def _do_test(self, conf={}, path='/healthcheck',
expected_code=webob.exc.HTTPOk.code,
expected_body=b''):
self.app = healthcheck.Healthcheck(self.application, conf)
req = webob.Request.blank(path)
res = req.get_response(self.app)
self.assertEqual(expected_code, res.status_int)
self.assertEqual(expected_body, res.body)
def _do_test_request(self, conf={}, path='/healthcheck',
accept='text/plain', method='GET',
server_port=80):
self.app = healthcheck.Healthcheck(self.application, conf)
req = webob.Request.blank(path, accept=accept, method=method)
req.server_port = server_port
res = req.get_response(self.app)
return res
def main():
if config.requires_auth():
# Wrap with keystone middleware if configured to do so
if not CONF.keystone_authtoken.delay_auth_decision:
msg = "The [keystone_authtoken] section in the config file " \
"must have delay_auth_decision explicitly set to true. " \
"The default value, false, will cause calls to " \
"/api/v2/heartbeat to be rejected "
LOG.error(msg)
print(msg) # print on the console for good measure
sys.exit(1)
# Use our our middleware function to permit unsecured apis to be called
app.wsgi_app = enable_unsecured(app.wsgi_app)
app.wsgi_app = auth_token.AuthProtocol(app.wsgi_app,
{'oslo_config_config': CONF})
CORS(app)
# Use oslo healthcheck, which does not log its requests
app.wsgi_app = healthcheck.Healthcheck(app.wsgi_app)
# Note that any flask options that are to be exposed in our config file
# have to be explicitly configured (in flask_opts above) and explicitly
# placed into the following dict
flask_config = {"JSONIFY_PRETTYPRINT_REGULAR": CONF.pretty_json}
app.config.from_mapping(flask_config)
trigger_file = os.path.join(CONF.paths.log_dir, 'trigger.txt')
if not os.path.exists(trigger_file):
with open(trigger_file, 'w') as f:
f.write("Started at %s\n" % time.asctime())
socketio.init_app(app)
# When we've truly started this for the first time, we only want to start
# our singleton ssh-agent once. We must run this in the context of the
# reloader since the rest of the app also runs in that same context.
if is_running_from_reloader():
sshagent.sshagent.stop_old_instance()
sshagent.sshagent.start()
# The 'log' parameter avoids running in debug mode, which suppresses the
# debug message that is emitted on *every* incoming request.
socketio.run(app,
host=CONF.host,
port=CONF.port,
use_reloader=True,
log=LOG,
extra_files=[trigger_file])
def do_GET(self):
@webob.dec.wsgify
def dummy_application(req):
return 'test'
app = healthcheck.Healthcheck(dummy_application, {'detailed': True})
req = webob.Request.blank("/healthcheck",
accept='text/html',
method='GET')
res = req.get_response(app)
self.send_response(res.status_code)
for header_name, header_value in res.headerlist:
self.send_header(header_name, header_value)
self.end_headers()
self.wfile.write(res.body)
self.wfile.close()
def setup_app(pecan_config=None, extra_hooks=None):
app_hooks = [
hooks.ConfigHook(),
hooks.DBHook(),
hooks.ContextHook(pecan_config.app.acl_public_routes),
hooks.RPCHook(),
hooks.NoExceptionTracebackHook(),
hooks.PublicUrlHook()
]
if extra_hooks:
app_hooks.extend(extra_hooks)
if not pecan_config:
pecan_config = get_pecan_config()
pecan.configuration.set_config(dict(pecan_config), overwrite=True)
app = pecan.make_app(
pecan_config.app.root,
debug=CONF.pecan_debug,
static_root=pecan_config.app.static_root if CONF.pecan_debug else None,
force_canonical=getattr(pecan_config.app, 'force_canonical', True),
hooks=app_hooks,
wrap_app=middleware.ParsableErrorMiddleware,
# NOTE(dtantsur): enabling this causes weird issues with nodes named
# as if they had a known mime extension, e.g. "mynode.1". We do
# simulate the same behaviour for .json extensions for backward
# compatibility through JsonExtensionMiddleware.
guess_content_type_from_ext=False,
)
if CONF.audit.enabled:
try:
app = audit_middleware.AuditMiddleware(
app,
audit_map_file=CONF.audit.audit_map_file,
ignore_req_list=CONF.audit.ignore_req_list)
except (EnvironmentError, OSError,
audit_middleware.PycadfAuditApiConfigError) as e:
raise exception.InputFileError(file_name=CONF.audit.audit_map_file,
reason=e)
auth_middleware = None
if CONF.auth_strategy == "keystone":
auth_middleware = auth_token.AuthProtocol(
app, {"oslo_config_config": cfg.CONF})
elif CONF.auth_strategy == "http_basic":
auth_middleware = auth_basic.BasicAuthMiddleware(
app, cfg.CONF.http_basic_auth_user_file)
if auth_middleware:
app = auth_public_routes.AuthPublicRoutes(
app,
auth=auth_middleware,
public_api_routes=pecan_config.app.acl_public_routes)
if CONF.profiler.enabled:
app = osprofiler_web.WsgiMiddleware(app)
# NOTE(pas-ha) this registers oslo_middleware.enable_proxy_headers_parsing
# option, when disabled (default) this is noop middleware
app = http_proxy_to_wsgi.HTTPProxyToWSGI(app, CONF)
# add in the healthcheck middleware if enabled
# NOTE(jroll) this is after the auth token middleware as we don't want auth
# in front of this, and WSGI works from the outside in. Requests to
# /healthcheck will be handled and returned before the auth middleware
# is reached.
if CONF.healthcheck.enabled:
app = healthcheck.Healthcheck(app, CONF)
# Create a CORS wrapper, and attach ironic-specific defaults that must be
# included in all CORS responses.
app = IronicCORS(app, CONF)
cors_middleware.set_defaults(
allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH'],
expose_headers=[
base.Version.max_string, base.Version.min_string,
base.Version.string
])
app = json_ext.JsonExtensionMiddleware(app)
return app