summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichael Krotscheck <krotscheck@gmail.com>2016-05-04 09:56:18 -0700
committerMichael Krotscheck <krotscheck@gmail.com>2016-05-09 07:18:21 -0700
commit399e94043fdf40f413f0335387b1d92f0dd215ce (patch)
tree139a85cbfec6bd8ce9b79624dcdb489e807e84d1
parentea167241d483e678a766a936d8d6208e85341184 (diff)
downloadoslo-middleware-399e94043fdf40f413f0335387b1d92f0dd215ce.tar.gz
Deprecate multiple config block parsing.
With the introduction of set_defaults, as well as new documentation features for default values in oslo_config, the CORS middleware has been placed in the odd position where its configuration behaves inconsistently. If you configure via add_origin, then defaults set in set_defaults are not honored. If you configure via multiple configuration blocks ([cors.foo]), then the defaults are also not honored. Additionally, with the conversion of allowed_origin into a list_opt, there is less direct need for multiple config-block parsing. In order to ensure that the middleware behaves consistently with the rest of oslo, as well as adheres to a set of basic sane assumptions made by consumers, this patch deprecates the code path that searches oslo's configuration for multiple [cors.*] blocks. Subsequent patches will add additional deprecation flags to this end. Change-Id: I49c15ccc2dce03b0dea33ec45ef6e271e58582da
-rw-r--r--doc/source/cors.rst26
-rw-r--r--oslo_middleware/cors.py6
2 files changed, 7 insertions, 25 deletions
diff --git a/doc/source/cors.rst b/doc/source/cors.rst
index 2788096..765a681 100644
--- a/doc/source/cors.rst
+++ b/doc/source/cors.rst
@@ -45,7 +45,7 @@ domain, using oslo_config::
app = cors.CORS(your_wsgi_application, cfg.CONF)
-In your application's config file, then include a default configuration block
+In your application's config file, then include a configuration block
something like this::
[cors]
@@ -55,30 +55,6 @@ something like this::
allow_headers=X-Custom-Header
expose_headers=X-Custom-Header
-This middleware permits you to override the rules for multiple
-`allowed_origin`'s. To express this in your configuration file, first begin
-with a `[cors]` group as above, into which you place your default
-configuration values. Then add as many additional configuration groups as
-necessary, naming them `[cors.something]` (each name must be unique). The
-purpose of the suffix to `cors.` is legibility, we recommend using a
-reasonable human-readable string::
-
- [cors.ironic_webclient]
- # CORS Configuration for a hypothetical ironic webclient, which overrides
- # authentication
- allowed_origin=https://ironic.example.com:443
- allow_credentials=True
-
- [cors.horizon]
- # CORS Configuration for horizon, which uses global options.
- allowed_origin=https://horizon.example.com:443
-
- [cors.wildcard]
- # CORS Configuration for the CORS specified domain wildcard, which only
- # permits HTTP GET requests.
- allowed_origin=*
- allow_methods=GET
-
If your software requires specific headers or methods for proper operation, you
may include these as latent properties. These will be evaluated in addition
to any found in configuration::
diff --git a/oslo_middleware/cors.py b/oslo_middleware/cors.py
index 3d7b49b..6826016 100644
--- a/oslo_middleware/cors.py
+++ b/oslo_middleware/cors.py
@@ -16,6 +16,7 @@
import copy
import logging
+import debtcollector
from oslo_config import cfg
from oslo_middleware import base
import six
@@ -204,6 +205,11 @@ class CORS(base.ConfigurableMiddleware):
# prefixed with 'cors.'
for section in self.oslo_conf.list_all_sections():
if section.startswith('cors.'):
+ debtcollector.deprecate('Multiple configuration blocks are '
+ 'deprecated and will be removed in '
+ 'future versions. Please consolidate '
+ 'your configuration in the [cors] '
+ 'configuration block.')
# Register with the preconstructed defaults
self.oslo_conf.register_opts(subgroup_opts, section)
self.add_origin(**self.oslo_conf[section])