Reviewed: https://review.openstack.org/287523 Committed: https://git.openstack.org/cgit/openstack/barbican/commit/?id=034d09ec55c219c88104a289c30a9ddc2cb114c4 Submitter: Jenkins Branch: master
commit 034d09ec55c219c88104a289c30a9ddc2cb114c4 Author: Tin Lam <[email protected]> Date: Wed Mar 2 18:07:41 2016 -0600 Moved CORS middleware configuration into set_defaults The default values needed for barbican's implementation of cors middleware have been moved from paste.ini into a common set_middleware_defaults method, invoked on load. Change-Id: I5722bfc31534936fd07a8dee4ca24afe81c06682 Closes-Bug: #1551836 ** Changed in: barbican Status: In Progress => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/1551836 Title: CORS middleware's latent configuration options need to change Status in Aodh: Fix Released Status in Barbican: Fix Released Status in Ceilometer: Fix Released Status in Cinder: Fix Released Status in cloudkitty: In Progress Status in congress: In Progress Status in Cue: In Progress Status in Designate: Fix Released Status in Glance: Fix Released Status in heat: In Progress Status in Ironic: Fix Released Status in OpenStack Identity (keystone): Fix Released Status in Magnum: Fix Released Status in Manila: Fix Released Status in Mistral: Fix Released Status in Murano: Fix Released Status in neutron: Fix Released Status in OpenStack Compute (nova): Fix Released Status in oslo.config: Fix Released Status in Sahara: Fix Released Status in OpenStack Search (Searchlight): Fix Released Status in Solum: Fix Released Status in Trove: In Progress Bug description: It was pointed out in http://lists.openstack.org/pipermail/openstack- dev/2016-February/086746.html that configuration options included in paste.ini are less than optimal, because they impose an upgrade burden on both operators and engineers. The following discussion expanded to all projects (not just those using paste), and the following conclusion was reached: A) All generated configuration files should contain any headers which the API needs to operate. This is currently supported in oslo.config's generate-config script, as of 3.7.0 B) These same configuration headers should be set as defaults for the given API, using cfg.set_defaults. This permits an operator to simply activate a domain, and not have to worry about tweaking additional settings. C) All hardcoded headers should be detached from the CORS middleware. D) Configuration and activation of CORS should be consistent across all projects. It was also agreed that this is a blocking bug for mitaka. A reference patch has already been approved for keystone, available here: https://review.openstack.org/#/c/285308/ To manage notifications about this bug go to: https://bugs.launchpad.net/aodh/+bug/1551836/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : [email protected] Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
