openstack
/
openstack-ansible-os_masakari
Code Issues Proposed changes

[goal] Deprecate the JSON formatted policy file 

As per the community goal of migrating the policy file
the format from JSON to YAML[1], we need to replace policy.json to
policy.yaml and remove deprecated policy.json.

config_template has been choosen instead of the copy, since it can
properly handle content that has been lookuped.

We make a separate task not to restart service when it's not needed.

[1] https://governance.openstack.org/tc/goals/selected/wallaby/migrate-policy-format-from-json-to-yaml.html

Change-Id: I8c89b6d193f221faad4db9e1d0b0152f262b823b
This commit is contained in:
Dmitriy Rabotyagov 2021-03-18 20:44:34 +02:00 committed by Dmitriy Rabotyagov
parent a9a288a6b2
commit 08fbfade2a
5 changed files with 41 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
defaults/main.yml
View File

@ -88,6 +88,7 @@ masakari_monitor_pip_packages:
masakari_api_paste_ini_overrides: {}
masakari_masakari_conf_overrides: {}
masakari_policy_json_overrides: {}
masakari_policy_overrides: "{{ masakari_policy_json_overrides }}"
masakari_api_init_overrides: {}
masakari_engine_init_overrides: {}
masakari_monitors_conf_overrides: {}

9
handlers/main.yml
View File

@ -23,6 +23,15 @@
listen:
- "venv changed"
# NOTE (noonedeadpunk): Remove this task after Xena release
- name: Remove obsoleted policy.json
file:
path: "{{ masakari_etc_dir }}/policy.json"
state: absent
listen:
- "Restart masakari services"
- "venv changed"
- meta: noop
listen: Manage LB
when: false

7
releasenotes/notes/deprecate_masakari_policy_json-979fc92a3fc8ceb3.yaml Normal file
View File

@ -0,0 +1,7 @@
---
deprecations:
- |
Variable ``masakari_policy_json_overrides`` has been deprecated in favor of the
``masakari_policy_overrides`` and will be removed after X release.
As for now ``masakari_policy_overrides`` defaults to
``masakari_policy_json_overrides`` for compatability.

29
tasks/masakari_post_install.yml
View File

@ -34,11 +34,6 @@
config_overrides: "{{ masakari_masakari_conf_overrides }}"
config_type: "ini"
condition: "{{ masakari_services['masakari-api']['group'] in group_names or masakari_services['masakari-engine']['group'] in group_names }}"
- src: "policy.json.j2"
dest: "{{ masakari_etc_dir }}/policy.json"
config_overrides: "{{ masakari_policy_json_overrides }}"
config_type: "json"
condition: "{{ masakari_services['masakari-api']['group'] in group_names or masakari_services['masakari-engine']['group'] in group_names }}"
- src: "masakarimonitors.conf.j2"
dest: "{{ masakari_monitor_etc_dir }}/masakarimonitors.conf"
config_overrides: "{{ masakari_monitors_conf_overrides }}"
@ -52,6 +47,30 @@
notify:
- Restart masakari services
- name: Implement policy.yaml
config_template:
content: "{{ masakari_policy_overrides }}"
dest: "{{ masakari_etc_dir }}/policy.yaml"
owner: "root"
group: "{{ masakari_system_group_name }}"
mode: "0640"
config_type: yaml
when:
- masakari_policy_overrides | length > 0
- masakari_services['masakari-api']['group'] in group_names or masakari_services['masakari-engine']['group'] in group_names
tags:
- masakari-policy-override
- name: Remove legacy policy.yaml file
file:
path: "{{ masakari_etc_dir }}/policy.yaml"
state: absent
when:
- masakari_policy_overrides | length == 0
- masakari_services['masakari-api']['group'] in group_names or masakari_services['masakari-engine']['group'] in group_names
tags:
- masakari-policy-override
- name: Deploy masakari-monitors sudoers files
template:
src: "masakari_sudoers.j2"

10
templates/policy.json.j2
View File

@ -1,10 +0,0 @@
{
"admin_api": "is_admin:True",
"context_is_admin": "role:admin",
"admin_or_owner": "is_admin:True or project_id:%(project_id)s",
"default": "rule:admin_api",
"os_masakari_api:extensions": "rule:admin_api",
"os_masakari_api:segments": "rule:admin_api",
"os_masakari_api:os-hosts": "rule:admin_api",
"os_masakari_api:notifications": "rule:admin_api"
}