openstack
/
neutron-lib
Code Issues Proposed changes

Skip the enforcer undefined rule check 

That will avoid unnecessary warning messages in the logs. The
role enforcer only loads the following 3 rules:
* _ADMIN_CTX_POLICY = 'context_is_admin'
* _ADVSVC_CTX_POLICY = 'context_is_advsvc'
* _SERVICE_ROLE = 'service_api'

This functionality was implemented in [1]. oslo.policy library
is bumped to version 4.3.0 that contains this patch.

[1]https://review.opendev.org/c/openstack/oslo.policy/+/907196

Closes-Bug: #2048198
Change-Id: I1581b95035c4afebf63518b64c35bc0c61c292e9
This commit is contained in:
Rodolfo Alonso Hernandez 2024-01-29 00:04:34 +00:00
parent d131b53403
commit f0724e9cf1
2 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
neutron_lib/policy/_engine.py
View File

@ -62,6 +62,8 @@ def init(conf=cfg.CONF, policy_file=None):
global _ROLE_ENFORCER
if not _ROLE_ENFORCER:
_ROLE_ENFORCER = policy.Enforcer(conf, policy_file=policy_file)
# Skip the undefined rule check to avoid unnecessary warning messages.
_ROLE_ENFORCER.skip_undefined_check = True
_ROLE_ENFORCER.register_defaults(_BASE_RULES)
_ROLE_ENFORCER.load_rules(True)

2
requirements.txt
View File

@ -13,7 +13,7 @@ oslo.db>=12.1.0 # Apache-2.0
oslo.i18n>=3.20.0 # Apache-2.0
oslo.log>=4.3.0 # Apache-2.0
oslo.messaging>=14.2.0 # Apache-2.0
oslo.policy>=3.6.2 # Apache-2.0
oslo.policy>=4.3.0 # Apache-2.0
oslo.serialization>=2.25.0 # Apache-2.0
oslo.service!=1.28.1,>=1.24.0 # Apache-2.0
oslo.utils>=7.0.0 # Apache-2.0