[goal] Deprecate the JSON formatted policy file

As per the community goal of migrating the policy file the format from JSON to YAML[1], we need to do two things: 1. Change the default value of '[oslo_policy] policy_file'' config option from 'policy.json' to 'policy.yaml' with upgrade checks. 2. Deprecate the JSON formatted policy file on the project side via warning in doc and releasenotes. Also replace policy.json to policy.yaml ref from doc. [1]https://governance.openstack.org/tc/goals/selected/wallaby/migrate-policy-format-from-json-to-yaml.html Change-Id: I066488c47e1bb6502b27b8677988113f66b9b09b
2020-12-12 19:45:36 -06:00 · 2020-12-12 19:45:36 -06:00 · e02a492817
parent d971f29f28
commit e02a492817
10 changed files with 65 additions and 54 deletions
--- a/doc/README.rst
+++ b/doc/README.rst
@ -46,7 +46,7 @@ edit config file
  # sudo mkdir -p /etc/freezer
  # sudo cp etc/freezer/freezer-api.conf.sample /etc/freezer/freezer-api.conf
  # sudo cp etc/freezer/freezer-paste.ini /etc/freezer/freezer-paste.ini
-  # sudo cp etc/freezer/policy.json /etc/freezer/policy.json
+  # sudo cp etc/freezer/policy.yaml /etc/freezer/policy.yaml
  # sudo vi /etc/freezer/freezer-api.conf
  # sudo vi /etc/freezer/freezer-paste.ini
--- a/etc/freezer/freezer-api.conf.sample
+++ b/etc/freezer/freezer-api.conf.sample
@ -580,7 +580,7 @@
 #enforce_scope = false
 # The file that defines policies. (string value)
-#policy_file = policy.json
+#policy_file = policy.yaml
 # Default rule. Enforced when a requested rule is not found. (string value)
 #policy_default_rule = default
--- a/freezer_api/cmd/status.py
+++ b/freezer_api/cmd/status.py
@ -15,6 +15,7 @@
 import sys
 from oslo_config import cfg
 from oslo_upgradecheck import common_checks
 from oslo_upgradecheck import upgradecheck
 from freezer_api.common._i18n import _
@ -26,11 +27,6 @@ class Checks(upgradecheck.UpgradeCommands):
    and added to _upgrade_checks tuple.
    """
    def _check_placeholder(self):
        # This is just a placeholder for upgrade checks, it should be
        # removed when the actual checks are added
        return upgradecheck.Result(upgradecheck.Code.SUCCESS)
    # The format of the check functions is to return an
    # oslo_upgradecheck.upgradecheck.Result
    # object with the appropriate
@ -39,8 +35,8 @@ class Checks(upgradecheck.UpgradeCommands):
    # in the returned Result's "details" attribute. The
    # summary will be rolled up at the end of the check() method.
    _upgrade_checks = (
-        # In the future there should be some real checks added here
+        (_("Policy File JSON to YAML Migration"),
-        (_('Placeholder'), _check_placeholder),
+         (common_checks.check_policy_json, {'conf': cfg.CONF})),
    )
--- a/freezer_api/common/config.py
+++ b/freezer_api/common/config.py
@ -19,6 +19,7 @@ import os
 from keystonemiddleware import opts
 from oslo_config import cfg
 from oslo_log import log
 from oslo_policy import opts as policy_opts
 from oslo_policy import policy
 from freezer_api import __version__ as FREEZER_API_VERSION
@ -106,13 +107,13 @@ def parse_args(args=[]):
    CONF.register_group(paste_grp)
    CONF.register_opts(paste_deploy, group=paste_grp)
    log.register_options(CONF)
    policy.Enforcer(CONF)
    default_config_files = cfg.find_config_files('freezer', 'freezer-api')
    CONF(args=args,
         project='freezer-api',
         default_config_files=default_config_files,
         version=FREEZER_API_VERSION
         )
    policy.Enforcer(CONF)
 def setup_logging():
@ -167,3 +168,18 @@ def list_opts():
    # update the current list of opts with db backend drivers opts
    _OPTS.update({"storage": _DB_DRIVERS})
    return _OPTS.items()
 def set_lib_defaults():
    """Update default value for configuration options from other namespace.
    Example, oslo lib config options. This is needed for
    config generator tool to pick these default value changes.
    https://docs.openstack.org/oslo.config/latest/cli/
    generator.html#modifying-defaults-from-other-namespaces
    """
    # TODO(gmann): Remove setting the default value of config policy_file
    # once oslo_policy change the default value to 'policy.yaml'.
    # https://github.com/openstack/oslo.policy/blob/a626ad12fe5a3abd49d70e3e5b95589d279ab578/oslo_policy/opts.py#L49
    policy_opts.set_defaults(CONF, 'policy.yaml')
--- a/freezer_api/policy.py
+++ b/freezer_api/policy.py
@ -16,11 +16,19 @@ limitations under the License.
 import functools
 from oslo_config import cfg
 from oslo_policy import opts
 from oslo_policy import policy
 from freezer_api.common import exceptions
 from freezer_api.common import policies
 # TODO(gmann): Remove setting the default value of config policy_file
 # once oslo_policy change the default value to 'policy.yaml'.
 # https://github.com/openstack/oslo.policy/blob/a626ad12fe5a3abd49d70e3e5b95589d279ab578/oslo_policy/opts.py#L49
 DEFAULT_POLICY_FILE = 'policy.yaml'
 opts.set_defaults(cfg.CONF, DEFAULT_POLICY_FILE)
 ENFORCER = None
--- a/freezer_api/tests/unit/cmd/test_status.py
+++ b/freezer_api/tests/unit/cmd/test_status.py
@ -1,31 +0,0 @@
 # Copyright (c) 2018 NEC, Corp.
 #
 #    Licensed under the Apache License, Version 2.0 (the "License"); you may
 #    not use this file except in compliance with the License. You may obtain
 #    a copy of the License at
 #
 #         http://www.apache.org/licenses/LICENSE-2.0
 #
 #    Unless required by applicable law or agreed to in writing, software
 #    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 #    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 #    License for the specific language governing permissions and limitations
 #    under the License.
 import unittest
 from oslo_upgradecheck.upgradecheck import Code
 from freezer_api.cmd import status
 class TestUpgradeChecks(unittest.TestCase):
    def setUp(self):
        super(TestUpgradeChecks, self).setUp()
        self.cmd = status.Checks()
    def test__check_placeholder(self):
        check_result = self.cmd._check_placeholder()
        self.assertEqual(
            Code.SUCCESS, check_result.code)
--- a/lower-constraints.txt
+++ b/lower-constraints.txt
@ -31,16 +31,16 @@ netifaces==0.10.6
 openstackdocstheme==1.31.2
 os-api-ref==1.4.0
 oslo.cache==1.29.0
-oslo.config==5.2.0
+oslo.config==6.8.0
-oslo.context==2.19.2
+oslo.context==2.22.0
 oslo.db==4.44.0
 oslo.i18n==3.15.3
 oslo.log==3.36.0
 oslo.middleware==3.31.0
-oslo.policy==1.30.0
+oslo.policy==3.6.0
 oslo.serialization==2.25.0
-oslo.upgradecheck==0.1.0
+oslo.upgradecheck==1.3.0
-oslo.utils==3.36.0
+oslo.utils==4.5.0
 oslotest==3.3.0
 Paste==2.0.2
 PasteDeploy==1.5.0
@ -57,10 +57,10 @@ python-keystoneclient==3.15.0
 python-mimeparse==1.6.0
 python-subunit==1.2.0
 pytz==2018.3
-PyYAML==3.13
+PyYAML==5.1
 reno==2.5.0
-requests==2.18.4
+requests==2.23.0
-rfc3986==1.1.0
+rfc3986==1.2.0
 snowballstemmer==1.2.1
 Sphinx==1.8.0
 sphinxcontrib-websupport==1.0.1
@ -79,4 +79,4 @@ traceback2==1.4.0
 unittest2==1.1.0
 urllib3==1.22
 WebOb==1.7.4
-wrapt==1.10.11
+wrapt==1.11.0
--- a/releasenotes/notes/deprecate-json-formatted-policy-file-d703706239831caa.yaml
+++ b/releasenotes/notes/deprecate-json-formatted-policy-file-d703706239831caa.yaml
@ -0,0 +1,20 @@
 ---
 upgrade:
  - |
    The default value of ``[oslo_policy] policy_file`` config option has
    been changed from ``policy.json`` to ``policy.yaml``.
    Operators who are utilizing customized or previously generated
    static policy JSON files (which are not needed by default), should
    generate new policy files or convert them in YAML format. Use the
    `oslopolicy-convert-json-to-yaml
    <https://docs.openstack.org/oslo.policy/latest/cli/oslopolicy-convert-json-to-yaml.html>`_
    tool to convert a JSON to YAML formatted policy file in
    backward compatible way.
 deprecations:
  - |
    Use of JSON policy files was deprecated by the ``oslo.policy`` library
    during the Victoria development cycle. As a result, this deprecation is
    being noted in the Wallaby cycle with an anticipated future removal of support
    by ``oslo.policy``. As such operators will need to convert to YAML policy
    files. Please see the upgrade notes for details on migration of any
    custom policy files.
--- a/requirements.txt
+++ b/requirements.txt
@ -7,12 +7,12 @@ jsonschema>=3.2.0 # MIT
 keystonemiddleware>=4.17.0 # Apache-2.0
 Paste>=2.0.2 # MIT
 PasteDeploy>=1.5.0 # MIT
-oslo.config>=5.2.0 # Apache-2.0
+oslo.config>=6.8.0 # Apache-2.0
-oslo.context>=2.19.2 # Apache-2.0
+oslo.context>=2.22.0 # Apache-2.0
 oslo.db>=4.44.0 # Apache-2.0
 oslo.i18n>=3.15.3 # Apache-2.0
 oslo.log>=3.36.0 # Apache-2.0
 oslo.middleware>=3.31.0 # Apache-2.0
-oslo.policy>=1.30.0 # Apache-2.0
+oslo.policy>=3.6.0 # Apache-2.0
 oslo.serialization>=2.25.0 # Apache-2.0
-oslo.upgradecheck>=0.1.0 # Apache-2.0
+oslo.upgradecheck>=1.3.0 # Apache-2.0
--- a/setup.cfg
+++ b/setup.cfg
@ -40,6 +40,8 @@ packages =
 [entry_points]
 oslo.config.opts =
    freezer-api = freezer_api.common.config:list_opts
 oslo.config.opts.defaults =
    freezer-api = freezer_api.common.config:set_lib_defaults
 oslo.policy.policies =
    freezer-api = freezer_api.common.policies:list_rules
 console_scripts =