Expose headers option of apache::vhost

The headers option in apache::vhost is required in some case, for
example when adding the X-XSS-Protection header. This change allows
customizing the option for the api vhost.

This change also adds support for request_headers so that both request
headers and response headers can customized.

Change-Id: I11274e444c230c62210e2ed5c0f4811f019b16ae

manifests/wsgi/apache.pp

@@ -86,6 +86,14 @@
 #   { python-path => '/my/python/virtualenv' }
 #   Defaults to {}
 #
+#   [*headers*]
+#     (optional) Headers for the vhost.
+#     Defaults to undef
+#
+#   [*request_headers*]
+#     (optional) Modifies collected request headers in various ways.
+#     Defaults to undef
+#
 #   [*vhost_custom_fragment*]
 #     (optional) Passes a string of custom configuration
 #     directives to be placed at the end of the vhost configuration.
@@ -123,6 +131,8 @@ class ironic::wsgi::apache (
   $access_log_format           = false,
   $error_log_file              = undef,
   $custom_wsgi_process_options = {},
+  $headers                     = undef,
+  $request_headers             = undef,
   $vhost_custom_fragment       = undef,
 ) {
 
@@ -156,6 +166,8 @@ class ironic::wsgi::apache (
     wsgi_script_dir             => $::ironic::params::ironic_wsgi_script_path,
     wsgi_script_file            => 'app',
     wsgi_script_source          => $::ironic::params::ironic_wsgi_script_source,
+    headers                     => $headers,
+    request_headers             => $request_headers,
     access_log_file             => $access_log_file,
     access_log_format           => $access_log_format,
     error_log_file              => $error_log_file,

releasenotes/notes/apache-headers-b23e7d1dad6e94ae.yaml

@@ -0,0 +1,5 @@
+---
+features:
+  - |
+    The ``ironic::wsgi::apache`` class now supports customizing
+    request/response headers added by apache.

spec/classes/ironic_wsgi_apache_spec.rb

@@ -19,13 +19,15 @@ describe 'ironic::wsgi::apache' do
         :wsgi_script_dir             => platform_params[:wsgi_script_path],
         :wsgi_script_file            => 'app',
         :wsgi_script_source          => platform_params[:wsgi_script_source],
+        :headers                     => nil,
+        :request_headers             => nil,
+        :custom_wsgi_process_options => {},
         :access_log_file             => false,
         :access_log_format           => false,
-        :custom_wsgi_process_options => {},
       )}
     end
 
-    context 'when overriding parameters using different ports' do
+    context 'when overriding parameters' do
       let :params do
         {
           :servername                  => 'dummy.host',
@@ -41,6 +43,8 @@ describe 'ironic::wsgi::apache' do
           :custom_wsgi_process_options => {
             'python_path' => '/my/python/path',
           },
+          :headers                     => ['set X-XSS-Protection "1; mode=block"'],
+          :request_headers             => ['set Content-Type "application/json"'],
         }
       end
       it { is_expected.to contain_class('ironic::params') }
@@ -61,12 +65,14 @@ describe 'ironic::wsgi::apache' do
         :wsgi_script_dir             => platform_params[:wsgi_script_path],
         :wsgi_script_file            => 'app',
         :wsgi_script_source          => platform_params[:wsgi_script_source],
-        :access_log_file             => '/var/log/httpd/access_log',
+        :headers                     => ['set X-XSS-Protection "1; mode=block"'],
-        :access_log_format           => 'some format',
+        :request_headers             => ['set Content-Type "application/json"'],
-        :error_log_file              => '/var/log/httpd/error_log',
         :custom_wsgi_process_options => {
           'python_path' => '/my/python/path',
         },
+        :access_log_file             => '/var/log/httpd/access_log',
+        :access_log_format           => 'some format',
+        :error_log_file              => '/var/log/httpd/error_log',
       )}
     end
   end