openstack/bifrost
Code Issues Proposed changes

CORS configuration support

Browse Source 
Since CORS support has landed in Ironic, we should enable a bifrost
user to be able to turn CORS on.

Note: Presently the ironic-webclient sends an x-client header which
causes the oslo middlewear portion that supplies CORS to reject the
request.  A change is pending to remove that from the webclient,
however if a user wishes to perform testing with the webclient,
x-client will need to be added to the list of allowed headers.

Depends-On: I23e902c8637e142fba23d71467225d48ee265253
Change-Id: I487a57c54995e0572072aa54193e985ea257ed70
This commit is contained in:
Julia Kreger 2015-09-15 09:23:58 -04:00
parent 226ebe9642
commit 0bcdeaf0e7
3 changed files with 42 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
playbooks/roles/bifrost-ironic-install/README.md
View File

@ -100,6 +100,24 @@ need to exist. The recommended approach for adding a new variable is:
- If a given default applies to multiple versions of a distribution, that - If a given default applies to multiple versions of a distribution, that
variable needs to be specified for each version which it affects. variable needs to be specified for each version which it affects.
If you wish to enable Cross-Orogin Resource Sharing (CORS), such as to
connect a javascript based web client, options have been added to allow
a user to enable the integrated support.
By default, this support is disabled, but the configuration options are below:
enable_cors: Boolean value, default false, to enable CORS support.
cors_allowed_origin: A URL string that represents the origin sent by the
client web browser. If CORS is enabled, and this is
not set, it will default to http://localhost:8000/.
enable_cors_credential_support: Boolean value, default false. This variable
toggles the CORS configuration to expect user
authentication. Since bifrost makes use of
noauth mode, this realistically should not
be modified.
Dependencies Dependencies
------------ ------------

10
playbooks/roles/bifrost-ironic-install/defaults/main.yml
View File

@ -54,3 +54,13 @@ network_interface: "virbr0"
# as default route the same IP of the dnsmasq server. # as default route the same IP of the dnsmasq server.
# Default: undefined # Default: undefined
# dnsmasq_router: # dnsmasq_router:
# Support for CORS configuration
# By default CORS support is disabled.
enable_cors: false
# Origin to accept for CORS requests
cors_allowed_origin: "http://localhost:8000"
# bifrost utilizes noauth mode by default and as such
# the setting should be set to false. This setting should
# not need to be modified by the user.
enable_cors_credential_support: false

14
playbooks/roles/bifrost-ironic-install/tasks/ironic_config.yml
View File

@ -69,3 +69,17 @@
- name: "Configure SSH libvirt URL if testing" - name: "Configure SSH libvirt URL if testing"
lineinfile: dest=/etc/ironic/ironic.conf insertafter="[ssh]" regexp='^(.*)libvirt_uri=(.*)$' line="libvirt_uri=qemu:///system" lineinfile: dest=/etc/ironic/ironic.conf insertafter="[ssh]" regexp='^(.*)libvirt_uri=(.*)$' line="libvirt_uri=qemu:///system"
when: testing | bool == true when: testing | bool == true
- name: "Set CORS allowed_origin if enable_cors is set"
lineinfile:
dest=/etc/ironic/ironic.conf
insertbefore='^(.*)cors.subdomain(.*)$'
regexp='^allowed_origin=(.*)$'
line="allowed_origin={{ cors_allowed_origin | default('allowed_origin=http://localhost:8000')}}"
when: enable_cors | bool
- name: "Set CORS allow_credentials if enable_cors is set"
lineinfile:
dest=/etc/ironic/ironic.conf
insertbefore='^(.*)cors.subdomain(.*)$'
regexp='^allow_credentials=(.*)$'
line="allow_credentials={{ enable_cors_credential_support | default('true')}}"
when: enable_cors | bool