Add option to enable Ceilometer's SSL middleware

Ceilometer is now using the HTTPProxyToWSGI middleware from oslo.middlware in its default api-paste configuration [1]. This commit gives us the ability to enable/disable that middlware. [1] I24f16dda49bd9e7930ca9f0d32bf0793463aff03 Change-Id: I1812a27202ba3714b354aeb27611d38def87a7fc
2016-10-10 11:54:52 +03:00 · 2016-10-10 11:54:52 +03:00 · d4aa3e5cad
parent 191da2c492
commit d4aa3e5cad
3 changed files with 37 additions and 14 deletions
--- a/manifests/api.pp
+++ b/manifests/api.pp
@ -41,6 +41,11 @@
 #   (Optional) Type of authentication to be used.
 #   Defaults to 'keystone'
 #
+# [*enable_proxy_headers_parsing*]
+#   (Optional) Enable paste middleware to handle SSL requests through
+#   HTTPProxyToWSGI middleware.
+#   Defaults to $::os_service_default.
+#
 # = DEPRECATED PARAMETER
 #
 # [*identity_uri*]
@ -68,21 +73,22 @@
 #   Defaults to undef
 #
 class ceilometer::api (
-  $manage_service    = true,
-  $enabled           = true,
-  $package_ensure    = 'present',
-  $host              = '0.0.0.0',
-  $port              = '8777',
-  $service_name      = $::ceilometer::params::api_service_name,
-  $api_workers       = $::os_service_default,
-  $auth_strategy     = 'keystone',
+  $manage_service               = true,
+  $enabled                      = true,
+  $package_ensure               = 'present',
+  $host                         = '0.0.0.0',
+  $port                         = '8777',
+  $service_name                 = $::ceilometer::params::api_service_name,
+  $api_workers                  = $::os_service_default,
+  $auth_strategy                = 'keystone',
+  $enable_proxy_headers_parsing = $::os_service_default,
  # DEPRECATED PARAMETERS
-  $identity_uri      = undef,
-  $auth_uri          = undef,
-  $keystone_user     = undef,
-  $keystone_tenant   = undef,
-  $keystone_password = undef,
-  $memcached_servers = undef,
+  $identity_uri                 = undef,
+  $auth_uri                     = undef,
+  $keystone_user                = undef,
+  $keystone_tenant              = undef,
+  $keystone_password            = undef,
+  $memcached_servers            = undef,
 ) inherits ceilometer::params {

  include ::ceilometer::params
@ -171,4 +177,8 @@ running as a standalone service, or httpd for being run by a httpd server")
    'api/port':    value => $port;
  }

+  oslo::middleware { 'ceilometer_config':
+    enable_proxy_headers_parsing => $enable_proxy_headers_parsing,
+  }
+
 }
--- a/releasenotes/notes/Adds-enable-proxy-header-parsing-64b78b56d8787e1d.yaml
+++ b/releasenotes/notes/Adds-enable-proxy-header-parsing-64b78b56d8787e1d.yaml
@ -0,0 +1,4 @@
+---
+features:
+  - This adds the enable_proxy_headers parsing option which is used by the
+    http_proxy_to_wsgi middleware.
--- a/spec/classes/ceilometer_api_spec.rb
+++ b/spec/classes/ceilometer_api_spec.rb
@ -35,6 +35,7 @@ describe 'ceilometer::api' do
      is_expected.to contain_ceilometer_config('api/host').with_value( params[:host] )
      is_expected.to contain_ceilometer_config('api/port').with_value( params[:port] )
      is_expected.to contain_ceilometer_config('api/workers').with_value('<SERVICE DEFAULT>')
+      is_expected.to contain_ceilometer_config('oslo_middleware/enable_proxy_headers_parsing').with_value('<SERVICE DEFAULT>')
    end

    [{:enabled => true}, {:enabled => false}].each do |param_hash|
@ -85,6 +86,14 @@ describe 'ceilometer::api' do
      end
    end

+    context 'with enable_proxy_headers_parsing' do
+      before do
+        params.merge!({:enable_proxy_headers_parsing => true })
+      end
+
+      it { is_expected.to contain_ceilometer_config('oslo_middleware/enable_proxy_headers_parsing').with_value(true) }
+    end
+
    context 'with disabled service managing' do
      before do
        params.merge!({