Unhardocde policy file and pass proper value to oslo-policy
PROD-33618
Change-Id: I69d40bd26ee487c07c58db284362009e5c566ac8
diff --git a/keystone/files/queens/keystone.conf.Debian b/keystone/files/queens/keystone.conf.Debian
index 3cafb64..e15d813 100644
--- a/keystone/files/queens/keystone.conf.Debian
+++ b/keystone/files/queens/keystone.conf.Debian
@@ -1850,8 +1850,8 @@
{%- endif %}
[oslo_policy]
-{%- if server.policy is defined %}
-{%- set _data = server.policy %}
+{%- if server.oslo_policy is defined %}
+{%- set _data = server.oslo_policy %}
{%- include "oslo_templates/files/queens/oslo/_policy.conf" %}
{%- endif %}
diff --git a/keystone/map.jinja b/keystone/map.jinja
index 8c18968..bb7f9fc 100644
--- a/keystone/map.jinja
+++ b/keystone/map.jinja
@@ -22,6 +22,9 @@
'version': 'icehouse',
'api_version': '2',
'cors': {},
+ 'oslo_policy': {
+ 'policy_file': 'policy.json'
+ },
'hash_algorithm': 'sha256',
'max_request_body_size': '114688',
'tokens': {
@@ -48,6 +51,9 @@
'api_version': '2',
'version': 'icehouse',
'cors': {},
+ 'oslo_policy': {
+ 'policy_file': 'policy.json'
+ },
'hash_algorithm': 'sha256',
'max_request_body_size': '114688',
'tokens': {
diff --git a/keystone/server.sls b/keystone/server.sls
index a0ab534..3e17d79 100644
--- a/keystone/server.sls
+++ b/keystone/server.sls
@@ -177,7 +177,7 @@
{%- endif %}
-/etc/keystone/policy.json:
+/etc/keystone/{{ server.get('oslo_policy', {}).get('policy_file', 'policy.json') }}:
file.managed:
- mode: 0640
- user: root
@@ -193,7 +193,7 @@
keystone_rule_{{ name }}_present:
keystone_policy.rule_present:
- - path: /etc/keystone/policy.json
+ - path: /etc/keystone/{{ server.get('oslo_policy', {}).get('policy_file', 'policy.json') }}
- name: {{ name }}
- rule: {{ rule }}
- require:
@@ -205,7 +205,7 @@
keystone_rule_{{ name }}_absent:
keystone_policy.rule_absent:
- - path: /etc/keystone/policy.json
+ - path: /etc/keystone/{{ server.get('oslo_policy', {}).get('policy_file', 'policy.json') }}
- name: {{ name }}
- require:
- pkg: keystone_packages