From da43f70a82868fa3abd8cdc087e52db525c100ee Mon Sep 17 00:00:00 2001
From: Eric Kao <ekcs.openstack@gmail.com>
Date: Tue, 24 Oct 2017 16:07:41 -0700
Subject: [PATCH] Fix rule in permitted image library policy

images_permitted_by_name definition incorrectly referred
to image tags instead of image names. Fixed with this patch.

Change-Id: I0cd5e0a2049b848b498b6f1b1f4608b5b3c3f196
---
 library/disallowed_images/disallowed_images.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/library/disallowed_images/disallowed_images.yaml b/library/disallowed_images/disallowed_images.yaml
index 4d47765a1..0f530e664 100644
--- a/library/disallowed_images/disallowed_images.yaml
+++ b/library/disallowed_images/disallowed_images.yaml
@@ -13,8 +13,8 @@ rules:
   -
     rule: >
       images_permitted_by_name(image_id) :-
-        glancev2:tags(image_id=image_id, tag=tag),
-        not permitted_image_names(tag)
+        glancev2:images(id=image_id, name=permitted_name),
+        not permitted_image_names(permitted_name)
   -
     rule: >
       servers_with_image_permitted_by_name(server_id, server_name) :-