commit 739041fb9c0018326baa55098e6d1a381e08c87c
author Felipe Monteiro <felipe.monteiro@att.com> Sun Mar 25 00:24:03 2018 -0400
committer Felipe Monteiro <felipe.monteiro@att.com> Sat May 19 16:24:33 2018 +0100
tree 04a63d0e9fb34277f977db98a3a209078ec20bd4
parent 58515edc32a704503155b18d5904c6d96261b3d0

feature flag: Policy feature enabled config group

A new configuration group ``[policy_feature_enabled]`` has been added to
Patrole which will be responsible for collecting the feature flags to be
used for newly introduced policies or policies that were changed in a
backwards-incompatible way.

    * create_port_fixed_ips_ip_address_policy (Neutron)
    * update_port_fixed_ips_ip_address_policy (Neutron)
    * limits_extension_used_limits_policy (Cinder)
    * volume_extension_volume_actions_attach_policy (Cinder)
    * volume_extension_volume_actions_reserve_policy (Cinder)
    * volume_extension_volume_actions_unreserve_policy (Cinder)

These feature flags will be supported until Pike release cycle
is EOL.

The motivation behind these feature flags is [0] which adds
Pike/Queens gating to Patrole. However, in Queens, Neutron
and Cinder renamed or removed a few policies in a backwards-
incompatible way. These policies can be reviewed here: [1].

This PS requires another PS [2] in devstack's lib/tempest
because Patrole, being a branchless project and hosting the
Patrole devstack plugin itself, must fall back to Tempest's
devstack script to list out the backwards-incompatible
policies in Pike.

A documentation update will also come in a follow up with
information on these feature flags.

[0] I76c4a9b8737bf94f230ab141def652b054120f3b
[1] e.g. http://logs.openstack.org/51/547851/4/check/patrole-member-pike/139c534/job-output.txt.gz#_2018-03-22_21_46_08_392229
[2] I00bdeff9474c54d38b6d6844a041b305bec01ad8

Change-Id: Ia0d9847908a8e723446c16465d68cd7f622c04cc

devstack/plugin.sh

diff --git a/devstack/plugin.sh b/devstack/plugin.sh
index 10d13f6..d56c963 100644
--- a/devstack/plugin.sh
+++ b/devstack/plugin.sh
@@ -10,16 +10,25 @@
 XTRACE=$(set +o | grep xtrace)
 set -o xtrace
 
-function install_patrole_tempest_plugin() {
-    if is_service_enabled tempest; then
-        setup_package $PATROLE_DIR -e
+function install_patrole_tempest_plugin {
+    setup_package $PATROLE_DIR -e
 
-        if [[ "$RBAC_TEST_ROLE" == "member" ]]; then
-            RBAC_TEST_ROLE="Member"
-        fi
+    if [[ "$RBAC_TEST_ROLE" == "member" ]]; then
+        RBAC_TEST_ROLE="Member"
+    fi
 
-        iniset $TEMPEST_CONFIG patrole enable_rbac True
-        iniset $TEMPEST_CONFIG patrole rbac_test_role $RBAC_TEST_ROLE
+    iniset $TEMPEST_CONFIG patrole enable_rbac True
+    iniset $TEMPEST_CONFIG patrole rbac_test_role $RBAC_TEST_ROLE
+
+    if [[ ${DEVSTACK_SERIES} == 'pike' ]]; then
+        # Policies used by Patrole testing that were changed in a backwards-incompatible way.
+        # TODO(fmontei): Remove these once stable/pike becomes EOL.
+        iniset $TEMPEST_CONFIG policy-feature-enabled create_port_fixed_ips_ip_address_policy False
+        iniset $TEMPEST_CONFIG policy-feature-enabled update_port_fixed_ips_ip_address_policy False
+        iniset $TEMPEST_CONFIG policy-feature-enabled limits_extension_used_limits_policy False
+        iniset $TEMPEST_CONFIG policy-feature-enabled volume_extension_volume_actions_attach_policy False
+        iniset $TEMPEST_CONFIG policy-feature-enabled volume_extension_volume_actions_reserve_policy False
+        iniset $TEMPEST_CONFIG policy-feature-enabled volume_extension_volume_actions_unreserve_policy False
     fi
 }