Fix CrossProjectNetwork lib policy

Removed column references in non-datasource tables. Not allowed. Also renames file name from - to _ to follow convention. Also limits rule comment to max length of 255 chars per schema/database limit Change-Id: I306b43a53e435d27560a5438fdec4ced399735cf
2017-07-30 12:33:20 -07:00 · 2017-07-30 12:33:20 -07:00 · 211ca29f96
parent 128406238e
commit 211ca29f96
1 changed files with 10 additions and 10 deletions
--- a/library/cross_project_network.yaml
+++ b/library/cross_project_network.yaml
@ -3,17 +3,17 @@ name: CrossProjectNetwork
 description: >
  Identify cross-project network connections unless the projects are defined as
  being in the same group allowing for inter-connectivity.
+
+  The first four rules below define by name which projects belong in the same
+  group, where network inter-connectivity is expected. The use of name to
+  specify projects works under the assumption of having a single keystone
+  domain in which project names are unique. If names are unsuitable for
+  your use case, the policy can be customized to use specify
+  inter-connectivity groups by ID directly in the project_groups_by_id
+  table.
 rules:
  -
    comment: >
-      The following rules define by name which projects belong in the same
-      group, where network inter-connectivity is expected. The use of name to
-      specify projects works under the assumption of having a single keystone
-      domain in which project names are unique. If names are unsuitable for
-      your use case, the policy can be customized to use specify
-      inter-connectivity groups by ID directly in the project_groups_by_id
-      table.
-
      User should customize this.  project_groups_by_name(group_id, project_name).
    rule: >
      project_groups_by_name(1, 'admin')
@ -45,8 +45,8 @@ rules:
    comment: "Define that projects belong to same group of expected inter-connectivity."
    rule: >
      same_group(project_a, project_b) :-
-        project_groups_by_id(id=group_id, project_id=project_a),
-        project_groups_by_id(id=group_id, project_id=project_b)
+        project_groups_by_id(group_id, project_a),
+        project_groups_by_id(group_id, project_b)
  -
    comment: >
      Identify servers associated to a port belonging to a different project