)]}'
{"/PATCHSET_LEVEL":[{"author":{"_account_id":8556,"name":"Ghanshyam Maan","display_name":"Ghanshyam Maan","email":"gmaan.os14@gmail.com","username":"ghanshyam"},"change_message_id":"df6f8f352b250517e9319332cbb3225885dc2f3c","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":7,"id":"3a355fdd_01bdb672","updated":"2022-02-25 00:57:05.000000000","message":"recheck","commit_id":"f9c1d1163ddd924b0721f5dd7146a2a87a2afa31"},{"author":{"_account_id":7634,"name":"Takashi Natsume","email":"takanattie@gmail.com","username":"natsumet"},"change_message_id":"1365927a724f5d8d6c463be136339c415f079f4d","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":7,"id":"b5aecade_65c5b8fb","updated":"2022-02-26 09:22:58.000000000","message":"recheck","commit_id":"f9c1d1163ddd924b0721f5dd7146a2a87a2afa31"},{"author":{"_account_id":7634,"name":"Takashi Natsume","email":"takanattie@gmail.com","username":"natsumet"},"change_message_id":"d7e8734acb0e34e4b65e67723b622dcaab738a57","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":7,"id":"f2b920f2_0299fad8","updated":"2022-02-25 12:48:39.000000000","message":"recheck","commit_id":"f9c1d1163ddd924b0721f5dd7146a2a87a2afa31"},{"author":{"_account_id":7634,"name":"Takashi Natsume","email":"takanattie@gmail.com","username":"natsumet"},"change_message_id":"b9e0aee7df19f9e7df56ad1871e5118c43f56781","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":7,"id":"fc561b7a_54c121b2","updated":"2022-02-26 11:59:53.000000000","message":"recheck","commit_id":"f9c1d1163ddd924b0721f5dd7146a2a87a2afa31"},{"author":{"_account_id":8556,"name":"Ghanshyam Maan","display_name":"Ghanshyam Maan","email":"gmaan.os14@gmail.com","username":"ghanshyam"},"change_message_id":"0aad3ed54fa65c7d44bcfa96ffacd2c1ea0b9506","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":7,"id":"377f04db_fa16c4c1","updated":"2022-02-26 22:23:40.000000000","message":"recheck ssh timeout","commit_id":"f9c1d1163ddd924b0721f5dd7146a2a87a2afa31"},{"author":{"_account_id":7634,"name":"Takashi Natsume","email":"takanattie@gmail.com","username":"natsumet"},"change_message_id":"e88b860bbfec8bfb473290222cec0547de204792","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":7,"id":"32d33f59_5b8bbe36","updated":"2022-02-27 01:39:52.000000000","message":"recheck timeout","commit_id":"f9c1d1163ddd924b0721f5dd7146a2a87a2afa31"}],"doc/source/configuration/policy-concepts.rst":[{"author":{"_account_id":7166,"name":"Sylvain Bauza","email":"sbauza@redhat.com","username":"sbauza"},"change_message_id":"748f87a066dcb3ebca19b63f07570401a6782f57","unresolved":true,"context_lines":[{"line_number":41,"context_line":":keystone-doc:`this document \u003c/admin/tokens-overview.html#authorization-scopes\u003e`"},{"line_number":42,"context_line":"and `system scope specification \u003chttps://specs.openstack.org/openstack/keystone-specs/specs/keystone/queens/system-scope.html\u003e`_ to understand the scope concept."},{"line_number":43,"context_line":""},{"line_number":44,"context_line":"In the Nova 25.0.0 (Yoga) release, Nova policies implemented"},{"line_number":45,"context_line":"the scope concept and default roles provided by keystone (admin, member,"},{"line_number":46,"context_line":"and reader). Using common roles from keystone reduces the likelihood of"},{"line_number":47,"context_line":"similar, but different, roles implemented across projects or deployments"}],"source_content_type":"text/x-rst","patch_set":6,"id":"2daf53d0_78470b07","line":44,"updated":"2022-02-23 16:31:08.000000000","message":"++","commit_id":"9d989e28010d47a31a9f0bc07ed032a1004b6792"},{"author":{"_account_id":7166,"name":"Sylvain Bauza","email":"sbauza@redhat.com","username":"sbauza"},"change_message_id":"748f87a066dcb3ebca19b63f07570401a6782f57","unresolved":true,"context_lines":[{"line_number":120,"context_line":"    # Show an extra spec for a flavor"},{"line_number":121,"context_line":"    # GET /flavors/{flavor_id}/os-extra_specs/{flavor_extra_spec_key}"},{"line_number":122,"context_line":"    # Intended scope(s): system, project"},{"line_number":123,"context_line":"    #\"os_compute_api:os-flavor-extra-specs:show\": \"rule:project_reader_or_admin\""},{"line_number":124,"context_line":""},{"line_number":125,"context_line":"These scope types provide a way to differentiate between system-level and"},{"line_number":126,"context_line":"project-level access roles. You can control the information with scope of the"}],"source_content_type":"text/x-rst","patch_set":6,"id":"6c909da9_0ccdb431","line":123,"updated":"2022-02-23 16:31:08.000000000","message":"yeah","commit_id":"9d989e28010d47a31a9f0bc07ed032a1004b6792"},{"author":{"_account_id":7166,"name":"Sylvain Bauza","email":"sbauza@redhat.com","username":"sbauza"},"change_message_id":"748f87a066dcb3ebca19b63f07570401a6782f57","unresolved":true,"context_lines":[{"line_number":214,"context_line":""},{"line_number":215,"context_line":"#. ADMIN: ``admin`` role on ``system`` scope. This is System Administrator to"},{"line_number":216,"context_line":"   perform the system level resource operations. Example: enable/disable compute"},{"line_number":217,"context_line":"   services."},{"line_number":218,"context_line":""},{"line_number":219,"context_line":"#. PROJECT_ADMIN: ``admin`` role on ``project`` scope. This is used to perform"},{"line_number":220,"context_line":"   admin level operation within project. For example: Live migrate server."}],"source_content_type":"text/x-rst","patch_set":6,"id":"e4274dca_0a3d1610","line":217,"updated":"2022-02-23 16:31:08.000000000","message":"++","commit_id":"9d989e28010d47a31a9f0bc07ed032a1004b6792"},{"author":{"_account_id":7166,"name":"Sylvain Bauza","email":"sbauza@redhat.com","username":"sbauza"},"change_message_id":"748f87a066dcb3ebca19b63f07570401a6782f57","unresolved":true,"context_lines":[{"line_number":217,"context_line":"   services."},{"line_number":218,"context_line":""},{"line_number":219,"context_line":"#. PROJECT_ADMIN: ``admin`` role on ``project`` scope. This is used to perform"},{"line_number":220,"context_line":"   admin level operation within project. For example: Live migrate server."},{"line_number":221,"context_line":""},{"line_number":222,"context_line":"   .. note::"},{"line_number":223,"context_line":""}],"source_content_type":"text/x-rst","patch_set":6,"id":"3d783273_8e501051","line":220,"updated":"2022-02-23 16:31:08.000000000","message":"++","commit_id":"9d989e28010d47a31a9f0bc07ed032a1004b6792"},{"author":{"_account_id":7166,"name":"Sylvain Bauza","email":"sbauza@redhat.com","username":"sbauza"},"change_message_id":"748f87a066dcb3ebca19b63f07570401a6782f57","unresolved":true,"context_lines":[{"line_number":256,"context_line":"as-is. However, we encourage every deployment to switch to new policy."},{"line_number":257,"context_line":"Scope checks are disabled by default and will be enabled by default starting"},{"line_number":258,"context_line":"Nova 26.0.0 (OpenStack Zed release) and the old defaults will be removed"},{"line_number":259,"context_line":"starting in the Nova 27.0.0 release."},{"line_number":260,"context_line":""},{"line_number":261,"context_line":"To implement the new default reader roles, some policies needed to become"},{"line_number":262,"context_line":"granular. They have been renamed, with the old names still supported for"}],"source_content_type":"text/x-rst","patch_set":6,"id":"58767bf2_7b57cee4","line":259,"updated":"2022-02-23 16:31:08.000000000","message":"timing is a bit short, I guess, but let\u0027s not nitpick by now.","commit_id":"9d989e28010d47a31a9f0bc07ed032a1004b6792"}],"releasenotes/notes/bp-policy-defaults-refresh-2-473c70f641f9f397.yaml":[{"author":{"_account_id":7166,"name":"Sylvain Bauza","email":"sbauza@redhat.com","username":"sbauza"},"change_message_id":"748f87a066dcb3ebca19b63f07570401a6782f57","unresolved":true,"context_lines":[{"line_number":24,"context_line":"      enforce_scope\u003dTrue"},{"line_number":25,"context_line":""},{"line_number":26,"context_line":"    Please refer `Policy New Defaults`_ for detail about policy new defaults"},{"line_number":27,"context_line":"    and migration plan."},{"line_number":28,"context_line":""},{"line_number":29,"context_line":"    .. _RBAC new guidelines: https://governance.openstack.org/tc/goals/selected/consistent-and-secure-rbac.html#phase-1"},{"line_number":30,"context_line":"    .. _Policy New Defaults: https://docs.openstack.org/nova/latest/configuration/policy-concepts.html"}],"source_content_type":"text/x-yaml","patch_set":6,"id":"dd9923df_66e81322","line":27,"updated":"2022-02-23 16:31:08.000000000","message":"yeah, looks good to not freak out yet our operators.","commit_id":"9d989e28010d47a31a9f0bc07ed032a1004b6792"}]}