openstack/aodh
Code Issues Proposed changes

Implement policy in code - reno and doc (end)

Browse Source 
This commit migrate all policies into code [1].

[1] https://governance.openstack.org/tc/goals/queens/policy-in-code.html

Change-Id: Ibdc8611dbb665595b4b3bca493b8bdb241db3fae
Co-authored-By: Hieu LE <hieulq@vn.fujitsu.com>
This commit is contained in:
Dai Dang Van 2017-10-19 16:10:52 +07:00
parent 93d322c7c7
commit f6ce4df181
6 changed files with 41 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -20,3 +20,4 @@ subunit.log
# Files created by releasenotes build # Files created by releasenotes build
releasenotes/build releasenotes/build
/doc/source/contributor/api/ /doc/source/contributor/api/
doc/source/_static/aodh.policy.yaml.sample

7
doc/source/conf.py
View File

@ -49,6 +49,8 @@ extensions = [
'stevedore.sphinxext', 'stevedore.sphinxext',
'oslo_config.sphinxconfiggen', 'oslo_config.sphinxconfiggen',
'oslo_config.sphinxext', 'oslo_config.sphinxext',
'oslo_policy.sphinxpolicygen',
'oslo_policy.sphinxext',
'sphinxcontrib.httpdomain', 'sphinxcontrib.httpdomain',
] ]
@ -56,6 +58,11 @@ config_generator_config_file = os.path.join(ROOT,
'aodh/cmd/aodh-config-generator.conf') 'aodh/cmd/aodh-config-generator.conf')
sample_config_basename = '_static/aodh' sample_config_basename = '_static/aodh'
policy_generator_config_file = (
'../../aodh/cmd/aodh-policy-generator.conf'
)
sample_policy_basename = '_static/aodh'
wsme_protocols = ['restjson', 'restxml'] wsme_protocols = ['restjson', 'restxml']
todo_include_todos = True todo_include_todos = True

5
doc/source/configuration/index.rst
View File

@ -7,6 +7,5 @@ Configuration Guide
.. toctree:: .. toctree::
aodh-config-file.rst aodh-config-file.rst
aodh-config-options.rst aodh-config-options.rst
policy
sample-policy-yaml

9
doc/source/configuration/policy.rst Normal file
View File

@ -0,0 +1,9 @@
=====================================
Aodh Sample Policy Configuration File
=====================================
The following is an overview of all available policies in Aodh.
For a sample configuration file, refer to :doc:`sample-policy-yaml`.
.. show-policy::
:config-file: ../../aodh/cmd/aodh-policy-generator.conf

8
doc/source/configuration/sample-policy-yaml.rst Normal file
View File

@ -0,0 +1,8 @@
===========
policy.yaml
===========
Use the ``policy.yaml`` file to define additional access controls that will be
applied to Aodh:
.. literalinclude:: ../_static/aodh.policy.yaml.sample

14
releasenotes/notes/policy-in-code-79edd9282f1e4603.yaml Normal file
View File

@ -0,0 +1,14 @@
---
features:
- |
Aodh now support policy in code, which means if users didn't modify
any of policy rules, they can leave policy file (in `json` or `yaml`
format) empty or not deploy it at all. Because from now, Aodh keeps
all default policies under `aodh/api/policies` module.
Users can still modify/generate `policy.yaml` file which will override
policy rules in code if those rules show in `policy.yaml` file.
other:
- |
Default `policy.json` file is now removed as Aodh now generate the
default policies from code. Please be aware that when using that file in
your environment.