Updating policy for neutron and nova to include role: baremetaluser #1913
+30
−0
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request updates Neutron and Nova policies to grant the baremetaluser role additional permissions, aligning with the goal of simplifying baremetal instance management. The changes in the Nova policy file are clear and correct. For the Neutron policy file, I've suggested a minor improvement to enhance readability and prevent potential issues by explicitly grouping and conditions with parentheses. Overall, the changes look good and address the intended purpose.
claudia-lola
temporarily deployed
to
SMS Lab
GitHub Actions
Inactive
claudia-lola
temporarily deployed
to
SMS Lab
GitHub Actions
Inactive
claudia-lola
temporarily deployed
to
SMS Lab
GitHub Actions
Inactive
claudia-lola
temporarily deployed
to
Leafcloud
GitHub Actions
Inactive
claudia-lola
temporarily deployed
to
Leafcloud
GitHub Actions
Inactive
claudia-lola
temporarily deployed
to
Leafcloud
GitHub Actions
Inactive
claudia-lola
temporarily deployed
to
SMS Lab
GitHub Actions
Inactive
claudia-lola
temporarily deployed
to
Leafcloud
GitHub Actions
Inactive
claudia-lola
temporarily deployed
to
Leafcloud
GitHub Actions
Inactive
claudia-lola
temporarily deployed
to
SMS Lab
GitHub Actions
Inactive
claudia-lola
temporarily deployed
to
Leafcloud
GitHub Actions
Inactive
claudia-lola
temporarily deployed
to
SMS Lab
GitHub Actions
Inactive
claudia-lola
force-pushed
the
claudia-baremetaluser
branch
from
ac479a1 to
caaca7d
Compare
claudia-lola
temporarily deployed
to
SMS Lab
GitHub Actions
Inactive
claudia-lola
temporarily deployed
to
SMS Lab
GitHub Actions
Inactive
claudia-lola
temporarily deployed
to
Leafcloud
GitHub Actions
Inactive
claudia-lola
temporarily deployed
to
SMS Lab
GitHub Actions
Inactive
claudia-lola
temporarily deployed
to
Leafcloud
GitHub Actions
Inactive
claudia-lola
temporarily deployed
to
Leafcloud
GitHub Actions
Inactive
claudia-lola
had a problem deploying
to
SMS Lab
GitHub Actions
Failure
claudia-lola
temporarily deployed
to
Leafcloud
GitHub Actions
Inactive
claudia-lola
temporarily deployed
to
Leafcloud
GitHub Actions
Inactive
claudia-lola
temporarily deployed
to
Leafcloud
GitHub Actions
Inactive
claudia-lola
had a problem deploying
to
SMS Lab
GitHub Actions
Failure
claudia-lola
had a problem deploying
to
SMS Lab
GitHub Actions
Failure
claudia-lola
force-pushed
the
claudia-baremetaluser
branch
2 times, most recently
from
72e75ba to
084d9ff
Compare
claudia-lola
had a problem deploying
to
Leafcloud
GitHub Actions
Error
claudia-lola
had a problem deploying
to
Leafcloud
GitHub Actions
Error
claudia-lola
had a problem deploying
to
Leafcloud
GitHub Actions
Error
Member
But the alternative is users bricking the cloud using the admin role? I didn't know the policy didn't merge. Given people have overrides that is a very good reason for this to not be the default. Supporting policy.d makes very good sense as something for the backlog. Is a mix-in for now a better middle ground for now? |
JohnGarbutt
temporarily deployed
to
Leafcloud
GitHub Actions
Inactive
JohnGarbutt
temporarily deployed
to
Leafcloud
GitHub Actions
Inactive
JohnGarbutt
temporarily deployed
to
Leafcloud
GitHub Actions
Inactive
JohnGarbutt
had a problem deploying
to
Leafcloud
GitHub Actions
Error
JohnGarbutt
had a problem deploying
to
Leafcloud
GitHub Actions
Error
JohnGarbutt
had a problem deploying
to
Leafcloud
GitHub Actions
Error
JohnGarbutt
temporarily deployed
to
Leafcloud
GitHub Actions
Inactive
JohnGarbutt
temporarily deployed
to
Leafcloud
GitHub Actions
Inactive
JohnGarbutt
temporarily deployed
to
Leafcloud
GitHub Actions
Inactive
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Updating policy to allow role: baremetaluser to map baremetal instances to specific ironic nodes (this is desirable so that the instance name = ironic node name, making debugging less confusing)