d5b60e5d2f
Since Ocata staging on Ubuntu Cloud archive, policy.json file has been dropped because default policies are registred in code. To avoid puppet errors on creating new policy rules, ensure that the file exist. Change-Id: Ida67676cb8941c021363967458d2b23db2acf6bd
58 lines
1.3 KiB
Puppet
58 lines
1.3 KiB
Puppet
# == Class: nova::policy
|
|
#
|
|
# Configure the nova policies
|
|
#
|
|
# === Parameters
|
|
#
|
|
# [*policies*]
|
|
# (optional) Set of policies to configure for nova
|
|
# Example :
|
|
# {
|
|
# 'nova-context_is_admin' => {
|
|
# 'key' => 'context_is_admin',
|
|
# 'value' => 'true'
|
|
# },
|
|
# 'nova-default' => {
|
|
# 'key' => 'default',
|
|
# 'value' => 'rule:admin_or_owner'
|
|
# }
|
|
# }
|
|
# Defaults to empty hash.
|
|
#
|
|
# [*policy_path*]
|
|
# (optional) Path to the nova policy.json file
|
|
# Defaults to /etc/nova/policy.json
|
|
#
|
|
class nova::policy (
|
|
$policies = {},
|
|
$policy_path = '/etc/nova/policy.json',
|
|
) {
|
|
|
|
include ::nova::deps
|
|
|
|
validate_hash($policies)
|
|
|
|
# NOTE(danpawlik) Policy.json file has been removed in
|
|
# Ubuntu Cloud archive packages since Ocata staging.
|
|
# Ensure that the file exist.
|
|
file { '/etc/nova/policy.json':
|
|
ensure => file,
|
|
owner => 'nova',
|
|
group => 'nova',
|
|
mode => '0644',
|
|
require => Anchor['nova::install::end'],
|
|
before => Anchor['nova::config::begin'],
|
|
}
|
|
|
|
$policy_defaults = {
|
|
'file_path' => $policy_path,
|
|
'require' => Anchor['nova::config::begin'],
|
|
'notify' => Anchor['nova::config::end'],
|
|
}
|
|
|
|
create_resources('openstacklib::policy::base', $policies, $policy_defaults)
|
|
|
|
oslo::policy { 'nova_config': policy_file => $policy_path }
|
|
|
|
}
|