| fungi | paladox: i assume you've been following our progress there, shouldn't be much longer | 00:02 |
|---|---|---|
| paladox | Oh, nope | 00:03 |
| paladox | I’ve been busy watching all the drama in fsf | 00:03 |
| fungi | paladox: http://lists.opendev.org/pipermail/service-discuss/2021-May/000249.html | 00:03 |
| paladox | And also the freenode policy discussion forum | 00:03 |
| fungi | fun times, yeah | 00:03 |
| paladox | Oh moving to oftc | 00:03 |
| fungi | shh, not so loud, don't let the new regime hear you ;) | 00:03 |
| paladox | Lol | 00:04 |
| paladox | Once openstack moves I can delete my account :P | 00:05 |
| fungi | yeah, we'll do them all at once | 00:11 |
| ianw | i feel like i should move to weechat | 00:19 |
| ianw | but i grep ~/.config/hexchat/logs/ to find random things quite a lot | 00:20 |
| corvus | i feel quite certain that weechat must have a logging facility :) | 00:20 |
| corvus | https://weechat.org/files/doc/stable/weechat_user.en.html#logger_plugin | 00:21 |
| paladox | I migrated to irccloud | 00:22 |
| paladox | Better history management | 00:22 |
| paladox | Paid the £35 for the year | 00:22 |
| corvus | paladox: i migrated to matrix and am loving it; here's my thinking: http://lists.zuul-ci.org/pipermail/zuul-discuss/2021-May/001613.html | 00:23 |
| paladox | Heh | 00:23 |
| corvus | (all of my irc interaction is now through matrix) | 00:24 |
| ianw | is it worth the effort of running a matrix homeserver, other than to say you are doing it? | 00:24 |
| corvus | ianw: nope | 00:24 |
| ianw | :) that was the vibe i got from reading things | 00:24 |
| corvus | ianw: if you want to host rooms, it's a bit more compelling. and having element run one for you if you do feel it's worthwhile seems very reasonable. | 00:26 |
| paladox | I guess matrix is similar in terms of irccloud (modern and also better history management) | 00:26 |
| corvus | paladox: yeah, i think you get all those features, plus other networks, interactions, interfaces | 00:26 |
| corvus | i've actually restarted the weechat client i'm using to talk with you right now several times during this conversation (as i'm trying out startup uptions. :) | 00:27 |
| paladox | Can you search in it? That’s a missing feature | 00:27 |
| paladox | I didn’t have that under my previously client but still would be useful | 00:27 |
| paladox | Heh | 00:27 |
| corvus | paladox: the element client seems to have some search capability; i haven't used it yet | 00:29 |
| paladox | Nice | 00:29 |
| corvus | looks like there's search in room, and search all rooms | 00:30 |
| corvus | i also think i remember seeing something in synapse config about search; so that might be something you could tune if you run your own homeserver | 00:30 |
| paladox | Nice! | 00:30 |
| corvus | but honestly, i know little about that; only enough to say "it's worth looking into" | 00:30 |
| paladox | Heh | 00:31 |
| corvus | paladox: matrix is getting a bridge to that new network ;) any day now (it's currently in testing) | 00:32 |
| paladox | Libera? Or oftc? | 00:32 |
| paladox | I herd that the bridge is now active for libera | 00:33 |
| corvus | libera; oftc, freenode, and several others exist already | 00:33 |
| paladox | Oh | 00:33 |
| paladox | Yeh libera is now active | 00:33 |
| corvus | yeah, it's active, but in testing, they don't really want people using it :) | 00:33 |
| corvus | but i guess they're having trouble getting that message out :) | 00:33 |
| paladox | Oh | 00:34 |
| paladox | I wonder why it takes so longer to open that. | 00:34 |
| corvus | it takes some cooperation with the irc server admins, and they're busy. but they're also setting it up in a really nice new way that will be awesome for matrix users | 00:35 |
| *** tkajinam has quit IRC | 00:35 | |
| corvus | they're setting up a dedicated homeserver for libera, so the matrix usernames and room addresses will all be foo:libera.chat | 00:35 |
| paladox | Ah | 00:35 |
| corvus | which makes complete sense and is totally obvious in retrospect and all the other network users are getting jealous :) | 00:36 |
| paladox | Nice! | 00:36 |
| *** hamalq has quit IRC | 00:36 | |
| *** hamalq has joined #opendev | 00:37 | |
| openstackgerrit | Ian Wienand proposed opendev/system-config master: WIP : update ARA https://review.opendev.org/c/opendev/system-config/+/695108 | 00:45 |
| fungi | ianw: i grep .weechat/logs/* all the time | 01:00 |
| ianw | fungi: good to know, i had pessimistically imagined it would be some sort of Gaussian-Markov-Chain-Tensorflow-ML-NoSQL type on-disk concoction, but clearly .txt files have some life left :) | 01:02 |
| fungi | yeah, just plain old text copies of every channel i'm in, kept forever unless i delete them | 01:04 |
| fungi | which... i don't | 01:04 |
| prometheanfire | that's about what I'm doing, except on the bouncer side, not client side | 01:15 |
| openstackgerrit | Ian Wienand proposed opendev/system-config master: WIP : update ARA https://review.opendev.org/c/opendev/system-config/+/695108 | 01:16 |
| *** hamalq has quit IRC | 01:16 | |
| openstackgerrit | Merged openstack/diskimage-builder master: Remove octvia-v1-dsvm-* jobs https://review.opendev.org/c/openstack/diskimage-builder/+/793096 | 01:19 |
| openstackgerrit | Merged ttygroup/gertty master: Highlight WIP state in change view https://review.opendev.org/c/ttygroup/gertty/+/783315 | 01:39 |
| *** jhesketh has quit IRC | 01:50 | |
| openstackgerrit | Ian Wienand proposed opendev/system-config master: WIP : update ARA https://review.opendev.org/c/opendev/system-config/+/695108 | 01:57 |
| openstackgerrit | Jeremy Stanley proposed opendev/system-config master: Retool accessbot for OFTC https://review.opendev.org/c/opendev/system-config/+/793062 | 02:01 |
| fungi | clarkb: corvus: ^ addressed your points, mostly by adding lots of clarifying code comments and/or todos | 02:02 |
| openstackgerrit | Jeremy Stanley proposed opendev/system-config master: Retool accessbot for OFTC https://review.opendev.org/c/opendev/system-config/+/793062 | 02:09 |
| fungi | and added yet one more code comment | 02:09 |
| openstackgerrit | Ian Wienand proposed openstack/project-config master: Add github.com/ansible-community/ara https://review.opendev.org/c/openstack/project-config/+/793530 | 02:25 |
| openstackgerrit | Ian Wienand proposed opendev/system-config master: Update ARA https://review.opendev.org/c/opendev/system-config/+/695108 | 02:36 |
| openstackgerrit | Ian Wienand proposed opendev/system-config master: bridge: upgrade to Ansible 4.0.0 https://review.opendev.org/c/opendev/system-config/+/792866 | 03:02 |
| openstackgerrit | Ian Wienand proposed opendev/system-config master: Remove ask.openstack.org documentation https://review.opendev.org/c/opendev/system-config/+/793532 | 03:11 |
| openstackgerrit | Merged opendev/system-config master: More puppetry and inventory cleanups https://review.opendev.org/c/opendev/system-config/+/793506 | 03:28 |
| openstackgerrit | Ian Wienand proposed zuul/zuul-jobs master: ensure-zookeeper: better match return code https://review.opendev.org/c/zuul/zuul-jobs/+/793537 | 04:08 |
| openstackgerrit | Merged opendev/system-config master: python-builder: don't force siblings install https://review.opendev.org/c/opendev/system-config/+/792312 | 04:44 |
| *** d34dh0r53 has quit IRC | 04:48 | |
| openstackgerrit | Merged openstack/diskimage-builder master: bootloader: remove extlinux/syslinux path https://review.opendev.org/c/openstack/diskimage-builder/+/541129 | 04:51 |
| *** zbr4 has joined #opendev | 05:04 | |
| *** auristor has quit IRC | 05:04 | |
| *** zbr has quit IRC | 05:06 | |
| *** zbr4 is now known as zbr | 05:06 | |
| *** marios has joined #opendev | 05:11 | |
| *** timburke has quit IRC | 05:55 | |
| *** hashar has joined #opendev | 07:13 | |
| *** marios has quit IRC | 07:15 | |
| *** andrewbonney has joined #opendev | 07:21 | |
| *** marios has joined #opendev | 07:27 | |
| *** marios has quit IRC | 07:30 | |
| *** lourot has quit IRC | 07:45 | |
| *** lourot has joined #opendev | 07:46 | |
| *** dtantsur has quit IRC | 07:49 | |
| *** sshnaidm is now known as sshnaidm|off | 08:04 | |
| *** hashar has quit IRC | 08:14 | |
| *** marios has joined #opendev | 08:27 | |
| openstackgerrit | Merged openstack/project-config master: Retire x/gearman-plugin https://review.opendev.org/c/openstack/project-config/+/793432 | 09:07 |
| *** tosky has joined #opendev | 09:19 | |
| openstackgerrit | Rodion Gyrbu proposed zuul/zuul-jobs master: Bumb golang version Add new task with check installed go version https://review.opendev.org/c/zuul/zuul-jobs/+/793586 | 10:15 |
| *** CeeMac has quit IRC | 10:21 | |
| openstackgerrit | Rodion Gyrbu proposed zuul/zuul-jobs master: Bumb golang version Add new task with check installed go version https://review.opendev.org/c/zuul/zuul-jobs/+/793586 | 11:33 |
| openstackgerrit | Rodion Gyrbu proposed zuul/zuul-jobs master: Bumb golang version Add new task with check installed go version https://review.opendev.org/c/zuul/zuul-jobs/+/793586 | 11:39 |
| *** auristor has joined #opendev | 12:24 | |
| fungi | infra-root: my plan for today is to get all the current changes under topic:oftc merged. the one which changes the accessbot script in system-config and the one which changes the channels.yaml for it in project-config need deployment temporarily halted first, for safety, or at least to have eavesdrop in the emergency disable list so it doesn't try to do new things on the old network | 12:42 |
| fungi | i'll take care of that once more people are around, just in case of explosions | 12:43 |
| fungi | also i have weekend visitors arriving in a few hours so my availability will be spotty, but i hope to get channel topics replicated at some point later today so everything's ready for reconfiguring other bots tomorrow | 12:44 |
| openstackgerrit | Merged openstack/project-config master: Accessbot OFTC channel list stopgap https://review.opendev.org/c/openstack/project-config/+/792842 | 13:56 |
| openstackgerrit | Merged openstack/project-config master: Clean up accessbot channels without services https://review.opendev.org/c/openstack/project-config/+/792841 | 13:56 |
| frickler | fungi: what time do you plan to do the switch tomorrow? I can try to be around to help with possible issues | 13:57 |
| *** openstackgerrit has quit IRC | 14:06 | |
| fungi | frickler: i didn't have a specific time in mind since i'm also entertaining guests, but can coordinate a time which is convenient for others | 14:12 |
| yoctozepto | morning infra | 14:17 |
| yoctozepto | is the gerrit bot gone permanently? | 14:17 |
| fungi | no, probably some outage knocked it down again, but it was reporting changes merged in here 20 minutes ago | 14:19 |
| fungi | oh, actually it was just restarting after 792842 merged | 14:19 |
| fungi | it will likely rejoin channels when it has something to report | 14:20 |
| fungi | i'm not planning to switch its network until tomorrow | 14:20 |
| fungi | yoctozepto: did it fail to report a change in the past few minutes? | 14:20 |
| corvus | it reports to more channels than it can join, so it treats the channels as an lru cache and joins and leaves as needed | 14:21 |
| yoctozepto | fungi: no idea, thinking, just noticed it gone | 14:21 |
| yoctozepto | thinking none* | 14:21 |
| fungi | the only channels it got configuration removed for were #openstack-sahara, #puppet-openstack and #rdo | 14:21 |
| fungi | in preparation for tomorrow since we still need to get up with the current owners of those channels (as well as #edeploy) to grant us access | 14:22 |
| yoctozepto | understandable | 14:22 |
| *** openstackgerrit has joined #opendev | 14:22 | |
| openstackgerrit | Rodion Gyrbu proposed zuul/zuul-jobs master: Bumb golang version https://review.opendev.org/c/zuul/zuul-jobs/+/793586 | 14:22 |
| fungi | yoctozepto: ^ it's still working | 14:24 |
| yoctozepto | fungi: yay | 14:24 |
| cenn | ~offtopic: can I ask what the bot uses underneath? As in what's it built on. | 14:24 |
| openstackgerrit | Rodion Gyrbu proposed zuul/zuul-jobs master: Bump golang version https://review.opendev.org/c/zuul/zuul-jobs/+/793586 | 14:25 |
| corvus | cenn: https://opendev.org/opendev/gerritbot | 14:25 |
| cenn | thanks corvus | 14:26 |
| corvus | cenn: based on python 'irc' library and https://opendev.org/opendev/gerritlib | 14:26 |
| cenn | gotcha. thanks for the tip. re: irc library | 14:28 |
| openstackgerrit | Rodion Gyrbu proposed zuul/zuul-jobs master: Bump golang version https://review.opendev.org/c/zuul/zuul-jobs/+/793586 | 14:29 |
| clarkb | fungi: I'm around and able to help review, run commands on servers, etc just let me know what i can do to help | 14:59 |
| *** mlavalle has joined #opendev | 15:11 | |
| clarkb | looks like there are some new patchsets on some of the changes. /me tries to review those | 15:18 |
| clarkb | fungi: the most recent updates to https://review.opendev.org/c/opendev/system-config/+/793062/ are really helpful, thanks | 15:21 |
| clarkb | looks like that was the only one I needed to review too | 15:22 |
| *** sboyron has joined #opendev | 15:36 | |
| frickler | fungi: o.k., so anything not too late, like earlier than 18:00 UTC would work for me, it would just be good to know when it will be a couple of hours before the event | 15:38 |
| fungi | frickler: i could probably do as early as others are available too | 15:42 |
| clarkb | frickler: fungi: I'm happy for early too as the openinfra live event has shifted my sleep schedule and I'm up early the last couple of days | 15:42 |
| clarkb | I'll have to be on the laptop instead of at my desk so others can sleep but that isn't a big deal | 15:43 |
| clarkb | maybe as early as 1300UTC? | 15:43 |
| frickler | clarkb: that would be pretty great for me | 15:44 |
| fungi | i could do 14:00 or even 15:00 so as not to rush you on a saturday | 15:44 |
| clarkb | 1400 would be better for sure and can do that without much trouble | 15:44 |
| frickler | o.k., then 14 it is | 15:45 |
| clarkb | see you then :) | 15:45 |
| fungi | wfm | 15:45 |
| fungi | infra-root: i've run disable-ansible on bridge | 15:45 |
| fungi | i'll give it a few and then go ahead with the wip changes for accessbot/channels | 15:45 |
| frickler | o.k., see you tomorrow, then | 15:46 |
| fungi | thanks frickler! have a great evening | 15:47 |
| fungi | okay, approving the remaining accessbot changes | 15:49 |
| fungi | and changing the creds for accessbot on bridge next | 15:50 |
| corvus | i'm going to be afk for a while today, but will be around tomorrow | 15:51 |
| *** marios has quit IRC | 15:52 | |
| fungi | and that's done | 15:52 |
| fungi | thanks corvus! i don't expect problems today, accessbot should be generally non-user-impacting | 15:52 |
| fungi | once those merge and we have an updated accessbot image, i'll pull it on eavesdrop and if necessary manually update the copy of the channel list and config there, then run it and monitor the log for signs of trouble | 15:55 |
| fungi | or i guess i could just unlock ansible at that point and watch it run once it fires | 15:55 |
| fungi | which might be easier | 15:55 |
| clarkb | fungi: could you get away with manually running some playbooks instead? I think service-eavesdrop.yaml ? | 15:55 |
| fungi | maybe | 15:56 |
| clarkb | fungi: you don't need to unlock ansible, you can run it yourself instead | 15:56 |
| fungi | good point | 15:56 |
| clarkb | that is what I did with some recent chagnes and is nice because it gives you the control and logging there without zuul running away with it | 15:56 |
| fungi | inlaws are supposed to be arriving any minute so i'll probably have to step away for a bit shortly | 15:56 |
| clarkb | ok, I should go eat a bit more breakfast then | 15:57 |
| openstackgerrit | Merged openstack/project-config master: Switch the IRC access check to OFTC https://review.opendev.org/c/openstack/project-config/+/792843 | 15:58 |
| openstackgerrit | Merged openstack/project-config master: Add channel-specific options example for accessbot https://review.opendev.org/c/openstack/project-config/+/793498 | 16:02 |
| openstackgerrit | Merged opendev/system-config master: Temporarily drop non-admins from statusbot https://review.opendev.org/c/opendev/system-config/+/793474 | 16:04 |
| *** fressi has joined #opendev | 16:27 | |
| *** fressi has quit IRC | 16:30 | |
| openstackgerrit | Ghanshyam proposed zuul/zuul-jobs master: DNM: testing 791085 https://review.opendev.org/c/zuul/zuul-jobs/+/793623 | 16:35 |
| openstackgerrit | Merged opendev/system-config master: Retool accessbot for OFTC https://review.opendev.org/c/opendev/system-config/+/793062 | 16:45 |
| fungi | okay, now to make sure we get a new container image | 16:46 |
| fungi | oh, right, we don't promote tags for that so just whatever the gate job uploaded is what we'll use | 16:54 |
| fungi | are we missing a promote job? https://hub.docker.com/r/opendevorg/accessbot/tags | 16:55 |
| *** andrewbonney has quit IRC | 17:10 | |
| clarkb | maybe | 17:10 |
| clarkb | fungi: https://codesearch.opendev.org/?q=system-config-promote-image-accessbot&i=nope&files=&excludeFiles=&repos= seems it is only in system-config | 17:11 |
| fungi | that was a system-config change | 17:12 |
| fungi | 793062 | 17:12 |
| clarkb | it should run when docker/accessbot/ changes which it did | 17:13 |
| clarkb | might need to check the zuul logs | 17:14 |
| clarkb | I'm not seeing anything obvious for why that job didn't run | 17:14 |
| clarkb | it should run in the deploy pipeline | 17:15 |
| clarkb | ok I think I get it | 17:15 |
| clarkb | fungi: it isn't running because there are changes enqueued ahead of it in deploy and they are all just doing not much because of the ansible lock file :/ | 17:16 |
| clarkb | fungi: we can maybe put eavesdrop in the emergency file, then undo the ansible disable lock file and let things flush, then remove eavesdrop from the emergency file, put the lock back then run things manually | 17:16 |
| fungi | yeah, good call, i'll do that now, thanks! | 17:23 |
| fungi | okay, that's done, will wait for them to run (i'm in no hurry) | 17:24 |
| clarkb | cool | 17:25 |
| fungi | kinda strange the image tagging would have been blocked though, opendev-promote-docs ran for it already shortly after it merged | 17:28 |
| fungi | (says it was in the promote pipeline) | 17:28 |
| fungi | that change wouldn't have been enqueued twice in promote, i don't think? | 17:29 |
| clarkb | they are different pipelines | 17:30 |
| clarkb | the image is promoted in the deploy pipeline which is affected by the ansible lock | 17:30 |
| clarkb | the promote pipeline is not | 17:30 |
| fungi | ohh | 17:45 |
| fungi | got it | 17:45 |
| fungi | elsewhere we tag images from the promote pipeline, i guess | 17:46 |
| clarkb | I think it is mostly in the deploy pipelien to ensure we update the docker image first then update the deployments | 17:46 |
| clarkb | it updated the latest tag btw | 17:46 |
| clarkb | so now I think you can hit disable ansible again, remove eavesdrop from the emergency file then run the service-eavesdrop.yaml playbook? | 17:46 |
| *** openstackstatus has quit IRC | 17:47 | |
| *** openstackstatus has joined #opendev | 17:47 | |
| *** ChanServ sets mode: +v openstackstatus | 17:47 | |
| fungi | yep, on it | 17:48 |
| fungi | okay, swapped from emergency list to disable-ansible | 17:51 |
| fungi | have something coming out of the oven in a few minutes and then i can try running the eavesdrop playbook | 17:54 |
| clarkb | sounds good | 17:54 |
| clarkb | I'm going to grab some lunch now too | 18:05 |
| fungi | cool | 18:05 |
| *** slittle1 has left #opendev | 18:12 | |
| fungi | so command line would be something like this i guess: | 18:17 |
| fungi | sudo ansible-playbook --limit eavesdrop.openstack.org -v /home/zuul/src/opendev.org/opendev/system-config/playbooks/service-eavesdrop.yaml | 18:17 |
| fungi | or should i do base first? | 18:17 |
| clarkb | in the past I have done base first because I was adding new servers | 18:21 |
| clarkb | in this case because it is an existing server I don't think base is necessary | 18:21 |
| clarkb | also I think you can leave off the --limit because that playbook sets up puppet on bridge too | 18:21 |
| clarkb | but probably fine either way | 18:22 |
| clarkb | fungi: ^ | 18:22 |
| fungi | ahh, yeah | 18:24 |
| fungi | my main concern is making sure project-config is updated before it tries to run accessbot | 18:25 |
| clarkb | service-eavesdrop runs sync-project-config | 18:26 |
| fungi | oh, so it does | 18:29 |
| fungi | okay, so i'll run that and then check the log | 18:29 |
| fungi | sudo ansible-playbook -v /home/zuul/src/opendev.org/opendev/system-config/playbooks/service-eavesdrop.yaml | 18:29 |
| fungi | is what i'm running | 18:29 |
| clarkb | ++ | 18:30 |
| clarkb | then I'm not sure if it runs accessbot on demand or in a cron or what | 18:30 |
| fungi | it gets run by the playbook i think, there is no cron | 18:31 |
| fungi | no fails or unreachables | 18:34 |
| fungi | it didn't actually run accessbot though | 18:34 |
| fungi | trying to work out where the compose file for it ends up | 18:34 |
| fungi | oh, it didn't update the server line in accessbot.config, guess i need to solve that first | 18:36 |
| clarkb | fungi: system-config/playbooks/roles/accessbot/templates/accessbot.config.j2 | 18:37 |
| clarkb | O | 18:37 |
| clarkb | er | 18:37 |
| clarkb | I'm not seeing what triggers accessbot to run yet but trying to figure that out | 18:37 |
| clarkb | fungi: it is the infra-prod-run-accessbot job | 18:38 |
| openstackgerrit | Jeremy Stanley proposed opendev/system-config master: Update accessbot config to use OFTC https://review.opendev.org/c/opendev/system-config/+/793638 | 18:38 |
| fungi | clarkb: ^ | 18:38 |
| fungi | we'll need that first anyway | 18:39 |
| clarkb | so when you are happy with things you can run `sudo ansible-playbook -v /home/zuul/src/opendev.org/opendev/system-config/playbooks/run-accessbot.yaml` I think | 18:39 |
| fungi | awesome, thanks | 18:39 |
| clarkb | all that does is run `/usr/local/bin/accessbot` if you want to do it more by hand | 18:39 |
| fungi | yup | 18:40 |
| fungi | which explains why there's no compose file | 18:40 |
| fungi | i guess that pulls the image automatically when run as well? | 18:40 |
| fungi | opendevorg/accessbot latest 6d8d7d0b9760 2 hours ago 125MB | 18:41 |
| fungi | according to `sudo docker image list` i guess it's updated | 18:41 |
| clarkb | fungi: I don't think so, it just runs docker run? | 18:41 |
| clarkb | ya so we must update the image with the playbook you already ran | 18:42 |
| clarkb | then the playbook to run the tool just runs whatever that is | 18:42 |
| clarkb | fungi: is there a change for gerritbot to not sasl yet? | 18:42 |
| fungi | yeah, i wasn't sure if docker had extra magic to pull images since it references them like docker.io/opendevorg/accessbot | 18:42 |
| fungi | no, haven't edited any of the bots yet, for gerritbot i think we should be able to find the sasl implementation in its git history and unwind it to go back to using identify | 18:43 |
| clarkb | ya I'm looking at that now. I think we may want a aprtial revert because forcing ssl seems like a good idea | 18:43 |
| fungi | agreed | 18:44 |
| fungi | worth checking meetbot and statusbot as well to see if we need to adjust anything other than configuration | 18:44 |
| clarkb | I think meetbot is fine, just configuration | 18:48 |
| *** hamalq has joined #opendev | 18:50 | |
| clarkb | git revert handles this very oddly. I might be better off just doing it by hand | 18:52 |
| fungi | statusbot should be similar to meetbot | 18:52 |
| fungi | if we can easily make gerritbot support both modes, that could also allow us to easily switch back to sasl if the oftc admins get around to finishing the sasl implementation there (faq claims it's planned) | 18:53 |
| fungi | should be possible to run a second gerritbot temporarily to test, with the creds in the password file | 18:53 |
| clarkb | I'll take a look at it now | 18:54 |
| fungi | thanks! | 18:54 |
| fungi | i can also hack on it over the weekend if necessary | 18:54 |
| *** slaweq has joined #opendev | 18:57 | |
| *** hamalq has quit IRC | 19:25 | |
| *** hamalq has joined #opendev | 19:26 | |
| openstackgerrit | Clark Boylan proposed opendev/gerritbot master: Support normal auth in gerritbot https://review.opendev.org/c/opendev/gerritbot/+/793643 | 19:40 |
| clarkb | fungi: ^ I have not tested that at all | 19:40 |
| clarkb | fungi: but I think the general shape of that is correct. I want to look at statusbot now. Sort of constructing a todo list via these changes | 19:41 |
| paladox | i've joined oftc! | 19:41 |
| fungi | paladox: welcome to the light universe | 19:42 |
| paladox | heh | 19:42 |
| fungi | clarkb: thanks! i'll take a look shortly | 19:42 |
| openstackgerrit | Merged opendev/system-config master: Update accessbot config to use OFTC https://review.opendev.org/c/opendev/system-config/+/793638 | 19:44 |
| clarkb | fungi: ^ now I think you can rerun service-eavesdrop.yaml, check that the configs updated then run the run-accessbot.yaml playbook | 19:48 |
| fungi | yep, will do in a bit | 19:50 |
| fungi | reapplying service-eavesdrop now | 19:56 |
| clarkb | fungi: is it still going? | 20:03 |
| openstackgerrit | Clark Boylan proposed opendev/statusbot master: Add non SASL auth back to statusbot https://review.opendev.org/c/opendev/statusbot/+/793645 | 20:05 |
| clarkb | fungi: ^ I've hit a snag on that one. Not sure how to deal with the caps issue. YOu probably have etter thoughts than I do though | 20:05 |
| clarkb | looking at eavesdrop I don't see the updated config file yet | 20:07 |
| clarkb | fungi: did the playbook run? | 20:08 |
| *** jdwidari has joined #opendev | 20:12 | |
| clarkb | fungi: I think the problem is taht system-config hasn't updated yet due to disabling ansible. You can work around this via your own checkout iirc | 20:12 |
| *** jdwidari has quit IRC | 20:15 | |
| openstackgerrit | Clark Boylan proposed opendev/gerritbot master: Support normal auth in gerritbot https://review.opendev.org/c/opendev/gerritbot/+/793643 | 20:22 |
| openstackgerrit | Clark Boylan proposed opendev/gerritbot master: Update to python3.8 https://review.opendev.org/c/opendev/gerritbot/+/793646 | 20:22 |
| fungi | ahh, yeah | 20:30 |
| fungi | sorry, back and forth between computer and stove | 20:30 |
| fungi | clarkb: there's no identify-msg cap on oftc, so i ripped it out for accessbot, just identifying after the privmsg from nickserv saying to authenticate | 20:31 |
| clarkb | fungi: right but statusbot tries to confirm the auth status of those talking to it in order to determien if they have perms to do the status updates | 20:32 |
| clarkb | I'm not sure how to keep that behavior | 20:32 |
| fungi | ahh, one way is to parse the response from nickserv | 20:32 |
| fungi | clarkb: accessbot looks for msg.startswith('You are successfully identified') | 20:35 |
| fungi | from nickserv | 20:35 |
| *** sboyron has quit IRC | 20:36 | |
| clarkb | fungi: not of the bot but of the people talking to the bot. I think you can use /msg nickserv status but then you need to redo the state machine in the bot to do lookups after getting requests | 20:37 |
| openstackgerrit | Clark Boylan proposed opendev/system-config master: Assort IRC TODOs https://review.opendev.org/c/opendev/system-config/+/793648 | 20:38 |
| fungi | oh, got it | 20:44 |
| fungi | yeah, that's a conundrum | 20:45 |
| fungi | we could actively check, or we could just punt for now | 20:48 |
| clarkb | ya actively checking should be doable just requires a bit more understanding of the bot framework than I've got now (to understand how to set up a callback for the actual update action should verification succeed) | 20:49 |
| fungi | i'd be okay for now with not checking and assuming the nicks listed there are registered with enforce on | 20:50 |
| clarkb | "with enforce on" ? | 20:50 |
| fungi | it's not ideal, but the risk is low | 20:50 |
| fungi | /msg nickserv set enforce on | 20:50 |
| fungi | i think that's the syntax anyway | 20:50 |
| fungi | basically asking nickserv to kick anyone who tries to use your nick while you're not around if they don't identify | 20:51 |
| clarkb | ah, it appears that isn't a default but /me toggles it now | 20:51 |
| fungi | there's still a brief window where they could join a channel and ask statusbot to do something, but that does involve finding a time when that nick is not already in use | 20:51 |
| fungi | or exploiting a netsplit where the attacker and statusbot are on the other side of the split from nickserv | 20:52 |
| fungi | and from the normal nick user | 20:52 |
| clarkb | makes sense. https://review.opendev.org/c/opendev/statusbot/+/793645 will need to be updated to support that but I've got to pop out for a bit now | 20:53 |
| fungi | updating the system-config repo on bridge is not straightforward, since zuul normally pushes to it and there's no remote | 20:56 |
| fungi | but at this point i'm inclined to just unleash ansible on it, the credentials are updated so if accessbot gets rerun before the hostname update is applied it will just do nothing | 20:57 |
| fungi | i've removed the disable file again, will wait for it to run and check back in a bit | 20:58 |
| clarkb | fungi: ok. fwiw ywhat I do is I update a checkout in my homedir | 20:58 |
| clarkb | then you do ansible-playbook -v /home/foo/system-config/playbooks/service-eavesdrop.yaml. The downside to this is that host and group vars are not used from your local checkout that way since they are dfined in specific locations but the roles and playbooks are relative to each other so that should work | 20:59 |
| *** hamalq has quit IRC | 21:01 | |
| *** hamalq has joined #opendev | 21:02 | |
| clarkb | fungi: looks like the file udpated and the play is about over. The next job should run it for real | 21:03 |
| *** hamalq has quit IRC | 21:23 | |
| *** hamalq has joined #opendev | 21:23 | |
| *** hamalq has quit IRC | 21:38 | |
| fungi | yeah looks like it worked? i see the right access list and mlock for #opendev now, where it was incomplete before | 21:42 |
| fungi | will check things more thoroughly here in a moment | 21:43 |
| fungi | okay, that seems to have worked as desired | 21:56 |
| fungi | i'm going to shift gears to replicating channel topics | 21:56 |
| *** lourot has quit IRC | 22:00 | |
| *** lourot has joined #opendev | 22:01 | |
| *** dpawlik has quit IRC | 22:15 | |
| *** dpawlik has joined #opendev | 22:15 | |
| *** dmellado_ has joined #opendev | 23:06 | |
| clarkb | fungi: anything I can do to help with topics? | 23:06 |
| fungi | conveniently i can use /list #channame to get topics on channels whether i'm in the or not | 23:06 |
| fungi | so just doing it the lazy way | 23:07 |
| *** dmellado has quit IRC | 23:07 | |
| fungi | pasting the /list commands, then scrape the results out of my client log | 23:07 |
| *** dmellado_ is now known as dmellado | 23:07 | |
| clarkb | if you'd like I can do a subset manually too. Not sure if that makes it easier | 23:08 |
| fungi | we'll see if they thwap me | 23:09 |
| fungi | i'm about to just try the full batch in one go | 23:09 |
| openstackgerrit | Clark Boylan proposed opendev/statusbot master: Add non SASL auth back to statusbot https://review.opendev.org/c/opendev/statusbot/+/793645 | 23:14 |
| clarkb | fungi: ok. Also ^ I went ahead and updated that to rip out the cap stuff | 23:14 |
| fungi | oh, cool | 23:14 |
| clarkb | I still haven't tried connecting either of those bots to an irc network without sasl though | 23:14 |
| clarkb | not sure I'll get to that today | 23:15 |
| clarkb | if someone else wants to give it a go feel free (thinking maybe frickler may want to given the accessbot fixups frickler did) | 23:15 |
| fungi | the /list calls seem to not be getting blocked so far | 23:20 |
| fungi | okay, i have a text list of channels with their topics | 23:23 |
| fungi | that went fairly smoothly | 23:23 |
| fungi | just need to rework it into a list of messages to chanserv now | 23:23 |
| clarkb | with the power of sed! | 23:24 |
| fungi | indeed | 23:24 |
| *** tosky has quit IRC | 23:24 | |
| clarkb | I'm going to need to help (consume) dinner shortly. Anything I can look at in the next little bit or are we good for now and see you tomorrow? | 23:41 |
| *** mlavalle has quit IRC | 23:46 | |
| *** irclogbot_1 has quit IRC | 23:53 | |
| *** irclogbot_1 has joined #opendev | 23:56 | |
| fungi | nah, i think i've got the topic work under control anyway | 23:57 |
| fungi | thanks for the help, and enjoy dinner! | 23:57 |
| fungi | i'm mainly just poking at this off and on during breaks from entertaining guests here | 23:58 |
Generated by irclog2html.py 2.17.2 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!