openstack/neutron
Code Issues Proposed changes
OpenStack Networking (Neutron)
27,906 Commits 10 Branches 83 Tags 1,006 MiB
Python 99.7%
Shell 0.3%
a644b3c62b
Go to file
Slawek Kaplonski a644b3c62b [S-RBAC] Change policies for port's binding:profile field 
According to the neutron API-REF [1] port's "binding:profile" field is
intended to be used for the "machine-machine communication for compute
services like Nova, Ironic or Zun to pass information to a Neutron
back-end." so it should be by allowed only for the users with the
SERVICE role granted, not even for ADMIN.
This patch updates that policies to be available only for SERVICE role
when new, secure RBAC policies are enabled.

Additionally this patch updates some policies for create, update and get
port APIs to make them all work in the same way and allow them for the
SERVICE users too.

Finally this new policy for create/update_port:binding:profile have to
be overwritten in the fullstack tests to be allowed also for admin user.
It is done by adding custom policy file for the fullstack tests only.

[1] https://docs.openstack.org/api-ref/network/v2/index.html#create-port

Closes-Bug: #2052937
Change-Id: I5c0094ff21439fe8977cfc623789a09067e6a895
2024-02-16 16:10:43 +01:00
api-ref Fix some typos 2016-06-28 22:46:19 +02:00
devstack Remove note about migration from lib/neutron-legacy to lib/neutron 2022-12-20 11:05:05 +01:00
doc Merge "Disallow subnet cidr of :: without PD" 2024-02-13 21:48:00 +00:00
etc [S-RBAC] Change policies for port's binding:profile field 2024-02-16 16:10:43 +01:00
neutron [S-RBAC] Change policies for port's binding:profile field 2024-02-16 16:10:43 +01:00
playbooks Limit tox version to <4 2022-12-10 20:43:54 +01:00
rally-jobs [ci] Fix several rally task arguments 2020-05-06 14:56:27 +03:00
releasenotes Merge "Fix wrong option name in release note" 2024-02-13 08:18:05 +00:00
roles Restore the tempest nftables jobs in experimental and periodic queues 2023-10-11 13:27:17 +00:00
tools Use compiled OVN version v23.09.0 2023-09-25 10:10:38 -04:00
vagrant/ovn Fix local neutron folder path in ovn/sparse/Vagrantfile 2020-11-03 17:02:34 +01:00
zuul.d [OVN][CI] Update OVS_BRANCH to be compatible with ovn main 2024-01-31 18:54:10 +05:30
.coveragerc Cleanup coverage configuration 2016-10-17 17:06:19 +05:30
.gitignore Ignore reno artefacts (RELEASENOTES.rst and reno.cache) 2023-01-18 04:52:03 +01:00
.gitreview OpenDev Migration Patch 2019-04-19 19:38:27 +00:00
.mailmap Add mailmap entry 2014-05-16 13:40:04 -04:00
.pylintrc Merge "Fix pylint "W" missing-timeout warnings" 2023-12-02 00:55:55 +00:00
.stestr.conf Fix post gate hook to accommodate for new os-testr 2017-09-12 14:20:12 -06:00
bindep.txt Fix bindep for Debian bookworm 2023-08-21 13:57:00 +00:00
CONTRIBUTING.rst [Community goal] Add contributor and PTL guide 2020-03-03 04:43:26 +01:00
HACKING.rst Update hacking version 2024-02-08 10:34:10 -05:00
LICENSE Adding Apache Version 2.0 license file. This is the official license agreement under which Quantum code is available to 2011-08-08 12:31:04 -07:00
plugin.spec Update url and package name 2023-03-28 06:59:20 +00:00
README.rst Doc: make the contributor guide more visible 2022-07-14 13:08:56 +02:00
requirements.txt python-3.12: do not use datetime.datetime.utcnow() 2024-01-20 04:30:48 +00:00
setup.cfg Update python classifier in setup.cfg 2024-01-09 19:04:32 -08:00
setup.py Cleanup setup.py and requirements 2024-01-12 17:44:09 +09:00
test-requirements.txt Cleanup setup.py and requirements 2024-01-12 17:44:09 +09:00
TESTING.rst Amend documentation for fullstack tests 2022-12-08 14:29:34 +01:00
tox.ini Merge "Update hacking version" 2024-02-12 13:09:52 +00:00

README.rst

OpenStack Neutron

image

Neutron is an OpenStack project to provide "network connectivity as a service" between interface devices (e.g., vNICs) managed by other OpenStack services (e.g., Nova).

To learn more about neutron:

If you would like to contribute to Neutron, please read the file CONTRIBUTING.rst or see the Neutron contributor guide:

https://docs.openstack.org/neutron/latest/contributor/contributing.html

Get in touch via email. Use [Neutron] in your subject.