summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorZuul <zuul@review.openstack.org>2018-12-20 06:20:48 +0000
committerGerrit Code Review <review@openstack.org>2018-12-20 06:20:48 +0000
commit5b26d7c0bdb762cc7313a67ca1ecb9f056174874 (patch)
tree7e9ea880a99abcf8c11345f631ba54b9dc0d33a4
parent3efe546ab6a574ca17ff85b69ea4be35b4e9bdc2 (diff)
parente7f61a12fa9a4a499b59cfdb21bbbb75cc791ef9 (diff)
Merge "[US:349446] Adding capabilites for reading policy.yaml file."
-rw-r--r--charts/promenade/templates/configmap-etc.yaml2
-rw-r--r--charts/promenade/templates/deployment-api.yaml3
-rw-r--r--charts/promenade/values.yaml10
3 files changed, 15 insertions, 0 deletions
diff --git a/charts/promenade/templates/configmap-etc.yaml b/charts/promenade/templates/configmap-etc.yaml
index 6971cee..0d59f36 100644
--- a/charts/promenade/templates/configmap-etc.yaml
+++ b/charts/promenade/templates/configmap-etc.yaml
@@ -55,4 +55,6 @@ data:
55{{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | indent 4 }} 55{{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | indent 4 }}
56 promenade.conf: |+ 56 promenade.conf: |+
57{{ include "helm-toolkit.utils.to_ini" .Values.conf.promenade | indent 4 }} 57{{ include "helm-toolkit.utils.to_ini" .Values.conf.promenade | indent 4 }}
58 policy.yaml: |+
59{{ toYaml .Values.conf.policy | indent 4 }}
58{{- end }} 60{{- end }}
diff --git a/charts/promenade/templates/deployment-api.yaml b/charts/promenade/templates/deployment-api.yaml
index 667b7d3..05326b4 100644
--- a/charts/promenade/templates/deployment-api.yaml
+++ b/charts/promenade/templates/deployment-api.yaml
@@ -86,6 +86,9 @@ spec:
86 readOnly: true 86 readOnly: true
87 - name: cache 87 - name: cache
88 mountPath: /tmp/cache 88 mountPath: /tmp/cache
89 - name: promenade-etc
90 mountpath: /etc/promenade/policy.yaml
91 subPath: policy.yaml
89 volumes: 92 volumes:
90 - name: promenade-etc 93 - name: promenade-etc
91 configMap: 94 configMap:
diff --git a/charts/promenade/values.yaml b/charts/promenade/values.yaml
index 569efea..09d0fdb 100644
--- a/charts/promenade/values.yaml
+++ b/charts/promenade/values.yaml
@@ -18,6 +18,16 @@ conf:
18 delay_auth_decision: true 18 delay_auth_decision: true
19 auth_type: password 19 auth_type: password
20 auth_section: keystone_authtoken 20 auth_section: keystone_authtoken
21 oslo_policy:
22 policy_file: policy.yaml
23 policy_default_rule: admin_required
24 policy_dirs: policy.d
25
26 policy:
27 admin_required: 'role:admin or is_admin:1'
28 'kubernetes_provisioner:get_join_scripts': 'rule:admin_required'
29 'kubernetes_provisioner:post_validatedesign': 'rule:admin_required'
30 'kubernetes_provisioner:update_node_labels': 'rule:admin_required'
21 31
22 paste: 32 paste:
23 pipeline:main: 33 pipeline:main: