Add blank access_rules file
When starting the keystone-api pod, the service checks for a access_rules file for application credentials during startup. If the file does not exist, keystone emits a warning saying the file is not found: WARNING keystone.access_rules_config.backends.json [-] No config file found for access rules, application credential access rules will be unavailable.: FileNotFoundError: [Errno 2] No such file or directory: '/etc/keystone/access_rules.json' This change adds in a blank access_rules.json file to the keystone etc directory in order to surpress this message. Change-Id: I63ac153cc91ac45b3fd223f8a54b933b5cbffac4
This commit is contained in:
parent
0699a2c162
commit
fe53b5e559
@ -14,7 +14,7 @@ apiVersion: v1
|
|||||||
appVersion: v1.0.0
|
appVersion: v1.0.0
|
||||||
description: OpenStack-Helm Keystone
|
description: OpenStack-Helm Keystone
|
||||||
name: keystone
|
name: keystone
|
||||||
version: 0.1.1
|
version: 0.1.2
|
||||||
home: https://docs.openstack.org/keystone/latest/
|
home: https://docs.openstack.org/keystone/latest/
|
||||||
icon: https://www.openstack.org/themes/openstack/images/project-mascots/Keystone/OpenStack_Project_Keystone_vertical.png
|
icon: https://www.openstack.org/themes/openstack/images/project-mascots/Keystone/OpenStack_Project_Keystone_vertical.png
|
||||||
sources:
|
sources:
|
||||||
|
@ -56,6 +56,7 @@ data:
|
|||||||
logging.conf: {{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.logging | b64enc }}
|
logging.conf: {{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.logging | b64enc }}
|
||||||
keystone-paste.ini: {{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | b64enc }}
|
keystone-paste.ini: {{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | b64enc }}
|
||||||
policy.json: {{ toJson .Values.conf.policy | b64enc }}
|
policy.json: {{ toJson .Values.conf.policy | b64enc }}
|
||||||
|
access_rules.json: {{ toJson .Values.conf.access_rules | b64enc }}
|
||||||
ports.conf: ''
|
ports.conf: ''
|
||||||
{{- range $k, $v := .Values.conf.ks_domains }}
|
{{- range $k, $v := .Values.conf.ks_domains }}
|
||||||
keystone.{{ $k }}.json: {{ toJson $v | b64enc }}
|
keystone.{{ $k }}.json: {{ toJson $v | b64enc }}
|
||||||
|
@ -113,6 +113,10 @@ spec:
|
|||||||
mountPath: /etc/keystone/policy.json
|
mountPath: /etc/keystone/policy.json
|
||||||
subPath: policy.json
|
subPath: policy.json
|
||||||
readOnly: true
|
readOnly: true
|
||||||
|
- name: keystone-etc
|
||||||
|
mountPath: /etc/keystone/access_rules.json
|
||||||
|
subpath: access_rules.json
|
||||||
|
readOnly: true
|
||||||
- name: keystone-etc
|
- name: keystone-etc
|
||||||
mountPath: /etc/keystone/sso_callback_template.html
|
mountPath: /etc/keystone/sso_callback_template.html
|
||||||
subPath: sso_callback_template.html
|
subPath: sso_callback_template.html
|
||||||
|
@ -777,6 +777,7 @@ conf:
|
|||||||
identity:update_domain_config: rule:admin_required
|
identity:update_domain_config: rule:admin_required
|
||||||
identity:delete_domain_config: rule:admin_required
|
identity:delete_domain_config: rule:admin_required
|
||||||
identity:get_domain_config_default: rule:admin_required
|
identity:get_domain_config_default: rule:admin_required
|
||||||
|
access_rules: {}
|
||||||
rabbitmq:
|
rabbitmq:
|
||||||
# NOTE(rk760n): adding rmq policy to mirror messages from notification queues and set expiration time for the ones
|
# NOTE(rk760n): adding rmq policy to mirror messages from notification queues and set expiration time for the ones
|
||||||
policies:
|
policies:
|
||||||
|
Loading…
Reference in New Issue
Block a user