This commit migrate all event trigger policies into code [1].
Like oslo.config, with oslo.policy, we can define all of
default rules in code base and only change some rules
via policy file. Another thing that we should use yaml
format instead of json format.
This commit also remove policy.json file usage completely.
[1] https://governance.openstack.org/tc/goals/queens/policy-in-code.html
Co-authored-By: Dai Dang-Van <daidv@vn.fujitsu.com>
Change-Id: Icd674fdc248e5b9c63f9e7d0f47c53288291ff07
This commit migrate all workflow policies into code [1].
Like oslo.config, with oslo.policy, we can define all of
default rules in code base and only change some rules
via policy file. Another thing that we should use yaml
format instead of json format.
[1] https://governance.openstack.org/tc/goals/queens/policy-in-code.html
Co-authored-By: Dai Dang-Van <daidv@vn.fujitsu.com>
Change-Id: I8ab332abb5ebd4c67f8baf62c43ac3e9a10d7ee1
This commit migrate all workbook policies into code [1].
Like oslo.config, with oslo.policy, we can define all of
default rules in code base and only change some rules
via policy file. Another thing that we should use yaml
format instead of json format.
[1] https://governance.openstack.org/tc/goals/queens/policy-in-code.html
Co-authored-By: Dai Dang-Van <daidv@vn.fujitsu.com>
Change-Id: I267a528322cdf69f132503112bb7124ec882ce80
This commit migrate all service and task policies into code [1].
Like oslo.config, with oslo.policy, we can define all of
default rules in code base and only change some rules
via policy file. Another thing that we should use yaml
format instead of json format.
[1] https://governance.openstack.org/tc/goals/queens/policy-in-code.html
Co-authored-By: Dai Dang-Van <daidv@vn.fujitsu.com>
Change-Id: I20e9be2705a41931309b5da4f114715485d1797e
This commit migrate all member policies into code [1].
Like oslo.config, with oslo.policy, we can define all of
default rules in code base and only change some rules
via policy file. Another thing that we should use yaml
format instead of json format.
[1] https://governance.openstack.org/tc/goals/queens/policy-in-code.html
Co-authored-By: Dai Dang-Van <daidv@vn.fujitsu.com>
Change-Id: I166d0d62489fa8230a2ba34ef09f9366ac321633
This commit migrate all execution policies into code [1].
Like oslo.config, with oslo.policy, we can define all of
default rules in code base and only change some rules
via policy file. Another thing that we should use yaml
format instead of json format.
[1] https://governance.openstack.org/tc/goals/queens/policy-in-code.html
Co-authored-By: Dai Dang-Van <daidv@vn.fujitsu.com>
Closes-Bug: #1723333
Change-Id: I3e1d9f5b61d9f2511190fb810726aeb22912ad7b
This commit migrate all environment policies into code [1].
Like oslo.config, with oslo.policy, we can define all of
default rules in code base and only change some rules
via policy file. Another thing that we should use yaml
format instead of json format.
[1] https://governance.openstack.org/tc/goals/queens/policy-in-code.html
Co-authored-By: Dai Dang-Van <daidv@vn.fujitsu.com>
Change-Id: I97307ad7f4c01d9b78ddf1b4cda8e59e736a7831
This commit migrate all cron trigger policies into code [1].
Like oslo.config, with oslo.policy, we can define all of
default rules in code base and only change some rules
via policy file. Another thing that we should use yaml
format instead of json format.
[1] https://governance.openstack.org/tc/goals/queens/policy-in-code.html
Co-authored-By: Dai Dang-Van <daidv@vn.fujitsu.com>
Change-Id: Ib877e4ac6ebfe4068e85705955923d162757689f
This commit migrate all action policies into code [1].
Like oslo.config, with oslo.policy, we can define all of
default rules in code base and only change some rules
via policy file. Another thing that we should use yaml
format instead of json format.
[1] https://governance.openstack.org/tc/goals/queens/policy-in-code.html
Co-authored-By: Dai Dang-Van <daidv@vn.fujitsu.com>
Change-Id: I2ced708b492026c7561cdfc417c43cfa0e4bb503
This commit migrate all action execution policies into code [1].
Like oslo.config, with oslo.policy, we can define all of
default rules in code base and only change some rules
via policy file. Another thing that we should use yaml
format instead of json format.
[1] https://governance.openstack.org/tc/goals/queens/policy-in-code.html
Co-authored-By: Dai Dang-Van <daidv@vn.fujitsu.com>
Change-Id: Ic4b597995ae2ab49e793871c14060f0b9662f468
This commit prepare for implementing policies in code[1].
Like oslo.config, with oslo.policy, we can define all of
default rules in code base and only change some rules
via policy file. Another thing that we should use yaml
format instead of json format.
[1] https://governance.openstack.org/tc/goals/queens/policy-in-code.html
Co-authored-By: Hieu LE <hieulq@vn.fujitsu.com>
Change-Id: I2051b6c25333c95aa9ea6786964d4ab710ea93e8
* Allowed creating via API
* Added the corresponding processing
in the event engine
* Corresponding test
Closes-Bug: #1704111
Change-Id: I73a1d10fe684f1ec962e42e9700064d06cb0bcbe
* Added get event triggers for all projects
and the corresponding rule in policy.json
* Fixed corresponding policy rule names for
event triggers API
Change-Id: I74e65a1cee8d074cfd637e460465922b610237c5
We already supported role based api access control, this series patches
will implement resource access control for mistral, so that
administrator could define the rules of resource accessibility, e.g.
admin user could get/delete/update the workflows of other tenants
according to the policy.
TODO:
- Implement update workflow by admin
- Implement delete workflow by admin
- Implement for other resources(workfbook/execution/task/action, etc.)
Partially implements: blueprint mistral-rbac
Change-Id: I8b00e8a260a74457ad037ee7322a7cba9ae34fab
This patch adds the Mistral changes to support the new event trigger
REST API.
Change-Id: I8190ce81d46cc8296db29f41442354cdfe1a5bbd
Implements: blueprint event-notification-trigger
Co-Authored-By: Lingxian Kong <anlin.kong@gmail.com>
Mistral api access can be restricted base on role
by modifying /etc/mistral/policy.json file.
Change-Id: I4c78ca4cc04d25f46aea55948bce339cfe460ff0
Implements: blueprint mistral-customize-authorization