From c3af614ec166da88f1fa9a2993695cb11a8e4a5e Mon Sep 17 00:00:00 2001 From: Juan Antonio Osorio Robles Date: Mon, 10 Oct 2016 11:54:52 +0300 Subject: [PATCH] Add option to enable Ceilometer's SSL middleware Ceilometer is now using the HTTPProxyToWSGI middleware from oslo.middlware in its default api-paste configuration [1]. This commit gives us the ability to enable/disable that middlware. [1] I24f16dda49bd9e7930ca9f0d32bf0793463aff03 Change-Id: I1812a27202ba3714b354aeb27611d38def87a7fc (cherry picked from commit d4aa3e5cad9b66044d31f0c885458aac7cfbc792) --- manifests/api.pp | 38 ++++++++++++------- ...proxy-header-parsing-64b78b56d8787e1d.yaml | 4 ++ spec/classes/ceilometer_api_spec.rb | 9 +++++ 3 files changed, 37 insertions(+), 14 deletions(-) create mode 100644 releasenotes/notes/Adds-enable-proxy-header-parsing-64b78b56d8787e1d.yaml diff --git a/manifests/api.pp b/manifests/api.pp index 8b2111f..54dd691 100644 --- a/manifests/api.pp +++ b/manifests/api.pp @@ -41,6 +41,11 @@ # (Optional) Type of authentication to be used. # Defaults to 'keystone' # +# [*enable_proxy_headers_parsing*] +# (Optional) Enable paste middleware to handle SSL requests through +# HTTPProxyToWSGI middleware. +# Defaults to $::os_service_default. +# # = DEPRECATED PARAMETER # # [*identity_uri*] @@ -68,21 +73,22 @@ # Defaults to undef # class ceilometer::api ( - $manage_service = true, - $enabled = true, - $package_ensure = 'present', - $host = '0.0.0.0', - $port = '8777', - $service_name = $::ceilometer::params::api_service_name, - $api_workers = $::os_service_default, - $auth_strategy = 'keystone', + $manage_service = true, + $enabled = true, + $package_ensure = 'present', + $host = '0.0.0.0', + $port = '8777', + $service_name = $::ceilometer::params::api_service_name, + $api_workers = $::os_service_default, + $auth_strategy = 'keystone', + $enable_proxy_headers_parsing = $::os_service_default, # DEPRECATED PARAMETERS - $identity_uri = undef, - $auth_uri = undef, - $keystone_user = undef, - $keystone_tenant = undef, - $keystone_password = undef, - $memcached_servers = undef, + $identity_uri = undef, + $auth_uri = undef, + $keystone_user = undef, + $keystone_tenant = undef, + $keystone_password = undef, + $memcached_servers = undef, ) inherits ceilometer::params { include ::ceilometer::params @@ -171,4 +177,8 @@ running as a standalone service, or httpd for being run by a httpd server") 'api/port': value => $port; } + oslo::middleware { 'ceilometer_config': + enable_proxy_headers_parsing => $enable_proxy_headers_parsing, + } + } diff --git a/releasenotes/notes/Adds-enable-proxy-header-parsing-64b78b56d8787e1d.yaml b/releasenotes/notes/Adds-enable-proxy-header-parsing-64b78b56d8787e1d.yaml new file mode 100644 index 0000000..3f79875 --- /dev/null +++ b/releasenotes/notes/Adds-enable-proxy-header-parsing-64b78b56d8787e1d.yaml @@ -0,0 +1,4 @@ +--- +features: + - This adds the enable_proxy_headers parsing option which is used by the + http_proxy_to_wsgi middleware. diff --git a/spec/classes/ceilometer_api_spec.rb b/spec/classes/ceilometer_api_spec.rb index fcf7ead..0739743 100644 --- a/spec/classes/ceilometer_api_spec.rb +++ b/spec/classes/ceilometer_api_spec.rb @@ -35,6 +35,7 @@ describe 'ceilometer::api' do is_expected.to contain_ceilometer_config('api/host').with_value( params[:host] ) is_expected.to contain_ceilometer_config('api/port').with_value( params[:port] ) is_expected.to contain_ceilometer_config('api/workers').with_value('') + is_expected.to contain_ceilometer_config('oslo_middleware/enable_proxy_headers_parsing').with_value('') end [{:enabled => true}, {:enabled => false}].each do |param_hash| @@ -85,6 +86,14 @@ describe 'ceilometer::api' do end end + context 'with enable_proxy_headers_parsing' do + before do + params.merge!({:enable_proxy_headers_parsing => true }) + end + + it { is_expected.to contain_ceilometer_config('oslo_middleware/enable_proxy_headers_parsing').with_value(true) } + end + context 'with disabled service managing' do before do params.merge!({ -- 2.45.2