This commit adds a tool that parses a directory of service.yaml policy
files and then converts them to the appropriate THT structure, using the
necessary service variables and templating.
The enable-secure-rbac.yaml is simply the current defaults generated
from code. First, generate all the policy files for each OpenStack
service:
$ oslopolicy-sample-generator --namespace $SERVICE --output-file $DEST/$SERVICE.yaml
Next, uncomment all the default policies as a starting point for making
policy changes:
$ sed -i 's/^#"/"/g' $DEST/$SERVICE.yaml
Next you can make changes to the policy files to reflect the changes you
want in your deployment.
Finally, you can generate the necessary heat template:
$ ./convert_policy_yaml_to_heat_template.py -d $DEST
The tool outputs to stdout. It's up to the user to redirect to a file if
they wish to save results.
The enable-secure-rbac.yaml environment will be updated in subsequent
patches to implement project personas.
Change-Id: I9957243d307758f56b84cde3a408006d8161fa41