24268428e0
Action execution allows using policy to trigger data source client methods. But some of these methods require a python structure as input, which cannot be constructed by the congress policy language. With this patch, the policy language can construct JSON/YAML strings, which get loaded as python structure before passing to the data source client methods. Because there is no automated way to know which arguments to which methods are non-scalar structures, the functionality requires a data source driver to specify that information in self.method_structured_args. The patch also other related changes: - specifies the desired structured arguments for the neutronv2 drivers - omits the neutron client update_* made redundant by the special update_resource_attr action. - updates a policy library to make use of the feature Depends-On: I34d1a392d4539ede01666002cfa301c21f9cd4bd Change-Id: I33860ffdcda3e0bc67e488ff2b35bba57241cf02 |
||
---|---|---|
.. | ||
disallowed_flavors | ||
disallowed_images | ||
security_groups | ||
volume_encryption | ||
cross_project_network.yaml | ||
network_gateway.yaml | ||
README.rst | ||
tag_based_network_security_zone.yaml |
Policy Library
Congress bundles a library of useful policies to help users get started.
For example, the
library/volume_encryption/servers_unencrypted_volume.yaml
identifies and warns on servers with unencrypted volumes attached.
../../../library/volume_encryption/servers_unencrypted_volume.yaml
The latest collection library policies can be found here: https://github.com/openstack/congress/tree/master/library
To import a library policy YAML file into Congress, use the following CLI command (python-congressclient version 1.8.0 or higher https://pypi.org/project/python-congressclient/).
$ openstack congress policy create-from-file <path-to-policy-yaml>