[Trivial] Replace ref of policy.json to policy.yaml

policy file default and JSON format 'policy.json' is now
deprecated. Let's replace all the ref and test start using the
policy.yaml.

Change-Id: I78a273576702fb95d831bd9b801b5774fb9fd19e

doc/source/admin/arch.rst

@@ -112,7 +112,7 @@ For projects, you can use quota controls to limit the:
 
 Roles control the actions a user is allowed to perform. By default, most
 actions do not require a particular role, but you can configure them by editing
-the ``policy.json`` file for user roles. For example, a rule can be defined so
+the ``policy.yaml`` file for user roles. For example, a rule can be defined so
 that a user must have the ``admin`` role in order to be able to allocate a
 public IP address.
 
@@ -237,7 +237,7 @@ The displayed image attributes are:
 Virtual hardware templates are called ``flavors``. By default, these are
 configurable by admin users, however that behavior can be changed by redefining
 the access controls for ``compute_extension:flavormanage`` in
-``/etc/nova/policy.json`` on the ``compute-api`` server.
+``/etc/nova/policy.yaml`` on the ``compute-api`` server.
 For more information, refer to :doc:`/configuration/policy`.
 
 For a list of flavors that are available on your system:

doc/source/admin/availability-zones.rst

@@ -211,7 +211,7 @@ where an instance is launched. For example:
 
     This is an admin-only operation by default, though you can modify this
     behavior using the ``os_compute_api:servers:create:forced_host`` rule in
-    ``policy.json``.
+    ``policy.yaml``.
 
 However, as discussed `previously <Implications for moving servers>`_, when
 launching instances in this manner the scheduler filters are not run. For this
@@ -228,7 +228,7 @@ example:
 
     This is an admin-only operation by default, though you can modify this
     behavior using the ``compute:servers:create:requested_destination`` rule in
-    ``policy.json``.
+    ``policy.yaml``.
 
 This avoids the need to explicitly select an availability zone and ensures the
 scheduler filters are not bypassed.

doc/source/admin/configuration/hypervisor-hyper-v.rst

@@ -348,7 +348,7 @@ on Hyper-V. Below is a sample ``nova.conf`` for Windows:
    use_cow_images = true
    force_config_drive = false
    injected_network_template = C:\Program Files (x86)\OpenStack\Nova\etc\interfaces.template
-   policy_file = C:\Program Files (x86)\OpenStack\Nova\etc\policy.json
+   policy_file = C:\Program Files (x86)\OpenStack\Nova\etc\policy.yaml
    mkisofs_cmd = C:\Program Files (x86)\OpenStack\Nova\bin\mkisofs.exe
    allow_resize_to_same_host = true
    running_deleted_instance_action = reap

doc/source/admin/flavors.rst

@@ -21,7 +21,7 @@ manage flavors. To see information for this command, run:
    Configuration rights can be delegated to additional users by redefining
    the access controls for ``os_compute_api:os-flavor-manage:create``,
    ``os_compute_api:os-flavor-manage:update`` and
-   ``os_compute_api:os-flavor-manage:delete`` in ``/etc/nova/policy.json``
+   ``os_compute_api:os-flavor-manage:delete`` in ``/etc/nova/policy.yaml``
    on the ``nova-api`` server.
 
 .. note::

doc/source/admin/migration.rst

@@ -94,7 +94,7 @@ To migrate an instance and watch the status, use this example script:
 .. note::
 
    If you see the following error, it means you are either running the command
-   with the wrong credentials, such as a non-admin user, or the ``policy.json``
+   with the wrong credentials, such as a non-admin user, or the ``policy.yaml``
    file prevents migration for your user::
 
      Policy doesn't allow os_compute_api:os-migrate-server:migrate to be performed. (HTTP 403)

doc/source/cli/nova-api-metadata.rst

@@ -29,7 +29,7 @@ Files
 
 * ``/etc/nova/nova.conf``
 * ``/etc/nova/api-paste.ini``
-* ``/etc/nova/policy.json``
+* ``/etc/nova/policy.yaml``
 * ``/etc/nova/rootwrap.conf``
 * ``/etc/nova/rootwrap.d/``
 

doc/source/cli/nova-api-os-compute.rst

@@ -27,7 +27,7 @@ Files
 
 * ``/etc/nova/nova.conf``
 * ``/etc/nova/api-paste.ini``
-* ``/etc/nova/policy.json``
+* ``/etc/nova/policy.yaml``
 * ``/etc/nova/rootwrap.conf``
 * ``/etc/nova/rootwrap.d/``
 

doc/source/cli/nova-api.rst

@@ -27,7 +27,7 @@ Files
 
 * ``/etc/nova/nova.conf``
 * ``/etc/nova/api-paste.ini``
-* ``/etc/nova/policy.json``
+* ``/etc/nova/policy.yaml``
 * ``/etc/nova/rootwrap.conf``
 * ``/etc/nova/rootwrap.d/``
 

doc/source/cli/nova-compute.rst

@@ -28,7 +28,7 @@ Files
 =====
 
 * ``/etc/nova/nova.conf``
-* ``/etc/nova/policy.json``
+* ``/etc/nova/policy.yaml``
 * ``/etc/nova/rootwrap.conf``
 * ``/etc/nova/rootwrap.d/``
 

doc/source/cli/nova-novncproxy.rst

@@ -27,7 +27,7 @@ Files
 =====
 
 * ``/etc/nova/nova.conf``
-* ``/etc/nova/policy.json``
+* ``/etc/nova/policy.yaml``
 * ``/etc/nova/rootwrap.conf``
 * ``/etc/nova/rootwrap.d/``
 

doc/source/cli/nova-scheduler.rst

@@ -27,7 +27,7 @@ Files
 =====
 
 * ``/etc/nova/nova.conf``
-* ``/etc/nova/policy.json``
+* ``/etc/nova/policy.yaml``
 * ``/etc/nova/rootwrap.conf``
 * ``/etc/nova/rootwrap.d/``
 

doc/source/cli/nova-serialproxy.rst

@@ -27,7 +27,7 @@ Files
 =====
 
 * ``/etc/nova/nova.conf``
-* ``/etc/nova/policy.json``
+* ``/etc/nova/policy.yaml``
 * ``/etc/nova/rootwrap.conf``
 * ``/etc/nova/rootwrap.d/``
 

doc/source/cli/nova-spicehtml5proxy.rst

@@ -27,7 +27,7 @@ Files
 =====
 
 * ``/etc/nova/nova.conf``
-* ``/etc/nova/policy.json``
+* ``/etc/nova/policy.yaml``
 * ``/etc/nova/rootwrap.conf``
 * ``/etc/nova/rootwrap.d/``
 

doc/source/configuration/index.rst

@@ -3,7 +3,7 @@ Configuration Guide
 ===================
 
 The static configuration for nova lives in two main files: ``nova.conf`` and
-``policy.json``. These are described below. For a bigger picture view on
+``policy.yaml``. These are described below. For a bigger picture view on
 configuring nova to solve specific problems, refer to the :doc:`Nova Admin
 Guide </admin/index>`.
 

nova/tests/unit/policies/test_agents.py

@@ -167,7 +167,7 @@ class AgentsScopeTypePolicyTest(AgentsPolicyTest):
 class AgentsDeprecatedPolicyTest(base.BasePolicyTest):
     """Test os-agents APIs Deprecated policies.
     This class checks if deprecated policy rules are
-    overridden by user on policy.json file then they
+    overridden by user on policy.yaml file then they
     still work because oslo.policy add deprecated rules
     in logical OR condition and enforce them for policy
     checks if overridden.
@@ -196,7 +196,7 @@ class AgentsDeprecatedPolicyTest(base.BasePolicyTest):
         # Test to verify if deprecatd overridden policy is working.
 
         # check for success as admin role. Deprecated rule
-        # has been overridden with admin checks in policy.json
+        # has been overridden with admin checks in policy.yaml
         # If admin role pass it means overridden rule is enforced by
         # olso.policy because new default is system reader and the old
         # default is admin.

nova/tests/unit/policies/test_attach_interfaces.py

@@ -143,7 +143,7 @@ class AttachInterfacesScopeTypePolicyTest(AttachInterfacesPolicyTest):
 class AttachInterfacesDeprecatedPolicyTest(base.BasePolicyTest):
     """Test Attach Interfaces APIs Deprecated policies.
     This class checks if deprecated policy rules are
-    overridden by user on policy.json file then they
+    overridden by user on policy.yaml file then they
     still work because oslo.policy add deprecated rules
     in logical OR condition and enforce them for policy
     checks if overridden.
@@ -176,7 +176,7 @@ class AttachInterfacesDeprecatedPolicyTest(base.BasePolicyTest):
         # Test to verify if deprecatd overridden policy is working.
 
         # check for success as admin role. Deprecated rule
-        # has been overridden with admin checks in policy.json
+        # has been overridden with admin checks in policy.yaml
         # If admin role pass it means overridden rule is enforced by
         # olso.policy because new default is system or project reader and the
         # old default is admin.

nova/tests/unit/policies/test_instance_actions.py

@@ -153,7 +153,7 @@ class InstanceActionsDeprecatedPolicyTest(base.BasePolicyTest):
     """Test os-instance-actions APIs Deprecated policies.
 
     This class checks if deprecated policy rules are overridden
-    by user on policy.json file then they still work because
+    by user on policy.yaml file then they still work because
     oslo.policy add deprecated rules in logical OR condition
     and enforces them for policy checks if overridden.
     """
@@ -191,7 +191,7 @@ class InstanceActionsDeprecatedPolicyTest(base.BasePolicyTest):
             self.admin_or_owner_req.environ['nova.context'])
 
         # Check for success as admin_or_owner role. Deprecated rule
-        # has been overridden with admin checks in policy.json
+        # has been overridden with admin checks in policy.yaml
         # If admin role pass it means overridden rule is enforced by
         # olso.policy because new default is system reader and the old
         # default is admin.

nova/tests/unit/policies/test_services.py

@@ -155,7 +155,7 @@ class ServicesDeprecatedPolicyTest(base.BasePolicyTest):
     """Test os-services APIs Deprecated policies.
 
     This class checks if deprecated policy rules are
-    overridden by user on policy.json file then they
+    overridden by user on policy.yaml file then they
     still work because oslo.policy add deprecated rules
     in logical OR condition and enforce them for policy
     checks if overridden.
@@ -185,7 +185,7 @@ class ServicesDeprecatedPolicyTest(base.BasePolicyTest):
         # Test to verify if deprecatd overridden policy is working.
 
         # check for success as member role. Deprecated rule
-        # has been overridden with member checks in policy.json
+        # has been overridden with member checks in policy.yaml
         # If member role pass it means overridden rule is enforced by
         # olso.policy because new default is system admin and the old
         # default is admin.

nova/tests/unit/policy_fixture.py

@@ -46,7 +46,7 @@ class RealPolicyFixture(fixtures.Fixture):
     def setUp(self):
         super(RealPolicyFixture, self).setUp()
         # policy_file can be overridden by subclasses
-        self.policy_file = paths.state_path_def('etc/nova/policy.json')
+        self.policy_file = paths.state_path_def('etc/nova/policy.yaml')
         self._prepare_policy()
         CONF.set_override('policy_file', self.policy_file, group='oslo_policy')
         nova.policy.reset()
@@ -95,7 +95,7 @@ class PolicyFixture(RealPolicyFixture):
     def _prepare_policy(self):
         self.policy_dir = self.useFixture(fixtures.TempDir())
         self.policy_file = os.path.join(self.policy_dir.path,
-                                        'policy.json')
+                                        'policy.yaml')
 
         # load the fake_policy data and add the missing default rules.
         policy_rules = jsonutils.loads(fake_policy.policy_data)
@@ -126,7 +126,7 @@ class RoleBasedPolicyFixture(RealPolicyFixture):
             policy[rule.name] = 'role:%s' % self.role
 
         self.policy_dir = self.useFixture(fixtures.TempDir())
-        self.policy_file = os.path.join(self.policy_dir.path, 'policy.json')
+        self.policy_file = os.path.join(self.policy_dir.path, 'policy.yaml')
         with open(self.policy_file, 'w') as f:
             jsonutils.dump(policy, f)
 
@@ -164,7 +164,7 @@ class OverridePolicyFixture(RealPolicyFixture):
     def _prepare_policy(self):
         self.policy_dir = self.useFixture(fixtures.TempDir())
         self.policy_file = os.path.join(self.policy_dir.path,
-                                        'policy.json')
+                                        'policy.yaml')
         with open(self.policy_file, 'w') as f:
             jsonutils.dump(self.rules_in_file, f)
         CONF.set_override('policy_dirs', [], group='oslo_policy')