Merge "Fix missing CORS middleware"

2025-09-15 17:00:56 +00:00
parent cd1154d09c e1c8961a7c
commit cee72d2bda
6 changed files with 41 additions and 0 deletions
--- a/etc/watcher/oslo-config-generator/watcher.conf
+++ b/etc/watcher/oslo-config-generator/watcher.conf
@@ -9,6 +9,7 @@ namespace = oslo.concurrency
 namespace = oslo.db
 namespace = oslo.log
 namespace = oslo.messaging
+namespace = oslo.middleware.cors
 namespace = oslo.middleware.http_proxy_to_wsgi
 namespace = oslo.policy
 namespace = oslo.reports
--- a/releasenotes/notes/cors-e506801ebc0ed3f1.yaml
+++ b/releasenotes/notes/cors-e506801ebc0ed3f1.yaml
@@ -0,0 +1,6 @@
+---
+fixes:
+  - |
+    The `CORS middleware
+    <https://docs.openstack.org/oslo.middleware/2025.1/admin/cross-project-cors.html>`__
+    has been added to api pipeline, to support Cross-Origin Resource Sharing.
--- a/setup.cfg
+++ b/setup.cfg
@@ -35,6 +35,9 @@ monasca =
 oslo.config.opts =
    watcher = watcher.conf.opts:list_opts

+oslo.config.opts.defaults =
+    watcher = watcher.common.config:set_lib_defaults
+
 oslo.policy.policies =
    watcher = watcher.common.policies:list_rules

--- a/watcher/api/app.py
+++ b/watcher/api/app.py
@@ -17,6 +17,7 @@
 #    under the License.


+from oslo_middleware import cors
 from oslo_middleware import http_proxy_to_wsgi
 from oslo_middleware import request_id
 import pecan
@@ -59,6 +60,13 @@ def _wrap_app(app):

    app = http_proxy_to_wsgi.HTTPProxyToWSGI(app)

+    # This should be the last middleware in the list (which results in
+    # it being the first in the middleware chain). This is to ensure
+    # that any errors thrown by other middleware, such as an auth
+    # middleware - are annotated with CORS headers, and thus accessible
+    # by the browser.
+    app = cors.CORS(app, CONF)
+
    return app


--- a/watcher/common/config.py
+++ b/watcher/common/config.py
@@ -16,11 +16,33 @@
 #    under the License.

 from oslo_config import cfg
+from oslo_middleware import cors

 from watcher.common import rpc
 from watcher import version


+def set_lib_defaults():
+    cors.set_defaults(
+        allow_headers=['X-Auth-Token',
+                       'X-Identity-Status',
+                       'X-Roles',
+                       'X-Service-Catalog',
+                       'X-User-Id',
+                       'X-Tenant-Id',
+                       'X-OpenStack-Request-ID'],
+        expose_headers=['X-Auth-Token',
+                        'X-Subject-Token',
+                        'X-Service-Token',
+                        'X-OpenStack-Request-ID'],
+        allow_methods=['GET',
+                       'PUT',
+                       'POST',
+                       'DELETE',
+                       'PATCH']
+    )
+
+
 def parse_args(argv, default_config_files=None, default_config_dirs=None):
    default_config_files = (default_config_files or
                            cfg.find_config_files(project='watcher'))
--- a/watcher/common/service.py
+++ b/watcher/common/service.py
@@ -281,6 +281,7 @@ def prepare_service(argv=(), conf=cfg.CONF):
    config.parse_args(argv)
    cfg.set_defaults(_options.log_opts,
                     default_log_levels=_DEFAULT_LOG_LEVELS)
+    config.set_lib_defaults()
    log.setup(conf, 'python-watcher')
    conf.log_opt_values(LOG, log.DEBUG)
    objects.register_all()