3ab2c357e8
Patrole should eventually support other services like Heat and Murano, not just the Big Tent services included in Tempest. Patrole then should be able to dynamically discover custom policy files. While the solution this commit implements is not perfect, it will allow more services' policy file to be discovered by Patrole. The policy files will still have to be located on the same host as Patrole. This commit removes the service-specific policy path CONF options in favor of a new CONF option called ``[rbac] custom_policy_files`` which is a ListOpt that includes paths for each custom policy file. Each policy path assumes that the service name is included in the path. The paths should be ordered by precedence, with high-priority paths before low-priority paths. The first path that is found to contain the service's policy file will be used. This commit refactors unit tests and rbac_policy_parser as needed to work with the changes. Change-Id: Ia929b77223b54906888af6cd324f0cfa0fafda8f Implements blueprint: dynamic-policy-file-discovery |
||
|---|---|---|
| .. | ||
| hacking | ||
| services | ||
| tests | ||
| __init__.py | ||
| config.py | ||
| plugin.py | ||
| rbac_exceptions.py | ||
| rbac_policy_parser.py | ||
| rbac_rule_validation.py | ||
| rbac_utils.py | ||
| README.rst | ||
| requirements_authority.py | ||
| version.py | ||
Tempest Integration of Patrole
This directory contains Tempest tests to cover the Patrole project.