-
Notifications
You must be signed in to change notification settings - Fork 162
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: Deploy APIM CORS Policy (#166)
When the APIM CORS policy is defined within the serverless yaml then we need to deploy the XML policy document during deployment. Resolve ABA#207
- Loading branch information
Showing
7 changed files
with
187 additions
and
24 deletions.
There are no files selected for viewing
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,12 +1,41 @@ | ||
import { OperationContract, ApiContract, BackendContract } from "@azure/arm-apimanagement/esm/models"; | ||
|
||
/** | ||
* Defines the serverless APIM configuration | ||
*/ | ||
export interface ApiManagementConfig { | ||
/** The name of the APIM azure resource */ | ||
name: string; | ||
/** The API contract configuration */ | ||
api: ApiContract; | ||
/** The API's backend contract configuration */ | ||
backend?: BackendContract; | ||
/** The API's CORS policy */ | ||
cors?: ApiCorsPolicy; | ||
} | ||
|
||
/** | ||
* Defines the APIM API Operation configuration | ||
*/ | ||
export interface ApiOperationOptions { | ||
/** The name of the serverless function */ | ||
function: string; | ||
/** The APIM operation contract configuration */ | ||
operation: OperationContract; | ||
} | ||
|
||
/** | ||
* Defines an APIM API CORS (cross origin resource sharing) policy | ||
*/ | ||
export interface ApiCorsPolicy { | ||
/** Whether or not to allow credentials */ | ||
allowCredentials: boolean; | ||
/** A list of allowed domains - also supports wildcard "*" */ | ||
allowedOrigins: string[]; | ||
/** A list of allowed HTTP methods */ | ||
allowedMethods: string[]; | ||
/** A list of allowed headers */ | ||
allowedHeaders: string[]; | ||
/** A list of headers exposed during OPTION preflight requests */ | ||
exposeHeaders: string[]; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
{ | ||
"id": "/subscriptions/d36d0808-a967-4f73-9fdc-32ea232fc81d/resourceGroups/${resourceGroup.name}/providers/Microsoft.ApiManagement/service/${service.name}/apis/${api.name}/policies/policy", | ||
"type": "Microsoft.ApiManagement/service/apis/policies", | ||
"name": "policy", | ||
"properties": { | ||
"format": "xml", | ||
"value": "<!-- IMPORTANT: - Policy elements can appear only within the <inbound>, <outbound>, <backend> section elements. - To apply a policy to the incoming request (before it is forwarded to the backend service), place a corresponding policy element within the <inbound> section element. - To apply a policy to the outgoing response (before it is sent back to the caller), place a corresponding policy element within the <outbound> section element. - To add a policy, place the cursor at the desired insertion point and select a policy from the sidebar. - To remove a policy, delete the corresponding policy statement from the policy document. - Position the <base> element within a section element to inherit all policies from the corresponding section element in the enclosing scope. - Remove the <base> element to prevent inheriting policies from the corresponding section element in the enclosing scope. - Policies are applied in the order of their appearance, from the top down. - Comments within policy elements are not supported and may disappear. Place your comments between policy elements or at a higher level scope.--><policies>\t<inbound>\t\t<base />\t\t<cors allow-credentials=\"false\">\t\t\t<allowed-origins>\t\t\t\t<origin>*</origin>\t\t\t</allowed-origins>\t\t\t<allowed-methods>\t\t\t\t<method>GET</method>\t\t\t\t<method>POST</method>\t\t\t\t<method>PUT</method>\t\t\t\t<method>DELETE</method>\t\t\t\t<method>PATCH</method>\t\t\t</allowed-methods>\t\t\t<allowed-headers>\t\t\t\t<header>*</header>\t\t\t</allowed-headers>\t\t\t<expose-headers>\t\t\t\t<header>*</header>\t\t\t</expose-headers>\t\t</cors>\t</inbound>\t<backend>\t\t<base />\t</backend>\t<outbound>\t\t<base />\t</outbound>\t<on-error>\t\t<base />\t</on-error></policies>" | ||
} | ||
} |