← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #48572

[Bug 1551836] Re: CORS middleware's latent configuration options need to change

  Thread PreviousDate PreviousThread Next 
** Changed in: cloudkitty
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1551836

Title:
  CORS middleware's latent configuration options need to change

Status in Aodh:
  Fix Released
Status in Barbican:
  Fix Released
Status in Ceilometer:
  Fix Released
Status in Cinder:
  Fix Released
Status in cloudkitty:
  Fix Released
Status in congress:
  Fix Released
Status in Cue:
  Fix Released
Status in Designate:
  Fix Released
Status in Glance:
  Fix Released
Status in heat:
  Fix Released
Status in Ironic:
  Fix Released
Status in OpenStack Identity (keystone):
  Fix Released
Status in Magnum:
  Fix Released
Status in Manila:
  Fix Released
Status in Mistral:
  Fix Released
Status in Murano:
  Fix Released
Status in neutron:
  Fix Released
Status in OpenStack Compute (nova):
  Fix Released
Status in oslo.config:
  Fix Released
Status in Sahara:
  Fix Released
Status in OpenStack Search (Searchlight):
  Fix Released
Status in Solum:
  Fix Released
Status in Trove:
  Fix Released

Bug description:
  It was pointed out in http://lists.openstack.org/pipermail/openstack-
  dev/2016-February/086746.html that configuration options included in
  paste.ini are less than optimal, because they impose an upgrade burden
  on both operators and engineers. The following discussion expanded to
  all projects (not just those using paste), and the following
  conclusion was reached:

  A) All generated configuration files should contain any headers which the API needs to operate. This is currently supported in oslo.config's generate-config script, as of 3.7.0
  B) These same configuration headers should be set as defaults for the given API, using cfg.set_defaults. This permits an operator to simply activate a domain, and not have to worry about tweaking additional settings.
  C) All hardcoded headers should be detached from the CORS middleware.
  D) Configuration and activation of CORS should be consistent across all projects.

  It was also agreed that this is a blocking bug for mitaka. A reference
  patch has already been approved for keystone, available here:
  https://review.openstack.org/#/c/285308/

To manage notifications about this bug go to:
https://bugs.launchpad.net/aodh/+bug/1551836/+subscriptions

References

  Thread PreviousDate PreviousThread Next