Expose policy_default_rule

The option has been managed by the underlying puppet-oslo module but
has not been configurable. This introduces the parameter to customize
the option.

Change-Id: I130896ce504d726d580a4a4de4059f135187d0a4
This commit is contained in:
Takashi Kajinami 2023-01-23 14:52:41 +09:00
parent 1990832379
commit cafd3684c3
5 changed files with 24 additions and 0 deletions

View File

@ -32,6 +32,10 @@
# (Optional) Path to the ironic-inspector policy.yaml file # (Optional) Path to the ironic-inspector policy.yaml file
# Defaults to /etc/ironic-inspector/policy.yaml # Defaults to /etc/ironic-inspector/policy.yaml
# #
# [*policy_default_rule*]
# (Optional) Default rule. Enforced when a requested rule is not found.
# Defaults to $::os_service_default.
#
# [*policy_dirs*] # [*policy_dirs*]
# (Optional) Path to the ironic-inspector policy folder # (Optional) Path to the ironic-inspector policy folder
# Defaults to $::os_service_default # Defaults to $::os_service_default
@ -46,6 +50,7 @@ class ironic::inspector::policy (
$enforce_new_defaults = $::os_service_default, $enforce_new_defaults = $::os_service_default,
$policies = {}, $policies = {},
$policy_path = '/etc/ironic-inspector/policy.yaml', $policy_path = '/etc/ironic-inspector/policy.yaml',
$policy_default_rule = $::os_service_default,
$policy_dirs = $::os_service_default, $policy_dirs = $::os_service_default,
$purge_config = false, $purge_config = false,
) { ) {
@ -70,6 +75,7 @@ class ironic::inspector::policy (
enforce_scope => $enforce_scope, enforce_scope => $enforce_scope,
enforce_new_defaults => $enforce_new_defaults, enforce_new_defaults => $enforce_new_defaults,
policy_file => $policy_path, policy_file => $policy_path,
policy_default_rule => $policy_default_rule,
policy_dirs => $policy_dirs, policy_dirs => $policy_dirs,
} }

View File

@ -32,6 +32,10 @@
# (Optional) Path to the ironic policy.yaml file # (Optional) Path to the ironic policy.yaml file
# Defaults to /etc/ironic/policy.yaml # Defaults to /etc/ironic/policy.yaml
# #
# [*policy_default_rule*]
# (Optional) Default rule. Enforced when a requested rule is not found.
# Defaults to $::os_service_default.
#
# [*policy_dirs*] # [*policy_dirs*]
# (Optional) Path to the ironic policy folder # (Optional) Path to the ironic policy folder
# Defaults to $::os_service_default # Defaults to $::os_service_default
@ -46,6 +50,7 @@ class ironic::policy (
$enforce_new_defaults = $::os_service_default, $enforce_new_defaults = $::os_service_default,
$policies = {}, $policies = {},
$policy_path = '/etc/ironic/policy.yaml', $policy_path = '/etc/ironic/policy.yaml',
$policy_default_rule = $::os_service_default,
$policy_dirs = $::os_service_default, $policy_dirs = $::os_service_default,
$purge_config = false, $purge_config = false,
) { ) {
@ -70,6 +75,7 @@ class ironic::policy (
enforce_scope => $enforce_scope, enforce_scope => $enforce_scope,
enforce_new_defaults => $enforce_new_defaults, enforce_new_defaults => $enforce_new_defaults,
policy_file => $policy_path, policy_file => $policy_path,
policy_default_rule => $policy_default_rule,
policy_dirs => $policy_dirs, policy_dirs => $policy_dirs,
} }

View File

@ -0,0 +1,8 @@
---
features:
- |
The new ``ironic::policy::policy_default_rule`` parameter has been added.
- |
The new ``ironic::inspector::policy::policy_default_rule`` parameter has
been added.

View File

@ -9,6 +9,7 @@ describe 'ironic::inspector::policy' do
:enforce_scope => false, :enforce_scope => false,
:enforce_new_defaults => false, :enforce_new_defaults => false,
:policy_path => '/etc/ironic-inspector/policy.yaml', :policy_path => '/etc/ironic-inspector/policy.yaml',
:policy_default_rule => 'default',
:policy_dirs => '/etc/ironic-inspector/policy.d', :policy_dirs => '/etc/ironic-inspector/policy.d',
:policies => { :policies => {
'context_is_admin' => { 'context_is_admin' => {
@ -37,6 +38,7 @@ describe 'ironic::inspector::policy' do
:enforce_scope => false, :enforce_scope => false,
:enforce_new_defaults => false, :enforce_new_defaults => false,
:policy_file => '/etc/ironic-inspector/policy.yaml', :policy_file => '/etc/ironic-inspector/policy.yaml',
:policy_default_rule => 'default',
:policy_dirs => '/etc/ironic-inspector/policy.d', :policy_dirs => '/etc/ironic-inspector/policy.d',
) )
end end

View File

@ -9,6 +9,7 @@ describe 'ironic::policy' do
:enforce_scope => false, :enforce_scope => false,
:enforce_new_defaults => false, :enforce_new_defaults => false,
:policy_path => '/etc/ironic/policy.yaml', :policy_path => '/etc/ironic/policy.yaml',
:policy_default_rule => 'default',
:policy_dirs => '/etc/ironic/policy.d', :policy_dirs => '/etc/ironic/policy.d',
:policies => { :policies => {
'context_is_admin' => { 'context_is_admin' => {
@ -37,6 +38,7 @@ describe 'ironic::policy' do
:enforce_scope => false, :enforce_scope => false,
:enforce_new_defaults => false, :enforce_new_defaults => false,
:policy_file => '/etc/ironic/policy.yaml', :policy_file => '/etc/ironic/policy.yaml',
:policy_default_rule => 'default',
:policy_dirs => '/etc/ironic/policy.d', :policy_dirs => '/etc/ironic/policy.d',
) )
end end