openstack/puppet-barbican
Code Issues Proposed changes

Manage oslo_middleware/max_request_body_size

Browse Source 
So that we can increase it from the default 114688

Useful in case for example the OS-Federation mapping is too large.

If this limit is breached barbican will return a 413 Entity Too Large
and not log anything to barbican.log.

Change-Id: I2beb72f1ab37130eca340e691ca2dfd15cb5aa61
Closes-Bug: #1835161
This commit is contained in:
ZhongShengping
2019-07-04 11:34:41 +08:00
parent 0645cd4421
commit def436a021
3 changed files with 28 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
manifests/api.pp
View File

@@ -237,6 +237,10 @@
# HTTPProxyToWSGI middleware. # HTTPProxyToWSGI middleware.
# Defaults to $::os_service_default. # Defaults to $::os_service_default.
# #
# [*max_request_body_size*]
# (Optional) Set max request body size
# Defaults to $::os_service_default.
#
class barbican::api ( class barbican::api (
$package_ensure = 'present', $package_ensure = 'present',
$client_package_ensure = 'present', $client_package_ensure = 'present',
@@ -287,6 +291,7 @@ class barbican::api (
$key_file = $::os_service_default, $key_file = $::os_service_default,
$service_name = 'barbican-api', $service_name = 'barbican-api',
$enable_proxy_headers_parsing = $::os_service_default, $enable_proxy_headers_parsing = $::os_service_default,
$max_request_body_size = $::os_service_default,
) inherits barbican::params { ) inherits barbican::params {
include ::barbican::deps include ::barbican::deps
@@ -490,6 +495,7 @@ class barbican::api (
oslo::middleware { 'barbican_config': oslo::middleware { 'barbican_config':
enable_proxy_headers_parsing => $enable_proxy_headers_parsing, enable_proxy_headers_parsing => $enable_proxy_headers_parsing,
max_request_body_size => $max_request_body_size,
} }
} }

5
releasenotes/notes/max_request_body_size-8ffc79894afb2669.yaml Normal file
View File

@@ -0,0 +1,5 @@
---
features:
- |
Add support to configure `[oslo_middleware]/max_request_body_size` with
`$max_request_body_size`.

17
spec/classes/barbican_api_spec.rb
View File

@@ -62,6 +62,7 @@ describe 'barbican::api' do
:retry_scheduler_periodic_interval_max_seconds => '<SERVICE DEFAULT>', :retry_scheduler_periodic_interval_max_seconds => '<SERVICE DEFAULT>',
:service_name => platform_params[:service_name], :service_name => platform_params[:service_name],
:enable_proxy_headers_parsing => '<SERVICE DEFAULT>', :enable_proxy_headers_parsing => '<SERVICE DEFAULT>',
:max_request_body_size => '<SERVICE DEFAULT>',
:multiple_secret_stores_enabled => false, :multiple_secret_stores_enabled => false,
:enabled_secret_stores => 'simple_crypto', :enabled_secret_stores => 'simple_crypto',
} }
@@ -103,6 +104,7 @@ describe 'barbican::api' do
:max_allowed_secret_in_bytes => 20000, :max_allowed_secret_in_bytes => 20000,
:max_allowed_request_size_in_bytes => 2000000, :max_allowed_request_size_in_bytes => 2000000,
:enable_proxy_headers_parsing => false, :enable_proxy_headers_parsing => false,
:max_request_body_size => '102400',
:multiple_secret_stores_enabled => true, :multiple_secret_stores_enabled => true,
:enabled_secret_stores => 'simple_crypto,dogtag,kmip', :enabled_secret_stores => 'simple_crypto,dogtag,kmip',
} }
@@ -210,6 +212,21 @@ describe 'barbican::api' do
)} )}
end end
describe 'with max_request_body_size' do
let :pre_condition do
'class { "barbican::keystone::authtoken": password => "secret", }
include ::apache'
end
let :params do
default_params.merge!({:max_request_body_size => '102400' })
end
it { is_expected.to contain_oslo__middleware('barbican_config').with(
:max_request_body_size => '102400',
)}
end
describe 'with SSL socket options set' do describe 'with SSL socket options set' do
let :pre_condition do let :pre_condition do
'class { "barbican::keystone::authtoken": password => "secret", } 'class { "barbican::keystone::authtoken": password => "secret", }