From 513c29078ffa52f50bc75528c891eef2e77eda99 Mon Sep 17 00:00:00 2001
From: Ghanshyam Mann <gmann@ghanshyammann.com>
Date: Sun, 20 Dec 2020 17:24:32 -0600
Subject: [PATCH] [goal] Deprecate the JSON formatted policy file

As per the community goal of migrating the policy file
the format from JSON to YAML[1], we need to do two things:

1. Change the default value of '[oslo_policy] policy_file''
config option from 'policy.json' to 'policy.yaml' with
upgrade checks.

2. Deprecate the JSON formatted policy file on the project side
via warning in doc and releasenotes.

Also replace policy.json to policy.yaml ref from doc and tests.

[1]https://governance.openstack.org/tc/goals/selected/wallaby/migrate-policy-format-from-json-to-yaml.html

Change-Id: Iad942530b5d540af3d3c074e9944687b93bcd7f2
---
 README.rst                                    |  2 +-
 devstack/plugin.sh                            |  4 ++--
 devstack/settings                             |  4 ++--
 doc/source/configuration/policy.rst           |  8 ++++++++
 doc/source/configuration/sample_policy.rst    |  8 ++++++++
 masakari/cmd/status.py                        | 13 +++---------
 masakari/common/config.py                     | 18 +++++++++++++++++
 masakari/policy.py                            |  8 ++++++++
 masakari/tests/unit/cmd/test_status.py        | 12 +++++++----
 ...ormatted-policy-file-57ad537ec19cc7e0.yaml | 20 +++++++++++++++++++
 requirements.txt                              |  4 ++--
 setup.cfg                                     |  2 +-
 12 files changed, 81 insertions(+), 22 deletions(-)
 create mode 100644 releasenotes/notes/deprecate-json-formatted-policy-file-57ad537ec19cc7e0.yaml

diff --git a/README.rst b/README.rst
index ce91cb5e..2801db21 100644
--- a/README.rst
+++ b/README.rst
@@ -76,7 +76,7 @@ Configure masakari-api
 
 #. Create directory ``/etc/masakari``
 
-#. Copy ``masakari.conf``, ``api-paste.ini`` and ``policy.json`` file
+#. Copy ``masakari.conf``, ``api-paste.ini`` and ``policy.yaml`` file
    from ``masakari/etc/`` to ``/etc/masakari`` folder
 
 #. To run masakari-api simply use following binary:
diff --git a/devstack/plugin.sh b/devstack/plugin.sh
index a31e140a..66825ff4 100644
--- a/devstack/plugin.sh
+++ b/devstack/plugin.sh
@@ -278,7 +278,7 @@ function install_masakaridashboard {
     $HORIZON_DIR/openstack_dashboard/local/enabled
     ln -fs $MASAKARI_DASHBOARD_DIR/masakaridashboard/local/local_settings.d/_50_masakari.py \
     $HORIZON_DIR/openstack_dashboard/local/local_settings.d
-    ln -fs $MASAKARI_DASHBOARD_DIR/masakaridashboard/conf/masakari_policy.json \
+    ln -fs $MASAKARI_DASHBOARD_DIR/masakaridashboard/conf/masakari_policy.yaml \
     $HORIZON_DIR/openstack_dashboard/conf
 }
 
@@ -286,7 +286,7 @@ function install_masakaridashboard {
 function uninstall_masakaridashboard {
     sudo rm -f  $DEST/horizon/openstack_dashboard/local/enabled/_50_masakaridashboard.py
     sudo rm -f  $DEST/horizon/openstack_dashboard/local/local_settings.d/_50_masakari.py
-    sudo rm -f  $DEST/horizon/openstack_dashboard/conf/masakari_policy.json
+    sudo rm -f  $DEST/horizon/openstack_dashboard/conf/masakari_policy.yaml
     restart_apache_server
 }
 
diff --git a/devstack/settings b/devstack/settings
index 13d5c616..d8057cfd 100644
--- a/devstack/settings
+++ b/devstack/settings
@@ -16,13 +16,13 @@ MASAKARI_CONF_DIR=${MASAKARI_CONF_DIR:-/etc/masakari}
 MASAKARI_DASHBOARD_DIR=$DEST/masakari-dashboard
 MASAKARI_CONF=${MASAKARI_CONF:-${MASAKARI_CONF_DIR}/masakari.conf}
 MASAKARI_API_PASTE_INI=${MASAKARI_API_PASTE_INI:-${MASAKARI_CONF_DIR}/api-paste.ini}
-MASAKARI_POLICY_JSON=${MASAKARI_POLICY_JSON:-${MASAKARI_CONF_DIR}/policy.json}
+MASAKARI_POLICY_JSON=${MASAKARI_POLICY_JSON:-${MASAKARI_CONF_DIR}/policy.yaml}
 MASAKARI_MONITORS_CONF_DIR=${MASAKARI_MONITORS_CONF_DIR:-/etc/masakarimonitors}
 MASAKARI_MONITORS_CONF=${MASAKARI_MONITORS_CONF:-${MASAKARI_MONITORS_CONF_DIR}/masakarimonitors.conf}
 
 MASAKARI_LOCAL_CONF_DIR=${MASAKARI_LOCAL_CONF_DIR:-${MASAKARI_DIR}/etc/masakari}
 MASAKARI_LOCAL_API_PASTE_INI=${MASAKARI_LOCAL_API_PASTE_INI:-${MASAKARI_LOCAL_CONF_DIR}/api-paste.ini}
-MASAKARI_LOCAL_POLICY_JSON=${MASAKARI_LOCAL_POLICY_JSON:-${MASAKARI_LOCAL_CONF_DIR}/policy.json}
+MASAKARI_LOCAL_POLICY_JSON=${MASAKARI_LOCAL_POLICY_JSON:-${MASAKARI_LOCAL_CONF_DIR}/policy.yaml}
 MASAKARI_AUTH_CACHE_DIR=${MASAKARI_AUTH_CACHE_DIR:-/var/cache/masakari}
 
 MASAKARI_SERVICE_HOST=${MASAKARI_SERVICE_HOST:-$SERVICE_HOST}
diff --git a/doc/source/configuration/policy.rst b/doc/source/configuration/policy.rst
index 0c304eaf..3802e343 100644
--- a/doc/source/configuration/policy.rst
+++ b/doc/source/configuration/policy.rst
@@ -2,6 +2,14 @@
 Masakari Policies
 =================
 
+.. warning::
+
+   JSON formatted policy file is deprecated since Masakari 11.0.0 (Wallaby).
+   This `oslopolicy-convert-json-to-yaml`__ tool will migrate your existing
+   JSON-formatted policy file to YAML in a backward-compatible way.
+
+.. __: https://docs.openstack.org/oslo.policy/latest/cli/oslopolicy-convert-json-to-yaml.html
+
 The following is an overview of all available policies in masakari.
 For a sample configuration file, refer to :doc:`sample_policy`.
 
diff --git a/doc/source/configuration/sample_policy.rst b/doc/source/configuration/sample_policy.rst
index 0daad277..af760f3e 100644
--- a/doc/source/configuration/sample_policy.rst
+++ b/doc/source/configuration/sample_policy.rst
@@ -2,6 +2,14 @@
 Sample Masakari Policy File
 ===========================
 
+.. warning::
+
+   JSON formatted policy file is deprecated since Masakari 11.0.0 (Wallaby).
+   This `oslopolicy-convert-json-to-yaml`__ tool will migrate your existing
+   JSON-formatted policy file to YAML in a backward-compatible way.
+
+.. __: https://docs.openstack.org/oslo.policy/latest/cli/oslopolicy-convert-json-to-yaml.html
+
 The following is a sample masakari policy file for adaptation and use.
 
 The sample policy can also be viewed in :download:`file form
diff --git a/masakari/cmd/status.py b/masakari/cmd/status.py
index e135fba7..42d8b717 100644
--- a/masakari/cmd/status.py
+++ b/masakari/cmd/status.py
@@ -14,6 +14,7 @@
 
 import sys
 
+from oslo_upgradecheck import common_checks
 from oslo_upgradecheck import upgradecheck
 
 from masakari import conf
@@ -30,17 +31,9 @@ class Checks(upgradecheck.UpgradeCommands):
     and added to _upgrade_checks tuple.
     """
 
-    def _sample_check(self):
-        """This is sample check added to test the upgrade check framework
-
-        It needs to be removed after adding any real upgrade check
-        """
-        return upgradecheck.Result(upgradecheck.Code.SUCCESS, 'Sample detail')
-
     _upgrade_checks = (
-        # Sample check added for now.
-        # Whereas in future real checks must be added here in tuple
-        (_('Sample Check'), _sample_check),
+        (_('Policy File JSON to YAML Migration'),
+         (common_checks.check_policy_json, {'conf': CONF})),
     )
 
 
diff --git a/masakari/common/config.py b/masakari/common/config.py
index f132a8e8..5b3e0332 100644
--- a/masakari/common/config.py
+++ b/masakari/common/config.py
@@ -14,6 +14,24 @@
 
 from oslo_config import cfg
 from oslo_middleware import cors
+from oslo_policy import opts
+
+
+def set_lib_defaults():
+    """Update default value for configuration options from other namespace.
+
+    Example, oslo lib config options. This is needed for
+    config generator tool to pick these default value changes.
+    https://docs.openstack.org/oslo.config/latest/cli/
+    generator.html#modifying-defaults-from-other-namespaces
+    """
+
+    set_middleware_defaults()
+
+    # TODO(gmann): Remove setting the default value of config policy_file
+    # once oslo_policy change the default value to 'policy.yaml'.
+    # https://github.com/openstack/oslo.policy/blob/a626ad12fe5a3abd49d70e3e5b95589d279ab578/oslo_policy/opts.py#L49
+    opts.set_defaults(cfg.CONF, 'policy.yaml')
 
 
 def set_middleware_defaults():
diff --git a/masakari/policy.py b/masakari/policy.py
index 569d7b3c..6faef4c7 100644
--- a/masakari/policy.py
+++ b/masakari/policy.py
@@ -21,6 +21,7 @@ import re
 import sys
 
 from oslo_config import cfg
+from oslo_policy import opts
 from oslo_policy import policy
 from oslo_utils import excutils
 
@@ -31,6 +32,13 @@ from masakari import policies
 
 CONF = cfg.CONF
 LOG = logging.getLogger(__name__)
+
+# TODO(gmann): Remove setting the default value of config policy_file
+# once oslo_policy change the default value to 'policy.yaml'.
+# https://github.com/openstack/oslo.policy/blob/a626ad12fe5a3abd49d70e3e5b95589d279ab578/oslo_policy/opts.py#L49
+DEFAULT_POLICY_FILE = 'policy.yaml'
+opts.set_defaults(cfg.CONF, DEFAULT_POLICY_FILE)
+
 _ENFORCER = None
 # saved_file_rules and used to compare with new rules to determine the
 # rules whether were updated.
diff --git a/masakari/tests/unit/cmd/test_status.py b/masakari/tests/unit/cmd/test_status.py
index 96bf00e9..b6cfcc82 100644
--- a/masakari/tests/unit/cmd/test_status.py
+++ b/masakari/tests/unit/cmd/test_status.py
@@ -24,7 +24,11 @@ class TestUpgradeChecks(test.TestCase):
         super(TestUpgradeChecks, self).setUp()
         self.cmd = status.Checks()
 
-    def test__sample_check(self):
-        check_result = self.cmd._sample_check()
-        self.assertEqual(
-            Code.SUCCESS, check_result.code)
+    def test_checks(self):
+        for name, func in self.cmd._upgrade_checks:
+            if isinstance(func, tuple):
+                func_name, kwargs = func
+                result = func_name(self, **kwargs)
+            else:
+                result = func(self)
+            self.assertEqual(Code.SUCCESS, result.code)
diff --git a/releasenotes/notes/deprecate-json-formatted-policy-file-57ad537ec19cc7e0.yaml b/releasenotes/notes/deprecate-json-formatted-policy-file-57ad537ec19cc7e0.yaml
new file mode 100644
index 00000000..c9c53000
--- /dev/null
+++ b/releasenotes/notes/deprecate-json-formatted-policy-file-57ad537ec19cc7e0.yaml
@@ -0,0 +1,20 @@
+---
+upgrade:
+  - |
+    The default value of ``[oslo_policy] policy_file`` config option has
+    been changed from ``policy.json`` to ``policy.yaml``.
+    Operators who are utilizing customized or previously generated
+    static policy JSON files (which are not needed by default), should
+    generate new policy files or convert them in YAML format. Use the
+    `oslopolicy-convert-json-to-yaml
+    <https://docs.openstack.org/oslo.policy/latest/cli/oslopolicy-convert-json-to-yaml.html>`_
+    tool to convert a JSON to YAML formatted policy file in
+    backward compatible way.
+deprecations:
+  - |
+    Use of JSON policy files was deprecated by the ``oslo.policy`` library
+    during the Victoria development cycle. As a result, this deprecation is
+    being noted in the Wallaby cycle with an anticipated future removal of support
+    by ``oslo.policy``. As such operators will need to convert to YAML policy
+    files. Please see the upgrade notes for details on migration of any
+    custom policy files.
diff --git a/requirements.txt b/requirements.txt
index a490c869..575d8fd8 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -15,9 +15,9 @@ oslo.messaging>=5.29.0 # Apache-2.0
 oslo.i18n>=3.15.3 # Apache-2.0
 oslo.log>=3.36.0 # Apache-2.0
 oslo.middleware>=3.31.0 # Apache-2.0
-oslo.policy>=1.30.0 # Apache-2.0
+oslo.policy>=3.6.0 # Apache-2.0
 oslo.service!=1.28.1,>=1.24.0 # Apache-2.0
-oslo.upgradecheck>=0.1.0 # Apache-2.0
+oslo.upgradecheck>=1.3.0 # Apache-2.0
 oslo.utils>=3.33.0 # Apache-2.0
 oslo.versionedobjects>=1.31.2 # Apache-2.0
 pbr!=2.1.0,>=2.0.0 # Apache-2.0
diff --git a/setup.cfg b/setup.cfg
index 784cc51d..54311a32 100644
--- a/setup.cfg
+++ b/setup.cfg
@@ -32,7 +32,7 @@ oslo.config.opts =
     customized_recovery_flow_opts = masakari.conf.opts:list_recovery_workflow_opts
 
 oslo.config.opts.defaults =
-    masakari.api = masakari.common.config:set_middleware_defaults
+    masakari.api = masakari.common.config:set_lib_defaults
 
 oslo.policy.enforcer =
     masakari = masakari.policy:get_enforcer