← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #80274

[Bug 1806762] Re: policy.v3cloudsample.json contains redundant policies

  Thread PreviousDate PreviousThread Next 
Reviewed:  https://review.opendev.org/682266
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=d4a6023de5bdfe5a6e9214579a35e083a45c1151
Submitter: Zuul
Branch:    master

commit d4a6023de5bdfe5a6e9214579a35e083a45c1151
Author: Lance Bragstad <lbragstad@xxxxxxxxx>
Date:   Mon Sep 16 02:52:12 2019 +0000

    Remove policy.v3cloudsample.json
    
    We've make all the default policies keystone supports better by
    incorporating default roles and scope types. These changes have made
    the ``policy.v3cloudsample.json`` file obsolete.
    
    Let's simply things for users, operators, and develpers by removing
    it.
    
    A follow-on patch will remove the test_v3_protection.py file since
    those behaviors are passing all the protection tests with the default
    policies in code.
    
    Related-Bug: 1805880
    Closes-Bug: 1630434
    Closes-Bug: 1806762
    Change-Id: Ie45955f5cc54563cc9704d7cb2b656b5544ae030


** Changed in: keystone
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1806762

Title:
  policy.v3cloudsample.json contains redundant policies

Status in OpenStack Identity (keystone):
  Fix Released

Bug description:
  The policy.v3cloudsample.json policy file contains a bunch of
  redundant policies. This is because when it was created to try and
  solve the admin-ness problem [0], policies were not in code and didn't
  have defaults. This meant that we needed to define every policy in the
  policy.v3cloudsample.json even if it had the same value as the default
  policies.

  Ultimately, the policy.v3cloudsample.json policy file should be
  removed because it is obsolete with the advent of system-scope [0] and
  default roles [1].

  [0] http://specs.openstack.org/openstack/keystone-specs/specs/keystone/queens/system-scope.html
  [1] http://specs.openstack.org/openstack/keystone-specs/specs/keystone/rocky/define-default-roles.html

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1806762/+subscriptions

References

  Thread PreviousDate PreviousThread Next