Update role for stable/mitaka testing

This updates the repository SHA's to use stable/mitaka where available and updated SHA's where not. It also updates all paste, policy and rootwrap configurations to match the current contents found in stable/mitaka. Change-Id: I9e664dc26e2091fd8cfcc677fca423e169df0473
2016-03-23 20:58:58 +00:00 · 2016-03-23 20:58:58 +00:00 · e4e53e81d2
commit e4e53e81d2
parent 83586cb66d
5 changed files with 70 additions and 31 deletions
--- a/templates/glance-api-paste.ini.j2
+++ b/templates/glance-api-paste.ini.j2
@ -39,7 +39,6 @@ paste.composite_factory = glance.api:root_app_factory
 /: apiversions
 /v1: apiv1app
 /v2: apiv2app
-/v3: apiv3app

 [app:apiversions]
 paste.app_factory = glance.api.versions:create_resource
@ -50,9 +49,6 @@ paste.app_factory = glance.api.v1.router:API.factory
 [app:apiv2app]
 paste.app_factory = glance.api.v2.router:API.factory

-[app:apiv3app]
-paste.app_factory = glance.api.v3.router:API.factory
-
 [filter:healthcheck]
 paste.filter_factory = oslo_middleware:Healthcheck.factory
 backends = disable_by_file
@ -89,20 +85,3 @@ enabled = yes  #DEPRECATED
 paste.filter_factory =  oslo_middleware.cors:filter_factory
 oslo_config_project = glance
 oslo_config_program = glance-api
-# Basic Headers (Automatic)
-# Accept = Origin, Accept, Accept-Language, Content-Type, Cache-Control, Content-Language, Expires, Last-Modified, Pragma
-# Expose = Origin, Accept, Accept-Language, Content-Type, Cache-Control, Content-Language, Expires, Last-Modified, Pragma
-
-# Glance Headers
-# Accept = Content-MD5, X-Image-Meta-Checksum, X-Storage-Token, Accept-Encoding
-# Expose = X-Image-Meta-Checksum
-
-# Keystone Headers
-# Accept = X-Auth-Token, X-Identity-Status, X-Roles, X-Service-Catalog, X-User-Id, X-Tenant-Id
-# Expose = X-Auth-Token, X-Subject-Token, X-Service-Token
-
-# Request ID Middleware Headers
-# Accept = X-OpenStack-Request-ID
-# Expose = X-OpenStack-Request-ID
-latent_allow_headers = Content-MD5, X-Image-Meta-Checksum, X-Storage-Token, Accept-Encoding, X-Auth-Token, X-Identity-Status, X-Roles, X-Service-Catalog, X-User-Id, X-Tenant-Id, X-OpenStack-Request-ID
-latent_expose_headers = X-Image-Meta-Checksum, X-Auth-Token, X-Subject-Token, X-Service-Token, X-OpenStack-Request-ID
--- a/templates/glance-glare-paste.ini.j2
+++ b/templates/glance-glare-paste.ini.j2
@ -0,0 +1,60 @@
+# Use this pipeline for no auth - DEFAULT
+[pipeline:glare-api]
+pipeline = cors healthcheck versionnegotiation osprofiler unauthenticated-context rootapp
+
+# Use this pipeline for keystone auth
+[pipeline:glare-api-keystone]
+pipeline = cors healthcheck versionnegotiation osprofiler authtoken context rootapp
+
+[composite:rootapp]
+paste.composite_factory = glance.api:root_app_factory
+/: apiversions
+/v0.1: glareapi
+
+[app:apiversions]
+paste.app_factory = glance.api.glare.versions:create_resource
+
+[app:glareapi]
+paste.app_factory = glance.api.glare.v0_1.router:API.factory
+
+[filter:healthcheck]
+paste.filter_factory = oslo_middleware:Healthcheck.factory
+backends = disable_by_file
+disable_by_file_path = /etc/glance/healthcheck_disable
+
+[filter:versionnegotiation]
+paste.filter_factory = glance.api.middleware.version_negotiation:GlareVersionNegotiationFilter.factory
+
+[filter:context]
+paste.filter_factory = glance.api.middleware.context:ContextMiddleware.factory
+
+[filter:unauthenticated-context]
+paste.filter_factory = glance.api.middleware.context:UnauthenticatedContextMiddleware.factory
+
+[filter:authtoken]
+paste.filter_factory = keystonemiddleware.auth_token:filter_factory
+delay_auth_decision = true
+
+[filter:osprofiler]
+paste.filter_factory = osprofiler.web:WsgiMiddleware.factory
+
+[filter:cors]
+paste.filter_factory =  oslo_middleware.cors:filter_factory
+oslo_config_project = glance
+oslo_config_program = glance-glare
+# Basic Headers (Automatic)
+# Accept = Origin, Accept, Accept-Language, Content-Type, Cache-Control, Content-Language, Expires, Last-Modified, Pragma
+# Expose = Origin, Accept, Accept-Language, Content-Type, Cache-Control, Content-Language, Expires, Last-Modified, Pragma
+
+# Glance Headers
+# Accept = Content-MD5, Accept-Encoding
+
+# Keystone Headers
+# Accept = X-Auth-Token, X-Identity-Status, X-Roles, X-Service-Catalog, X-User-Id, X-Tenant-Id
+# Expose = X-Auth-Token, X-Subject-Token, X-Service-Token
+
+# Request ID Middleware Headers
+# Accept = X-OpenStack-Request-ID
+# Expose = X-OpenStack-Request-ID
+latent_allow_headers = Content-MD5, Accept-Encoding, X-Auth-Token, X-Identity-Status, X-Roles, X-Service-Catalog, X-User-Id, X-Tenant-Id, X-OpenStack-Request-ID
+latent_expose_headers = X-Auth-Token, X-Subject-Token, X-Service-Token, X-OpenStack-Request-ID
--- a/templates/policy.json.j2
+++ b/templates/policy.json.j2
@ -25,10 +25,10 @@

    "manage_image_cache": "role:admin",

-    "get_task": "",
-    "get_tasks": "",
-    "add_task": "",
-    "modify_task": "",
+    "get_task": "role:admin",
+    "get_tasks": "role:admin",
+    "add_task": "role:admin",
+    "modify_task": "role:admin",

    "deactivate": "",
    "reactivate": "",
--- a/tests/test-install-glance.yml
+++ b/tests/test-install-glance.yml
@ -88,12 +88,12 @@
    keystone_service_adminurl: "{{ keystone_service_adminuri }}/v3"
    glance_venv_tag: "testing"
    glance_developer_mode: true
-    glance_git_install_branch: 7d5c3710ce2739a8ac356208d4e104f2ce3ec9ab
-    glance_requirements_git_install_branch: 332278d456e06870150835564342570ec9d5f5a0
+    glance_git_install_branch: stable/mitaka
+    glance_requirements_git_install_branch: f8cf7eba898a1424549c730d6692ec4e9573c0ed # HEAD of "master" as of 23.03.2016
    glance_service_password: "secrete"
    glance_profiler_hmac_key: "secrete"
    openrc_os_auth_url: "http://127.0.0.1:5000/v3"
    openrc_os_password: "{{ keystone_auth_admin_password }}"
    openrc_os_domain_name: "Default"
    memcached_servers: 127.0.0.1
-    memcached_encryption_key: "secrete"
+    memcached_encryption_key: "secrete"
--- a/tests/test-install-keystone.yml
+++ b/tests/test-install-keystone.yml
@ -68,8 +68,8 @@
    keystone_galera_database: keystone
    keystone_venv_tag: "testing"
    keystone_developer_mode: true
-    keystone_git_install_branch: a55128044f763f5cfe2fdc57c738eaca97636448
-    keystone_requirements_git_install_branch: 332278d456e06870150835564342570ec9d5f5a0
+    keystone_git_install_branch: stable/mitaka
+    keystone_requirements_git_install_branch: f8cf7eba898a1424549c730d6692ec4e9573c0ed # HEAD of "master" as of 23.03.2016
    keystone_auth_admin_token: "SuperSecreteTestToken"
    keystone_auth_admin_password: "SuperSecretePassword"
    keystone_service_password: "secrete"
@ -80,4 +80,4 @@
    keystone_rabbitmq_vhost: /keystone
    keystone_rabbitmq_servers: 10.100.100.2
    keystone_rabbitmq_use_ssl: true
-    galera_client_drop_config_file: false
+    galera_client_drop_config_file: false