Add support for oslo_policy/enforce_new_defaults
Change-Id: Iad9b2375cbaa66943fce4f26df863fa55d590f57
This commit is contained in:
parent
0faa00bd96
commit
67608ac838
|
@ -11,6 +11,11 @@
|
|||
# (Optional) Whether or not to enforce scope when evaluating policies.
|
||||
# Defaults to $::os_service_default.
|
||||
#
|
||||
# [*enforce_new_defaults*]
|
||||
# (Optional) Whether or not to use old deprecated defaults when evaluating
|
||||
# policies.
|
||||
# Defaults to $::os_service_default.
|
||||
#
|
||||
# [*policy_file*]
|
||||
# (Optional) The JSON file that defines policies. (string value)
|
||||
# Defaults to $::os_service_default.
|
||||
|
@ -29,10 +34,11 @@
|
|||
# Defaults to $::os_service_default.
|
||||
#
|
||||
define oslo::policy(
|
||||
$enforce_scope = $::os_service_default,
|
||||
$policy_file = $::os_service_default,
|
||||
$policy_default_rule = $::os_service_default,
|
||||
$policy_dirs = $::os_service_default,
|
||||
$enforce_scope = $::os_service_default,
|
||||
$enforce_new_defaults = $::os_service_default,
|
||||
$policy_file = $::os_service_default,
|
||||
$policy_default_rule = $::os_service_default,
|
||||
$policy_dirs = $::os_service_default,
|
||||
) {
|
||||
if !is_service_default($policy_dirs) {
|
||||
$policy_dirs_orig = join(any2array($policy_dirs), ',')
|
||||
|
@ -41,10 +47,11 @@ define oslo::policy(
|
|||
}
|
||||
|
||||
$policy_options = {
|
||||
'oslo_policy/enforce_scope' => { value => $enforce_scope },
|
||||
'oslo_policy/policy_file' => { value => $policy_file },
|
||||
'oslo_policy/policy_default_rule' => { value => $policy_default_rule },
|
||||
'oslo_policy/policy_dirs' => { value => $policy_dirs_orig },
|
||||
'oslo_policy/enforce_scope' => { value => $enforce_scope },
|
||||
'oslo_policy/enforce_new_defaults' => { value => $enforce_new_defaults },
|
||||
'oslo_policy/policy_file' => { value => $policy_file },
|
||||
'oslo_policy/policy_default_rule' => { value => $policy_default_rule },
|
||||
'oslo_policy/policy_dirs' => { value => $policy_dirs_orig },
|
||||
}
|
||||
|
||||
create_resources($name, $policy_options)
|
||||
|
|
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
features:
|
||||
- |
|
||||
The new ``oslo:::policy::enforce_new_defaults`` parameter has been added.
|
|
@ -9,6 +9,7 @@ describe 'oslo::policy' do
|
|||
context 'with default parameters' do
|
||||
it 'configure oslo_policy default params' do
|
||||
is_expected.to contain_keystone_config('oslo_policy/enforce_scope').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_keystone_config('oslo_policy/enforce_new_defaults').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_keystone_config('oslo_policy/policy_file').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_keystone_config('oslo_policy/policy_default_rule').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_keystone_config('oslo_policy/policy_dirs').with_value('<SERVICE DEFAULT>')
|
||||
|
@ -18,15 +19,17 @@ describe 'oslo::policy' do
|
|||
context 'with overridden parameters' do
|
||||
let :params do
|
||||
{
|
||||
:enforce_scope => false,
|
||||
:policy_file => '/path/to/policy.file',
|
||||
:policy_default_rule => 'some rule',
|
||||
:policy_dirs => ['dir1', '/dir/2'],
|
||||
:enforce_scope => false,
|
||||
:enforce_new_defaults => false,
|
||||
:policy_file => '/path/to/policy.file',
|
||||
:policy_default_rule => 'some rule',
|
||||
:policy_dirs => ['dir1', '/dir/2'],
|
||||
}
|
||||
end
|
||||
|
||||
it 'configures oslo_policy section' do
|
||||
is_expected.to contain_keystone_config('oslo_policy/enforce_scope').with_value(false)
|
||||
is_expected.to contain_keystone_config('oslo_policy/enforce_new_defaults').with_value(false)
|
||||
is_expected.to contain_keystone_config('oslo_policy/policy_file').with_value('/path/to/policy.file')
|
||||
is_expected.to contain_keystone_config('oslo_policy/policy_default_rule').with_value('some rule')
|
||||
is_expected.to contain_keystone_config('oslo_policy/policy_dirs').with_value('dir1,/dir/2')
|
||||
|
|
Loading…
Reference in New Issue