openstack/puppet-barbican
Code Issues Proposed changes

Expose headers option of apache::vhost

Browse Source 
The headers option in apache::vhost is required in some case, for
example when adding the X-XSS-Protection header. This change allows
customizing the option for the api vhost.

This change also adds support for request_headers so that both request
headers and response headers can customized.

Change-Id: I0e78f2183ffe14c310ee5c5632c203258c8c85cd
This commit is contained in:
Takashi Kajinami 2022-06-29 11:50:25 +09:00
parent 3b1ecbed5c
commit 72299ab60d
3 changed files with 30 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
manifests/wsgi/apache.pp
View File

@ -93,6 +93,14 @@
# { python-path => '/my/python/virtualenv' }
# Defaults to {}
#
# [*headers*]
# (optional) Headers for the vhost.
# Defaults to undef
#
# [*request_headers*]
# (optional) Modifies collected request headers in various ways.
# Defaults to undef
#
# [*vhost_custom_fragment*]
# (optional) Passes a string of custom configuration
# directives to be placed at the end of the vhost configuration.
@ -127,6 +135,8 @@ class barbican::wsgi::apache (
$access_log_format = false,
$error_log_file = undef,
$custom_wsgi_process_options = {},
$headers = undef,
$request_headers = undef,
$vhost_custom_fragment = undef,
) {
@ -160,9 +170,11 @@ class barbican::wsgi::apache (
wsgi_script_dir => $::barbican::params::barbican_wsgi_script_path,
wsgi_script_file => 'main',
wsgi_script_source => $::barbican::params::barbican_wsgi_script_source,
headers => $headers,
request_headers => $request_headers,
custom_wsgi_process_options => $custom_wsgi_process_options,
access_log_file => $access_log_file,
access_log_format => $access_log_format,
error_log_file => $error_log_file,
custom_wsgi_process_options => $custom_wsgi_process_options,
}
}

6
releasenotes/notes/apache-headers-8e291ff07e486d85.yaml Normal file
View File

@ -0,0 +1,6 @@
---
features:
- |
The ``barbican::wsgi::apache`` class now supports customizing
request/response headers added by apache.

16
spec/classes/barbican_wsgi_apache_spec.rb
View File

@ -38,13 +38,15 @@ describe 'barbican::wsgi::apache' do
:wsgi_script_dir => platform_params[:wsgi_script_path],
:wsgi_script_file => 'main',
:wsgi_script_source => '/usr/bin/barbican-wsgi-api',
:headers => nil,
:request_headers => nil,
:custom_wsgi_process_options => {},
:access_log_file => false,
:access_log_format => false,
:custom_wsgi_process_options => {},
)}
end
context 'when overriding parameters using different ports' do
context 'when overriding parameters' do
let :params do
{
:servername => 'dummy.host',
@ -59,6 +61,8 @@ describe 'barbican::wsgi::apache' do
:custom_wsgi_process_options => {
'python_path' => '/my/python/path',
},
:headers => ['set X-XSS-Protection "1; mode=block"'],
:request_headers => ['set Content-Type "application/json"'],
:vhost_custom_fragment => 'Timeout 99',
}
end
@ -80,12 +84,14 @@ describe 'barbican::wsgi::apache' do
:wsgi_script_dir => platform_params[:wsgi_script_path],
:wsgi_script_file => 'main',
:wsgi_script_source => '/usr/bin/barbican-wsgi-api',
:access_log_file => '/var/log/httpd/access_log',
:access_log_format => 'some format',
:error_log_file => '/var/log/httpd/error_log',
:headers => ['set X-XSS-Protection "1; mode=block"'],
:request_headers => ['set Content-Type "application/json"'],
:custom_wsgi_process_options => {
'python_path' => '/my/python/path',
},
:access_log_file => '/var/log/httpd/access_log',
:access_log_format => 'some format',
:error_log_file => '/var/log/httpd/error_log',
)}
end
end