Browse Source

[goal] Deprecate the JSON formatted policy file

As per the community goal of migrating the policy file
the format from JSON to YAML[1], we need to do two things:

1. Change the default value of '[oslo_policy] policy_file''
config option from 'policy.json' to 'policy.yaml' with
upgrade checks.

2. Deprecate the JSON formatted policy file on the project side
via warning in doc and releasenotes.

Also replace policy.json to policy.yaml ref from doc.

[1]https://governance.openstack.org/tc/goals/selected/wallaby/migrate-policy-format-from-json-to-yaml.html

Change-Id: I608d3f55dfa9b6052f92c4fd13f2aae6d714e287
changes/42/766842/4
Ghanshyam Mann 9 months ago
parent
commit
c8370c2ab2
  1. 3
      cloudkitty/cli/status.py
  2. 9
      cloudkitty/common/defaults.py
  3. 6
      cloudkitty/common/policy.py
  4. 2
      cloudkitty/tests/gabbi/fixtures.py
  5. 2
      doc/source/_static/cloudkitty.conf.sample
  6. 8
      doc/source/admin/configuration/policy.rst
  7. 2
      doc/source/admin/install/install-source.rst
  8. 4
      lower-constraints.txt
  9. 20
      releasenotes/notes/deprecate-json-formatted-policy-file-01ceb65712fd0a39.yaml
  10. 4
      requirements.txt
  11. 2
      setup.cfg

3
cloudkitty/cli/status.py

@ -15,6 +15,7 @@
import sys
from oslo_config import cfg
from oslo_upgradecheck import common_checks
from oslo_upgradecheck import upgradecheck
from cloudkitty.i18n import _
@ -38,6 +39,8 @@ class CloudkittyUpgradeChecks(upgradecheck.UpgradeCommands):
_upgrade_checks = (
(_('Storage version'), _storage_version),
(_("Policy File JSON to YAML Migration"),
(common_checks.check_policy_json, {'conf': CONF})),
)

9
cloudkitty/common/defaults.py

@ -13,13 +13,22 @@
# under the License.
#
from oslo_config import cfg
from oslo_middleware import cors
from oslo_policy import opts as policy_opts
def set_config_defaults():
"""This method updates all configuration default values."""
set_cors_middleware_defaults()
# TODO(gmann): Remove setting the default value of config policy_file
# once oslo_policy change the default value to 'policy.yaml'.
# https://github.com/openstack/oslo.policy/blob/a626ad12fe5a3abd49d70e3e5b95589d279ab578/oslo_policy/opts.py#L49
DEFAULT_POLICY_FILE = 'policy.yaml'
policy_opts.set_defaults(cfg.CONF, DEFAULT_POLICY_FILE)
def set_cors_middleware_defaults():
"""Update default configuration options for oslo.middleware."""

6
cloudkitty/common/policy.py

@ -29,7 +29,11 @@ from cloudkitty.common import policies
LOG = logging.getLogger(__name__)
CONF = cfg.CONF
policy_opts.set_defaults(cfg.CONF, 'policy.json')
# TODO(gmann): Remove setting the default value of config policy_file
# once oslo_policy change the default value to 'policy.yaml'.
# https://github.com/openstack/oslo.policy/blob/a626ad12fe5a3abd49d70e3e5b95589d279ab578/oslo_policy/opts.py#L49
DEFAULT_POLICY_FILE = 'policy.yaml'
policy_opts.set_defaults(cfg.CONF, DEFAULT_POLICY_FILE)
_ENFORCER = None
# oslo_policy will read the policy configuration file again when the file

2
cloudkitty/tests/gabbi/fixtures.py

@ -202,7 +202,7 @@ class ConfigFixture(fixture.GabbiFixture):
conf.set_override('auth_strategy', self.auth_strategy)
conf.set_override('connection', 'sqlite:///', 'database')
conf.set_override('policy_file',
os.path.abspath('etc/cloudkitty/policy.json'),
os.path.abspath('etc/cloudkitty/policy.yaml'),
group='oslo_policy')
conf.set_override('api_paste_config',
os.path.abspath(

2
doc/source/_static/cloudkitty.conf.sample

@ -1260,7 +1260,7 @@
# permissions for a given service. Relative paths must be specified in
# relation to the configuration file setting this option. (string
# value)
#policy_file = policy.json
#policy_file = policy.yaml
# Default rule. Enforced when a requested rule is not found. (string
# value)

8
doc/source/admin/configuration/policy.rst

@ -5,6 +5,14 @@ Policy configuration
Configuration
~~~~~~~~~~~~~
.. warning::
JSON formatted policy file is deprecated since Cloudkitty 14.0.0 (Wallaby).
This `oslopolicy-convert-json-to-yaml`__ tool will migrate your existing
JSON-formatted policy file to YAML in a backward-compatible way.
.. __: https://docs.openstack.org/oslo.policy/latest/cli/oslopolicy-convert-json-to-yaml.html
The following is an overview of all available policies in Cloudkitty.
For a sample configuration file, refer to :doc:`samples/policy-yaml`.

2
doc/source/admin/install/install-source.rst

@ -24,7 +24,7 @@ Install sample configuration files::
mkdir /etc/cloudkitty
tox -e genconfig
cp etc/cloudkitty/cloudkitty.conf.sample /etc/cloudkitty/cloudkitty.conf
cp etc/cloudkitty/policy.json /etc/cloudkitty
cp etc/cloudkitty/policy.yaml /etc/cloudkitty
cp etc/cloudkitty/api_paste.ini /etc/cloudkitty
Create the log directory::

4
lower-constraints.txt

@ -18,9 +18,9 @@ oslo.i18n==5.0.1 # Apache-2.0
oslo.log==4.4.0 # Apache-2.0
oslo.messaging==12.6.0 # Apache-2.0
oslo.middleware==4.1.1 # Apache-2.0
oslo.policy==3.5.0 # Apache-2.0
oslo.policy==3.6.0 # Apache-2.0
oslo.utils==4.7.0 # Apache-2.0
oslo.upgradecheck==1.2.0 # Apache-2.0
oslo.upgradecheck==1.3.0 # Apache-2.0
python-dateutil==2.7.0 # BSD
SQLAlchemy==1.3.20 # MIT
six==1.15.0 # MIT

20
releasenotes/notes/deprecate-json-formatted-policy-file-01ceb65712fd0a39.yaml

@ -0,0 +1,20 @@
---
upgrade:
- |
The default value of ``[oslo_policy] policy_file`` config option has
been changed from ``policy.json`` to ``policy.yaml``.
Operators who are utilizing customized or previously generated
static policy JSON files (which are not needed by default), should
generate new policy files or convert them in YAML format. Use the
`oslopolicy-convert-json-to-yaml
<https://docs.openstack.org/oslo.policy/latest/cli/oslopolicy-convert-json-to-yaml.html>`_
tool to convert a JSON to YAML formatted policy file in
backward compatible way.
deprecations:
- |
Use of JSON policy files was deprecated by the ``oslo.policy`` library
during the Victoria development cycle. As a result, this deprecation is
being noted in the Wallaby cycle with an anticipated future removal of support
by ``oslo.policy``. As such operators will need to convert to YAML policy
files. Please see the upgrade notes for details on migration of any
custom policy files.

4
requirements.txt

@ -20,9 +20,9 @@ oslo.i18n>=5.0.1 # Apache-2.0
oslo.log>=4.4.0 # Apache-2.0
oslo.messaging>=12.6.0 # Apache-2.0
oslo.middleware>=4.1.1 # Apache-2.0
oslo.policy>=3.5.0 # Apache-2.0
oslo.policy>=3.6.0 # Apache-2.0
oslo.utils>=4.7.0 # Apache-2.0
oslo.upgradecheck>=1.2.0 # Apache-2.0
oslo.upgradecheck>=1.3.0 # Apache-2.0
python-dateutil>=2.7.0 # BSD
SQLAlchemy>=1.3.20 # MIT
six>=1.15.0 # MIT

2
setup.cfg

@ -44,7 +44,7 @@ oslo.config.opts =
cloudkitty.common.config = cloudkitty.common.config:list_opts
oslo.config.opts.defaults =
cloudkitty.common.config = cloudkitty.common.defaults:set_cors_middleware_defaults
cloudkitty.common.config = cloudkitty.common.defaults:set_config_defaults
cloudkitty.collector.backends =
gnocchi = cloudkitty.collector.gnocchi:GnocchiCollector

Loading…
Cancel
Save