Add custom policies in service.json

Include custom policy.json files in service-api.json.j2 files

Change-Id: Ic55bfc6f61131aa72c3497ce8b2282056bcc7f92
Partially-Implements: blueprint custom-policies
This commit is contained in:
Eduardo Gonzalez 2016-11-18 17:36:00 +00:00
parent 58150b05ae
commit 775d8019b6
86 changed files with 603 additions and 1 deletions

View File

@ -14,6 +14,13 @@
"dest": "/etc/{{ aodh_dir }}/wsgi-aodh.conf", "dest": "/etc/{{ aodh_dir }}/wsgi-aodh.conf",
"owner": "root", "owner": "root",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/aodh/policy.json",
"owner": "aodh",
"perm": "0600",
"optional": true
} }
] ]
} }

View File

@ -6,6 +6,13 @@
"dest": "/etc/aodh/aodh.conf", "dest": "/etc/aodh/aodh.conf",
"owner": "aodh", "owner": "aodh",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/aodh/policy.json",
"owner": "aodh",
"perm": "0600",
"optional": true
} }
] ]
} }

View File

@ -6,6 +6,13 @@
"dest": "/etc/aodh/aodh.conf", "dest": "/etc/aodh/aodh.conf",
"owner": "aodh", "owner": "aodh",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/aodh/policy.json",
"owner": "aodh",
"perm": "0600",
"optional": true
} }
] ]
} }

View File

@ -6,6 +6,13 @@
"dest": "/etc/aodh/aodh.conf", "dest": "/etc/aodh/aodh.conf",
"owner": "aodh", "owner": "aodh",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/aodh/policy.json",
"owner": "aodh",
"perm": "0600",
"optional": true
} }
] ]
} }

View File

@ -18,6 +18,13 @@
"dest": "/etc/barbican/barbican-api-paste.ini", "dest": "/etc/barbican/barbican-api-paste.ini",
"owner": "barbican", "owner": "barbican",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/barbican/policy.json",
"owner": "barbican",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -6,6 +6,13 @@
"dest": "/etc/barbican/barbican.conf", "dest": "/etc/barbican/barbican.conf",
"owner": "barbican", "owner": "barbican",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/barbican/policy.json",
"owner": "barbican",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -6,6 +6,13 @@
"dest": "/etc/barbican/barbican.conf", "dest": "/etc/barbican/barbican.conf",
"owner": "barbican", "owner": "barbican",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/barbican/policy.json",
"owner": "barbican",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -15,6 +15,13 @@
"dest": "/etc/{{ apache_dir }}/{{ apache_file }}", "dest": "/etc/{{ apache_dir }}/{{ apache_file }}",
"owner": "ceilometer", "owner": "ceilometer",
"perm": "0644" "perm": "0644"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/ceilometer/policy.json",
"owner": "ceilometer",
"perm": "0600",
"optional": true
} }
] ]
} }

View File

@ -6,6 +6,13 @@
"dest": "/etc/ceilometer/ceilometer.conf", "dest": "/etc/ceilometer/ceilometer.conf",
"owner": "ceilometer", "owner": "ceilometer",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/ceilometer/policy.json",
"owner": "ceilometer",
"perm": "0600",
"optional": true
} }
] ]
} }

View File

@ -6,6 +6,13 @@
"dest": "/etc/ceilometer/ceilometer.conf", "dest": "/etc/ceilometer/ceilometer.conf",
"owner": "ceilometer", "owner": "ceilometer",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/ceilometer/policy.json",
"owner": "ceilometer",
"perm": "0600",
"optional": true
} }
] ]
} }

View File

@ -6,6 +6,13 @@
"dest": "/etc/ceilometer/ceilometer.conf", "dest": "/etc/ceilometer/ceilometer.conf",
"owner": "ceilometer", "owner": "ceilometer",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/ceilometer/policy.json",
"owner": "ceilometer",
"perm": "0600",
"optional": true
} }
] ]
} }

View File

@ -24,6 +24,13 @@
"dest": "/etc/ceilometer/pipeline.yaml", "dest": "/etc/ceilometer/pipeline.yaml",
"owner": "ceilometer", "owner": "ceilometer",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/ceilometer/policy.json",
"owner": "ceilometer",
"perm": "0600",
"optional": true
} }
] ]
} }

View File

@ -6,6 +6,13 @@
"dest": "/etc/cinder/cinder.conf", "dest": "/etc/cinder/cinder.conf",
"owner": "cinder", "owner": "cinder",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/cinder/policy.json",
"owner": "cinder",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -6,6 +6,13 @@
"dest": "/etc/cinder/cinder.conf", "dest": "/etc/cinder/cinder.conf",
"owner": "cinder", "owner": "cinder",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/cinder/policy.json",
"owner": "cinder",
"perm": "0600",
"optional": true
}{% if cinder_backend_ceph | bool %}, }{% if cinder_backend_ceph | bool %},
{ {
"source": "{{ container_config_directory }}/ceph.*", "source": "{{ container_config_directory }}/ceph.*",

View File

@ -6,6 +6,13 @@
"dest": "/etc/cinder/cinder.conf", "dest": "/etc/cinder/cinder.conf",
"owner": "cinder", "owner": "cinder",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/cinder/policy.json",
"owner": "cinder",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -27,6 +27,13 @@
"owner": "cinder", "owner": "cinder",
"perm": "0600", "perm": "0600",
"optional": {{ (not enable_cinder_backend_nfs | bool) | string | lower }} "optional": {{ (not enable_cinder_backend_nfs | bool) | string | lower }}
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/cinder/policy.json",
"owner": "cinder",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -6,6 +6,13 @@
"dest": "/etc/cloudkitty/cloudkitty.conf", "dest": "/etc/cloudkitty/cloudkitty.conf",
"owner": "cloudkitty", "owner": "cloudkitty",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/cloudkitty/policy.json",
"owner": "cloudkitty",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -6,6 +6,13 @@
"dest": "/etc/cloudkitty/cloudkitty.conf", "dest": "/etc/cloudkitty/cloudkitty.conf",
"owner": "cloudkitty", "owner": "cloudkitty",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/cloudkitty/policy.json",
"owner": "cloudkitty",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -6,6 +6,13 @@
"dest": "/etc/congress/congress.conf", "dest": "/etc/congress/congress.conf",
"owner": "congress", "owner": "congress",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/congress/policy.json",
"owner": "congress",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -6,6 +6,13 @@
"dest": "/etc/congress/congress.conf", "dest": "/etc/congress/congress.conf",
"owner": "congress", "owner": "congress",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/congress/policy.json",
"owner": "congress",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -6,6 +6,13 @@
"dest": "/etc/congress/congress.conf", "dest": "/etc/congress/congress.conf",
"owner": "congress", "owner": "congress",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/congress/policy.json",
"owner": "congress",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -6,6 +6,13 @@
"dest": "/etc/glance/glance-api.conf", "dest": "/etc/glance/glance-api.conf",
"owner": "glance", "owner": "glance",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/glance/policy.json",
"owner": "glance",
"perm": "0600",
"optional": true
}{% if glance_backend_ceph | bool %}, }{% if glance_backend_ceph | bool %},
{ {
"source": "{{ container_config_directory }}/ceph.*", "source": "{{ container_config_directory }}/ceph.*",

View File

@ -6,6 +6,13 @@
"dest": "/etc/glance/glance-registry.conf", "dest": "/etc/glance/glance-registry.conf",
"owner": "glance", "owner": "glance",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/glance/policy.json",
"owner": "glance",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -20,6 +20,13 @@
"dest": "/etc/{{ gnocchi_dir }}/wsgi-gnocchi.conf", "dest": "/etc/{{ gnocchi_dir }}/wsgi-gnocchi.conf",
"owner": "gnocchi", "owner": "gnocchi",
"perm": "0644" "perm": "0644"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/gnocchi/policy.json",
"owner": "gnocchi",
"perm": "0600",
"optional": true
}{% if gnocchi_backend_storage == 'ceph' %}, }{% if gnocchi_backend_storage == 'ceph' %},
{ {
"source": "{{ container_config_directory }}/ceph.conf", "source": "{{ container_config_directory }}/ceph.conf",

View File

@ -6,6 +6,13 @@
"dest": "/etc/gnocchi/gnocchi.conf", "dest": "/etc/gnocchi/gnocchi.conf",
"owner": "gnocchi", "owner": "gnocchi",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/gnocchi/policy.json",
"owner": "gnocchi",
"perm": "0600",
"optional": true
}{% if gnocchi_backend_storage == 'ceph' %}, }{% if gnocchi_backend_storage == 'ceph' %},
{ {
"source": "{{ container_config_directory }}/ceph.conf", "source": "{{ container_config_directory }}/ceph.conf",

View File

@ -6,6 +6,13 @@
"dest": "/etc/gnocchi/gnocchi.conf", "dest": "/etc/gnocchi/gnocchi.conf",
"owner": "gnocchi", "owner": "gnocchi",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/gnocchi/policy.json",
"owner": "gnocchi",
"perm": "0600",
"optional": true
}{% if gnocchi_backend_storage == 'ceph' %}, }{% if gnocchi_backend_storage == 'ceph' %},
{ {
"source": "{{ container_config_directory }}/ceph.conf", "source": "{{ container_config_directory }}/ceph.conf",

View File

@ -6,6 +6,13 @@
"dest": "/etc/heat/heat.conf", "dest": "/etc/heat/heat.conf",
"owner": "heat", "owner": "heat",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/heat/policy.json",
"owner": "heat",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -6,6 +6,13 @@
"dest": "/etc/heat/heat.conf", "dest": "/etc/heat/heat.conf",
"owner": "heat", "owner": "heat",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/heat/policy.json",
"owner": "heat",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [
@ -14,5 +21,5 @@
"owner": "heat:heat", "owner": "heat:heat",
"recurse": true "recurse": true
} }
] ]
} }

View File

@ -12,6 +12,13 @@
"dest": "/etc/heat/environment.d/_deprecated.yaml", "dest": "/etc/heat/environment.d/_deprecated.yaml",
"owner": "heat", "owner": "heat",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/heat/policy.json",
"owner": "heat",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -6,6 +6,13 @@
"dest": "/etc/ironic/ironic.conf", "dest": "/etc/ironic/ironic.conf",
"owner": "ironic", "owner": "ironic",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/ironic/policy.json",
"owner": "ironic",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -6,6 +6,13 @@
"dest": "/etc/ironic/ironic.conf", "dest": "/etc/ironic/ironic.conf",
"owner": "ironic", "owner": "ironic",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/ironic/policy.json",
"owner": "ironic",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -6,6 +6,13 @@
"dest": "/etc/ironic-inspector/ironic.conf", "dest": "/etc/ironic-inspector/ironic.conf",
"owner": "ironic", "owner": "ironic",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/ironic/policy.json",
"owner": "ironic",
"perm": "0600",
"optional": true
} }
] ]
} }

View File

@ -36,6 +36,13 @@
"dest": "/var/lib/keystone/.ssh/id_rsa", "dest": "/var/lib/keystone/.ssh/id_rsa",
"owner": "keystone", "owner": "keystone",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/keystone/policy.json",
"owner": "keystone",
"perm": "0600",
"optional": true
} }
] ]
} }

View File

@ -12,6 +12,13 @@
"dest": "/usr/lib/docker/plugins/kuryr/kuryr.spec", "dest": "/usr/lib/docker/plugins/kuryr/kuryr.spec",
"owner": "root", "owner": "root",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/kuryr/policy.json",
"owner": "kuryr",
"perm": "0600",
"optional": true
} }
] ]
} }

View File

@ -6,6 +6,13 @@
"dest": "/etc/magnum/magnum.conf", "dest": "/etc/magnum/magnum.conf",
"owner": "magnum", "owner": "magnum",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/magnum/policy.json",
"owner": "magnum",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -6,6 +6,13 @@
"dest": "/etc/magnum/magnum.conf", "dest": "/etc/magnum/magnum.conf",
"owner": "magnum", "owner": "magnum",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/magnum/policy.json",
"owner": "magnum",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -6,6 +6,13 @@
"dest": "/etc/manila/manila.conf", "dest": "/etc/manila/manila.conf",
"owner": "manila", "owner": "manila",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/manila/policy.json",
"owner": "manila",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -6,6 +6,13 @@
"dest": "/etc/manila/manila.conf", "dest": "/etc/manila/manila.conf",
"owner": "manila", "owner": "manila",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/manila/policy.json",
"owner": "manila",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -6,6 +6,13 @@
"dest": "/etc/manila/manila.conf", "dest": "/etc/manila/manila.conf",
"owner": "manila", "owner": "manila",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/manila/policy.json",
"owner": "manila",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -6,6 +6,13 @@
"dest": "/etc/manila/manila.conf", "dest": "/etc/manila/manila.conf",
"owner": "manila", "owner": "manila",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/manila/policy.json",
"owner": "manila",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -6,6 +6,13 @@
"dest": "/etc/mistral/mistral.conf", "dest": "/etc/mistral/mistral.conf",
"owner": "mistral", "owner": "mistral",
"perm": "0644" "perm": "0644"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/mistral/policy.json",
"owner": "mistral",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -6,6 +6,13 @@
"dest": "/etc/mistral/mistral.conf", "dest": "/etc/mistral/mistral.conf",
"owner": "mistral", "owner": "mistral",
"perm": "0644" "perm": "0644"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/mistral/policy.json",
"owner": "mistral",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -6,6 +6,13 @@
"dest": "/etc/mistral/mistral.conf", "dest": "/etc/mistral/mistral.conf",
"owner": "mistral", "owner": "mistral",
"perm": "0644" "perm": "0644"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/mistral/policy.json",
"owner": "mistral",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -6,6 +6,13 @@
"dest": "/etc/murano/murano.conf", "dest": "/etc/murano/murano.conf",
"owner": "murano", "owner": "murano",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/murano/policy.json",
"owner": "murano",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -6,6 +6,13 @@
"dest": "/etc/murano/murano.conf", "dest": "/etc/murano/murano.conf",
"owner": "murano", "owner": "murano",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/murano/policy.json",
"owner": "murano",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -24,6 +24,13 @@
"dest": "/etc/neutron/dnsmasq.conf", "dest": "/etc/neutron/dnsmasq.conf",
"owner": "neutron", "owner": "neutron",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/neutron/policy.json",
"owner": "neutron",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -24,6 +24,13 @@
"dest": "/etc/neutron/l3_agent.ini", "dest": "/etc/neutron/l3_agent.ini",
"owner": "neutron", "owner": "neutron",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/neutron/policy.json",
"owner": "neutron",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -18,6 +18,13 @@
"dest": "/etc/neutron/plugins/ml2/ml2_conf.ini", "dest": "/etc/neutron/plugins/ml2/ml2_conf.ini",
"owner": "neutron", "owner": "neutron",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/neutron/policy.json",
"owner": "neutron",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -12,6 +12,13 @@
"dest": "/etc/neutron/plugins/ml2/ml2_conf.ini", "dest": "/etc/neutron/plugins/ml2/ml2_conf.ini",
"owner": "neutron", "owner": "neutron",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/neutron/policy.json",
"owner": "neutron",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -18,6 +18,13 @@
"dest": "/etc/neutron/metadata_agent.ini", "dest": "/etc/neutron/metadata_agent.ini",
"owner": "neutron", "owner": "neutron",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/neutron/policy.json",
"owner": "neutron",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -12,6 +12,13 @@
"dest": "/etc/neutron/plugins/ml2/ml2_conf.ini", "dest": "/etc/neutron/plugins/ml2/ml2_conf.ini",
"owner": "neutron", "owner": "neutron",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/neutron/policy.json",
"owner": "neutron",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -24,6 +24,13 @@
"dest": "/etc/neutron/plugins/ml2/ml2_conf.ini", "dest": "/etc/neutron/plugins/ml2/ml2_conf.ini",
"owner": "neutron", "owner": "neutron",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/neutron/policy.json",
"owner": "neutron",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -30,6 +30,13 @@
"dest": "/etc/neutron/vpnaas_agent.ini", "dest": "/etc/neutron/vpnaas_agent.ini",
"owner": "neutron", "owner": "neutron",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/neutron/policy.json",
"owner": "neutron",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -6,6 +6,13 @@
"dest": "/etc/nova/nova.conf", "dest": "/etc/nova/nova.conf",
"owner": "nova", "owner": "nova",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/nova/policy.json",
"owner": "nova",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -6,6 +6,13 @@
"dest": "/etc/nova/nova.conf", "dest": "/etc/nova/nova.conf",
"owner": "nova", "owner": "nova",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/nova/policy.json",
"owner": "nova",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -6,6 +6,13 @@
"dest": "/etc/nova/nova.conf", "dest": "/etc/nova/nova.conf",
"owner": "nova", "owner": "nova",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/nova/policy.json",
"owner": "nova",
"perm": "0600",
"optional": true
}{% if nova_backend == "rbd" %}, }{% if nova_backend == "rbd" %},
{ {
"source": "{{ container_config_directory }}/ceph.*", "source": "{{ container_config_directory }}/ceph.*",

View File

@ -6,6 +6,13 @@
"dest": "/etc/nova/nova.conf", "dest": "/etc/nova/nova.conf",
"owner": "nova", "owner": "nova",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/nova/policy.json",
"owner": "nova",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -6,6 +6,13 @@
"dest": "/etc/nova/nova.conf", "dest": "/etc/nova/nova.conf",
"owner": "nova", "owner": "nova",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/nova/policy.json",
"owner": "nova",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -6,6 +6,13 @@
"dest": "/etc/nova/nova.conf", "dest": "/etc/nova/nova.conf",
"owner": "nova", "owner": "nova",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/nova/policy.json",
"owner": "nova",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -6,6 +6,13 @@
"dest": "/etc/nova/nova.conf", "dest": "/etc/nova/nova.conf",
"owner": "nova", "owner": "nova",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/nova/policy.json",
"owner": "nova",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -6,6 +6,13 @@
"dest": "/etc/nova/nova.conf", "dest": "/etc/nova/nova.conf",
"owner": "nova", "owner": "nova",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/nova/policy.json",
"owner": "nova",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -6,6 +6,13 @@
"dest": "/etc/rally/rally.conf", "dest": "/etc/rally/rally.conf",
"owner": "rally", "owner": "rally",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/rally/policy.json",
"owner": "rally",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -6,6 +6,13 @@
"dest": "/etc/sahara/sahara.conf", "dest": "/etc/sahara/sahara.conf",
"owner": "sahara", "owner": "sahara",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/sahara/policy.json",
"owner": "sahara",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -6,6 +6,13 @@
"dest": "/etc/sahara/sahara.conf", "dest": "/etc/sahara/sahara.conf",
"owner": "sahara", "owner": "sahara",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/sahara/policy.json",
"owner": "sahara",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -6,6 +6,13 @@
"dest": "/etc/searchlight/searchlight.conf", "dest": "/etc/searchlight/searchlight.conf",
"owner": "searchlight", "owner": "searchlight",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/searchlight/policy.json",
"owner": "searchlight",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -6,6 +6,13 @@
"dest": "/etc/searchlight/searchlight.conf", "dest": "/etc/searchlight/searchlight.conf",
"owner": "searchlight", "owner": "searchlight",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/searchlight/policy.json",
"owner": "searchlight",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -6,6 +6,13 @@
"dest": "/etc/senlin/senlin.conf", "dest": "/etc/senlin/senlin.conf",
"owner": "senlin", "owner": "senlin",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/senlin/policy.json",
"owner": "senlin",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -6,6 +6,13 @@
"dest": "/etc/senlin/senlin.conf", "dest": "/etc/senlin/senlin.conf",
"owner": "senlin", "owner": "senlin",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/senlin/policy.json",
"owner": "senlin",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -18,6 +18,13 @@
"dest": "/etc/swift/account-auditor.conf", "dest": "/etc/swift/account-auditor.conf",
"owner": "swift", "owner": "swift",
"perm": "0640" "perm": "0640"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/swift/policy.json",
"owner": "swift",
"perm": "0600",
"optional": true
} }
] ]
} }

View File

@ -18,6 +18,13 @@
"dest": "/etc/swift/account-reaper.conf", "dest": "/etc/swift/account-reaper.conf",
"owner": "swift", "owner": "swift",
"perm": "0640" "perm": "0640"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/swift/policy.json",
"owner": "swift",
"perm": "0600",
"optional": true
} }
] ]
} }

View File

@ -18,6 +18,13 @@
"dest": "/etc/swift/account-replicator.conf", "dest": "/etc/swift/account-replicator.conf",
"owner": "swift", "owner": "swift",
"perm": "0640" "perm": "0640"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/swift/policy.json",
"owner": "swift",
"perm": "0600",
"optional": true
} }
] ]
} }

View File

@ -18,6 +18,13 @@
"dest": "/etc/swift/account-server.conf", "dest": "/etc/swift/account-server.conf",
"owner": "swift", "owner": "swift",
"perm": "0640" "perm": "0640"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/swift/policy.json",
"owner": "swift",
"perm": "0600",
"optional": true
} }
] ]
} }

View File

@ -18,6 +18,13 @@
"dest": "/etc/swift/container-auditor.conf", "dest": "/etc/swift/container-auditor.conf",
"owner": "swift", "owner": "swift",
"perm": "0640" "perm": "0640"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/swift/policy.json",
"owner": "swift",
"perm": "0600",
"optional": true
} }
] ]
} }

View File

@ -18,6 +18,13 @@
"dest": "/etc/swift/container-replicator.conf", "dest": "/etc/swift/container-replicator.conf",
"owner": "swift", "owner": "swift",
"perm": "0640" "perm": "0640"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/swift/policy.json",
"owner": "swift",
"perm": "0600",
"optional": true
} }
] ]
} }

View File

@ -18,6 +18,13 @@
"dest": "/etc/swift/container-server.conf", "dest": "/etc/swift/container-server.conf",
"owner": "swift", "owner": "swift",
"perm": "0640" "perm": "0640"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/swift/policy.json",
"owner": "swift",
"perm": "0600",
"optional": true
} }
] ]
} }

View File

@ -24,6 +24,13 @@
"dest": "/etc/swift/container-updater.conf", "dest": "/etc/swift/container-updater.conf",
"owner": "swift", "owner": "swift",
"perm": "0640" "perm": "0640"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/swift/policy.json",
"owner": "swift",
"perm": "0600",
"optional": true
} }
] ]
} }

View File

@ -24,6 +24,13 @@
"dest": "/etc/swift/object-auditor.conf", "dest": "/etc/swift/object-auditor.conf",
"owner": "swift", "owner": "swift",
"perm": "0640" "perm": "0640"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/swift/policy.json",
"owner": "swift",
"perm": "0600",
"optional": true
} }
] ]
} }

View File

@ -30,6 +30,13 @@
"dest": "/etc/swift/object-expirer.conf", "dest": "/etc/swift/object-expirer.conf",
"owner": "swift", "owner": "swift",
"perm": "0640" "perm": "0640"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/swift/policy.json",
"owner": "swift",
"perm": "0600",
"optional": true
} }
] ]
} }

View File

@ -24,6 +24,13 @@
"dest": "/etc/swift/object-replicator.conf", "dest": "/etc/swift/object-replicator.conf",
"owner": "swift", "owner": "swift",
"perm": "0640" "perm": "0640"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/swift/policy.json",
"owner": "swift",
"perm": "0600",
"optional": true
} }
] ]
} }

View File

@ -24,6 +24,13 @@
"dest": "/etc/swift/object-server.conf", "dest": "/etc/swift/object-server.conf",
"owner": "swift", "owner": "swift",
"perm": "0640" "perm": "0640"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/swift/policy.json",
"owner": "swift",
"perm": "0600",
"optional": true
} }
] ]
} }

View File

@ -24,6 +24,13 @@
"dest": "/etc/swift/object-updater.conf", "dest": "/etc/swift/object-updater.conf",
"owner": "swift", "owner": "swift",
"perm": "0640" "perm": "0640"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/swift/policy.json",
"owner": "swift",
"perm": "0600",
"optional": true
} }
] ]
} }

View File

@ -30,6 +30,13 @@
"dest": "/etc/swift/proxy-server.conf", "dest": "/etc/swift/proxy-server.conf",
"owner": "swift", "owner": "swift",
"perm": "0640" "perm": "0640"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/swift/policy.json",
"owner": "swift",
"perm": "0600",
"optional": true
} }
] ]
} }

View File

@ -6,6 +6,13 @@
"dest": "/etc/tempest/tempest.conf", "dest": "/etc/tempest/tempest.conf",
"owner": "root", "owner": "root",
"perm": "0600" "perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/tempest/policy.json",
"owner": "tempest",
"perm": "0600",
"optional": true
} }
] ]
} }

View File

@ -6,6 +6,13 @@
"dest": "/etc/watcher/watcher.conf", "dest": "/etc/watcher/watcher.conf",
"owner": "watcher", "owner": "watcher",
"perm": "0644" "perm": "0644"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/watcher/policy.json",
"owner": "watcher",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -6,6 +6,13 @@
"dest": "/etc/watcher/watcher.conf", "dest": "/etc/watcher/watcher.conf",
"owner": "watcher", "owner": "watcher",
"perm": "0644" "perm": "0644"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/watcher/policy.json",
"owner": "watcher",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [

View File

@ -6,6 +6,13 @@
"dest": "/etc/watcher/watcher.conf", "dest": "/etc/watcher/watcher.conf",
"owner": "watcher", "owner": "watcher",
"perm": "0644" "perm": "0644"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/watcher/policy.json",
"owner": "watcher",
"perm": "0600",
"optional": true
} }
], ],
"permissions": [ "permissions": [