From f64159bc874b2ff4c862178b7575ea2152550f25 Mon Sep 17 00:00:00 2001
From: Thomas Goirand <zigo@debian.org>
Date: Thu, 1 Apr 2021 23:07:30 +0200
Subject: [PATCH] Allow to configure policy_dirs

This patch makes it possible to override the current service default,
which is /etc/<service>/policy.d .

Change-Id: I8ab033c275f29a34a89a5ea9c2560c9992fd06cf
---
 manifests/policy.pp                                  | 8 +++++++-
 releasenotes/notes/policy-dirs-ff9e665292115ef5.yaml | 5 +++++
 spec/classes/magnum_policy_spec.rb                   | 2 ++
 3 files changed, 14 insertions(+), 1 deletion(-)
 create mode 100644 releasenotes/notes/policy-dirs-ff9e665292115ef5.yaml

diff --git a/manifests/policy.pp b/manifests/policy.pp
index 681dc9b..b1ae406 100644
--- a/manifests/policy.pp
+++ b/manifests/policy.pp
@@ -32,11 +32,16 @@
 #   (Optional) Path to the magnum policy.yaml file
 #   Defaults to /etc/magnum/policy.yaml
 #
+# [*policy_dirs*]
+#   (Optional) Path to the keystone policy folder
+#   Defaults to $::os_service_default
+#
 class magnum::policy (
   $enforce_scope        = $::os_service_default,
   $enforce_new_defaults = $::os_service_default,
   $policies             = {},
   $policy_path          = '/etc/magnum/policy.yaml',
+  $policy_dirs          = $::os_service_default,
 ) {
 
   include magnum::deps
@@ -56,7 +61,8 @@ class magnum::policy (
   oslo::policy { 'magnum_config':
     enforce_scope        => $enforce_scope,
     enforce_new_defaults => $enforce_new_defaults,
-    policy_file          => $policy_path
+    policy_file          => $policy_path,
+    policy_dirs          => $policy_dirs,
   }
 
 }
diff --git a/releasenotes/notes/policy-dirs-ff9e665292115ef5.yaml b/releasenotes/notes/policy-dirs-ff9e665292115ef5.yaml
new file mode 100644
index 0000000..cf009fe
--- /dev/null
+++ b/releasenotes/notes/policy-dirs-ff9e665292115ef5.yaml
@@ -0,0 +1,5 @@
+---
+features:
+  - |
+    There is now a new policy_dirs parameter in the magnum::policy class,
+    so one can set a custom path.
diff --git a/spec/classes/magnum_policy_spec.rb b/spec/classes/magnum_policy_spec.rb
index 7f6a004..88c35b1 100644
--- a/spec/classes/magnum_policy_spec.rb
+++ b/spec/classes/magnum_policy_spec.rb
@@ -7,6 +7,7 @@ describe 'magnum::policy' do
         :enforce_scope        => false,
         :enforce_new_defaults => false,
         :policy_path          => '/etc/magnum/policy.yaml',
+        :policy_dirs          => '/etc/magnum/policy.d',
         :policies             => {
           'context_is_admin' => {
             'key'   => 'context_is_admin',
@@ -28,6 +29,7 @@ describe 'magnum::policy' do
         :enforce_scope        => false,
         :enforce_new_defaults => false,
         :policy_file          => '/etc/magnum/policy.yaml',
+        :policy_dirs          => '/etc/magnum/policy.d',
       )
     end
   end