Allow policy actions in code to be importable for RBAC testing
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Fix Released
|
High
|
Unassigned |
Bug Description
Now that Keystone is defining all of its policy actions in code, it is no longer possible to read the keystone policy.json in order to retrieve an exhaustive list of all the Keystone policy actions, necessary for RBAC testing by Patrole.
Currently, Nova has its policy actions in code [0] and allows them to be imported via setup.cfg [1].
Keystone can do the same thing as Nova by adding
oslo.policy.
keystone = keystone.
to its setup.cfg.
Moreover, oslo.policy currently uses the "oslo.policy.
This bug fix, therefore, solves both issues.
[0] https:/
[1] https:/
[2] https:/
Changed in keystone: | |
assignee: | nobody → Felipe Monteiro (fm577c) |
Changed in keystone: | |
status: | Fix Released → Fix Committed |
Changed in keystone: | |
status: | Fix Committed → Fix Released |
Fix proposed to branch: master /review. openstack. org/449694
Review: https:/