Browse Source

Add support for oslo_policy/enforce_new_defaults

Change-Id: Iad9b2375cbaa66943fce4f26df863fa55d590f57
changes/28/781428/6
Takashi Kajinami 1 year ago
parent
commit
67608ac838
  1. 23
      manifests/policy.pp
  2. 4
      releasenotes/notes/policy-enforce_new_defaults-f033a2b395abb924.yaml
  3. 11
      spec/defines/oslo_policy_spec.rb

23
manifests/policy.pp

@ -11,6 +11,11 @@
# (Optional) Whether or not to enforce scope when evaluating policies.
# Defaults to $::os_service_default.
#
# [*enforce_new_defaults*]
# (Optional) Whether or not to use old deprecated defaults when evaluating
# policies.
# Defaults to $::os_service_default.
#
# [*policy_file*]
# (Optional) The JSON file that defines policies. (string value)
# Defaults to $::os_service_default.
@ -29,10 +34,11 @@
# Defaults to $::os_service_default.
#
define oslo::policy(
$enforce_scope = $::os_service_default,
$policy_file = $::os_service_default,
$policy_default_rule = $::os_service_default,
$policy_dirs = $::os_service_default,
$enforce_scope = $::os_service_default,
$enforce_new_defaults = $::os_service_default,
$policy_file = $::os_service_default,
$policy_default_rule = $::os_service_default,
$policy_dirs = $::os_service_default,
) {
if !is_service_default($policy_dirs) {
$policy_dirs_orig = join(any2array($policy_dirs), ',')
@ -41,10 +47,11 @@ define oslo::policy(
}
$policy_options = {
'oslo_policy/enforce_scope' => { value => $enforce_scope },
'oslo_policy/policy_file' => { value => $policy_file },
'oslo_policy/policy_default_rule' => { value => $policy_default_rule },
'oslo_policy/policy_dirs' => { value => $policy_dirs_orig },
'oslo_policy/enforce_scope' => { value => $enforce_scope },
'oslo_policy/enforce_new_defaults' => { value => $enforce_new_defaults },
'oslo_policy/policy_file' => { value => $policy_file },
'oslo_policy/policy_default_rule' => { value => $policy_default_rule },
'oslo_policy/policy_dirs' => { value => $policy_dirs_orig },
}
create_resources($name, $policy_options)

4
releasenotes/notes/policy-enforce_new_defaults-f033a2b395abb924.yaml

@ -0,0 +1,4 @@
---
features:
- |
The new ``oslo:::policy::enforce_new_defaults`` parameter has been added.

11
spec/defines/oslo_policy_spec.rb

@ -9,6 +9,7 @@ describe 'oslo::policy' do
context 'with default parameters' do
it 'configure oslo_policy default params' do
is_expected.to contain_keystone_config('oslo_policy/enforce_scope').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('oslo_policy/enforce_new_defaults').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('oslo_policy/policy_file').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('oslo_policy/policy_default_rule').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('oslo_policy/policy_dirs').with_value('<SERVICE DEFAULT>')
@ -18,15 +19,17 @@ describe 'oslo::policy' do
context 'with overridden parameters' do
let :params do
{
:enforce_scope => false,
:policy_file => '/path/to/policy.file',
:policy_default_rule => 'some rule',
:policy_dirs => ['dir1', '/dir/2'],
:enforce_scope => false,
:enforce_new_defaults => false,
:policy_file => '/path/to/policy.file',
:policy_default_rule => 'some rule',
:policy_dirs => ['dir1', '/dir/2'],
}
end
it 'configures oslo_policy section' do
is_expected.to contain_keystone_config('oslo_policy/enforce_scope').with_value(false)
is_expected.to contain_keystone_config('oslo_policy/enforce_new_defaults').with_value(false)
is_expected.to contain_keystone_config('oslo_policy/policy_file').with_value('/path/to/policy.file')
is_expected.to contain_keystone_config('oslo_policy/policy_default_rule').with_value('some rule')
is_expected.to contain_keystone_config('oslo_policy/policy_dirs').with_value('dir1,/dir/2')

Loading…
Cancel
Save