From 61aeda0b485274a7f8f1ede6e603d74318dd5d85 Mon Sep 17 00:00:00 2001
From: Takashi Kajinami <tkajinam@redhat.com>
Date: Thu, 25 Mar 2021 19:05:06 +0900
Subject: [PATCH] policy: Raise error when file_path and file_format are
 inconsistent

We have replaced policy.yaml with policy.json following the community
goal[1], but it might be possible that users are not aware of that
migration and still expect json files.
This change ensures that users are not expecting json file based on
the given file path.

[1] https://governance.openstack.org/tc/goals/selected/wallaby/migrate-policy-format-from-json-to-yaml.html

Change-Id: Ie2e5a6798e8603585c20b947eb91bbad5453934b
---
 manifests/policy/base.pp                      |  6 ++++++
 spec/defines/openstacklib_policy_base_spec.rb | 20 +++++++++++++++++++
 2 files changed, 26 insertions(+)

diff --git a/manifests/policy/base.pp b/manifests/policy/base.pp
index 90d6ddb1..736e220d 100644
--- a/manifests/policy/base.pp
+++ b/manifests/policy/base.pp
@@ -78,6 +78,12 @@ define openstacklib::policy::base (
         ~> Augeas<| title == "${file_path}-${key}-${value}" |>
     }
     'yaml': {
+      if stdlib::extname($file_path) == '.json' {
+        # NOTE(tkajinam): It is likely that user is not aware of migration from
+        #                 policy.json to policy.yaml
+        fail("file_path: ${file_path} should be a yaml file instead of a json file")
+      }
+
       ensure_resource('file', $file_path, {
         mode    => $file_mode,
         owner   => $file_user,
diff --git a/spec/defines/openstacklib_policy_base_spec.rb b/spec/defines/openstacklib_policy_base_spec.rb
index d1acf3d1..da8724b2 100644
--- a/spec/defines/openstacklib_policy_base_spec.rb
+++ b/spec/defines/openstacklib_policy_base_spec.rb
@@ -72,6 +72,26 @@ describe 'openstacklib::policy::base' do
       ) }
 
     end
+
+    context 'with json file_path and yaml file format' do
+      let :title do
+        'nova-contest_is_admin'
+      end
+
+      let :params do
+        {
+          :file_path   => '/etc/nova/policy.json',
+          :key         => 'context_is_admin or owner',
+          :value       => 'foo:bar',
+          :file_mode   => '0644',
+          :file_user   => 'foo',
+          :file_group  => 'bar',
+          :file_format => 'yaml',
+        }
+      end
+
+      it { should raise_error(Puppet::Error) }
+    end
   end
 
   on_supported_os({