Expose headers option of apache::vhost

The headers option in apache::vhost is required in some case, for example when adding the X-XSS-Protection header. This change allows customizing the option for the api vhost. This change also adds support for request_headers so that both request headers and response headers can customized. Change-Id: If5307f5c1927a10a456415d7f6f4bc522f0693f3
2022-06-29 12:03:31 +09:00 · 2022-06-29 12:03:31 +09:00 · 498c268084
commit 498c268084
parent 7f011baa00
3 changed files with 24 additions and 1 deletions
--- a/manifests/wsgi/apache.pp
+++ b/manifests/wsgi/apache.pp
@ -102,6 +102,14 @@
 #     { python-path => '/my/python/virtualenv' }
 #     Defaults to {}
 #
+#   [*headers*]
+#     (optional) Headers for the vhost.
+#     Defaults to undef
+#
+#   [*request_headers*]
+#     (optional) Modifies collected request headers in various ways.
+#     Defaults to undef
+#
 #   [*vhost_custom_fragment*]
 #     (optional) Passes a string of custom configuration
 #     directives to be placed at the end of the vhost configuration.
@ -142,6 +150,8 @@ class cinder::wsgi::apache (
  $error_log_pipe              = undef,
  $error_log_syslog            = undef,
  $custom_wsgi_process_options = {},
+  $headers                     = undef,
+  $request_headers             = undef,
  $vhost_custom_fragment       = undef,
 ) {

@ -176,6 +186,8 @@ class cinder::wsgi::apache (
    wsgi_script_file            => 'cinder-api',
    wsgi_script_source          => $::cinder::params::cinder_wsgi_script_source,
    custom_wsgi_process_options => $custom_wsgi_process_options,
+    headers                     => $headers,
+    request_headers             => $request_headers,
    access_log_file             => $access_log_file,
    access_log_pipe             => $access_log_pipe,
    access_log_syslog           => $access_log_syslog,
--- a/releasenotes/notes/apache-headers-3fe15d86bd121c9d.yaml
+++ b/releasenotes/notes/apache-headers-3fe15d86bd121c9d.yaml
@ -0,0 +1,5 @@
+---
+features:
+  - |
+    The ``cinder::wsgi::apache`` class now supports customizing
+    request/response headers added by apache.
--- a/spec/classes/cinder_wsgi_apache_spec.rb
+++ b/spec/classes/cinder_wsgi_apache_spec.rb
@ -18,6 +18,8 @@ describe 'cinder::wsgi::apache' do
        :wsgi_script_dir             => platform_params[:wsgi_script_path],
        :wsgi_script_file            => 'cinder-api',
        :wsgi_script_source          => platform_params[:wsgi_script_source],
+        :headers                     => nil,
+        :request_headers             => nil,
        :custom_wsgi_process_options => {},
        :access_log_file             => false,
        :access_log_pipe             => false,
@ -29,7 +31,7 @@ describe 'cinder::wsgi::apache' do
      )}
    end

-    context 'when overriding parameters using different ports' do
+    context 'when overriding parameters' do
      let :params do
        {
          :servername                  => 'dummy.host',
@ -42,6 +44,8 @@ describe 'cinder::wsgi::apache' do
          :custom_wsgi_process_options => {
            'python_path' => '/my/python/admin/path',
          },
+          :headers                     => ['set X-XSS-Protection "1; mode=block"'],
+          :request_headers             => ['set Content-Type "application/json"'],
        }
      end
      it { is_expected.to contain_class('cinder::params') }
@ -62,6 +66,8 @@ describe 'cinder::wsgi::apache' do
        :wsgi_script_dir           => platform_params[:wsgi_script_path],
        :wsgi_script_file          => 'cinder-api',
        :wsgi_script_source        => platform_params[:wsgi_script_source],
+        :headers                   => ['set X-XSS-Protection "1; mode=block"'],
+        :request_headers           => ['set Content-Type "application/json"'],
        :custom_wsgi_process_options => {
          'python_path'  => '/my/python/admin/path',
        },