OpenStack Compute (nova)

  1. Bug #1875418
  2. Comment #11

Comment 11 for bug 1875418

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix merged to nova (stable/ussuri)

Reviewed: https://review.opendev.org/725146
Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=dd3cc59ccf8c963e078359d4b27dacf7d54a14ee
Submitter: Zuul
Branch: stable/ussuri

commit dd3cc59ccf8c963e078359d4b27dacf7d54a14ee
Author: Ghanshyam Mann <email address hidden>
Date: Mon Apr 27 13:46:07 2020 -0500

    Add nova-status upgrade check and reno for policy new defaults

    There are cases where policy file is re-generated freshly
    and end up having the new defaults only but expectation is that
    old deprecated rule keep working.

    If a rule is present in policy file then, that has priority over
    its defaults so either rules should not be present in policy file
    or users need to update their token to match the overridden rule
    permission.

    This issue was always present when any policy defaults were changed
    with old defaults being supported as deprecated. This is we have
    changed all the policy for new defaults so it came up as broken case.

    Adding nova-status upgrade check also to detect such policy file.

    Related-Bug: #1875418

    Change-Id: Id9cd65877e53577bff22e408ca07bbeec4407f6e
    (cherry picked from commit d4af91f349b9d3fe4f840878906032a62b589324)