Remove deprecated custom policy file options

This PS removes deprecated custom policy file options, including:

  * cinder_policy_file
  * glance_policy_file
  * keystone_policy_file
  * neutron_policy_file
  * nova_policy_file

Specifying the location of a custom policy file should instead be
done by setting ``[patrole] custom_policy_files`` instead, as it
works with any service name.

Change-Id: I7d5cfa8d3cbd8a3818553ea1066005f9315f100c

patrole_tempest_plugin/config.py

@@ -46,46 +46,6 @@ assumes Patrole is on the same host as the policy files. The paths should be
 ordered by precedence, with high-priority paths before low-priority paths. The
 first path that is found to contain the service's policy file will be used.
 """),
-    cfg.StrOpt('cinder_policy_file',
-               default='/etc/cinder/policy.json',
-               help="""Location of the Cinder policy file. Assumed to be on
-the same host as Patrole.""",
-               deprecated_group='rbac',
-               deprecated_for_removal=True,
-               deprecated_reason="It is better to use `custom_policy_files` "
-                                 "which supports any OpenStack service."),
-    cfg.StrOpt('glance_policy_file',
-               default='/etc/glance/policy.json',
-               help="""Location of the Glance policy file. Assumed to be on
-the same host as Patrole.""",
-               deprecated_group='rbac',
-               deprecated_for_removal=True,
-               deprecated_reason="It is better to use `custom_policy_files` "
-                                 "which supports any OpenStack service."),
-    cfg.StrOpt('keystone_policy_file',
-               default='/etc/keystone/policy.json',
-               help="""Location of the custom Keystone policy file. Assumed to
-be on the same host as Patrole.""",
-               deprecated_group='rbac',
-               deprecated_for_removal=True,
-               deprecated_reason="It is better to use `custom_policy_files` "
-                                 "which supports any OpenStack service."),
-    cfg.StrOpt('neutron_policy_file',
-               default='/etc/neutron/policy.json',
-               help="""Location of the Neutron policy file. Assumed to be on
-the same host as Patrole.""",
-               deprecated_group='rbac',
-               deprecated_for_removal=True,
-               deprecated_reason="It is better to use `custom_policy_files` "
-                                 "which supports any OpenStack service."),
-    cfg.StrOpt('nova_policy_file',
-               default='/etc/nova/policy.json',
-               help="""Location of the custom Nova policy file. Assumed to be
-on the same host as Patrole.""",
-               deprecated_group='rbac',
-               deprecated_for_removal=True,
-               deprecated_reason="It is better to use `custom_policy_files` "
-                                 "which supports any OpenStack service."),
     cfg.BoolOpt('test_custom_requirements',
                 default=False,
                 deprecated_group='rbac',

patrole_tempest_plugin/policy_authority.py

@@ -107,12 +107,10 @@ class PolicyAuthority(RbacAuthority):
 
         # Prioritize dynamically searching for policy files over relying on
         # deprecated service-specific policy file locations.
+        self.path = None
         if CONF.patrole.custom_policy_files:
             self.discover_policy_files()
             self.path = self.policy_files.get(service)
-        else:
-            self.path = getattr(CONF.patrole, '%s_policy_file' % str(service),
-                                None)
 
         self.rules = policy.Rules.load(self._get_policy_data(service),
                                        'default')

releasenotes/notes/remove-named-policy-files-134f3045502e9ce9.yaml

@@ -0,0 +1,13 @@
+---
+deprecations:
+  - |
+    Removed the following deprecated Patrole configuration options:
+
+        * cinder_policy_file
+        * glance_policy_file
+        * keystone_policy_file
+        * neutron_policy_file
+        * nova_policy_file
+
+    To specify the location of a custom policy file, use
+    ``[patrole] custom_policy_files`` instead.