That is correct what you wrote above. But tricky part here is generated policy.json from 'oslopolicy-sample-generator' tool without deprecated rules is right thing or wrong. Because it can be seen as one of the valid usgae for deployer who want to switch to new defaults. The only way for them till ussuri(till we introduced new flag in oslo) is to overwrite the policy file with new default (which is what 'oslopolicy- sample-generator 'generate).
If we add arg option in 'oslopolicy-sample-generator ' to add a deprecated rule (say --add-deprecated-rules) that also should not be default and deployer need to change the usage of that tool to pass the new arg. Opinion ? also other challenge is we need to check with Oslo team if that can be done now for ussuri. adding oslo also as an affected project. Also, what we are missing here is this bug actually - https://bugs.launchpad.net/oslo.policy/+bug/1853170 ** Also affects: oslo.policy Importance: Undecided Status: New -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Compute (nova). https://bugs.launchpad.net/bugs/1875418 Title: Generated policy.json in Ussuri is broken by default Status in OpenStack Compute (nova): In Progress Status in oslo.policy: New Bug description: Looks like the generated policy.json is broken by default and can't be used by operators as-is, as it doesn't include the deprecated options which are unfortunately needed for it to work. With the default policy.json as generated by the nova namespace, the admin user can't even do simple things like: - openstack flavor create - openstack hypervisor list and probably many more... To manage notifications about this bug go to: https://bugs.launchpad.net/nova/+bug/1875418/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : [email protected] Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
