openstack/ironic-inspector
Code Issues Proposed changes
3750073bcf
ironic-inspector/ironic_inspector
History
Steve Baker c9e312f8b4 Implement secure RBAC 
The default policy will been replaced with one which aligns with the
Secure-RBAC scopes and roles. Since ironic-inspector is a tool used only
by system-level admins, only the ``system`` scope is supported, and the
only roles in the policy rules are ``admin`` and ``reader``.

The is_admin and is_observer rules are deprecated for removal, and
every rule which refers to them are deprecated in favor of the
system-scoped equivalent (system_scope:all with role:admin or
role:reader)

No unit tests covered the existing policy, these are now covered by
test_acl.TestACLDeprecated.

Change-Id: I4d038245c6b97b1504fb47eeec78ad3f9e5a897c
2021-02-23 10:24:49 +13:00
..
cmd Add upgrade check, and json2yaml policy handling 2021-01-04 13:56:28 -08:00
common Use correct Node id attribute 2020-11-23 16:19:35 +13:00
conductor Add leader election for periodic sync with ironic 2020-07-02 12:17:28 +02:00
conf Merge "pxe filter - option to always block unknown hosts" 2020-09-30 15:32:31 +00:00
locale/en_GB/LC_MESSAGES Imported Translations from Zanata 2020-10-11 06:44:24 +00:00
migrations Fix database migrations and disable the non-standalone job 2020-10-26 14:16:34 +01:00
plugins Identify accelerator devices during introspection 2020-08-20 14:03:37 +08:00
pxe_filter pxe filter - option to always block unknown hosts 2020-09-28 12:18:00 +02:00
test Implement secure RBAC 2021-02-23 10:24:49 +13:00
__init__.py Switch to pbr 2015-06-18 16:09:07 +02:00
alembic.ini Add alembic migrations for the inspector database 2015-09-23 14:44:46 +01:00
api_tools.py Stop using six library 2019-12-17 09:23:01 +01:00
db.py Added scope to introspection rules. 2020-03-26 21:40:43 +01:00
introspect.py Revert "Power off before inspection" 2020-09-29 00:24:14 +00:00
introspection_state.py Fix pycodestyle warnings/errors now visible with hacking 1.1.0 2018-05-08 23:46:05 +02:00
known_accelerators.yaml Add NVIDIA V100 to known accelerator devices 2020-09-14 09:54:28 +02:00
main.py Use correct Node id attribute 2020-11-23 16:19:35 +13:00
node_cache.py Use correct Node id attribute 2020-11-23 16:19:35 +13:00
policy.py Implement secure RBAC 2021-02-23 10:24:49 +13:00
process.py Use openstacksdk for ironic module 2020-03-23 14:28:09 +01:00
rules.py Log outcome of check_conditions method. 2020-08-11 14:34:10 +02:00
utils.py Fix node id vs uuid in processing_logger_prefix 2021-02-17 18:40:58 +02:00
version.py Use Reno for release notes management 2015-11-26 10:12:14 +01:00
wsgi_service.py Split API and conductor services 2019-08-12 15:29:55 +08:00