119 lines
4.2 KiB
Smarty
119 lines
4.2 KiB
Smarty
# Copyright 2017 The Openstack-Helm Authors.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
# heat-api pipeline
|
|
[pipeline:heat-api]
|
|
pipeline = cors request_id faultwrap http_proxy_to_wsgi versionnegotiation osprofiler authurl authtoken context apiv1app
|
|
|
|
# heat-api pipeline for standalone heat
|
|
# ie. uses alternative auth backend that authenticates users against keystone
|
|
# using username and password instead of validating token (which requires
|
|
# an admin/service token).
|
|
# To enable, in heat.conf:
|
|
# [paste_deploy]
|
|
# flavor = standalone
|
|
#
|
|
[pipeline:heat-api-standalone]
|
|
pipeline = cors request_id faultwrap http_proxy_to_wsgi versionnegotiation authurl authpassword context apiv1app
|
|
|
|
# heat-api pipeline for custom cloud backends
|
|
# i.e. in heat.conf:
|
|
# [paste_deploy]
|
|
# flavor = custombackend
|
|
#
|
|
[pipeline:heat-api-custombackend]
|
|
pipeline = cors request_id faultwrap versionnegotiation context custombackendauth apiv1app
|
|
|
|
# heat-api-cfn pipeline
|
|
[pipeline:heat-api-cfn]
|
|
pipeline = cors cfnversionnegotiation osprofiler ec2authtoken authtoken context apicfnv1app
|
|
|
|
# heat-api-cfn pipeline for standalone heat
|
|
# relies exclusively on authenticating with ec2 signed requests
|
|
[pipeline:heat-api-cfn-standalone]
|
|
pipeline = cors cfnversionnegotiation ec2authtoken context apicfnv1app
|
|
|
|
# heat-api-cloudwatch pipeline
|
|
[pipeline:heat-api-cloudwatch]
|
|
pipeline = cors versionnegotiation osprofiler ec2authtoken authtoken context apicwapp
|
|
|
|
# heat-api-cloudwatch pipeline for standalone heat
|
|
# relies exclusively on authenticating with ec2 signed requests
|
|
[pipeline:heat-api-cloudwatch-standalone]
|
|
pipeline = cors versionnegotiation ec2authtoken context apicwapp
|
|
|
|
[app:apiv1app]
|
|
paste.app_factory = heat.common.wsgi:app_factory
|
|
heat.app_factory = heat.api.openstack.v1:API
|
|
|
|
[app:apicfnv1app]
|
|
paste.app_factory = heat.common.wsgi:app_factory
|
|
heat.app_factory = heat.api.cfn.v1:API
|
|
|
|
[app:apicwapp]
|
|
paste.app_factory = heat.common.wsgi:app_factory
|
|
heat.app_factory = heat.api.cloudwatch:API
|
|
|
|
[filter:versionnegotiation]
|
|
paste.filter_factory = heat.common.wsgi:filter_factory
|
|
heat.filter_factory = heat.api.openstack:version_negotiation_filter
|
|
|
|
[filter:cors]
|
|
paste.filter_factory = oslo_middleware.cors:filter_factory
|
|
oslo_config_project = heat
|
|
|
|
[filter:faultwrap]
|
|
paste.filter_factory = heat.common.wsgi:filter_factory
|
|
heat.filter_factory = heat.api.openstack:faultwrap_filter
|
|
|
|
[filter:cfnversionnegotiation]
|
|
paste.filter_factory = heat.common.wsgi:filter_factory
|
|
heat.filter_factory = heat.api.cfn:version_negotiation_filter
|
|
|
|
[filter:cwversionnegotiation]
|
|
paste.filter_factory = heat.common.wsgi:filter_factory
|
|
heat.filter_factory = heat.api.cloudwatch:version_negotiation_filter
|
|
|
|
[filter:context]
|
|
paste.filter_factory = heat.common.context:ContextMiddleware_filter_factory
|
|
|
|
[filter:ec2authtoken]
|
|
paste.filter_factory = heat.api.aws.ec2token:EC2Token_filter_factory
|
|
|
|
[filter:http_proxy_to_wsgi]
|
|
paste.filter_factory = oslo_middleware:HTTPProxyToWSGI.factory
|
|
|
|
# Middleware to set auth_url header appropriately
|
|
[filter:authurl]
|
|
paste.filter_factory = heat.common.auth_url:filter_factory
|
|
|
|
# Auth middleware that validates token against keystone
|
|
[filter:authtoken]
|
|
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
|
|
|
|
# Auth middleware that validates username/password against keystone
|
|
[filter:authpassword]
|
|
paste.filter_factory = heat.common.auth_password:filter_factory
|
|
|
|
# Auth middleware that validates against custom backend
|
|
[filter:custombackendauth]
|
|
paste.filter_factory = heat.common.custom_backend_auth:filter_factory
|
|
|
|
# Middleware to set x-openstack-request-id in http response header
|
|
[filter:request_id]
|
|
paste.filter_factory = oslo_middleware.request_id:RequestId.factory
|
|
|
|
[filter:osprofiler]
|
|
paste.filter_factory = osprofiler.web:WsgiMiddleware.factory
|