400
+
+
 Compute nodes
 -------------
 

diff --git a/nova/files/mitaka/nova-controller.conf.Debian b/nova/files/mitaka/nova-controller.conf.Debian
index 4554ca1..7c9b434 100644
--- a/nova/files/mitaka/nova-controller.conf.Debian
+++ b/nova/files/mitaka/nova-controller.conf.Debian

@@ -205,3 +205,49 @@
 
 [vnc]
 keymap = {{ controller.get('vnc_keymap', 'en-us') }}
+
+
+[cors]
+#
+# From oslo.middleware
+#
+
+# Indicate whether this resource may be shared with the domain received in the
+# requests "origin" header. (list value)
+#allowed_origin = <None>
+{% if controller.cors.allowed_origin is defined %}
+allowed_origin = {{ controller.cors.allowed_origin }}
+{% endif %}
+
+# Indicate that the actual request can include user credentials (boolean value)
+#allow_credentials = true
+{% if controller.cors.allow_credentials is defined %}
+allow_credentials = {{ controller.cors.allow_credentials }}
+{% endif %}
+
+# Indicate which headers are safe to expose to the API. Defaults to HTTP Simple
+# Headers. (list value)
+#expose_headers = X-Auth-Token,X-Openstack-Request-Id,X-Subject-Token
+{% if controller.cors.expose_headers is defined %}
+expose_headers = {{ controller.cors.expose_headers }}
+{% endif %}
+
+# Maximum cache age of CORS preflight requests. (integer value)
+#max_age = 3600
+{% if controller.cors.max_age is defined %}
+max_age = {{ controller.cors.max_age }}
+{% endif %}
+
+
+# Indicate which methods can be used during the actual request. (list value)
+#allow_methods = GET,PUT,POST,DELETE,PATCH
+{% if controller.cors.allow_methods is defined %}
+allow_methods = {{ controller.cors.allow_methods }}
+{% endif %}
+
+# Indicate which header field names may be used during the actual request.
+# (list value)
+#allow_headers = X-Auth-Token,X-Openstack-Request-Id,X-Subject-Token,X-Project-Id,X-Project-Name,X-Project-Domain-Id,X-Project-Domain-Name,X-Domain-Id,X-Domain-Name
+{% if controller.cors.allow_headers is defined %}
+allow_headers = {{ controller.cors.allow_headers }}
+{% endif %}

diff --git a/nova/files/newton/nova-controller.conf.Debian b/nova/files/newton/nova-controller.conf.Debian
index 159485f..5f5fbe6 100644
--- a/nova/files/newton/nova-controller.conf.Debian
+++ b/nova/files/newton/nova-controller.conf.Debian

@@ -216,3 +216,48 @@
 
 [wsgi]
 api_paste_config=/etc/nova/api-paste.ini
+
+[cors]
+#
+# From oslo.middleware
+#
+
+# Indicate whether this resource may be shared with the domain received in the
+# requests "origin" header. (list value)
+#allowed_origin = <None>
+{% if controller.cors.allowed_origin is defined %}
+allowed_origin = {{ controller.cors.allowed_origin }}
+{% endif %}
+
+# Indicate that the actual request can include user credentials (boolean value)
+#allow_credentials = true
+{% if controller.cors.allow_credentials is defined %}
+allow_credentials = {{ controller.cors.allow_credentials }}
+{% endif %}
+
+# Indicate which headers are safe to expose to the API. Defaults to HTTP Simple
+# Headers. (list value)
+#expose_headers = X-Auth-Token,X-Openstack-Request-Id,X-Subject-Token
+{% if controller.cors.expose_headers is defined %}
+expose_headers = {{ controller.cors.expose_headers }}
+{% endif %}
+
+# Maximum cache age of CORS preflight requests. (integer value)
+#max_age = 3600
+{% if controller.cors.max_age is defined %}
+max_age = {{ controller.cors.max_age }}
+{% endif %}
+
+
+# Indicate which methods can be used during the actual request. (list value)
+#allow_methods = GET,PUT,POST,DELETE,PATCH
+{% if controller.cors.allow_methods is defined %}
+allow_methods = {{ controller.cors.allow_methods }}
+{% endif %}
+
+# Indicate which header field names may be used during the actual request.
+# (list value)
+#allow_headers = X-Auth-Token,X-Openstack-Request-Id,X-Subject-Token,X-Project-Id,X-Project-Name,X-Project-Domain-Id,X-Project-Domain-Name,X-Domain-Id,X-Domain-Name
+{% if controller.cors.allow_headers is defined %}
+allow_headers = {{ controller.cors.allow_headers }}
+{% endif %}

diff --git a/nova/files/ocata/nova-controller.conf.Debian b/nova/files/ocata/nova-controller.conf.Debian
index eb23112..52f9a33 100644
--- a/nova/files/ocata/nova-controller.conf.Debian
+++ b/nova/files/ocata/nova-controller.conf.Debian

@@ -4283,25 +4283,41 @@
 # requests "origin" header. Format: "<protocol>://<host>[:<port>]", no trailing
 # slash. Example: https://horizon.example.com (list value)
 #allowed_origin=<None>
+{% if controller.cors.allowed_origin is defined %}
+allowed_origin = {{ controller.cors.allowed_origin }}
+{% endif %}
 
 # Indicate that the actual request can include user credentials (boolean value)
 #allow_credentials=true
+{% if controller.cors.allow_credentials is defined %}
+allow_credentials = {{ controller.cors.allow_credentials }}
+{% endif %}
 
 # Indicate which headers are safe to expose to the API. Defaults to HTTP Simple
 # Headers. (list value)
 #expose_headers=X-Auth-Token,X-Openstack-Request-Id,X-Subject-Token,X-Service-Token
+{% if controller.cors.expose_headers is defined %}
+expose_headers = {{ controller.cors.expose_headers }}
+{% endif %}
 
 # Maximum cache age of CORS preflight requests. (integer value)
 #max_age=3600
-max_age=0
+{% if controller.cors.max_age is defined %}
+max_age = {{ controller.cors.max_age }}
+{% endif %}
 
 # Indicate which methods can be used during the actual request. (list value)
 #allow_methods=GET,PUT,POST,DELETE,PATCH
+{% if controller.cors.allow_methods is defined %}
+allow_methods = {{ controller.cors.allow_methods }}
+{% endif %}
 
 # Indicate which header field names may be used during the actual request. (list
 # value)
 #allow_headers=X-Auth-Token,X-Openstack-Request-Id,X-Identity-Status,X-Roles,X-Service-Catalog,X-User-Id,X-Tenant-Id
-
+{% if controller.cors.allow_headers is defined %}
+allow_headers = {{ controller.cors.allow_headers }}
+{% endif %}
 
 [cors.subdomain]
 

diff --git a/nova/map.jinja b/nova/map.jinja
index 81df0a8..4d56253 100644
--- a/nova/map.jinja
+++ b/nova/map.jinja

@@ -11,6 +11,7 @@
         'services': ['nova-api', 'nova-cert', 'nova-consoleauth', 'nova-scheduler', 'nova-conductor', 'nova-novncproxy'],
         'debug': false,
         'notification': false,
+        'cors': {},
         'audit': {
           'enabled': false
         },
@@ -20,6 +21,7 @@
         'services': ['openstack-nova-api', 'openstack-nova-cert', 'openstack-nova-consoleauth', 'openstack-nova-scheduler', 'openstack-nova-conductor', 'openstack-nova-novncproxy'],
         'debug': false,
         'notification': false,
+        'cors': {},
         'audit': {
           'enabled': false
         },
commit	ecd5bf64f307cd6b6acb69f36e0a72b8d7c4ac4c	[log] [tgz]
author	Ales Komarek <akomarek@mirantis.com>	Wed May 03 13:03:17 2017 +0000
committer	Gerrit Code Review <gerrit2@5776b83a74fe>	Wed May 03 13:03:18 2017 +0000
tree	b61e731996deca8af273d49cae32f34e07695414
parent	a3be3761be2b4a308c7801ad24e2821927e6ab6a [diff]
parent	25b53cb45e2f568ed95899b71713143cc2709cf3 [diff]