yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #82453
[Bug 1875418] Re: Generated policy.json in Ussuri is broken by default
That is correct what you wrote above. But tricky part here is generated
policy.json from 'oslopolicy-sample-generator' tool without deprecated
rules is right thing or wrong. Because it can be seen as one of the
valid usgae for deployer who want to switch to new defaults. The only
way for them till ussuri(till we introduced new flag in oslo) is to
overwrite the policy file with new default (which is what 'oslopolicy-
sample-generator 'generate).
If we add arg option in 'oslopolicy-sample-generator ' to add a
deprecated rule (say --add-deprecated-rules) that also should not be
default and deployer need to change the usage of that tool to pass the
new arg. Opinion ? also other challenge is we need to check with Oslo
team if that can be done now for ussuri. adding oslo also as an affected
project.
Also, what we are missing here is this bug actually -
https://bugs.launchpad.net/oslo.policy/+bug/1853170
** Also affects: oslo.policy
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1875418
Title:
Generated policy.json in Ussuri is broken by default
Status in OpenStack Compute (nova):
In Progress
Status in oslo.policy:
New
Bug description:
Looks like the generated policy.json is broken by default and can't be
used by operators as-is, as it doesn't include the deprecated options
which are unfortunately needed for it to work.
With the default policy.json as generated by the nova namespace, the
admin user can't even do simple things like:
- openstack flavor create
- openstack hypervisor list
and probably many more...
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1875418/+subscriptions
References