APICAST CORS configuration

roles/3scale/tasks/apicast_cors.yml

@@ -0,0 +1,24 @@
+---
+  
+  - name: Download 'apicast_cors.lua'
+    get_url: dest=apicast_cors.lua url={{ threescale_options.apicast_cors_lua }}
+
+  - name: Download 'cors.conf'
+    get_url: dest=cors.conf url={{ threescale_options.apicast_cors_conf }}
+
+  - name: Create ConfigMap 'apicast-cors'
+    command: oc create configmap apicast-cors --from-file=apicast_cors.lua -n "{{ threescale_options.project }}"
+    register: oc
+    failed_when: oc.rc > 0 and 'Error from server (AlreadyExists):' not in oc.stderr
+    changed_when: oc.rc == 0
+
+  - name: Create ConfigMap 'cors-conf'
+    command: oc create configmap cors-conf --from-file=cors.conf -n "{{ threescale_options.project }}"
+    register: oc
+    failed_when: oc.rc > 0 and 'Error from server (AlreadyExists):' not in oc.stderr
+    changed_when: oc.rc == 0
+
+  - include: patch_apicast.yml
+    with_items:
+      - apicast-staging
+      - apicast-production

roles/3scale/tasks/main.yml

@@ -26,6 +26,10 @@
     failed_when: oc.rc > 0 and 'Error from server (AlreadyExists):' not in oc.stderr
     changed_when: oc.rc == 0
 
+  # Deploy the CORS Configuration for APICast
+  # This is needed to make the "Try out" feature working in the Developer Portal
+  - include: apicast_cors.yml
+
   - include: status.yml
     tags: status
 

roles/3scale/tasks/patch_apicast.yml

@@ -0,0 +1,32 @@
+---
+
+  - debug: msg="Updating {{ item }}"
+
+  - name: Check if APICast's DC has volumes
+    command: oc get dc {{ item }} -o jsonpath='{range .spec.template.spec.volumes[*]}{.name}{"\n"}{end}' -n "{{ threescale_options.project }}"
+    register: volumes
+    changed_when: false
+
+  - name: Add volume 'apicast-cors'
+    command: 'oc set volume dc/{{ item }} -n {{ threescale_options.project }} --add --name=apicast-cors --mount-path /opt/app-root/src/src/apicast_cors.lua --source=''{"configMap":{"name":"apicast-cors","items":[{"key":"apicast_cors.lua","path":"apicast_cors.lua"}]}}'' '
+    when: "'apicast-cors' not in volumes.stdout_lines"
+
+  - name: Add volume 'cors-conf'
+    command: 'oc set volume dc/{{ item }} -n {{ threescale_options.project }} --add --name=cors-conf --mount-path /opt/app-root/src/apicast.d/cors.conf --source=''{"configMap":{"name":"cors-conf","items":[{"key":"cors.conf","path":"cors.conf"}]}}'' '
+    when: "'cors-conf' not in volumes.stdout_lines"
+
+  - name: Check if APICast's DC has already been patched
+    command: oc get dc {{ item }} -o jsonpath='{range .spec.template.spec.containers[*].volumeMounts[?(@.subPath)]}{.name}{"\n"}{end}' -n "{{ threescale_options.project }}"
+    register: patched
+    changed_when: false
+
+  - name: Patch volume 'apicast-cors'
+    command: 'oc patch dc/{{ item }} -n {{ threescale_options.project }} --type=json -p ''[ {"op": "add", "path": "/spec/template/spec/containers/0/volumeMounts/0/subPath", "value":"apicast_cors.lua"} ]'' '
+    when: "'apicast-cors' not in patched.stdout_lines"
+
+  - name: Patch volume 'cors-conf'
+    command: 'oc patch dc/{{ item }} -n {{ threescale_options.project }} --type=json -p ''[ {"op": "add", "path": "/spec/template/spec/containers/0/volumeMounts/1/subPath", "value":"cors.conf"} ]'' '
+    when: "'cors-conf' not in patched.stdout_lines"
+
+  - name: Add environment variable APICAST_MODULE to the APICast DeploymentConfig
+    command: oc env dc/{{ item }} APICAST_MODULE=apicast_cors -n {{ threescale_options.project }}

roles/3scale/vars/main.yml

@@ -7,3 +7,5 @@
     wildcard_domain: "{{ openshift_master_default_subdomain }}"
     delay: 5
     retries: 30
+    apicast_cors_lua: https://raw.githubusercontent.com/3scale/apicast/cors-example/examples/cors/apicast_cors.lua
+    apicast_cors_conf: https://raw.githubusercontent.com/3scale/apicast/cors-example/examples/cors/cors.conf