Current policy.json role assignments are error prone for deployment modifications
Bug #1497646 reported by
John Wood
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Barbican |
Fix Released
|
Wishlist
|
Dave McCowan | ||
Bug Description
The first five policy.json rules define the Barbican roles. All other rules below these should then only reference these roles via their 'rule' definitions. This supports deployers modifying these roles to suit corporate role naming conventions.
However, there are some direct 'role:xxxx' reference in the non-role rules, violating don't repeat yourself (DRY). Rather than making deployers find all the place where roles are in the policy file, it is less error prone to just replace those role references with a 'rule:xxxx' reference.
| Changed in barbican: | |
| assignee: | nobody → John Wood (john-wood-w) |
| importance: | Undecided → Medium |
| assignee: | John Wood (john-wood-w) → nobody |
| importance: | Medium → Wishlist |
| Changed in barbican: | |
| assignee: | nobody → Dave McCowan (dave-mccowan) |
| status: | New → In Progress |
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Fix merged to barbican (master) | #1 |
| Changed in barbican: | |
| status: | In Progress → Fix Committed |
| Changed in barbican: | |
| milestone: | none → liberty-rc1 |
| status: | Fix Committed → Fix Released |
| Changed in barbican: | |
| milestone: | liberty-rc1 → 1.0.0 |
To post a comment you must log in.
Reviewed: https:/
Committed: https:/
Submitter: Jenkins
Branch: master
commit c4e01a2d5b13bc1
Author: Dave McCowan <email address hidden>
Date: Sun Sep 20 16:24:33 2015 -0400
Change roles to rules in policy.json file
Each role should be assigned exactly one to a rule, and only the rule
should be used thereafter in the policy.json file. For consistency,
I also remove _role as a suffix for rule names.
Change-Id: I412a2516690b3b
Closes-bug: #1497646