diff --git a/sros2/sros2/policy/__init__.py b/sros2/sros2/policy/__init__.py
index a0c0bc8c..1d3b9636 100644
--- a/sros2/sros2/policy/__init__.py
+++ b/sros2/sros2/policy/__init__.py
@@ -61,6 +61,7 @@ def load_policy(policy_file_path):
if not os.path.isfile(policy_file_path):
raise FileNotFoundError("policy file '%s' does not exist" % policy_file_path)
policy = etree.parse(policy_file_path)
+
policy.xinclude()
try:
policy_xsd_path = get_policy_schema('policy.xsd')
diff --git a/sros2/test/policies/common/node.xml b/sros2/test/policies/common/node.xml
deleted file mode 100644
index c39e1170..00000000
--- a/sros2/test/policies/common/node.xml
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-
-
-
-
diff --git a/sros2/test/policies/talker_listener.xml b/sros2/test/policies/talker_listener.xml
index 88709bd9..5d2e3d4b 100644
--- a/sros2/test/policies/talker_listener.xml
+++ b/sros2/test/policies/talker_listener.xml
@@ -3,15 +3,13 @@
xmlns:xi="http://www.w3.org/2001/XInclude">
-
+
chatter
-
+
chatter
diff --git a/sros2_cmake/cmake/sros2_cmake_install_policies.cmake b/sros2_cmake/cmake/sros2_cmake_install_policies.cmake
new file mode 100644
index 00000000..7157a685
--- /dev/null
+++ b/sros2_cmake/cmake/sros2_cmake_install_policies.cmake
@@ -0,0 +1,35 @@
+# Copyright 2019 Open Source Robotics Foundation, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#
+# Installed sros2 security policies and register with the ament resource index.
+#
+# :param ARGN: the policy files to install
+# :type ARGN: list of strings
+#
+macro(sros2_cmake_install_policies)
+ if(${ARGC} GREATER 0)
+ _sros2_cmake_register_package_hook()
+ foreach(_policy_file ${ARGN})
+ get_filename_component(_parent_folder "${_policy_file}" DIRECTORY)
+ install(
+ FILES ${_policy_file}
+ DESTINATION "share/${PROJECT_NAME}/${_parent_folder}"
+ )
+ get_filename_component(_name "${_policy_file}" NAME)
+ list(APPEND _sros2_cmake_POLICY_FILES "${_parent_folder}/${_name}")
+ endforeach()
+ endif()
+endmacro()
+
diff --git a/sros2_cmake/cmake/sros2_cmake_package_hook.cmake b/sros2_cmake/cmake/sros2_cmake_package_hook.cmake
new file mode 100644
index 00000000..df39a8ec
--- /dev/null
+++ b/sros2_cmake/cmake/sros2_cmake_package_hook.cmake
@@ -0,0 +1,18 @@
+# Copyright 2019 Open Source Robotics Foundation, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# register sros2 policies
+ament_index_register_resource(
+ "sros2_policies" CONTENT "${_sros2_cmake_POLICY_FILES}")
+
diff --git a/sros2_cmake/sros2_cmake-extras.cmake b/sros2_cmake/sros2_cmake-extras.cmake
index e06709ff..4e6db282 100644
--- a/sros2_cmake/sros2_cmake-extras.cmake
+++ b/sros2_cmake/sros2_cmake-extras.cmake
@@ -12,7 +12,22 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+# copied from sros2_cmake/sros2_cmake-extras.cmake
+
set(DEFAULT_KEYSTORE "${CMAKE_INSTALL_PREFIX}/ros2_security/keystore")
include("${sros2_cmake_DIR}/ros2_secure_node.cmake")
+# register ament_package() hook for security policies once.
+macro(_sros2_cmake_register_package_hook)
+ if(NOT DEFINED _SROS2_CMAKE_PACKAGE_HOOK_REGISTERED)
+ set(_SROS2_CMAKE_PACKAGE_HOOK_REGISTERED TRUE)
+
+ find_package(ament_cmake_core QUIET REQUIRED)
+ ament_register_extension("ament_package" "sros2_cmake"
+ "sros2_cmake_package_hook.cmake")
+ endif()
+endmacro()
+
+include("${sros2_cmake_DIR}/sros2_cmake_install_policies.cmake")
+
diff --git a/sros2_common_policies/CMakeLists.txt b/sros2_common_policies/CMakeLists.txt
new file mode 100644
index 00000000..873bc30b
--- /dev/null
+++ b/sros2_common_policies/CMakeLists.txt
@@ -0,0 +1,20 @@
+cmake_minimum_required(VERSION 3.5)
+project(sros2_common_policies)
+
+find_package(ament_cmake REQUIRED)
+find_package(sros2_cmake REQUIRED)
+
+if(BUILD_TESTING)
+ find_package(ament_lint_auto REQUIRED)
+ ament_lint_auto_find_test_dependencies()
+endif()
+
+sros2_cmake_install_policies(
+ policies/node.xml
+ policies/node/logging.xml
+ policies/node/parameters.xml
+ policies/node/time.xml
+)
+
+ament_package(
+)
diff --git a/sros2_common_policies/find_policies.py b/sros2_common_policies/find_policies.py
new file mode 100755
index 00000000..b0736dae
--- /dev/null
+++ b/sros2_common_policies/find_policies.py
@@ -0,0 +1,48 @@
+#!/usr/bin/env python3
+
+import os
+
+from ament_index_python import get_resource
+from ament_index_python import get_resources
+from ament_index_python import has_resource
+
+from ament_index_python import get_package_share_directory
+
+POLICIES_RESOURCE_TYPE = 'sros2_policies'
+
+def get_package_names_with_policies():
+ """Get the names of all packages that register policies in the ament index."""
+ return list(get_resources(POLICIES_RESOURCE_TYPE).keys())
+
+def get_package_policies(*, package_name=None):
+ """
+ Get all policies registered in the ament index for the given package.
+ :param package_name: whose policies are to be retrieved.
+ :return: a list of policy names.
+ """
+ if not has_resource(POLICIES_RESOURCE_TYPE, package_name):
+ return []
+ policies, _ = get_resource(POLICIES_RESOURCE_TYPE, package_name)
+ return policies.split(';')
+
+def get_registered_policies():
+ """
+ Get all policies registered in the ament index.
+ :return: a list of (package name, policy file) tuples.
+ """
+ return [
+ (package_name, get_package_policies(package_name=package_name))
+ for package_name in get_package_names_with_policies()
+ ]
+
+if __name__ == "__main__":
+ policies = get_registered_policies()
+
+ for (package, policies) in get_registered_policies():
+ print(package)
+ share_dir = get_package_share_directory(package)
+ for policy in policies:
+ print("\t" + policy)
+ print("\t" + os.path.join(share_dir, policy))
+
+
diff --git a/sros2_common_policies/package.xml b/sros2_common_policies/package.xml
new file mode 100644
index 00000000..d9125e4c
--- /dev/null
+++ b/sros2_common_policies/package.xml
@@ -0,0 +1,21 @@
+
+
+ sros2_common_policies
+ 0.7.0
+ Common policies profiles for security nodes via SROS2
+ Michael Carroll
+ Michael Carroll
+ Apache 2.0
+
+ ament_cmake
+
+ ament_cmake_test
+ sros2_cmake
+
+ ament_lint_auto
+ ament_lint_common
+
+
+ ament_cmake
+
+
diff --git a/sros2_common_policies/policies/node.xml b/sros2_common_policies/policies/node.xml
new file mode 100644
index 00000000..a38e58f2
--- /dev/null
+++ b/sros2_common_policies/policies/node.xml
@@ -0,0 +1,6 @@
+
+
+
+
+
+
diff --git a/sros2/test/policies/common/node/logging.xml b/sros2_common_policies/policies/node/logging.xml
similarity index 100%
rename from sros2/test/policies/common/node/logging.xml
rename to sros2_common_policies/policies/node/logging.xml
diff --git a/sros2/test/policies/common/node/parameters.xml b/sros2_common_policies/policies/node/parameters.xml
similarity index 100%
rename from sros2/test/policies/common/node/parameters.xml
rename to sros2_common_policies/policies/node/parameters.xml
diff --git a/sros2/test/policies/common/node/time.xml b/sros2_common_policies/policies/node/time.xml
similarity index 100%
rename from sros2/test/policies/common/node/time.xml
rename to sros2_common_policies/policies/node/time.xml
diff --git a/sros2_common_policies/talker_listener.xml b/sros2_common_policies/talker_listener.xml
new file mode 100644
index 00000000..88709bd9
--- /dev/null
+++ b/sros2_common_policies/talker_listener.xml
@@ -0,0 +1,20 @@
+
+
+
+
+
+
+ chatter
+
+
+
+
+
+ chatter
+
+
+
+