diff --git a/aodh/Chart.yaml b/aodh/Chart.yaml index 935bf57626..56c2c33758 100644 --- a/aodh/Chart.yaml +++ b/aodh/Chart.yaml @@ -16,7 +16,7 @@ apiVersion: v1 appVersion: v1.0.0 description: Openstack-Helm Aodh name: aodh -version: 0.2.0 +version: 0.2.1 home: https://docs.openstack.org/aodh/latest/ sources: - https://opendev.org/openstack/aodh diff --git a/aodh/templates/configmap-etc.yaml b/aodh/templates/configmap-etc.yaml index 3a1cd40d8d..103e3f1886 100644 --- a/aodh/templates/configmap-etc.yaml +++ b/aodh/templates/configmap-etc.yaml @@ -115,6 +115,6 @@ data: aodh.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.aodh | b64enc }} logging.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | b64enc }} api-paste.ini: {{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | b64enc }} - policy.json: {{ toJson .Values.conf.policy | b64enc }} + policy.yaml: {{ toYaml .Values.conf.policy | b64enc }} {{ include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.wsgi_aodh "key" "wsgi-aodh.conf" "format" "Secret" ) | indent 2 }} {{- end }} diff --git a/aodh/templates/deployment-api.yaml b/aodh/templates/deployment-api.yaml index c43c9e0015..c4ae5efd95 100644 --- a/aodh/templates/deployment-api.yaml +++ b/aodh/templates/deployment-api.yaml @@ -97,8 +97,8 @@ spec: subPath: api-paste.ini readOnly: true - name: aodh-etc - mountPath: /etc/aodh/policy.json - subPath: policy.json + mountPath: /etc/aodh/policy.yaml + subPath: policy.yaml readOnly: true - name: aodh-etc mountPath: /etc/apache2/conf-enabled/wsgi-aodh.conf diff --git a/aodh/templates/deployment-evaluator.yaml b/aodh/templates/deployment-evaluator.yaml index 869dcdfb01..b44aae2ef0 100644 --- a/aodh/templates/deployment-evaluator.yaml +++ b/aodh/templates/deployment-evaluator.yaml @@ -84,8 +84,8 @@ spec: readOnly: true {{- end }} - name: aodh-etc - mountPath: /etc/aodh/policy.json - subPath: policy.json + mountPath: /etc/aodh/policy.yaml + subPath: policy.yaml readOnly: true - name: aodh-bin mountPath: /tmp/aodh-evaluator.sh diff --git a/aodh/templates/deployment-listener.yaml b/aodh/templates/deployment-listener.yaml index 27571a9fe1..db137f6a40 100644 --- a/aodh/templates/deployment-listener.yaml +++ b/aodh/templates/deployment-listener.yaml @@ -84,8 +84,8 @@ spec: readOnly: true {{- end }} - name: aodh-etc - mountPath: /etc/aodh/policy.json - subPath: policy.json + mountPath: /etc/aodh/policy.yaml + subPath: policy.yaml readOnly: true - name: aodh-bin mountPath: /tmp/aodh-listener.sh diff --git a/aodh/templates/deployment-notifier.yaml b/aodh/templates/deployment-notifier.yaml index 77ce7fbd91..7ee8d866c1 100644 --- a/aodh/templates/deployment-notifier.yaml +++ b/aodh/templates/deployment-notifier.yaml @@ -84,8 +84,8 @@ spec: readOnly: true {{- end }} - name: aodh-etc - mountPath: /etc/aodh/policy.json - subPath: policy.json + mountPath: /etc/aodh/policy.yaml + subPath: policy.yaml readOnly: true - name: aodh-bin mountPath: /tmp/aodh-notifier.sh diff --git a/aodh/values.yaml b/aodh/values.yaml index e9ac2cb6e1..6ed0434cb4 100644 --- a/aodh/values.yaml +++ b/aodh/values.yaml @@ -463,6 +463,8 @@ conf: log_config_append: /etc/aodh/logging.conf oslo_middleware: enable_proxy_headers_parsing: true + oslo_policy: + policy_file: /etc/aodh/policy.yaml database: alarm_history_time_to_live: 86400 max_retries: -1 diff --git a/barbican/Chart.yaml b/barbican/Chart.yaml index 26a5a354b2..5ae99f94ef 100644 --- a/barbican/Chart.yaml +++ b/barbican/Chart.yaml @@ -14,7 +14,7 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm Barbican name: barbican -version: 0.2.0 +version: 0.2.1 home: https://docs.openstack.org/barbican/latest/ icon: https://www.openstack.org/themes/openstack/images/project-mascots/Barbican/OpenStack_Project_Barbican_vertical.png sources: diff --git a/barbican/templates/configmap-etc.yaml b/barbican/templates/configmap-etc.yaml index a85c120ef9..9a689a1484 100644 --- a/barbican/templates/configmap-etc.yaml +++ b/barbican/templates/configmap-etc.yaml @@ -93,6 +93,6 @@ data: logging.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | b64enc }} barbican-api-paste.ini: {{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | b64enc }} api_audit_map.conf: {{ include "helm-toolkit.utils.to_ini" .Values.conf.audit_map | b64enc }} - policy.json: {{ toJson .Values.conf.policy | b64enc }} + policy.yaml: {{ toYaml .Values.conf.policy | b64enc }} barbican-api.ini: {{ include "helm-toolkit.utils.to_ini" .Values.conf.barbican_api | b64enc }} {{- end }} diff --git a/barbican/templates/deployment-api.yaml b/barbican/templates/deployment-api.yaml index 0accd6b7a2..05414c02c3 100644 --- a/barbican/templates/deployment-api.yaml +++ b/barbican/templates/deployment-api.yaml @@ -101,8 +101,8 @@ spec: subPath: barbican-api-paste.ini readOnly: true - name: barbican-etc - mountPath: /etc/barbican/policy.json - subPath: policy.json + mountPath: /etc/barbican/policy.yaml + subPath: policy.yaml readOnly: true - name: barbican-bin mountPath: /tmp/barbican.sh diff --git a/barbican/values.yaml b/barbican/values.yaml index b19ebb2d4e..51b9024457 100644 --- a/barbican/values.yaml +++ b/barbican/values.yaml @@ -464,6 +464,8 @@ conf: # NOTE(portdirect): the bind port should not be defined, and is manipulated # via the endpoints section. bind_port: null + oslo_policy: + policy_file: /etc/barbican/policy.yaml logging: loggers: keys: diff --git a/ceilometer/Chart.yaml b/ceilometer/Chart.yaml index 24370464cc..48c67d0744 100644 --- a/ceilometer/Chart.yaml +++ b/ceilometer/Chart.yaml @@ -14,7 +14,7 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm Ceilometer name: ceilometer -version: 0.2.0 +version: 0.2.1 home: https://docs.openstack.org/ceilometer/latest/ sources: - https://opendev.org/openstack/ceilometer diff --git a/ceilometer/templates/configmap-etc.yaml b/ceilometer/templates/configmap-etc.yaml index 4b01adc857..564030f823 100644 --- a/ceilometer/templates/configmap-etc.yaml +++ b/ceilometer/templates/configmap-etc.yaml @@ -117,7 +117,7 @@ data: rally_tests.yaml: {{ toYaml .Values.conf.rally_tests | b64enc }} ceilometer.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.ceilometer | b64enc }} api_paste.ini: {{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | b64enc }} - policy.json: {{ toJson .Values.conf.policy | b64enc }} + policy.yaml: {{ toYaml .Values.conf.policy | b64enc }} api_audit_map.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.api_audit_map | b64enc }} event_pipeline.yaml: {{ toYaml .Values.conf.event_pipeline | b64enc }} pipeline.yaml: {{ toYaml .Values.conf.pipeline | b64enc }} diff --git a/ceilometer/templates/daemonset-compute.yaml b/ceilometer/templates/daemonset-compute.yaml index 4191b3b076..d7047381ac 100644 --- a/ceilometer/templates/daemonset-compute.yaml +++ b/ceilometer/templates/daemonset-compute.yaml @@ -73,8 +73,8 @@ spec: subPath: api_paste.ini readOnly: true - name: ceilometer-etc - mountPath: /etc/ceilometer/policy.json - subPath: policy.json + mountPath: /etc/ceilometer/policy.yaml + subPath: policy.yaml readOnly: true - name: ceilometer-etc mountPath: /etc/ceilometer/event_definitions.yaml diff --git a/ceilometer/templates/daemonset-ipmi.yaml b/ceilometer/templates/daemonset-ipmi.yaml index 9c8965df4c..58f0e40b8c 100644 --- a/ceilometer/templates/daemonset-ipmi.yaml +++ b/ceilometer/templates/daemonset-ipmi.yaml @@ -75,8 +75,8 @@ spec: subPath: api_paste.ini readOnly: true - name: ceilometer-etc - mountPath: /etc/ceilometer/policy.json - subPath: policy.json + mountPath: /etc/ceilometer/policy.yaml + subPath: policy.yaml readOnly: true - name: ceilometer-etc mountPath: /etc/ceilometer/event_definitions.yaml diff --git a/ceilometer/templates/deployment-api.yaml b/ceilometer/templates/deployment-api.yaml index 8841e55174..1cc3a2fc54 100644 --- a/ceilometer/templates/deployment-api.yaml +++ b/ceilometer/templates/deployment-api.yaml @@ -85,8 +85,8 @@ spec: subPath: api_paste.ini readOnly: true - name: ceilometer-etc - mountPath: /etc/ceilometer/policy.json - subPath: policy.json + mountPath: /etc/ceilometer/policy.yaml + subPath: policy.yaml readOnly: true - name: ceilometer-etc mountPath: /etc/ceilometer/api_audit_map.conf diff --git a/ceilometer/templates/deployment-central.yaml b/ceilometer/templates/deployment-central.yaml index a2a2bf3d18..12efc64e38 100644 --- a/ceilometer/templates/deployment-central.yaml +++ b/ceilometer/templates/deployment-central.yaml @@ -71,8 +71,8 @@ spec: subPath: api_paste.ini readOnly: true - name: ceilometer-etc - mountPath: /etc/ceilometer/policy.json - subPath: policy.json + mountPath: /etc/ceilometer/policy.yaml + subPath: policy.yaml readOnly: true - name: ceilometer-etc mountPath: /etc/ceilometer/event_definitions.yaml diff --git a/ceilometer/templates/deployment-collector.yaml b/ceilometer/templates/deployment-collector.yaml index 6ef79e7eaa..a5b3117254 100644 --- a/ceilometer/templates/deployment-collector.yaml +++ b/ceilometer/templates/deployment-collector.yaml @@ -71,8 +71,8 @@ spec: subPath: api_paste.ini readOnly: true - name: ceilometer-etc - mountPath: /etc/ceilometer/policy.json - subPath: policy.json + mountPath: /etc/ceilometer/policy.yaml + subPath: policy.yaml readOnly: true - name: ceilometer-etc mountPath: /etc/ceilometer/event_definitions.yaml diff --git a/ceilometer/templates/deployment-notification.yaml b/ceilometer/templates/deployment-notification.yaml index 2d4c911957..1f65ad2121 100644 --- a/ceilometer/templates/deployment-notification.yaml +++ b/ceilometer/templates/deployment-notification.yaml @@ -71,8 +71,8 @@ spec: subPath: api_paste.ini readOnly: true - name: ceilometer-etc - mountPath: /etc/ceilometer/policy.json - subPath: policy.json + mountPath: /etc/ceilometer/policy.yaml + subPath: policy.yaml readOnly: true - name: ceilometer-etc mountPath: /etc/ceilometer/event_definitions.yaml diff --git a/ceilometer/values.yaml b/ceilometer/values.yaml index b94c9497b5..a6c1b2c821 100644 --- a/ceilometer/values.yaml +++ b/ceilometer/values.yaml @@ -208,6 +208,8 @@ conf: topics: - notifications - profiler + oslo_policy: + policy_file: /etc/ceilometer/policy.yaml cache: enabled: true backend: dogpile.cache.memcached diff --git a/designate/Chart.yaml b/designate/Chart.yaml index 0ecf601d37..24420edc59 100644 --- a/designate/Chart.yaml +++ b/designate/Chart.yaml @@ -14,7 +14,7 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm Designate name: designate -version: 0.2.0 +version: 0.2.1 home: https://docs.openstack.org/designate/latest/ icon: https://www.openstack.org/themes/openstack/images/project-mascots/Designate/OpenStack_Project_Designate_vertical.jpg sources: diff --git a/designate/templates/configmap-etc.yaml b/designate/templates/configmap-etc.yaml index cc0d270b59..dd1d4a23d5 100644 --- a/designate/templates/configmap-etc.yaml +++ b/designate/templates/configmap-etc.yaml @@ -74,7 +74,7 @@ type: Opaque data: designate.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.designate | b64enc }} api-paste.ini: {{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | b64enc }} - policy.json: {{ toJson .Values.conf.policy | b64enc }} + policy.yaml: {{ toYaml .Values.conf.policy | b64enc }} logging.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | b64enc }} {{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.pools "key" "pools.yaml" "format" "Secret" ) | indent 2 }} diff --git a/designate/templates/deployment-api.yaml b/designate/templates/deployment-api.yaml index be55b92263..43531ec8db 100644 --- a/designate/templates/deployment-api.yaml +++ b/designate/templates/deployment-api.yaml @@ -87,8 +87,8 @@ spec: subPath: api-paste.ini readOnly: true - name: designate-etc - mountPath: /etc/designate/policy.json - subPath: policy.json + mountPath: /etc/designate/policy.yaml + subPath: policy.yaml readOnly: true {{- if .Values.conf.designate.DEFAULT.log_config_append }} - name: designate-etc diff --git a/designate/templates/deployment-central.yaml b/designate/templates/deployment-central.yaml index 34e47ac07d..22cb398480 100644 --- a/designate/templates/deployment-central.yaml +++ b/designate/templates/deployment-central.yaml @@ -74,8 +74,8 @@ spec: subPath: api-paste.ini readOnly: true - name: designate-etc - mountPath: /etc/designate/policy.json - subPath: policy.json + mountPath: /etc/designate/policy.yaml + subPath: policy.yaml readOnly: true {{- if .Values.conf.designate.DEFAULT.log_config_append }} - name: designate-etc diff --git a/designate/templates/deployment-mdns.yaml b/designate/templates/deployment-mdns.yaml index 7a49fa9756..93fe35d9fe 100644 --- a/designate/templates/deployment-mdns.yaml +++ b/designate/templates/deployment-mdns.yaml @@ -85,8 +85,8 @@ spec: subPath: api-paste.ini readOnly: true - name: designate-etc - mountPath: /etc/designate/policy.json - subPath: policy.json + mountPath: /etc/designate/policy.yaml + subPath: policy.yaml readOnly: true {{- if .Values.conf.designate.DEFAULT.log_config_append }} - name: designate-etc diff --git a/designate/templates/deployment-producer.yaml b/designate/templates/deployment-producer.yaml index 381815e687..23ba4a6a22 100644 --- a/designate/templates/deployment-producer.yaml +++ b/designate/templates/deployment-producer.yaml @@ -74,8 +74,8 @@ spec: subPath: api-paste.ini readOnly: true - name: designate-etc - mountPath: /etc/designate/policy.json - subPath: policy.json + mountPath: /etc/designate/policy.yaml + subPath: policy.yaml readOnly: true {{- if .Values.conf.designate.DEFAULT.log_config_append }} - name: designate-etc diff --git a/designate/templates/deployment-sink.yaml b/designate/templates/deployment-sink.yaml index 4d41ae4136..4f8d7a8f21 100644 --- a/designate/templates/deployment-sink.yaml +++ b/designate/templates/deployment-sink.yaml @@ -70,8 +70,8 @@ spec: subPath: designate.conf readOnly: true - name: designate-etc - mountPath: /etc/designate/policy.json - subPath: policy.json + mountPath: /etc/designate/policy.yaml + subPath: policy.yaml readOnly: true {{- if .Values.conf.designate.DEFAULT.log_config_append }} - name: designate-etc diff --git a/designate/templates/deployment-worker.yaml b/designate/templates/deployment-worker.yaml index 1e97c478c5..9c252f55a0 100644 --- a/designate/templates/deployment-worker.yaml +++ b/designate/templates/deployment-worker.yaml @@ -99,8 +99,8 @@ spec: subPath: api-paste.ini readOnly: true - name: designate-etc - mountPath: /etc/designate/policy.json - subPath: policy.json + mountPath: /etc/designate/policy.yaml + subPath: policy.yaml readOnly: true {{- if .Values.conf.designate.DEFAULT.log_config_append }} - name: designate-etc diff --git a/designate/values.yaml b/designate/values.yaml index 3e0026107b..e8f3165f0b 100644 --- a/designate/values.yaml +++ b/designate/values.yaml @@ -562,6 +562,8 @@ conf: notify: false oslo_middleware: enable_proxy_headers_parsing: true + oslo_policy: + policy_file: /etc/designate/policy.yaml database: max_retries: -1 storage:sqlalchemy: diff --git a/glance/Chart.yaml b/glance/Chart.yaml index c0f322725a..d1044b9bfc 100644 --- a/glance/Chart.yaml +++ b/glance/Chart.yaml @@ -14,7 +14,7 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm Glance name: glance -version: 0.2.2 +version: 0.2.3 home: https://docs.openstack.org/glance/latest/ icon: https://www.openstack.org/themes/openstack/images/project-mascots/Glance/OpenStack_Project_Glance_vertical.png sources: diff --git a/glance/templates/configmap-etc.yaml b/glance/templates/configmap-etc.yaml index 32557d1035..97f19fbcac 100644 --- a/glance/templates/configmap-etc.yaml +++ b/glance/templates/configmap-etc.yaml @@ -195,7 +195,7 @@ data: glance-api-paste.ini: {{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | b64enc }} glance-registry.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.glance_registry | b64enc }} glance-registry-paste.ini: {{ include "helm-toolkit.utils.to_ini" .Values.conf.paste_registry | b64enc }} - policy.json: {{ toJson .Values.conf.policy | b64enc }} + policy.yaml: {{ toYaml .Values.conf.policy | b64enc }} api_audit_map.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.api_audit_map | b64enc }} {{- include "helm-toolkit.snippets.values_template_renderer" ( dict "envAll" $envAll "template" .Values.conf.swift_store "key" "swift-store.conf" "format" "Secret" ) | indent 2 }} {{- include "helm-toolkit.snippets.values_template_renderer" ( dict "envAll" $envAll "template" .Values.conf.nginx "key" "nginx.conf" "format" "Secret" ) | indent 2 }} diff --git a/glance/templates/deployment-api.yaml b/glance/templates/deployment-api.yaml index 095065963e..78e1671528 100644 --- a/glance/templates/deployment-api.yaml +++ b/glance/templates/deployment-api.yaml @@ -194,8 +194,8 @@ spec: subPath: glance-api-paste.ini readOnly: true - name: glance-etc - mountPath: /etc/glance/policy.json - subPath: policy.json + mountPath: /etc/glance/policy.yaml + subPath: policy.yaml readOnly: true - name: glance-etc mountPath: /etc/glance/api_audit_map.conf diff --git a/glance/templates/deployment-registry.yaml b/glance/templates/deployment-registry.yaml index 6d00585407..f771e01322 100644 --- a/glance/templates/deployment-registry.yaml +++ b/glance/templates/deployment-registry.yaml @@ -105,8 +105,8 @@ spec: subPath: glance-registry-paste.ini readOnly: true - name: glance-etc - mountPath: /etc/glance/policy.json - subPath: policy.json + mountPath: /etc/glance/policy.yaml + subPath: policy.yaml readOnly: true {{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.image_registry.api.internal "path" "/etc/glance/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }} {{- dict "enabled" .Values.manifests.certificates "name" .Values.endpoints.oslo_messaging.auth.admin.secret.tls.internal "path" "/etc/rabbitmq/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }} diff --git a/glance/values.yaml b/glance/values.yaml index 2d939d243c..87f4b31f5c 100644 --- a/glance/values.yaml +++ b/glance/values.yaml @@ -284,6 +284,8 @@ conf: driver: messagingv2 oslo_messaging_rabbit: rabbit_ha_queues: true + oslo_policy: + policy_file: /etc/glance/policy.yaml cors: {} logging: loggers: diff --git a/heat/Chart.yaml b/heat/Chart.yaml index bb8a02c986..23442f3159 100644 --- a/heat/Chart.yaml +++ b/heat/Chart.yaml @@ -14,7 +14,7 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm Heat name: heat -version: 0.2.1 +version: 0.2.2 home: https://docs.openstack.org/heat/latest/ icon: https://www.openstack.org/themes/openstack/images/project-mascots/Heat/OpenStack_Project_Heat_vertical.png sources: diff --git a/heat/templates/configmap-etc.yaml b/heat/templates/configmap-etc.yaml index 0b8b3f6102..d5716e1f3a 100644 --- a/heat/templates/configmap-etc.yaml +++ b/heat/templates/configmap-etc.yaml @@ -140,7 +140,7 @@ data: heat.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.heat | b64enc }} logging.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | b64enc }} api-paste.ini: {{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | b64enc }} - policy.json: {{ toJson .Values.conf.policy | b64enc }} + policy.yaml: {{ toYaml .Values.conf.policy | b64enc }} {{- if .Values.manifests.certificates }} {{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.mpm_event "key" "mpm_event.conf" "format" "Secret" ) | indent 2 }} {{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.wsgi_heat "key" "wsgi-heat.conf" "format" "Secret" ) | indent 2 }} diff --git a/heat/templates/deployment-api.yaml b/heat/templates/deployment-api.yaml index 4f78246c71..a17ddaef55 100644 --- a/heat/templates/deployment-api.yaml +++ b/heat/templates/deployment-api.yaml @@ -104,8 +104,8 @@ spec: subPath: api-paste.ini readOnly: true - name: heat-etc - mountPath: /etc/heat/policy.json - subPath: policy.json + mountPath: /etc/heat/policy.yaml + subPath: policy.yaml readOnly: true - name: heat-etc mountPath: /etc/heat/api_audit_map.conf diff --git a/heat/templates/deployment-cfn.yaml b/heat/templates/deployment-cfn.yaml index 1a5061d563..9fab9e647f 100644 --- a/heat/templates/deployment-cfn.yaml +++ b/heat/templates/deployment-cfn.yaml @@ -104,8 +104,8 @@ spec: subPath: api-paste.ini readOnly: true - name: heat-etc - mountPath: /etc/heat/policy.json - subPath: policy.json + mountPath: /etc/heat/policy.yaml + subPath: policy.yaml readOnly: true - name: heat-etc mountPath: /etc/heat/api_audit_map.conf diff --git a/heat/templates/deployment-cloudwatch.yaml b/heat/templates/deployment-cloudwatch.yaml index 8f1849afa8..092feac1e9 100644 --- a/heat/templates/deployment-cloudwatch.yaml +++ b/heat/templates/deployment-cloudwatch.yaml @@ -97,8 +97,8 @@ spec: subPath: api-paste.ini readOnly: true - name: heat-etc - mountPath: /etc/heat/policy.json - subPath: policy.json + mountPath: /etc/heat/policy.yaml + subPath: policy.yaml readOnly: true - name: heat-etc mountPath: /etc/heat/api_audit_map.conf diff --git a/heat/templates/deployment-engine.yaml b/heat/templates/deployment-engine.yaml index f4cf496f65..4ae0197bd4 100644 --- a/heat/templates/deployment-engine.yaml +++ b/heat/templates/deployment-engine.yaml @@ -96,8 +96,8 @@ spec: readOnly: true {{ end }} - name: heat-etc - mountPath: /etc/heat/policy.json - subPath: policy.json + mountPath: /etc/heat/policy.yaml + subPath: policy.yaml readOnly: true {{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_db.auth.admin.secret.tls.internal "path" "/etc/mysql/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }} {{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.orchestration.api.internal "path" "/etc/heat/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }} diff --git a/heat/values.yaml b/heat/values.yaml index 0dc0e00073..4774431ae5 100644 --- a/heat/values.yaml +++ b/heat/values.yaml @@ -473,6 +473,8 @@ conf: enable_proxy_headers_parsing: true oslo_messaging_rabbit: rabbit_ha_queues: True + oslo_policy: + policy_file: /etc/heat/policy.yaml api_audit_map: DEFAULT: target_endpoint_type: None diff --git a/horizon/Chart.yaml b/horizon/Chart.yaml index 6158b8a87d..a3bd61f7e5 100644 --- a/horizon/Chart.yaml +++ b/horizon/Chart.yaml @@ -14,7 +14,7 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm Horizon name: horizon -version: 0.2.1 +version: 0.2.2 home: https://docs.openstack.org/horizon/latest/ icon: https://www.openstack.org/themes/openstack/images/project-mascots/Horizon/OpenStack_Project_Horizon_vertical.png sources: diff --git a/horizon/templates/configmap-etc.yaml b/horizon/templates/configmap-etc.yaml index bbdfe3e20c..0006fae101 100644 --- a/horizon/templates/configmap-etc.yaml +++ b/horizon/templates/configmap-etc.yaml @@ -27,6 +27,6 @@ data: {{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.horizon.security "key" "security.conf" "format" "Secret" ) | indent 2 }} {{- end }} {{- range $key, $value := .Values.conf.horizon.policy }} - {{ printf "%s_policy.json" $key }}: {{ $value | toPrettyJson | b64enc }} + {{ printf "%s_policy.yaml" $key }}: {{ $value | toPrettyJson | b64enc }} {{- end }} {{- end }} diff --git a/horizon/templates/deployment.yaml b/horizon/templates/deployment.yaml index 107cd43ecc..4675da4f31 100644 --- a/horizon/templates/deployment.yaml +++ b/horizon/templates/deployment.yaml @@ -123,7 +123,7 @@ spec: subPath: local_settings readOnly: true {{- range $key, $value := $envAll.Values.conf.horizon.policy }} - {{- $policyFile := printf "/etc/openstack-dashboard/%s_policy.json" $key }} + {{- $policyFile := printf "/etc/openstack-dashboard/%s_policy.yaml" $key }} - name: horizon-etc mountPath: {{ $policyFile }} subPath: {{ base $policyFile }} diff --git a/horizon/values.yaml b/horizon/values.yaml index 703405c5aa..c7b9b502f9 100644 --- a/horizon/values.yaml +++ b/horizon/values.yaml @@ -631,17 +631,17 @@ conf: # OpenStack services are using to determine role based access control in the # target installation. - # Path to directory containing policy.json files + # Path to directory containing policy.yaml files POLICY_FILES_PATH = '/etc/openstack-dashboard' # Map of local copy of service policy files #POLICY_FILES = { - # 'identity': 'keystone_policy.json', - # 'compute': 'nova_policy.json', - # 'volume': 'cinder_policy.json', - # 'image': 'glance_policy.json', - # 'orchestration': 'heat_policy.json', - # 'network': 'neutron_policy.json', - # 'telemetry': 'ceilometer_policy.json', + # 'identity': 'keystone_policy.yaml', + # 'compute': 'nova_policy.yaml', + # 'volume': 'cinder_policy.yaml', + # 'image': 'glance_policy.yaml', + # 'orchestration': 'heat_policy.yaml', + # 'network': 'neutron_policy.yaml', + # 'telemetry': 'ceilometer_policy.yaml', #} # Trove user and database extension support. By default support for diff --git a/ironic/Chart.yaml b/ironic/Chart.yaml index fe3dd62851..180f00c10d 100644 --- a/ironic/Chart.yaml +++ b/ironic/Chart.yaml @@ -14,7 +14,7 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm Ironic name: ironic -version: 0.2.0 +version: 0.2.1 home: https://docs.openstack.org/ironic/latest/ icon: https://www.openstack.org/themes/openstack/images/project-mascots/Ironic/OpenStack_Project_Ironic_vertical.png sources: diff --git a/ironic/templates/configmap-etc.yaml b/ironic/templates/configmap-etc.yaml index 3f9f4e877d..395a2a4c5a 100644 --- a/ironic/templates/configmap-etc.yaml +++ b/ironic/templates/configmap-etc.yaml @@ -203,7 +203,7 @@ type: Opaque data: ironic.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.ironic | b64enc }} logging.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | b64enc }} - policy.json: {{ toJson .Values.conf.policy | b64enc }} + policy.yaml: {{ toYaml .Values.conf.policy | b64enc }} {{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.tftp_map_file "key" "tftp-map-file" "format" "Secret" ) | indent 2 }} {{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.nginx "key" "nginx.conf" "format" "Secret" ) | indent 2 }} {{- end }} diff --git a/ironic/templates/deployment-api.yaml b/ironic/templates/deployment-api.yaml index 6a443d5200..76f1565531 100644 --- a/ironic/templates/deployment-api.yaml +++ b/ironic/templates/deployment-api.yaml @@ -131,8 +131,8 @@ spec: readOnly: true {{- end }} - name: ironic-etc - mountPath: /etc/ironic/policy.json - subPath: policy.json + mountPath: /etc/ironic/policy.yaml + subPath: policy.yaml readOnly: true - name: pod-shared mountPath: /tmp/pod-shared diff --git a/ironic/templates/statefulset-conductor.yaml b/ironic/templates/statefulset-conductor.yaml index c09c30495f..c427c4e9cf 100644 --- a/ironic/templates/statefulset-conductor.yaml +++ b/ironic/templates/statefulset-conductor.yaml @@ -181,8 +181,8 @@ spec: readOnly: true {{- end }} - name: ironic-etc - mountPath: /etc/ironic/policy.json - subPath: policy.json + mountPath: /etc/ironic/policy.yaml + subPath: policy.yaml readOnly: true - name: host-var-lib-ironic mountPath: /var/lib/ironic diff --git a/ironic/values.yaml b/ironic/values.yaml index cdda0461da..eb29ab7d7f 100644 --- a/ironic/values.yaml +++ b/ironic/values.yaml @@ -136,6 +136,8 @@ conf: auth_type: password swift: auth_url: null + oslo_policy: + policy_file: /etc/ironic/policy.yaml logging: loggers: keys: diff --git a/keystone/Chart.yaml b/keystone/Chart.yaml index 85340b98a4..2cb147f24b 100644 --- a/keystone/Chart.yaml +++ b/keystone/Chart.yaml @@ -14,7 +14,7 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm Keystone name: keystone -version: 0.2.3 +version: 0.2.4 home: https://docs.openstack.org/keystone/latest/ icon: https://www.openstack.org/themes/openstack/images/project-mascots/Keystone/OpenStack_Project_Keystone_vertical.png sources: diff --git a/keystone/templates/configmap-etc.yaml b/keystone/templates/configmap-etc.yaml index 0d7049785e..f37a731f48 100644 --- a/keystone/templates/configmap-etc.yaml +++ b/keystone/templates/configmap-etc.yaml @@ -54,7 +54,7 @@ data: rally_tests.yaml: {{ toYaml .Values.conf.rally_tests.tests | b64enc }} keystone.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.keystone | b64enc }} logging.conf: {{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.logging | b64enc }} - policy.json: {{ toJson .Values.conf.policy | b64enc }} + policy.yaml: {{ toYaml .Values.conf.policy | b64enc }} access_rules.json: {{ toJson .Values.conf.access_rules | b64enc }} ports.conf: '' {{- range $k, $v := .Values.conf.ks_domains }} diff --git a/keystone/templates/deployment-api.yaml b/keystone/templates/deployment-api.yaml index e1e8c3fba3..4cf9da9edc 100644 --- a/keystone/templates/deployment-api.yaml +++ b/keystone/templates/deployment-api.yaml @@ -106,8 +106,8 @@ spec: readOnly: true {{- end }} - name: keystone-etc - mountPath: /etc/keystone/policy.json - subPath: policy.json + mountPath: /etc/keystone/policy.yaml + subPath: policy.yaml readOnly: true - name: keystone-etc mountPath: /etc/keystone/access_rules.json diff --git a/keystone/values.yaml b/keystone/values.yaml index e825303178..3af080cc3e 100644 --- a/keystone/values.yaml +++ b/keystone/values.yaml @@ -551,6 +551,8 @@ conf: rabbit_ha_queues: true oslo_middleware: enable_proxy_headers_parsing: true + oslo_policy: + policy_file: /etc/keystone/policy.yaml security_compliance: # NOTE(vdrok): The following two options have effect only for SQL backend lockout_failure_attempts: 5 diff --git a/magnum/Chart.yaml b/magnum/Chart.yaml index 5644dc8ed1..2504db17b9 100644 --- a/magnum/Chart.yaml +++ b/magnum/Chart.yaml @@ -14,7 +14,7 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm Magnum name: magnum -version: 0.2.0 +version: 0.2.1 home: https://docs.openstack.org/magnum/latest/ icon: https://www.openstack.org/themes/openstack/images/project-mascots/Magnum/OpenStack_Project_Magnum_vertical.png sources: diff --git a/magnum/templates/configmap-etc.yaml b/magnum/templates/configmap-etc.yaml index 32959e1cea..466e2ae728 100644 --- a/magnum/templates/configmap-etc.yaml +++ b/magnum/templates/configmap-etc.yaml @@ -93,5 +93,5 @@ data: magnum.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.magnum | b64enc }} logging.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | b64enc }} api-paste.ini: {{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | b64enc }} - policy.json: {{ toJson .Values.conf.policy | b64enc }} + policy.yaml: {{ toYaml .Values.conf.policy | b64enc }} {{- end }} diff --git a/magnum/templates/deployment-api.yaml b/magnum/templates/deployment-api.yaml index 2e076dbd1c..fbb43d2489 100644 --- a/magnum/templates/deployment-api.yaml +++ b/magnum/templates/deployment-api.yaml @@ -103,8 +103,8 @@ spec: subPath: api-paste.ini readOnly: true - name: magnum-etc - mountPath: /etc/magnum/policy.json - subPath: policy.json + mountPath: /etc/magnum/policy.yaml + subPath: policy.yaml readOnly: true - name: magnum-lock-path mountPath: {{ .Values.conf.magnum.oslo_concurrency.lock_path }} diff --git a/magnum/templates/statefulset-conductor.yaml b/magnum/templates/statefulset-conductor.yaml index 1a3de8d506..1d7663ff21 100644 --- a/magnum/templates/statefulset-conductor.yaml +++ b/magnum/templates/statefulset-conductor.yaml @@ -99,8 +99,8 @@ spec: readOnly: true {{- end }} - name: magnum-etc - mountPath: /etc/magnum/policy.json - subPath: policy.json + mountPath: /etc/magnum/policy.yaml + subPath: policy.yaml readOnly: true - name: pod-shared mountPath: /tmp/pod-shared diff --git a/magnum/values.yaml b/magnum/values.yaml index c6e6d66aba..66fe791c70 100644 --- a/magnum/values.yaml +++ b/magnum/values.yaml @@ -119,6 +119,8 @@ conf: driver: messaging oslo_concurrency: lock_path: /var/lib/magnum/tmp + oslo_policy: + policy_file: /etc/magnum/policy.yaml certificates: cert_manager_type: barbican database: diff --git a/mistral/Chart.yaml b/mistral/Chart.yaml index 96e1057688..82db38f108 100644 --- a/mistral/Chart.yaml +++ b/mistral/Chart.yaml @@ -14,7 +14,7 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm Mistral name: mistral -version: 0.2.0 +version: 0.2.1 home: https://docs.openstack.org/mistral/latest/ icon: https://www.openstack.org/themes/openstack/images/project-mascots/Mistral/OpenStack_Project_Mistral_vertical.png sources: diff --git a/mistral/templates/configmap-etc.yaml b/mistral/templates/configmap-etc.yaml index 688acf8960..655eb42701 100644 --- a/mistral/templates/configmap-etc.yaml +++ b/mistral/templates/configmap-etc.yaml @@ -83,7 +83,7 @@ data: rally_tests.yaml: {{ toYaml .Values.conf.rally_tests.tests | b64enc }} mistral.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.mistral | b64enc }} logging.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | b64enc }} - policy.json: {{ toJson .Values.conf.policy | b64enc }} + policy.yaml: {{ toYaml .Values.conf.policy | b64enc }} {{- range $key, $value := $envAll.Values.conf.rally_tests.templates }} {{ printf "test_template_%d" $key }}: {{ $value.template | b64enc }} {{- end }} diff --git a/mistral/templates/deployment-api.yaml b/mistral/templates/deployment-api.yaml index baabfe7ecd..138e538779 100644 --- a/mistral/templates/deployment-api.yaml +++ b/mistral/templates/deployment-api.yaml @@ -93,8 +93,8 @@ spec: readOnly: true {{- end }} - name: mistral-etc - mountPath: /etc/mistral/policy.json - subPath: policy.json + mountPath: /etc/mistral/policy.yaml + subPath: policy.yaml readOnly: true {{ if $mounts_mistral_api.volumeMounts }}{{ toYaml $mounts_mistral_api.volumeMounts | indent 12 }}{{ end }} volumes: diff --git a/mistral/values.yaml b/mistral/values.yaml index 32674b7ee1..7210932c15 100644 --- a/mistral/values.yaml +++ b/mistral/values.yaml @@ -468,6 +468,8 @@ conf: auth_type: password auth_version: v3 memcache_security_strategy: ENCRYPT + oslo_policy: + policy_file: /etc/mistral/policy.yaml logging: loggers: keys: diff --git a/neutron/Chart.yaml b/neutron/Chart.yaml index e3b13c14fd..e3972427d9 100644 --- a/neutron/Chart.yaml +++ b/neutron/Chart.yaml @@ -14,7 +14,7 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm Neutron name: neutron -version: 0.2.1 +version: 0.2.2 home: https://docs.openstack.org/neutron/latest/ icon: https://www.openstack.org/themes/openstack/images/project-mascots/Neutron/OpenStack_Project_Neutron_vertical.png sources: diff --git a/neutron/templates/configmap-etc.yaml b/neutron/templates/configmap-etc.yaml index 9424374f60..7fea6065b1 100644 --- a/neutron/templates/configmap-etc.yaml +++ b/neutron/templates/configmap-etc.yaml @@ -251,7 +251,7 @@ type: Opaque data: rally_tests.yaml: {{ toYaml $envAll.Values.conf.rally_tests.tests | b64enc }} api-paste.ini: {{ include "helm-toolkit.utils.to_ini" $envAll.Values.conf.paste | b64enc }} - policy.json: {{ toJson $envAll.Values.conf.policy | b64enc }} + policy.yaml: {{ toYaml $envAll.Values.conf.policy | b64enc }} neutron.conf: {{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.neutron | b64enc }} logging.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | b64enc }} api_audit_map.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.api_audit_map | b64enc }} diff --git a/neutron/templates/deployment-server.yaml b/neutron/templates/deployment-server.yaml index 36fa6d5b43..e44aa53d10 100644 --- a/neutron/templates/deployment-server.yaml +++ b/neutron/templates/deployment-server.yaml @@ -234,8 +234,8 @@ spec: subPath: api-paste.ini readOnly: true - name: neutron-etc - mountPath: /etc/neutron/policy.json - subPath: policy.json + mountPath: /etc/neutron/policy.yaml + subPath: policy.yaml readOnly: true {{- dict "enabled" .Values.manifests.certificates "name" .Values.endpoints.oslo_db.auth.admin.secret.tls.internal "path" "/etc/mysql/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }} {{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.network.server.internal "path" "/etc/neutron/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }} diff --git a/neutron/values.yaml b/neutron/values.yaml index f4c8f51048..fb2a2ecad2 100644 --- a/neutron/values.yaml +++ b/neutron/values.yaml @@ -1906,6 +1906,8 @@ conf: rabbit_ha_queues: true oslo_middleware: enable_proxy_headers_parsing: true + oslo_policy: + policy_file: /etc/neutron/policy.yaml nova: auth_type: password auth_version: v3 diff --git a/releasenotes/notes/aodh.yaml b/releasenotes/notes/aodh.yaml index 50acdcfbac..ae56b6e90b 100644 --- a/releasenotes/notes/aodh.yaml +++ b/releasenotes/notes/aodh.yaml @@ -3,3 +3,4 @@ aodh: - 0.1.0 Initial Chart - 0.1.1 Change helm-toolkit dependency version to ">= 0.1.0" - 0.2.0 Remove support for releases before T + - 0.2.1 Use policies in yaml format diff --git a/releasenotes/notes/barbican.yaml b/releasenotes/notes/barbican.yaml index 8f6e033294..5ed6049537 100644 --- a/releasenotes/notes/barbican.yaml +++ b/releasenotes/notes/barbican.yaml @@ -4,3 +4,4 @@ barbican: - 0.1.1 Change helm-toolkit dependency version to ">= 0.1.0" - 0.1.2 Added post-install and post-upgrade helm hook for Jobs - 0.2.0 Remove support for releases before T + - 0.2.1 Use policies in yaml format diff --git a/releasenotes/notes/ceilometer.yaml b/releasenotes/notes/ceilometer.yaml index 92b34a829d..2871649bd4 100644 --- a/releasenotes/notes/ceilometer.yaml +++ b/releasenotes/notes/ceilometer.yaml @@ -3,3 +3,4 @@ ceilometer: - 0.1.0 Initial Chart - 0.1.1 Change helm-toolkit dependency version to ">= 0.1.0" - 0.2.0 Remove support for releases before T + - 0.2.1 Use policies in yaml format diff --git a/releasenotes/notes/designate.yaml b/releasenotes/notes/designate.yaml index 52f7ad59c0..7b35372e45 100644 --- a/releasenotes/notes/designate.yaml +++ b/releasenotes/notes/designate.yaml @@ -4,3 +4,4 @@ designate: - 0.1.1 Change helm-toolkit dependency version to ">= 0.1.0" - 0.1.2 Added post-install and post-upgrade helm hooks on Jobs - 0.2.0 Remove support for releases before T + - 0.2.1 Use policies in yaml format diff --git a/releasenotes/notes/glance.yaml b/releasenotes/notes/glance.yaml index dc926ae00d..57963d5229 100644 --- a/releasenotes/notes/glance.yaml +++ b/releasenotes/notes/glance.yaml @@ -12,3 +12,4 @@ glance: - 0.2.0 Remove support for releases before T - 0.2.1 Fix the ceph pool creations for openstack services - 0.2.2 Adding rabbitmq TLS logic + - 0.2.3 Use policies in yaml format diff --git a/releasenotes/notes/heat.yaml b/releasenotes/notes/heat.yaml index d817cf2bac..f18a1ad634 100644 --- a/releasenotes/notes/heat.yaml +++ b/releasenotes/notes/heat.yaml @@ -8,3 +8,4 @@ heat: - 0.1.5 Change Issuer to ClusterIssuer - 0.2.0 Remove support for releases before T - 0.2.1 Adding rabbitmq TLS logic + - 0.2.2 Use policies in yaml format diff --git a/releasenotes/notes/horizon.yaml b/releasenotes/notes/horizon.yaml index ff0464c9a6..af9b12d3f0 100644 --- a/releasenotes/notes/horizon.yaml +++ b/releasenotes/notes/horizon.yaml @@ -11,4 +11,5 @@ horizon: - 0.1.8 Implement "CSRF_COOKIE_HTTPONLY" option support in horizon - 0.2.0 Remove support for releases before T - 0.2.1 Make python script PEP8 compliant + - 0.2.2 Use policies in yaml format ... diff --git a/releasenotes/notes/ironic.yaml b/releasenotes/notes/ironic.yaml index db2482ed53..d92182a8f7 100644 --- a/releasenotes/notes/ironic.yaml +++ b/releasenotes/notes/ironic.yaml @@ -4,3 +4,4 @@ ironic: - 0.1.1 Change helm-toolkit dependency version to ">= 0.1.0" - 0.1.2 Added post-install and post-upgrade helm.sh/hook for jobs - 0.2.0 Remove support for releases before T + - 0.2.1 Use policies in yaml format diff --git a/releasenotes/notes/keystone.yaml b/releasenotes/notes/keystone.yaml index 5929e76bd1..6352abeae5 100644 --- a/releasenotes/notes/keystone.yaml +++ b/releasenotes/notes/keystone.yaml @@ -19,4 +19,5 @@ keystone: - 0.2.1 Remove paste ini config settings - 0.2.2 Make python script PEP8 compliant - 0.2.3 Adding rabbitmq TLS logic + - 0.2.4 Use policies in yaml format ... diff --git a/releasenotes/notes/magnum.yaml b/releasenotes/notes/magnum.yaml index bcf58f526c..8e7305c02b 100644 --- a/releasenotes/notes/magnum.yaml +++ b/releasenotes/notes/magnum.yaml @@ -4,3 +4,4 @@ magnum: - 0.1.1 Change helm-toolkit dependency version to ">= 0.1.0" - 0.1.2 Added post-install and post-upgrade helm hook for jobs - 0.2.0 Remove support for releases before T + - 0.2.1 Use policies in yaml format diff --git a/releasenotes/notes/mistral.yaml b/releasenotes/notes/mistral.yaml index d5d36539f6..8cf2649eee 100644 --- a/releasenotes/notes/mistral.yaml +++ b/releasenotes/notes/mistral.yaml @@ -4,3 +4,4 @@ mistral: - 0.1.1 Change helm-toolkit dependency version to ">= 0.1.0" - 0.1.2 Added post-install and post-upgrade hook for Jobs - 0.2.0 Remove support for releases before T + - 0.2.1 Use policies in yaml format diff --git a/releasenotes/notes/neutron.yaml b/releasenotes/notes/neutron.yaml index 082e9ca2cd..6fa3a3d261 100644 --- a/releasenotes/notes/neutron.yaml +++ b/releasenotes/notes/neutron.yaml @@ -15,3 +15,4 @@ neutron: - 0.1.12 Removed "name" parameter from Rally tests - 0.2.0 Remove support for releases before T - 0.2.1 Adding rabbitmq TLS logic + - 0.2.2 Use policies in yaml format diff --git a/releasenotes/notes/senlin.yaml b/releasenotes/notes/senlin.yaml index 536058df58..e4eaaf66aa 100644 --- a/releasenotes/notes/senlin.yaml +++ b/releasenotes/notes/senlin.yaml @@ -3,3 +3,4 @@ senlin: - 0.1.0 Initial Chart - 0.1.1 Change helm-toolkit dependency version to ">= 0.1.0" - 0.2.0 Remove support for releases before T + - 0.2.1 Use policies in yaml format diff --git a/senlin/Chart.yaml b/senlin/Chart.yaml index 8c147abf7d..4786a65f61 100644 --- a/senlin/Chart.yaml +++ b/senlin/Chart.yaml @@ -14,7 +14,7 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm Senlin name: senlin -version: 0.2.0 +version: 0.2.1 home: https://docs.openstack.org/senlin/latest/ icon: https://www.openstack.org/themes/openstack/images/project-mascots/Senlin/OpenStack_Project_Senlin_vertical.png sources: diff --git a/senlin/templates/configmap-etc.yaml b/senlin/templates/configmap-etc.yaml index 87793adb99..a47a3a4f57 100644 --- a/senlin/templates/configmap-etc.yaml +++ b/senlin/templates/configmap-etc.yaml @@ -104,5 +104,5 @@ data: senlin.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.senlin | b64enc }} logging.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | b64enc }} api-paste.ini: {{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | b64enc }} - policy.json: {{ toJson .Values.conf.policy | b64enc }} + policy.yaml: {{ toYaml .Values.conf.policy | b64enc }} {{- end }} diff --git a/senlin/templates/deployment-api.yaml b/senlin/templates/deployment-api.yaml index 193b1d56be..d6577fff8f 100644 --- a/senlin/templates/deployment-api.yaml +++ b/senlin/templates/deployment-api.yaml @@ -103,8 +103,8 @@ spec: subPath: api-paste.ini readOnly: true - name: senlin-etc - mountPath: /etc/senlin/policy.json - subPath: policy.json + mountPath: /etc/senlin/policy.yaml + subPath: policy.yaml readOnly: true {{ if $mounts_senlin_api.volumeMounts }}{{ toYaml $mounts_senlin_api.volumeMounts | indent 12 }}{{ end }} volumes: diff --git a/senlin/templates/deployment-engine.yaml b/senlin/templates/deployment-engine.yaml index f5cb2997a1..06ed7688b2 100644 --- a/senlin/templates/deployment-engine.yaml +++ b/senlin/templates/deployment-engine.yaml @@ -78,8 +78,8 @@ spec: readOnly: true {{- end }} - name: senlin-etc - mountPath: /etc/senlin/policy.json - subPath: policy.json + mountPath: /etc/senlin/policy.yaml + subPath: policy.yaml readOnly: true {{ if $mounts_senlin_engine.volumeMounts }}{{ toYaml $mounts_senlin_engine.volumeMounts | indent 12 }}{{ end }} volumes: diff --git a/senlin/values.yaml b/senlin/values.yaml index a1126cafcb..3ad5e5bf5b 100644 --- a/senlin/values.yaml +++ b/senlin/values.yaml @@ -179,6 +179,8 @@ conf: # NOTE(portdirect): the bind port should not be defined, and is manipulated # via the endpoints section. bind_port: null + oslo_policy: + policy_file: /etc/senlin/policy.yaml logging: loggers: keys: