Commit Graph

22 Commits

Author SHA1 Message Date
Takashi Kajinami 8b3054a13f Refactor resource dependencies
This refactors resource dependencies to improve the following points.

 - Avoid unnecessary dependencies across services. For example aodh
   service does not require cinder db.

 - Restart only api service when config files like paste.ini, which
   are used only be api service is changed.

Change-Id: I6a4c65e81b97235d0ce8a142245927c92ab6e48d
2024-03-04 09:49:06 +09:00
Takashi Kajinami c37af7627c Ensure purge_config takes a boolean value
The purge_config parameters only accept boolean values. This enforces
that using the typed parameters.

Change-Id: I68260f896eb4b94661685a2ebf76500b0cf409a6
2023-07-18 00:52:27 +09:00
Tobias Urdin 8d4873a3af Add per module policy service refresh
Updating the policies for this project should only
refresh the services that reads it.

Change-Id: I83d3ff31083dd687c5b2d76c8297b5e74a7caa1a
2023-06-26 00:04:21 +02:00
Takashi Kajinami 945280277f replace validate_legacy with proper data types
the validate_legacy function is marked for deprecation in
v9.0.0 from puppetlabs-stdlib.

Note that this change removes the pattern validation about [DEFAULT]
pipeline. The existing pattern check is incomplete, because of
the following two reasons.
 - the pattern does not guarantee that the requested pipeline is
   really supported or not
 - the pattern accepts a+b+c but the existing pipelines in glance
   does not have any entries with this pattern

Change-Id: I156d9a3a30ba6c523a0b16a14bf8a1839b61fb78
2023-06-19 18:33:38 +09:00
Takashi Kajinami 43735fb127 Replace legacy facts and use fact hash
... because the latest lint no longer allows usage of legacy facts and
top scope fact.

Change-Id: Iebdb33dd18a8f8d18840ff3e5f4608f021a78bfa
2023-03-02 10:54:36 +09:00
Takashi Kajinami e0b31190c2 Expose policy_default_rule
The option has been managed by the underlying puppet-oslo module but
has not been configurable. This introduces the parameter to customize
the option.

Change-Id: I55a19eb7ed16f87f51ca472e658fc845b1a86dac
2023-01-23 14:26:56 +09:00
Takashi Kajinami bcbcdb1860 Allow purging policy files
This change introduces the new purge_config parameter to the policy
class so that any policy rules not managed by puppet manifests can be
cleared.

Co-Authored-By: Martin Schuppert <mschuppert@redhat.com>
Depends-On: https://review.opendev.org/802305
Change-Id: I75e1d315c4cd4c161582a42495877c80ed57b350
2021-09-05 00:28:01 +09:00
Thomas Goirand 027f296e65 Allow to configure policy_dirs
This patch makes it possible to override the current service default,
which is /etc/<service>/policy.d .

Change-Id: I2942397fcf2e60dbf9f66d0bce289cd15c99ddba
2021-04-01 22:54:21 +02:00
Takashi Kajinami 3381c5e82c Add support for oslo_policy/enforce_new_defaults
Depends-on: https://review.opendev.org/781428
Change-Id: I0cb1c5fe6e71bf6f45cbaef08b08eb5934192890
2021-03-24 16:34:13 +09:00
Takashi Kajinami c0a7f7d891 Add support for the oslo_policy/enforce_scope parameter
Depends-on: https://review.opendev.org/#/c/759008/
Change-Id: I8c12dee1312b756f4c2bfc02d9cdb81db5404247
2021-03-16 12:42:58 +09:00
Takashi Kajinami 18b21aea40 Use yaml instead of json for policy file
Because usage of json for policy file will be deprecated and replaced
by yaml[1].

[1] https://governance.openstack.org/tc/goals/selected/wallaby/migrate-policy-format-from-json-to-yaml.html

Depends-on: https://review.opendev.org/769647
Change-Id: Ic94584b92fdd3f1b3dc76a46d93ddff8d725e6db
2021-01-07 23:20:48 +00:00
Takashi Kajinami 11599ba429 Remove support for glance-registry service
This patch removes support for glance-registry service, because it has
been removed from glance [1].
 [1] https://review.opendev.org/#/c/738671/

Change-Id: Id05f736dbbddaff2cb90aa6678c777b9a0318e40
2020-07-28 19:41:10 +09:00
Tobias Urdin ed9298e996 Convert all class usage to relative names
Change-Id: I9ff8d888e367a46ab89e3668bf4ba76c4c7c127c
2019-12-08 23:06:03 +01:00
Tobias Urdin 4b558f6f00 Use validate_legacy
This changes all the puppet 3 validate_* functions
to use the validate_legacy function.

The validate_legacy function has been available since
about three years but require Puppet >= 4.4.0 and since
there is Puppet 4.10.12 as latest we should assume people
are running a fairly new Puppet 4 version.

This is the first step to then remove all validate function
calls and use proper types for parameter as described in spec [1].

[1] https://review.openstack.org/#/c/568929/

Change-Id: Ib21fef57404d63579743270be4080d248a4ca8cc
2019-02-23 17:19:29 +01:00
ZhongShengping d07c62fe8f Cleanup documentation
Make sure documentation is the same and follow
the standard which we are trying to enforce on
all modules.

Change-Id: I1b54aefa27a929946aaf91c6f863466df8b13107
2018-12-13 17:11:07 +08:00
Emilien Macchi 3bc17a62f9 Add group to policy management
The move of policy.json into code means the file may not exist. We've
added support to ensure that the file exists in the openstacklib but we
need to make sure the permissions are right for each service. This adds
the group information to the policies so it works right.

Change-Id: I2101ddb29e48733a5a5982daafe074ce1c983e9c
Co-Authored-By: Alex Schultz <aschultz@redhat.com>
2018-01-12 03:27:09 +00:00
Clayton O'Neill 18b010975c Add hooks for external install & svc management
This adds defined anchor points for external modules to hook into the
software install, config and service dependency chain.  This allows
external modules to manage software installation (virtualenv,
containers, etc) and service management (pacemaker) without needing rely
on resources that may change or be renamed.

Change-Id: If683fbd098e701a3c4da91941cf818b18b41b209
2016-06-17 13:17:34 +00:00
iberezovskiy 558fa4d212 Configure oslo related parameters using puppet-oslo module
Database, logging and policy parameters for api, registry
and glare services are configured from oslo defines now.

Change-Id: Iee5ee3adfaf9cef1dd3f634806d47c3c52c648fb
2016-04-14 14:20:18 +03:00
luyuan 9989505da6 Update CHANGELOG.md and other files
Notice:
  Add terminator
    - CHANGELOG.md
  Remove spaces
    - glance::cache::cleaner
    - glance::cache::pruner
    - glance::client
    - glance::policy
Fix bug 1485160

Change-Id: I3e7a6fb13aade5ca3f886029f1f4e96a1c606ac6
2015-08-15 19:51:04 +08:00
Mike Dorman ad5bb3d76b Correct docs on format for glance::policy data
Correct the format of the $policies parameter to glance::policy.
That parameter is passed directly to create_resources, so it needs
to be in a format acceptable to that.

Just updating docs here as anyone already using the policy classes
are likely not using the (incorrectly) documented format, anyway.

Change-Id: I80f1f832db124eef3bfd75907e4a2dcb5a5effca
Closes-bug: 1409897
2015-01-12 15:27:20 -07:00
Yanis Guenane e90ea39626 policy.pp : Fix duplicate ressource issue openstacklib::policy
Currently, in the policy.pp file the class openstacklib::policy
is called. The same apply for all components resulting in a
Duplicate Ressource issue. Using directly the underlying ressource
openstacklib::policy::base we prevent this issue.

Change-Id: I08a9aa3d296042292b0127b9920dd7971eec57fe
2014-11-10 14:19:13 -05:00
Yanis Guenane c90a835953 policy.json: Allow one to manage them from the puppet module
This commit allow a deployer to manage the policies via this module
It relies on augeas to change only the policy needed. The init takes
a hash of policies and apply them.

Change-Id: I6ee27a1c4c26c73f5954e6462097fb5ed4dbb7ea
2014-10-22 11:08:41 -04:00