Ensure scope logic is enforced

Back after we added the new policies, at some point we should have changed the default state for the tempest tests so they assume/default to the understanding that Ironic is enforcing scope and to use the appropriate client when launching tests, because Ironic restructed it's access model to better align with the overall community and further enable infrastructure operators. Closes-Bug: 2051137 Change-Id: I564af48698d20a150699933bf7e2e829b104ab04
2024-01-23 15:16:40 -08:00 · 2024-01-23 15:16:40 -08:00 · 638dcb7706
parent 227a519fc9
commit 638dcb7706
1 changed files with 2 additions and 2 deletions
--- a/ironic_tempest_plugin/config.py
+++ b/ironic_tempest_plugin/config.py
@ -33,13 +33,13 @@ inspector_service_option = cfg.BoolOpt("ironic_inspector",
                                       "is expected to be available")

 ironic_scope_enforcement = cfg.BoolOpt('ironic',
-                                       default=False,
+                                       default=True,
                                       help='Wheter or not ironic is '
                                            'exepcted to enforce auth '
                                            'scope.')

 inspector_scope_enforcement = cfg.BoolOpt('ironic_inspector',
-                                          default=False,
+                                          default=True,
                                          help='Whether or not '
                                               'ironic-inspector is expected '
                                               'to enforce auth scope.')