openstack/puppet-openstacklib
Code Issues Proposed changes

Merge "Remove support for json format policy files"

Browse Source
This commit is contained in:
Zuul 2024-06-11 16:24:44 +00:00 committed by Gerrit Code Review
commit 4c3c03fce9
7 changed files with 43 additions and 200 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
manifests/policy.pp
View File

@ -43,9 +43,8 @@
# Defaults to undef # Defaults to undef
# #
# [*file_format*] # [*file_format*]
# (Optional) Format for file contents. Valid values # (Optional) Format for file contents. Valid value is 'yaml'.
# are 'json' or 'yaml'. # Defaults to 'yaml'.
# Defaults to 'json'.
# #
# [*purge_config*] # [*purge_config*]
# (Optional) Whether to set only the specified policy rules in the policy # (Optional) Whether to set only the specified policy rules in the policy
@ -58,7 +57,7 @@ define openstacklib::policy (
$file_mode = '0640', $file_mode = '0640',
$file_user = undef, $file_user = undef,
$file_group = undef, $file_group = undef,
Enum['json', 'yaml'] $file_format = 'json', Enum['yaml'] $file_format = 'yaml',
Boolean $purge_config = false, Boolean $purge_config = false,
) { ) {

44
manifests/policy/base.pp
View File

@ -1,11 +1,11 @@
# == Definition: openstacklib::policy::base # == Definition: openstacklib::policy::base
# #
# This resource configures the policy.json file for an OpenStack service # This resource configures the policy file for an OpenStack service
# #
# == Parameters: # == Parameters:
# #
# [*file_path*] # [*file_path*]
# (required) Path to the policy.json file # (required) Path to the policy file
# #
# [*key*] # [*key*]
# (optional) The key to replace the value for # (optional) The key to replace the value for
@ -28,9 +28,8 @@
# Defaults to undef # Defaults to undef
# #
# [*file_format*] # [*file_format*]
# (optional) Format for file contents. Valid values # (optional) Format for file contents. Valid value is 'yaml'
# are 'json' or 'yaml'. # Defaults to 'yaml'.
# Defaults to 'json'.
# #
# [*purge_config*] # [*purge_config*]
# (optional) Whether to set only the specified policy rules in the policy # (optional) Whether to set only the specified policy rules in the policy
@ -44,7 +43,7 @@ define openstacklib::policy::base (
$file_mode = '0640', $file_mode = '0640',
$file_user = undef, $file_user = undef,
$file_group = undef, $file_group = undef,
Enum['json', 'yaml'] $file_format = 'json', Enum['yaml'] $file_format = 'yaml',
Boolean $purge_config = false, Boolean $purge_config = false,
) { ) {
@ -57,33 +56,6 @@ define openstacklib::policy::base (
purge_config => $purge_config purge_config => $purge_config
}) })
case $file_format {
'json': {
warning('Json format is deprecated and will be removed in a future release')
# Add entry if it doesn't exists
augeas { "${file_path}-${key}-add":
lens => 'Json.lns',
incl => $file_path,
changes => [
"set dict/entry[last()+1] \"${key}\"",
"set dict/entry[last()]/string \"${value}\"",
],
onlyif => "match dict/entry[*][.=\"${key}\"] size == 0",
}
# Requires that the entry is added before this call or it will fail.
augeas { "${file_path}-${key}" :
lens => 'Json.lns',
incl => $file_path,
changes => "set dict/entry[*][.=\"${key}\"]/string \"${value}\"",
}
Openstacklib::Policy::Default<| title == $file_path |>
-> Augeas<| title == "${file_path}-${key}-add" |>
~> Augeas<| title == "${file_path}-${key}" |>
}
'yaml': {
# NOTE(tkajianm): Currently we use single quotes('') to quote the whole # NOTE(tkajianm): Currently we use single quotes('') to quote the whole
# value, thus a single quote in value should be escaped # value, thus a single quote in value should be escaped
# by another single quote (which results in '') # by another single quote (which results in '')
@ -97,10 +69,4 @@ define openstacklib::policy::base (
} }
Openstacklib::Policy::Default<| title == $file_path |> Openstacklib::Policy::Default<| title == $file_path |>
-> File_line<| title == "${file_path}-${key}" |> -> File_line<| title == "${file_path}-${key}" |>
}
default: {
fail("${file_format} is an unsupported policy file format. Choose 'json' or 'yaml'.")
}
}
} }

29
manifests/policy/default.pp
View File

@ -5,7 +5,7 @@
# == Parameters: # == Parameters:
# #
# [*file_path*] # [*file_path*]
# (Optional) Path to the policy.json file # (Optional) Path to the policy file
# Defaults to $name # Defaults to $name
# #
# [*file_mode*] # [*file_mode*]
@ -21,9 +21,8 @@
# Defaults to undef # Defaults to undef
# #
# [*file_format*] # [*file_format*]
# (Optional) Format for file contents. Valid values # (Optional) Format for file contents. Valid value is 'yaml'.
# are 'json' or 'yaml'. # Defaults to 'yaml'.
# Defaults to 'json'.
# #
# [*purge_config*] # [*purge_config*]
# (Optional) Whether to set only the specified policy rules in the policy # (Optional) Whether to set only the specified policy rules in the policy
@ -35,33 +34,15 @@ define openstacklib::policy::default (
$file_mode = '0640', $file_mode = '0640',
$file_user = undef, $file_user = undef,
$file_group = undef, $file_group = undef,
Enum['json', 'yaml'] $file_format = 'json', Enum['yaml'] $file_format = 'yaml',
Boolean $purge_config = false, Boolean $purge_config = false,
) { ) {
case $file_format {
'json': {
warning('Json format is deprecated and will be removed in a future release')
$content = '{}'
}
'yaml': {
if stdlib::extname($file_path) == '.json' {
# NOTE(tkajinam): It is likely that user is not aware of migration from
# policy.json to policy.yaml
fail("file_path: ${file_path} should be a yaml file instead of a json file")
}
$content = ''
}
default: {
fail("${file_format} is an unsupported policy file format. Choose 'json' or 'yaml'.")
}
}
ensure_resource('file', $file_path, { ensure_resource('file', $file_path, {
mode => $file_mode, mode => $file_mode,
owner => $file_user, owner => $file_user,
group => $file_group, group => $file_group,
replace => $purge_config, replace => $purge_config,
content => $content content => ''
}) })
} }

5
releasenotes/notes/remove-policy-json-8902dc11c5576e73.yaml Normal file
View File

@ -0,0 +1,5 @@
---
upgrade:
- |
Support for json format policy files has been removed. Now yaml is the only
supported format.

54
spec/defines/openstacklib_policy_base_spec.rb
View File

@ -6,43 +6,6 @@ describe 'openstacklib::policy::base' do
'context_is_admin or owner' 'context_is_admin or owner'
end end
context 'with policy.json' do
let :params do
{
:file_path => '/etc/nova/policy.json',
:value => 'foo:bar',
:file_mode => '0644',
:file_user => 'foo',
:file_group => 'bar',
:file_format => 'json',
}
end
it { should contain_openstacklib__policy__default('/etc/nova/policy.json').with(
:file_mode => '0644',
:file_user => 'foo',
:file_group => 'bar',
:file_format => 'json',
:purge_config => false,
)}
it { should contain_augeas('/etc/nova/policy.json-context_is_admin or owner').with(
:lens => 'Json.lns',
:incl => '/etc/nova/policy.json',
:changes => 'set dict/entry[*][.="context_is_admin or owner"]/string "foo:bar"',
)}
it { should contain_augeas('/etc/nova/policy.json-context_is_admin or owner-add').with(
:lens => 'Json.lns',
:incl => '/etc/nova/policy.json',
:changes => [
'set dict/entry[last()+1] "context_is_admin or owner"',
'set dict/entry[last()]/string "foo:bar"'
],
:onlyif => 'match dict/entry[*][.="context_is_admin or owner"] size == 0'
)}
end
context 'with policy.yaml' do context 'with policy.yaml' do
let :params do let :params do
{ {
@ -51,7 +14,6 @@ describe 'openstacklib::policy::base' do
:file_mode => '0644', :file_mode => '0644',
:file_user => 'foo', :file_user => 'foo',
:file_group => 'bar', :file_group => 'bar',
:file_format => 'yaml',
} }
end end
@ -106,7 +68,6 @@ describe 'openstacklib::policy::base' do
:file_mode => '0644', :file_mode => '0644',
:file_user => 'foo', :file_user => 'foo',
:file_group => 'bar', :file_group => 'bar',
:file_format => 'yaml',
:purge_config => true, :purge_config => true,
} }
end end
@ -120,21 +81,6 @@ describe 'openstacklib::policy::base' do
)} )}
end end
context 'with json file_path and yaml file format' do
let :params do
{
:file_path => '/etc/nova/policy.json',
:value => 'foo:bar',
:file_mode => '0644',
:file_user => 'foo',
:file_group => 'bar',
:file_format => 'yaml',
}
end
it { should raise_error(Puppet::Error) }
end
context 'with key overridden' do context 'with key overridden' do
let :params do let :params do
{ {

25
spec/defines/openstacklib_policy_default_spec.rb
View File

@ -2,29 +2,6 @@ require 'spec_helper'
describe 'openstacklib::policy::default' do describe 'openstacklib::policy::default' do
shared_examples 'openstacklib::policy::default' do shared_examples 'openstacklib::policy::default' do
context 'with policy.json' do
let :title do
'/etc/nova/policy.json'
end
let :params do
{
:file_mode => '0644',
:file_user => 'foo',
:file_group => 'bar',
:file_format => 'json',
}
end
it { should contain_file('/etc/nova/policy.json').with(
:mode => '0644',
:owner => 'foo',
:group => 'bar',
:content => '{}',
:replace => false
)}
end
context 'with policy.yaml' do context 'with policy.yaml' do
let :title do let :title do
'/etc/nova/policy.yaml' '/etc/nova/policy.yaml'
@ -35,7 +12,6 @@ describe 'openstacklib::policy::default' do
:file_mode => '0644', :file_mode => '0644',
:file_user => 'foo', :file_user => 'foo',
:file_group => 'bar', :file_group => 'bar',
:file_format => 'yaml',
} }
end end
@ -58,7 +34,6 @@ describe 'openstacklib::policy::default' do
:file_mode => '0644', :file_mode => '0644',
:file_user => 'foo', :file_user => 'foo',
:file_group => 'bar', :file_group => 'bar',
:file_format => 'yaml',
:purge_config => true, :purge_config => true,
} }
end end

29
spec/defines/openstacklib_policy_spec.rb
View File

@ -3,33 +3,6 @@ require 'spec_helper'
describe 'openstacklib::policy' do describe 'openstacklib::policy' do
shared_examples 'openstacklib::policy' do shared_examples 'openstacklib::policy' do
context 'with basic configuration' do context 'with basic configuration' do
let :title do
'/etc/nova/policy.json'
end
let :params do
{
:policies => {
'foo' => {
'key' => 'context_is_admin',
'value' => 'foo:bar'
}
},
:file_mode => '0644',
:file_user => 'foo',
:file_group => 'baa',
:file_format => 'json',
}
end
it { should contain_openstacklib__policy__base('foo').with(
:file_path => '/etc/nova/policy.json',
:key => 'context_is_admin',
:value => 'foo:bar'
)}
end
context 'with yaml configuration' do
let :title do let :title do
'/etc/nova/policy.yaml' '/etc/nova/policy.yaml'
end end
@ -45,7 +18,6 @@ describe 'openstacklib::policy' do
:file_mode => '0644', :file_mode => '0644',
:file_user => 'foo', :file_user => 'foo',
:file_group => 'baa', :file_group => 'baa',
:file_format => 'yaml',
} }
end end
@ -66,7 +38,6 @@ describe 'openstacklib::policy' do
:file_mode => '0644', :file_mode => '0644',
:file_user => 'foo', :file_user => 'foo',
:file_group => 'baa', :file_group => 'baa',
:file_format => 'yaml',
:purge_config => true, :purge_config => true,
} }
end end