Add CORS settings

Allow configuring CORS settings. Change-Id: I60df82ce6272a4c1ad22b6842f22713c7d7c7c63
2016-08-23 18:51:46 +02:00 · 2016-08-23 18:51:46 +02:00 · 623dffa2f7
parent 0725547767
commit 623dffa2f7
4 changed files with 26 additions and 0 deletions
--- a/manifests/proxy.pp
+++ b/manifests/proxy.pp
@ -98,6 +98,16 @@
 #    Configures log_name for swift proxy-server.
 #    Optional. Defaults to proxy-server
 #
+# [*cors_allow_origin*]
+#   (optional) Origins to be allowed to make Cross Origin Requests.
+#   A comma separated list of full url (http://foo.bar:1234,https://foo.bar)
+#   Defaults to undef.
+#
+# [*strict_cors_mode*]
+#   (optional) Whether or not log every request. reduces logging output if false,
+#   good for seeing errors if true
+#   Defaults to true.
+#
 #  [*service_provider*]
 #    (optional)
 #    To use the swiftinit service provider to manage swift services, set
@ -131,6 +141,8 @@ class swift::proxy(
  $log_facility              = 'LOG_LOCAL1',
  $log_handoffs              = true,
  $log_name                  = 'proxy-server',
+  $cors_allow_origin         = undef,
+  $strict_cors_mode          = true,
  $read_affinity             = undef,
  $write_affinity            = undef,
  $write_affinity_node_count = undef,
--- a/releasenotes/notes/swift_cors-31b9a30d0eca57ce.yaml
+++ b/releasenotes/notes/swift_cors-31b9a30d0eca57ce.yaml
@ -0,0 +1,3 @@
+---
+features:
+  - Allows configuring CORS settings.
--- a/spec/classes/swift_proxy_spec.rb
+++ b/spec/classes/swift_proxy_spec.rb
@ -128,6 +128,7 @@ account_autocreate = true
           :write_affinity            => 'r1',
           :write_affinity_node_count => '2 * replicas',
           :node_timeout              => '20',
+           :cors_allow_origin         => 'http://foo.bar:1234,https://foo.bar',
          }
        end
        it 'should build the header file with provided values' do
@ -147,6 +148,8 @@ log_headers = False
 log_address = /dev/log


+cors_allow_origin = http://foo.bar:1234,https://foo.bar
+strict_cors_mode = true

 [pipeline:main]
 pipeline = swauth proxy-server
@ -190,6 +193,7 @@ node_timeout = 20
             :write_affinity            => 'r1',
             :write_affinity_node_count => '2 * replicas',
             :node_timeout              => '20',
+             :cors_allow_origin         => 'http://foo.bar:1234,https://foo.bar',
          }
          end
        it_raises 'a Puppet::Error', /log_udp_port requires log_udp_host to be set/
@ -211,6 +215,7 @@ node_timeout = 20
             :write_affinity            => 'r1',
             :write_affinity_node_count => '2 * replicas',
             :node_timeout              => '20',
+             :cors_allow_origin         => 'http://foo.bar:1234,https://foo.bar',
          }
          end
        it 'should build the header file with provided values' do
@ -231,6 +236,8 @@ log_address = /dev/log
 # If set, log_udp_host will override log_address
 log_udp_host = 127.0.0.1
 log_udp_port = 514
+cors_allow_origin = http://foo.bar:1234,https://foo.bar
+strict_cors_mode = true

 [pipeline:main]
 pipeline = swauth proxy-server
--- a/templates/proxy-server.conf.erb
+++ b/templates/proxy-server.conf.erb
@ -19,6 +19,10 @@ log_udp_host = <%= @log_udp_host -%>
 <% if @log_udp_host and @log_udp_port -%>
 log_udp_port = <%= @log_udp_port -%>
 <% end %>
+<% if @cors_allow_origin -%>
+cors_allow_origin = <%= @cors_allow_origin %>
+strict_cors_mode = <%= @strict_cors_mode %>
+<% end -%>

 [pipeline:main]
 pipeline = <%= @pipeline.to_a.join(' ') %>