Merge "Add support to set cors config in gnocchi templates" into stable/queens

puppet/services/gnocchi-api.yaml

@@ -66,6 +66,14 @@ parameters:
       e.g. { gnocchi-context_is_admin: { key: context_is_admin, value: 'role:admin' } }
     default: {}
     type: json
+  GnocchiCorsAllowedOrigin:
+    type: string
+    default: ''
+    description: Indicate whether this resource may be shared with the domain received in the request
+                 "origin" header.
+
+conditions:
+  cors_allowed_origin_unset: {equals : [{get_param: GnocchiCorsAllowedOrigin}, '']}
 
 resources:
 
@@ -100,6 +108,12 @@ outputs:
         map_merge:
           - get_attr: [ApacheServiceBase, role_data, config_settings]
           - get_attr: [GnocchiServiceBase, role_data, config_settings]
+          -
+            if:
+            - cors_allowed_origin_unset
+            - {}
+            - gnocchi::cors::allowed_origin: {get_param: GnocchiCorsAllowedOrigin}
+              gnocchi::api::middlewares: 'oslo_middleware.cors.CORS'
           - tripleo.gnocchi_api.firewall_rules:
               '129 gnocchi-api':
                 dport:
@@ -109,6 +123,10 @@ outputs:
             gnocchi::api::enable_proxy_headers_parsing: true
             gnocchi::api::service_name: 'httpd'
             gnocchi::policy::policies: {get_param: GnocchiApiPolicies}
+            gnocchi::cors::max_age: 3600
+            gnocchi::cors::allow_headers: 'Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma,X-Auth-Token'
+            gnocchi::cors::expose_headers: 'Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma'
+            gnocchi::cors::allow_methods: 'GET,POST,PUT,DELETE,OPTIONS,PATCH'
             gnocchi::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
             gnocchi::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
             gnocchi::keystone::authtoken::password: {get_param: GnocchiPassword}