From 66a55c2f83f9a459a02ad781ebf89ded1f96d164 Mon Sep 17 00:00:00 2001
From: Ghanshyam Mann <gmann@ghanshyammann.com>
Date: Sun, 10 Nov 2024 21:37:53 -0800
Subject: [PATCH] Remove default override for config options policy_file

olso.policy 4.5.0[1] changed the config options policy_file
default value to 'policy.yaml', which means it is changed
for all the OpenStack services and they do not need to
override the default anymore.

NOTE: There is no change in behaviour here, oslo.policy provides
the same configuration that services have overridden till now.

[1] https://review.opendev.org/c/openstack/releases/+/934012
[2] https://review.opendev.org/c/openstack/requirements/+/934295

Change-Id: I9305cf04c00957e2874060ea5ceb56cddd22fe6b
---
 cyborg/common/authorize_wsgi.py | 33 +--------------------------------
 requirements.txt                |  2 +-
 2 files changed, 2 insertions(+), 33 deletions(-)

diff --git a/cyborg/common/authorize_wsgi.py b/cyborg/common/authorize_wsgi.py
index 9d8a5e16..590157c1 100644
--- a/cyborg/common/authorize_wsgi.py
+++ b/cyborg/common/authorize_wsgi.py
@@ -16,7 +16,6 @@ import sys
 from oslo_concurrency import lockutils
 from oslo_config import cfg
 from oslo_log import log
-from oslo_policy import opts
 from oslo_policy import policy
 from oslo_versionedobjects import base as object_base
 import pecan
@@ -31,36 +30,6 @@ CONF = cfg.CONF
 LOG = log.getLogger(__name__)
 
 
-# TODO(gmann): Remove setting the default value of config policy_file
-# once oslo_policy change the default value to 'policy.yaml'.
-# https://github.com/openstack/oslo.policy/blob/a626ad12fe5a3abd49d70e3e5b95589d279ab578/oslo_policy/opts.py#L49
-DEFAULT_POLICY_FILE = 'policy.yaml'
-opts.set_defaults(CONF, DEFAULT_POLICY_FILE)
-
-
-def pick_policy_file(policy_file):
-    # TODO(gmann): We have changed the default value of
-    # CONF.oslo_policy.policy_file option to 'policy.yaml' in Victoria
-    # release. To avoid breaking any deployment relying on default
-    # value, we need to add this is fallback logic to pick the old default
-    # policy file (policy.yaml) if exist. We can to remove this fallback
-    # logic sometime in future.
-    if policy_file:
-        return policy_file
-
-    if CONF.oslo_policy.policy_file == DEFAULT_POLICY_FILE:
-        location = CONF.get_location('policy_file', 'oslo_policy').location
-        if CONF.find_file(CONF.oslo_policy.policy_file):
-            return CONF.oslo_policy.policy_file
-        elif location in [cfg.Locations.opt_default,
-                          cfg.Locations.set_default]:
-            old_default = 'policy.json'
-            if CONF.find_file(old_default):
-                return old_default
-    # Return overridden value
-    return CONF.oslo_policy.policy_file
-
-
 @lockutils.synchronized('policy_enforcer', 'cyborg-')
 def init_enforcer(policy_file=None, rules=None,
                   default_rule=None, use_conf=True,
@@ -88,7 +57,7 @@ def init_enforcer(policy_file=None, rules=None,
     # because API classes lack singletons and don't use globals.
     _ENFORCER = policy.Enforcer(
         CONF,
-        policy_file=pick_policy_file(policy_file),
+        policy_file=policy_file,
         rules=rules,
         default_rule=default_rule,
         use_conf=use_conf)
diff --git a/requirements.txt b/requirements.txt
index be3bed62..2bd414c5 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -18,7 +18,7 @@ os-resource-classes>=0.5.0 # Apache-2.0
 oslo.upgradecheck>=0.1.0 # Apache-2.0
 oslo.utils>=4.5.0 # Apache-2.0
 oslo.versionedobjects>=1.31.2 # Apache-2.0
-oslo.policy>=3.7.0 # Apache-2.0
+oslo.policy>=4.5.0 # Apache-2.0
 SQLAlchemy>=1.1.9 # MIT
 alembic>=0.8.10 # MIT
 stevedore>=1.5.0 # Apache-2.0