Merge "Remove SSLMiddleware"

doc/source/configuration/tables/heat-api.rst

@@ -110,8 +110,6 @@
      - (Boolean) Whether the application is behind a proxy or not. This determines if the middleware should parse the headers or not.
    * - ``max_request_body_size`` = ``114688``
      - (Integer) The maximum body size for each request, in bytes.
-   * - ``secure_proxy_ssl_header`` = ``X-Forwarded-Proto``
-     - (String) DEPRECATED: The HTTP Header that will be used to determine what the original request protocol scheme was, even if it was hidden by a SSL termination proxy.
    * - **[oslo_versionedobjects]**
      -
    * - ``fatal_exception_format_errors`` = ``False``

heat/api/middleware/ssl.py

@@ -1,45 +0,0 @@
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from debtcollector import removals
-from oslo_config import cfg
-from oslo_middleware import ssl
-
-from heat.common.i18n import _
-
-ssl_middleware_opts = [
-    cfg.StrOpt('secure_proxy_ssl_header',
-               default='X-Forwarded-Proto',
-               deprecated_group='DEFAULT',
-               help=_("The HTTP Header that will be used to determine what "
-                      "the original request protocol scheme was, even if "
-                      "it was removed by an SSL terminator proxy."))
-]
-
-
-removals.removed_module(__name__,
-                        "oslo_middleware.http_proxy_to_wsgi")
-
-
-class SSLMiddleware(ssl.SSLMiddleware):
-
-    def __init__(self, application, *args, **kwargs):
-        # NOTE(cbrandily): calling super(ssl.SSLMiddleware, self).__init__
-        # allows to define our opt (including a deprecation).
-        super(ssl.SSLMiddleware, self).__init__(application, *args, **kwargs)
-        self.oslo_conf.register_opts(
-            ssl_middleware_opts, group='oslo_middleware')
-
-
-def list_opts():
-    yield None, ssl_middleware_opts

heat/api/openstack/__init__.py

@@ -11,9 +11,7 @@
 #    License for the specific language governing permissions and limitations
 #    under the License.
 
-from debtcollector import removals
 from heat.api.middleware import fault
-from heat.api.middleware import ssl
 from heat.api.middleware import version_negotiation as vn
 from heat.api.openstack import versions
 
@@ -25,9 +23,3 @@ def version_negotiation_filter(app, conf, **local_conf):
 
 def faultwrap_filter(app, conf, **local_conf):
     return fault.FaultWrapper(app)
-
-
-@removals.remove(message='Use oslo_middleware.http_proxy_to_wsgi instead.',
-                 version='6.0.0', removal_version='8.0.0')
-def sslmiddleware_filter(app, conf, **local_conf):
-    return ssl.SSLMiddleware(app)

releasenotes/notes/remove-SSLMiddleware-2f15049af559f26a.yaml

@@ -0,0 +1,7 @@
+---
+deprecations:
+  - |
+    The SSL middleware ``heat.api.middleware.ssl:SSLMiddleware`` that has
+    been deprecated since 6.0.0 has now been removed, check your paste
+    config and ensure it has been replaced by
+    ``oslo_middleware.http_proxy_to_wsgi`` instead.

requirements.txt

@@ -6,7 +6,6 @@ pbr!=2.1.0,>=2.0.0 # Apache-2.0
 Babel!=2.4.0,>=2.3.4 # BSD
 croniter>=0.3.4 # MIT License
 cryptography!=2.0,>=1.9 # BSD/Apache-2.0
-debtcollector>=1.2.0 # Apache-2.0
 eventlet!=0.18.3,!=0.20.1,<0.21.0,>=0.18.2 # MIT
 keystoneauth1>=3.2.0 # Apache-2.0
 keystonemiddleware>=4.17.0 # Apache-2.0