From f6b1d1a82f232719c43e68ff15ff6e5555d278a1 Mon Sep 17 00:00:00 2001
From: Honza Pokorny <honza@redhat.com>
Date: Wed, 7 Feb 2018 15:32:24 -0400
Subject: [PATCH] Add CORS configuration support

Change-Id: I2ec2f8d2146e8a067aadc97f5997aa40ad8d4812
---
 manifests/cors.pp                             | 58 +++++++++++++++++++
 .../add-cors-support-773226c628d06da6.yaml    |  3 +
 spec/classes/nova_cors_spec.rb                | 49 ++++++++++++++++
 3 files changed, 110 insertions(+)
 create mode 100644 manifests/cors.pp
 create mode 100644 releasenotes/notes/add-cors-support-773226c628d06da6.yaml
 create mode 100644 spec/classes/nova_cors_spec.rb

diff --git a/manifests/cors.pp b/manifests/cors.pp
new file mode 100644
index 000000000..95b79a78e
--- /dev/null
+++ b/manifests/cors.pp
@@ -0,0 +1,58 @@
+# == Class: nova::cors
+#
+# Configure the nova cors
+#
+# === Parameters
+#
+# [*allowed_origin*]
+#   (Optional) Indicate whether this resource may be shared with the domain
+#   received in the requests "origin" header.
+#   (string value)
+#   Defaults to $::os_service_default.
+#
+# [*allow_credentials*]
+#   (Optional) Indicate that the actual request can include user credentials.
+#   (boolean value)
+#   Defaults to $::os_service_default.
+#
+# [*expose_headers*]
+#   (Optional) Indicate which headers are safe to expose to the API.
+#   (list value)
+#   Defaults to $::os_service_default.
+#
+# [*max_age*]
+#   (Optional) Maximum cache age of CORS preflight requests.
+#   (integer value)
+#   Defaults to $::os_service_default.
+#
+# [*allow_methods*]
+#   (Optional) Indicate which methods can be used during the actual request.
+#   (list value)
+#   Defaults to $::os_service_default.
+#
+# [*allow_headers*]
+#   (Optional) Indicate which header field names may be used during the actual
+#   request.
+#   (list value)
+#   Defaults to $::os_service_default.
+#
+class nova::cors (
+  $allowed_origin    = $::os_service_default,
+  $allow_credentials = $::os_service_default,
+  $expose_headers    = $::os_service_default,
+  $max_age           = $::os_service_default,
+  $allow_methods     = $::os_service_default,
+  $allow_headers     = $::os_service_default,
+) {
+
+  include ::nova::deps
+
+  oslo::cors { 'nova_config':
+    allowed_origin    => $allowed_origin,
+    allow_credentials => $allow_credentials,
+    expose_headers    => $expose_headers,
+    max_age           => $max_age,
+    allow_methods     => $allow_methods,
+    allow_headers     => $allow_headers,
+  }
+}
diff --git a/releasenotes/notes/add-cors-support-773226c628d06da6.yaml b/releasenotes/notes/add-cors-support-773226c628d06da6.yaml
new file mode 100644
index 000000000..d25dbad09
--- /dev/null
+++ b/releasenotes/notes/add-cors-support-773226c628d06da6.yaml
@@ -0,0 +1,3 @@
+---
+features:
+  - Add CORS configuration support
diff --git a/spec/classes/nova_cors_spec.rb b/spec/classes/nova_cors_spec.rb
new file mode 100644
index 000000000..0cb20c0b1
--- /dev/null
+++ b/spec/classes/nova_cors_spec.rb
@@ -0,0 +1,49 @@
+require 'spec_helper'
+
+describe 'nova::cors' do
+
+  shared_examples_for 'nova cors' do
+    it 'configure cors default params' do
+      is_expected.to contain_nova_config('cors/allowed_origin').with_value('<SERVICE DEFAULT>')
+      is_expected.to contain_nova_config('cors/allow_credentials').with_value('<SERVICE DEFAULT>')
+      is_expected.to contain_nova_config('cors/expose_headers').with_value('<SERVICE DEFAULT>')
+      is_expected.to contain_nova_config('cors/max_age').with_value('<SERVICE DEFAULT>')
+      is_expected.to contain_nova_config('cors/allow_methods').with_value('<SERVICE DEFAULT>')
+      is_expected.to contain_nova_config('cors/allow_headers').with_value('<SERVICE DEFAULT>')
+    end
+
+    context 'with specific parameters' do
+      let :params do
+        { :allowed_origin    => '*',
+          :allow_credentials => true,
+          :expose_headers    => 'Content-Language,Expires',
+          :max_age           => 3600,
+          :allow_methods     => 'GET,POST,PUT,DELETE,OPTIONS',
+          :allow_headers     => 'Content-Type,Cache-Control',
+        }
+      end
+
+      it 'configure cors params' do
+        is_expected.to contain_nova_config('cors/allowed_origin').with_value('*')
+        is_expected.to contain_nova_config('cors/allow_credentials').with_value(true)
+        is_expected.to contain_nova_config('cors/expose_headers').with_value('Content-Language,Expires')
+        is_expected.to contain_nova_config('cors/max_age').with_value(3600)
+        is_expected.to contain_nova_config('cors/allow_methods').with_value('GET,POST,PUT,DELETE,OPTIONS')
+        is_expected.to contain_nova_config('cors/allow_headers').with_value('Content-Type,Cache-Control')
+      end
+    end
+  end
+
+  on_supported_os({
+    :supported_os   => OSDefaults.get_supported_os
+  }).each do |os,facts|
+    context "on #{os}" do
+      let (:facts) do
+        facts.merge!(OSDefaults.get_facts())
+      end
+
+      it_behaves_like 'nova cors'
+    end
+  end
+
+end