From 7a93458baa99f6b8c1538f14f521703082af9c42 Mon Sep 17 00:00:00 2001 From: Michael Krotscheck Date: Wed, 2 Mar 2016 07:48:05 -0800 Subject: [PATCH] Moved CORS middleware configuration into oslo-config-generator The default values needed for glance's implementation of cors middleware have been moved from paste.ini into the configuration hooks provided by oslo.config. Furthermore, these values have been added to glance's default configuration parsing. This ensures that if a value remains unset in glance-api.conf, it will be set to use sane defaults, and that an operator modifying the configuration file will be presented with a default set of necessary sane headers. Change-Id: I3c9d267b6224d6c7e5cc2c41cb51fb7e363c4955 Closes-Bug: 1551836 --- etc/glance-api-paste.ini | 17 ----------------- glance/cmd/api.py | 1 + glance/cmd/manage.py | 1 + glance/cmd/registry.py | 1 + glance/common/config.py | 35 +++++++++++++++++++++++++++++++++++ glance/common/wsgi.py | 2 ++ setup.cfg | 2 ++ 7 files changed, 42 insertions(+), 17 deletions(-) diff --git a/etc/glance-api-paste.ini b/etc/glance-api-paste.ini index 33587148..9efd19f7 100644 --- a/etc/glance-api-paste.ini +++ b/etc/glance-api-paste.ini @@ -85,20 +85,3 @@ enabled = yes #DEPRECATED paste.filter_factory = oslo_middleware.cors:filter_factory oslo_config_project = glance oslo_config_program = glance-api -# Basic Headers (Automatic) -# Accept = Origin, Accept, Accept-Language, Content-Type, Cache-Control, Content-Language, Expires, Last-Modified, Pragma -# Expose = Origin, Accept, Accept-Language, Content-Type, Cache-Control, Content-Language, Expires, Last-Modified, Pragma - -# Glance Headers -# Accept = Content-MD5, X-Image-Meta-Checksum, X-Storage-Token, Accept-Encoding -# Expose = X-Image-Meta-Checksum - -# Keystone Headers -# Accept = X-Auth-Token, X-Identity-Status, X-Roles, X-Service-Catalog, X-User-Id, X-Tenant-Id -# Expose = X-Auth-Token, X-Subject-Token, X-Service-Token - -# Request ID Middleware Headers -# Accept = X-OpenStack-Request-ID -# Expose = X-OpenStack-Request-ID -latent_allow_headers = Content-MD5, X-Image-Meta-Checksum, X-Storage-Token, Accept-Encoding, X-Auth-Token, X-Identity-Status, X-Roles, X-Service-Catalog, X-User-Id, X-Tenant-Id, X-OpenStack-Request-ID -latent_expose_headers = X-Image-Meta-Checksum, X-Auth-Token, X-Subject-Token, X-Service-Token, X-OpenStack-Request-ID \ No newline at end of file diff --git a/glance/cmd/api.py b/glance/cmd/api.py index 543967f3..6ab3367f 100755 --- a/glance/cmd/api.py +++ b/glance/cmd/api.py @@ -71,6 +71,7 @@ def fail(e): def main(): try: config.parse_args() + config.set_config_defaults() wsgi.set_eventlet_hub() logging.setup(CONF, 'glance') notifier.set_defaults() diff --git a/glance/cmd/manage.py b/glance/cmd/manage.py index 9132491d..702cd3ba 100755 --- a/glance/cmd/manage.py +++ b/glance/cmd/manage.py @@ -323,6 +323,7 @@ def main(): cfg_files.extend(cfg.find_config_files(project='glance', prog='glance-manage')) config.parse_args(default_config_files=cfg_files) + config.set_config_defaults() logging.setup(CONF, 'glance') except RuntimeError as e: sys.exit("ERROR: %s" % e) diff --git a/glance/cmd/registry.py b/glance/cmd/registry.py index d3f46913..42cfb8d6 100755 --- a/glance/cmd/registry.py +++ b/glance/cmd/registry.py @@ -56,6 +56,7 @@ logging.register_options(CONF) def main(): try: config.parse_args() + config.set_config_defaults() wsgi.set_eventlet_hub() logging.setup(CONF, 'glance') notifier.set_defaults() diff --git a/glance/common/config.py b/glance/common/config.py index 6d6362a0..7625a1b0 100644 --- a/glance/common/config.py +++ b/glance/common/config.py @@ -23,6 +23,7 @@ import logging.handlers import os from oslo_config import cfg +from oslo_middleware import cors from oslo_policy import policy from paste import deploy @@ -273,3 +274,37 @@ def load_paste_app(app_name, flavor=None, conf_file=None): 'e': e}) logger.error(msg) raise RuntimeError(msg) + + +def set_config_defaults(): + """This method updates all configuration default values.""" + set_cors_middleware_defaults() + + +def set_cors_middleware_defaults(): + """Update default configuration options for oslo.middleware.""" + # CORS Defaults + # TODO(krotscheck): Update with https://review.openstack.org/#/c/285368/ + cfg.set_defaults(cors.CORS_OPTS, + allow_headers=['Content-MD5', + 'X-Image-Meta-Checksum', + 'X-Storage-Token', + 'Accept-Encoding', + 'X-Auth-Token', + 'X-Identity-Status', + 'X-Roles', + 'X-Service-Catalog', + 'X-User-Id', + 'X-Tenant-Id', + 'X-OpenStack-Request-ID'], + expose_headers=['X-Image-Meta-Checksum', + 'X-Auth-Token', + 'X-Subject-Token', + 'X-Service-Token', + 'X-OpenStack-Request-ID'], + allow_methods=['GET', + 'PUT', + 'POST', + 'DELETE', + 'PATCH'] + ) diff --git a/glance/common/wsgi.py b/glance/common/wsgi.py index 6b398bc5..86cff7a2 100644 --- a/glance/common/wsgi.py +++ b/glance/common/wsgi.py @@ -47,6 +47,7 @@ import webob.dec import webob.exc from webob import multidict +from glance.common import config from glance.common import exception from glance.common import utils from glance import i18n @@ -409,6 +410,7 @@ class Server(object): # Ensure any logging config changes are picked up logging.setup(CONF, 'glance') + config.set_config_defaults() self.configure(old_conf, has_changed) self.start_wsgi() diff --git a/setup.cfg b/setup.cfg index ac2e0cd5..9c882088 100644 --- a/setup.cfg +++ b/setup.cfg @@ -45,6 +45,8 @@ oslo.config.opts = glance.cache= glance.opts:list_cache_opts glance.manage = glance.opts:list_manage_opts glance.glare = glance.opts:list_artifacts_opts +oslo.config.opts.defaults = + oslo.middleware.cors = glance.common.config:set_cors_middleware_defaults glance.database.migration_backend = sqlalchemy = oslo_db.sqlalchemy.migration glance.database.metadata_backend =