Deploy healthcheck middleware as app instead of filter

Using the healthcheck middleware as a filter is deprecated and
the middleware should be used as an application[1].
 [1] 6feaa13610c450c8486f969703768db5319b4846

This change updates definition and usage of the healthcheck middleware
accordingly to avoid the following deprecation warning.

DeprecationWarning: Using function/method 'Healthcheck.factory()' is
deprecated: The healthcheck middleware must now be configured as
an application, not as a filter.

This also refactors composite definitions based on flavor by the new
pipeline factory.

Story: 2009071
Task: 42881
Change-Id: I75386dc4a7dc14b3c753dfff01f147ef8233bf94

etc/heat/api-paste.ini

@@ -1,9 +1,11 @@
 
-# heat-api pipeline
-[pipeline:heat-api]
-pipeline = healthcheck cors request_id faultwrap http_proxy_to_wsgi versionnegotiation authurl authtoken context osprofiler apiv1app
+# heat-api composite
+[composite:heat-api]
+paste.composite_factory = heat.api:root_app_factory
+/: api
+/healthcheck: healthcheck
 
-# heat-api pipeline for standalone heat
+# heat-api composite for standalone heat
 # ie. uses alternative auth backend that authenticates users against keystone
 # using username and password instead of validating token (which requires
 # an admin/service token).
@@ -11,32 +13,54 @@ pipeline = healthcheck cors request_id faultwrap http_proxy_to_wsgi versionnegot
 #   [paste_deploy]
 #   flavor = standalone
 #
-[pipeline:heat-api-standalone]
-pipeline = healthcheck cors request_id faultwrap http_proxy_to_wsgi versionnegotiation authurl authpassword context apiv1app
+[composite:heat-api-standalone]
+paste.composite_factory = heat.api:root_app_factory
+/: api
+/healthcheck: healthcheck
 
-# heat-api pipeline for custom cloud backends
+# heat-api composite for custom cloud backends
 # i.e. in heat.conf:
 #   [paste_deploy]
 #   flavor = custombackend
 #
-[pipeline:heat-api-custombackend]
-pipeline = healthcheck cors request_id context faultwrap versionnegotiation custombackendauth apiv1app
+[composite:heat-api-custombackend]
+paste.composite_factory = heat.api:root_app_factory
+/: api
+/healthcheck: healthcheck
 
 # To enable, in heat.conf:
 #   [paste_deploy]
 #   flavor = noauth
 #
-[pipeline:heat-api-noauth]
-pipeline = healthcheck cors request_id faultwrap noauth context http_proxy_to_wsgi versionnegotiation apiv1app
+[composite:heat-api-noauth]
+paste.composite_factory = heat.api:root_app_factory
+/: api
+/healthcheck: healthcheck
 
-# heat-api-cfn pipeline
-[pipeline:heat-api-cfn]
-pipeline = healthcheck cors request_id http_proxy_to_wsgi cfnversionnegotiation ec2authtoken authtoken context osprofiler apicfnv1app
+# heat-api-cfn composite
+[composite:heat-api-cfn]
+paste.composite_factory = heat.api:root_app_factory
+/: api-cfn
+/healthcheck: healthcheck
 
-# heat-api-cfn pipeline for standalone heat
+# heat-api-cfn composite for standalone heat
 # relies exclusively on authenticating with ec2 signed requests
-[pipeline:heat-api-cfn-standalone]
-pipeline = healthcheck cors request_id http_proxy_to_wsgi cfnversionnegotiation ec2authtoken context apicfnv1app
+[composite:heat-api-cfn-standalone]
+paste.composite_factory = heat.api:root_app_factory
+/: api-cfn
+/healthcheck: healthcheck
+
+[composite:api]
+paste.composite_factory = heat.api:pipeline_factory
+default = cors request_id faultwrap http_proxy_to_wsgi versionnegotiation authurl authtoken context osprofiler apiv1app
+standalone = cors request_id faultwrap http_proxy_to_wsgi versionnegotiation authurl authpassword context apiv1app
+custombackend = cors request_id context faultwrap versionnegotiation custombackendauth apiv1app
+noauth = cors request_id faultwrap noauth context http_proxy_to_wsgi versionnegotiation apiv1app
+
+[composite:api-cfn]
+paste.composite_factory = heat.api:pipeline_factory
+default = cors request_id http_proxy_to_wsgi cfnversionnegotiation ec2authtoken authtoken context osprofiler apicfnv1app
+standalone = cors request_id http_proxy_to_wsgi cfnversionnegotiation ec2authtoken context apicfnv1app
 
 [app:apiv1app]
 paste.app_factory = heat.common.wsgi:app_factory
@@ -46,6 +70,9 @@ heat.app_factory = heat.api.openstack.v1:API
 paste.app_factory = heat.common.wsgi:app_factory
 heat.app_factory = heat.api.cfn.v1:API
 
+[app:healthcheck]
+paste.app_factory = oslo_middleware:Healthcheck.app_factory
+
 [filter:versionnegotiation]
 paste.filter_factory = heat.common.wsgi:filter_factory
 heat.filter_factory = heat.api.openstack:version_negotiation_filter
@@ -100,6 +127,3 @@ paste.filter_factory = oslo_middleware.request_id:RequestId.factory
 
 [filter:osprofiler]
 paste.filter_factory = osprofiler.web:WsgiMiddleware.factory
-
-[filter:healthcheck]
-paste.filter_factory = oslo_middleware:Healthcheck.factory

heat/api/__init__.py

@@ -0,0 +1,33 @@
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+
+from oslo_config import cfg
+import paste.urlmap
+
+CONF = cfg.CONF
+
+
+def root_app_factory(loader, global_conf, **local_conf):
+    return paste.urlmap.urlmap_factory(loader, global_conf, **local_conf)
+
+
+def pipeline_factory(loader, global_conf, **local_conf):
+    """A paste pipeline replica that keys off of deployment flavor."""
+    pipeline = local_conf[CONF.paste_deploy.flavor or 'default']
+    pipeline = pipeline.split()
+    filters = [loader.get_filter(n) for n in pipeline[:-1]]
+    app = loader.get_app(pipeline[-1])
+    filters.reverse()
+    for filter in filters:
+        app = filter(app)
+    return app