Manage oslo_middleware/max_request_body_size

So that we can increase it from the default 114688 Useful in case for example the OS-Federation mapping is too large. If this limit is breached barbican will return a 413 Entity Too Large and not log anything to barbican.log. Change-Id: I2beb72f1ab37130eca340e691ca2dfd15cb5aa61 Closes-Bug: #1835161
2019-07-04 11:34:41 +08:00 · 2019-07-04 11:34:41 +08:00 · def436a021
parent 0645cd4421
commit def436a021
3 changed files with 28 additions and 0 deletions
--- a/manifests/api.pp
+++ b/manifests/api.pp
@ -237,6 +237,10 @@
 #   HTTPProxyToWSGI middleware.
 #   Defaults to $::os_service_default.
 #
+# [*max_request_body_size*]
+#   (Optional) Set max request body size
+#   Defaults to $::os_service_default.
+#
 class barbican::api (
  $package_ensure                                = 'present',
  $client_package_ensure                         = 'present',
@ -287,6 +291,7 @@ class barbican::api (
  $key_file                                      = $::os_service_default,
  $service_name                                  = 'barbican-api',
  $enable_proxy_headers_parsing                  = $::os_service_default,
+  $max_request_body_size                         = $::os_service_default,
 ) inherits barbican::params {

  include ::barbican::deps
@ -490,6 +495,7 @@ class barbican::api (

  oslo::middleware { 'barbican_config':
    enable_proxy_headers_parsing => $enable_proxy_headers_parsing,
+    max_request_body_size        => $max_request_body_size,
  }

 }
--- a/releasenotes/notes/max_request_body_size-8ffc79894afb2669.yaml
+++ b/releasenotes/notes/max_request_body_size-8ffc79894afb2669.yaml
@ -0,0 +1,5 @@
+---
+features:
+  - |
+    Add support to configure `[oslo_middleware]/max_request_body_size` with
+    `$max_request_body_size`.
--- a/spec/classes/barbican_api_spec.rb
+++ b/spec/classes/barbican_api_spec.rb
@ -62,6 +62,7 @@ describe 'barbican::api' do
        :retry_scheduler_periodic_interval_max_seconds => '<SERVICE DEFAULT>',
        :service_name                                  => platform_params[:service_name],
        :enable_proxy_headers_parsing                  => '<SERVICE DEFAULT>',
+        :max_request_body_size                         => '<SERVICE DEFAULT>',
        :multiple_secret_stores_enabled                => false,
        :enabled_secret_stores                         => 'simple_crypto',
      }
@ -103,6 +104,7 @@ describe 'barbican::api' do
        :max_allowed_secret_in_bytes                   => 20000,
        :max_allowed_request_size_in_bytes             => 2000000,
        :enable_proxy_headers_parsing                  => false,
+        :max_request_body_size                         => '102400',
        :multiple_secret_stores_enabled                => true,
        :enabled_secret_stores                         => 'simple_crypto,dogtag,kmip',
      }
@ -210,6 +212,21 @@ describe 'barbican::api' do
      )}
    end

+    describe 'with max_request_body_size' do
+      let :pre_condition do
+        'class { "barbican::keystone::authtoken": password => "secret", }
+        include ::apache'
+      end
+
+      let :params do
+        default_params.merge!({:max_request_body_size => '102400' })
+      end
+
+      it { is_expected.to contain_oslo__middleware('barbican_config').with(
+        :max_request_body_size => '102400',
+      )}
+    end
+
    describe 'with SSL socket options set' do
      let :pre_condition do
          'class { "barbican::keystone::authtoken": password => "secret", }