Disable new defaults and scope for Ironic (RBAC)

Ironic started enforcing new RBAC policies [1]. Kolla/Kayobe
CI jobs are failing, as K-A doesn't have service role support.
Moreover Ironic RBAC is not yet stable enough [2].
Disable enforcing new policies until fix merges and Kolla
Ansible service role support is added.

[1] https://review.opendev.org/c/openstack/ironic/+/902009
[2] https://review.opendev.org/c/openstack/ironic/+/907148

Related-Bug: #2051837

Change-Id: I424cff6ac96dfe0dd5dc58afca2b785f494c9f02

ansible/roles/ironic/templates/ironic.conf.j2

@@ -48,8 +48,14 @@ amqp_durable_queues = true
 rabbit_quorum_queue = true
 {% endif %}
 
-{% if ironic_policy_file is defined %}
 [oslo_policy]
+{% if openstack_release == 'master' %}
+# TODO(bbezak): Remove enforce_* once secure RBAC is supported
+# https://bugs.launchpad.net/kolla-ansible/+bug/2051837
+enforce_scope=False
+enforce_new_defaults=False
+{% endif %}
+{% if ironic_policy_file is defined %}
 policy_file = {{ ironic_policy_file }}
 {% endif %}