| prometheanfire | ianw: ack | 00:02 |
|---|---|---|
| ianw | https://nb02.opendev.org/centos-8-stream-0000125109.log timed out | 00:03 |
| ianw | i can't see any obvious reason why | 00:03 |
| ianw | 2021-06-23 21:54:49.212 | Updating cache of https://opendev.org/airship/airshipctl.git in /opt/dib_cache/source-repositories/airshipctl_6f1e843d56659249749fcf04437fbc7625bd9af9 with ref * | 00:04 |
| ianw | 2021-06-23 22:14:23.855 | Cloning from zuul-website-media cache and applying ref * | 00:04 |
| ianw | that's about ... 20 minutes to check and update the opendev cache. i'm not sure if that's longer than usual | 00:04 |
| opendevreview | Ian Wienand proposed openstack/diskimage-builder master: cache-url : turn down verbose curl https://review.opendev.org/c/openstack/diskimage-builder/+/797791 | 00:11 |
| *** ysandeep|out is now known as ysandeep | 00:32 | |
| ianw | looks like the command that is hanging is "udevadm trigger --sysname-match=hw_random --settle" | 00:38 |
| ianw | afaics that must be coming from rng-tools; i've filed a bug https://bugzilla.redhat.com/show_bug.cgi?id=1975588 | 01:28 |
| opendevreview | Ian Wienand proposed openstack/diskimage-builder master: Revert "Install rng-tools in Red Hat family distro images" https://review.opendev.org/c/openstack/diskimage-builder/+/797794 | 01:32 |
| *** ykarel|away is now known as ykarel | 04:31 | |
| *** marios is now known as marios|ruck | 05:01 | |
| *** bhagyashris_ is now known as bhagyashris | 05:13 | |
| opendevreview | Ian Wienand proposed openstack/project-config master: nodepool: pause centos-8-stream builds https://review.opendev.org/c/openstack/project-config/+/797806 | 06:32 |
| *** rpittau|afk is now known as rpittau | 07:21 | |
| opendevreview | Merged openstack/project-config master: nodepool: pause centos-8-stream builds https://review.opendev.org/c/openstack/project-config/+/797806 | 07:22 |
| *** jpena|off is now known as jpena | 07:36 | |
| *** ykarel is now known as ykarel|lunch | 08:34 | |
| *** sshnaidm|afk is now known as sshnaidm | 08:45 | |
| *** marios is now known as marios|ruck | 09:48 | |
| *** bhagyashris_ is now known as bhagyashris | 09:48 | |
| opendevreview | Florian Haas proposed opendev/git-review master: Doc updates for Git "core.hooksPath" option support https://review.opendev.org/c/opendev/git-review/+/797643 | 10:06 |
| *** ykarel|lunch is now known as ykarel | 10:21 | |
| opendevreview | Ananya Banerjee proposed opendev/elastic-recheck master: Run elastic-recheck container https://review.opendev.org/c/opendev/elastic-recheck/+/729623 | 10:44 |
| opendevreview | Ananya Banerjee proposed opendev/elastic-recheck master: Run elastic-recheck container https://review.opendev.org/c/opendev/elastic-recheck/+/729623 | 11:10 |
| *** dviroel|out is now known as dviroel | 11:32 | |
| *** jpena is now known as jpena|lunch | 11:39 | |
| fungi | i'll send a status notice here shortly about our upcoming 14:00 utc zuul outage | 11:52 |
| fungi | status notice Our Zuul gating CI/CD services will be offline briefly starting around 14:00 UTC (in roughly two hours from now) in order to apply some critical security updates, and is not expected to last more than 30 minutes; another notice will follow closer to the maintenance window. | 11:56 |
| fungi | something like that | 11:56 |
| fungi | status notice Our Zuul gating CI/CD services will be offline starting around 14:00 UTC (in roughly two hours from now) in order to apply some critical security updates, and is not expected to remain offline for more than 30 minutes. | 11:59 |
| fungi | polished slightly and dropped the bit about the second notice, since it's superfluous | 12:00 |
| fungi | sending | 12:00 |
| fungi | #status notice Our Zuul gating CI/CD services will be offline starting around 14:00 UTC (in roughly two hours from now) in order to apply some critical security updates, and is not expected to remain offline for more than 30 minutes. | 12:00 |
| opendevstatus | fungi: sending notice | 12:00 |
| -opendevstatus- NOTICE: Our Zuul gating CI/CD services will be offline starting around 14:00 UTC (in roughly two hours from now) in order to apply some critical security updates, and is not expected to remain offline for more than 30 minutes. | 12:00 | |
| fungi | mmm, technically should have been "are not expected" | 12:01 |
| fungi | pre-coffee grammar | 12:02 |
| mordred | fungi: ok. I started reading a bit more through the pep 517 stuff and I think I'm starting to form a concrete idea about what a pep517 pbr looks like | 12:03 |
| opendevstatus | fungi: finished sending notice | 12:03 |
| fungi | awesome | 12:03 |
| fungi | would pep-517 pbr become a setuptools wrapper, rather than being wrapped by setuptools? | 12:04 |
| opendevreview | Merged opendev/git-review master: Doc updates for Git "core.hooksPath" option support https://review.opendev.org/c/opendev/git-review/+/797643 | 12:05 |
| mordred | it occurs to me that since build-time requirements don't have to be feared with existential dread - we could do neat things, like, for instnace, have pbr517 depend on bindep and do a bindep check for a build tag and print an error message if your project declares system build depends but doesn't have them yet tries to build a wheel | 12:05 |
| fungi | neat | 12:05 |
| fungi | yeah, not a terrible idea | 12:05 |
| mordred | fungi: I *actualy* think it would be nicer to just ditch setuptools completely. there is a lot of complexity in setuptools to support things we simply don't do | 12:06 |
| mordred | and the few methods we actually need to implement would be much more straightfoward if we weren't also asking setuptools to do things | 12:06 |
| fungi | fair, but there's also a lot of complexity in setuptools we rely on and wouldn't necessarily want to have to replicate | 12:06 |
| mordred | possibly | 12:06 |
| mordred | it's possible we'd still want to use it - I think a step-wise implementation DEFINITELY would keep setuptools | 12:07 |
| fungi | i suppose we could replace it with something like flit, but it only creates wheels and not sdists | 12:07 |
| mordred | thing is - creating sdists for us shouldn't be terribly hard - we already override a lot of what setuptools thinks about that | 12:07 |
| mordred | that's one of the benefit of only supporting one way of doing things :) | 12:07 |
| mordred | I might, of course, be horribly wrong and setuptools might continue existing for forever | 12:08 |
| fungi | it's compelling. not having to deal with setuptools and its constant treadmill of compatibility changes would be pleasant | 12:09 |
| mordred | I think step one is making a proper build backend interface | 12:09 |
| mordred | ++ | 12:09 |
| fungi | i guess the bigger question is whether there are projects using pbr and also relying on some setuptools features directly, and whether a fully-independent pbr build backend would make that impossible | 12:10 |
| mordred | also - flit does make sdists now | 12:10 |
| fungi | oh neat | 12:10 |
| mordred | that is a good question. openstack projects shouldn't be doing that :) ... but others might | 12:11 |
| mordred | I kind of think we might need to make a pbr2 or something for safety | 12:11 |
| mordred | (or honestly call it pbr517 :) ) | 12:11 |
| fungi | sure | 12:11 |
| mordred | also - if we did ditch setuptools in the backend, it would be really hard to also keep non-517 backwards compat | 12:12 |
| fungi | good point, so would require a fairly new pip | 12:12 |
| mordred | BUT ... I think if we start with a pep517 interface that's basically just the current setuptools wrapper | 12:13 |
| mordred | then people could adopt that without changing anything else and it would still also be 100% backwards compat | 12:13 |
| mordred | then we fork that into a new thing to work on setuptools-ectomy | 12:13 |
| mordred | and if it ever works - neat. if it doesn't - neat | 12:13 |
| fungi | either one gives people new reasons to drink | 12:14 |
| mordred | you weren't running out of those were you? | 12:14 |
| fungi | not in openstack! ;) | 12:14 |
| mordred | fungi: oh. OH - this is actually going to be both very easy and very nice | 12:21 |
| fungi | i don't suppose you've found a way to avoid the need for pyproject.toml files | 12:35 |
| *** jpena|lunch is now known as jpena | 12:36 | |
| mordred | nope | 13:01 |
| mordred | but - I believe I've given up fighting that one. it's super lame - but short of quitting python completely, I think there's nothing to be done about it | 13:02 |
| mordred | and rust (where I'd go if I didn't do python) uses toml files too - so ridiculous that it is to me that it exists, I believe continuing to try to fight it is only providing myself with angst and no value | 13:03 |
| avass[m] | mordred: I don't really understand why there's so much hate against yaml and why people like toml so much | 13:04 |
| avass[m] | the best argument I've seen is that "yes/no" can produce weird behaviour and I agree with that, but I don't think that makes the entire language bad | 13:04 |
| mordred | the reason tom wrote toml is "the yaml spec is too big and I don't want to read it" | 13:05 |
| mordred | like - that's actually a published reason | 13:05 |
| avass[m] | I feel like that just leads to xkcd 927 | 13:06 |
| *** sboyron_ is now known as sboyron | 13:07 | |
| fungi | especially if you follow the ensuing explosion of the toml spec to reach v1 | 13:07 |
| fungi | time for someone to write yet another serialization language (yasl) because they couldn't be bothered to read the toml spec | 13:07 |
| avass[m] | or USL ( universal serial language :) | 13:08 |
| fungi | i like that one. soon to be followed by usl2 because usl wasn't universal enough | 13:08 |
| *** marios|ruck is now known as marios|ruck|call | 13:19 | |
| *** marios|ruck|call is now known as marios|ruck | 13:49 | |
| opendevreview | Ananya Banerjee proposed opendev/elastic-recheck master: Run elastic-recheck container https://review.opendev.org/c/opendev/elastic-recheck/+/729623 | 13:51 |
| zbr | avass[m]: every time i see/read toml I do raise a brow, i hate how it was introduced to python but at the same time I cannot fight it, i accepted defeat on that area. | 13:53 |
| fungi | #status notice Our Zuul gating CI/CD services are being taken offline now in order to apply some critical security updates, and are not expected to remain offline for more than 30 minutes. | 13:55 |
| opendevstatus | fungi: sending notice | 13:55 |
| fungi | snapshotting pipelines now | 13:55 |
| -opendevstatus- NOTICE: Our Zuul gating CI/CD services are being taken offline now in order to apply some critical security updates, and are not expected to remain offline for more than 30 minutes. | 13:55 | |
| fungi | i've downed the zuul-scheduler container on zuul.opendev.org now | 13:56 |
| zbr | clarkb: my folks old me that you suggested a more reliable way to load the constraints, from local disk instead of URL, do you have an example? They only made comment w/o details, so now i need to backtrack it. | 13:57 |
| fungi | zbr: clarkb isn't around today, can you elaborate? happy to help if i know more what you're looking for | 13:58 |
| opendevstatus | fungi: finished sending notice | 13:58 |
| zbr | https://99e02e92a26472cf4bfd-76db863cb86d059bc445c2f80e5d4947.ssl.cf5.rackcdn.com/772571/26/check/tripleo-ci-centos-8-containers-multinode-ussuri/4503771/job-output.txt | 13:58 |
| zbr | pip._vendor.requests.exceptions.ConnectionError: HTTPSConnectionPool(host='opendev.org', port=443): Max retries exceeded with | 13:59 |
| fungi | zbr: https://opendev.org/openstack/nova/src/branch/master/tox.ini#L27 | 14:01 |
| fungi | use something like that and then set $TOX_CONSTRAINTS_FILE to the local path for the requirements project checked out on the job node as a required-projects entry | 14:01 |
| fungi | that way you get the local copy in ci or if someone wants to override it in their dev env to speed things up, but still fall back on fetching over the internet if not | 14:02 |
| zbr | okey, so my guess was right, i only need to investigate why that particular job was not using the optimized path | 14:02 |
| zbr | did anyone considered using `PIP_CONSTRAINT` instead of `TOX_CONSTRAINTS_FILE` when this was initially implemented? | 14:03 |
| zbr | because defining PIP_CONSTRAINT does make pip respect it everywhere, regardless if is in tox or not. | 14:03 |
| fungi | i have no idea, but suspect that envvar may not have been implemented in pip at the time | 14:03 |
| zbr | in fact envvars were implemented in tox for a very long time, but not documented well even today. | 14:04 |
| jrosser | i had a fairly big adventure with using the local constraints file and you might be able to take some of this https://github.com/openstack/openstack-ansible-repo_server/blob/master/tasks/repo_install_constraints.yml | 14:04 |
| zbr | every pip option has an envvar, but you will not find a doc page with them :D | 14:04 |
| zbr | jrosser: thanks! i guessed it may be bit of an adventure due to extra layers | 14:05 |
| jrosser | yeah, making it sensible inside/outside CI was tricky | 14:05 |
| zbr | my guess is outside ci, it should just use URL | 14:06 |
| jrosser | that relies on having a url to the UC repo, which in CI is rewritten elsewhere to be file://<locally cached repo> | 14:06 |
| zbr | unless someone really defines that var | 14:06 |
| fungi | once image uploads are confirmed complete in #zuul i'm planning to run this as root on bridge: | 14:08 |
| fungi | ansible-playbook -f 20 -v /home/zuul/src/opendev.org/opendev/system-config/playbooks/zuul_pull.yaml | 14:08 |
| fungi | infra-root: ^ | 14:08 |
| corvus | fungi: ++ | 14:08 |
| fungi | pulling images now | 14:30 |
| fungi | okay, new images pulled successfully on all zuul servers | 14:32 |
| fungi | infra-root: i'm planning to run this as root on bridge next: | 14:33 |
| fungi | ansible-playbook -f20 /home/zuul/src/opendev.org/opendev/system-config/playbooks/zuul_restart.yaml | 14:33 |
| fungi | does that look right? | 14:33 |
| corvus | fungi: zuul_start i think | 14:33 |
| fungi | well, i only stopped the scheduler. i can stop all the other services too i suppose | 14:33 |
| corvus | fungi: oh yes please stop everything | 14:34 |
| fungi | doing the zuul_stop playbook now in that case | 14:34 |
| corvus | most of the changes are actually in the executor | 14:34 |
| fungi | sure,li just figured they couldn't be exploited as long as the scheduler was offline, but still expected to restart everything | 14:35 |
| fungi | okay, stop playbook completed. do i need to wait before applying the zuul_start playbook? | 14:35 |
| fungi | spot checks of the executors show they terminated already | 14:36 |
| fungi | so i'll start everything now | 14:36 |
| opendevreview | James E. Blair proposed zuul/zuul-jobs master: Prevent leaks of buildset registry credentials https://review.opendev.org/c/zuul/zuul-jobs/+/797909 | 14:36 |
| opendevreview | James E. Blair proposed opendev/base-jobs master: Update promote/publish secrets and jobs https://review.opendev.org/c/opendev/base-jobs/+/797910 | 14:37 |
| fungi | once the cat jobs clear, i'll make sure those ^ job fixes are queued before i reenqueue the saved pipeline snapshot | 14:41 |
| fungi | almost there looks line | 14:43 |
| fungi | i don't see either queued, so i'll approve them now | 14:44 |
| opendevreview | gnuoy proposed openstack/project-config master: Add Ceph Dashboard charm to OpenStack charms https://review.opendev.org/c/openstack/project-config/+/797911 | 14:53 |
| opendevreview | Merged opendev/base-jobs master: Update promote/publish secrets and jobs https://review.opendev.org/c/opendev/base-jobs/+/797910 | 14:55 |
| *** diablo_rojo__ is now known as diablo_rojo | 14:57 | |
| fungi | corvus: you mentioned needing a secrets update similar to ^ in openstack/project-config... do you have a handle on which jobs need updating? if not i'll start trying to work them out | 15:01 |
| fungi | presumably shouldn't reenqueue the saved snapshot until we do | 15:01 |
| corvus | fungi: probably anything that publishes to afs | 15:10 |
| fungi | okay, i'll see if i can replicate what you did in 797910 | 15:10 |
| corvus | fungi: these secrets: afsdocssecret-tox-docs afsdocssecret-tox-docs-direct afsdocssecret-tox-docs-infra afsdocssecret-deploy-guide afsdocssecret-tox-docs-special afsdocssecret-tox-docs-site afsdocssecret-releasenotes afsdocssecret-stx-apiref afsdocssecret-stx-tox-docs afsdocssecret-stx-tox-docs-site are all affected | 15:13 |
| fungi | i find three matches for `git grep '{{ afs\.'` one of which is in a comment | 15:13 |
| fungi | one each in playbooks/publish/install-guide.yaml and playbooks/publish/openstack-afs.yaml | 15:13 |
| corvus | fungi: the issue is in the secrets | 15:15 |
| fungi | but 797910 seems to update how they're being referenced in those sorts of jinja expansion | 15:15 |
| fungi | anyway, it looks like we need to pick some associative array subkeys to move the values into within the secrets | 15:16 |
| fungi | corvus: looks like matrix might have eaten the underscores in your earlier message, assuming you meant e.g. afsdocs_secret-tox-docs rather than afsdocssecret-tox-docs | 15:18 |
| corvus | fungi: yep i'll resend | 15:18 |
| corvus | fungi: these secrets: afsdocs_secret-tox-docs afsdocs_secret-tox-docs-direct afsdocs_secret-tox-docs-infra afsdocs_secret-deploy-guide afsdocs_secret-tox-docs-special afsdocs_secret-tox-docs-site afsdocs_secret-releasenotes afsdocs_secret-stx-apiref afsdocs_secret-stx-tox-docs afsdocs_secret-stx-tox-docs-site are all affected | 15:18 |
| fungi | thanks | 15:18 |
| corvus | fungi: the secrets and playbooks both need adjusting; you may be able to find the playbooks by grepping, but also should be able to find them by starting with the secrets and identifying which playbooks use them | 15:20 |
| opendevreview | Tristan Cacqueray proposed opendev/base-jobs master: submit-logstash-jobs: fix the new location of the zuul log_url https://review.opendev.org/c/opendev/base-jobs/+/797960 | 15:24 |
| fungi | corvus: thanks, i've worked through fixing afsdocs_secret-tox-docs from the example in opendev-zuul-docs and think i have a pretty good handle on this, will just take some time to apply similar transformations to the others and then ferret out all the uses in playbooks | 15:29 |
| opendevreview | Merged opendev/base-jobs master: submit-logstash-jobs: fix the new location of the zuul log_url https://review.opendev.org/c/opendev/base-jobs/+/797960 | 15:30 |
| opendevreview | James E. Blair proposed zuul/zuul-jobs master: Prevent leaks of buildset registry credentials https://review.opendev.org/c/zuul/zuul-jobs/+/797909 | 15:31 |
| *** ysandeep is now known as ysandeep|out | 15:36 | |
| opendevreview | James E. Blair proposed zuul/zuul-jobs master: Prevent leaks of buildset registry credentials https://review.opendev.org/c/zuul/zuul-jobs/+/797909 | 15:40 |
| fungi | corvus: i'm a little lost on afsdocs_secret-tox-docs-special and afsdocs_secret-tox-docs-site, are the vars for those going to need to be set as facts? | 15:45 |
| fungi | they're not referencing zuul namespaced vars | 15:46 |
| fungi | i've got the secrets retooled, working on finding uses of them now | 15:47 |
| corvus | fungi: looks like they're set in job vars; so you'll need to add "specialpublishdirectory" as a kwarg to the format function in the playbook (but it may not always exist if it's the same playbooks used by the other jobs, so that may need a '.get()' call too) | 15:49 |
| corvus | lemme see if i can come up with something | 15:50 |
| corvus | wow that's amazing, no special handling is needed even if the variable doesn't exist | 15:51 |
| corvus | fungi: so you should just be able to do .format(zuul=zuul, special_publish_directory=special_publish_directory) in those playbooks | 15:52 |
| fungi | okay, thanks! | 15:53 |
| fungi | also as luck would have it, most of the secrets seem to be passed to opendev-promote-docs-base as a parent | 15:53 |
| opendevreview | Tobias Henkel proposed zuul/zuul-jobs master: Fix reading buildset_registry from results.json https://review.opendev.org/c/zuul/zuul-jobs/+/797963 | 15:53 |
| fungi | which should already be addressed in 797910 | 15:54 |
| opendevreview | Tobias Henkel proposed zuul/zuul-jobs master: Fix reading buildset_registry from results.json https://review.opendev.org/c/zuul/zuul-jobs/+/797963 | 15:54 |
| *** rpittau is now known as rpittau|afk | 16:09 | |
| fungi | corvus: trying to unwind your .format() suggestion, i've managed to get lost, sorry... that var is being subbed in a secret which is then passed to a parent which doesn't explicitly reference special_publish_directory, specifically playbooks/docs/promote.yaml in opendev/base-jobs, do i add the .format() at the end of the target_dir definitions in that playbook? | 16:10 |
| fungi | i guess adding those variable names to the existing .format(zuul=zuul) there? | 16:10 |
| opendevreview | Jeremy Stanley proposed openstack/project-config master: Update promote/publish secrets and jobs https://review.opendev.org/c/openstack/project-config/+/797971 | 16:13 |
| fungi | infra-root: config-core: that's ^ my first try at the project-config fixes | 16:13 |
| opendevreview | Jeremy Stanley proposed openstack/project-config master: Update promote/publish secrets and jobs https://review.opendev.org/c/openstack/project-config/+/797971 | 16:22 |
| opendevreview | Ananya Banerjee proposed opendev/elastic-recheck master: Run elastic-recheck container https://review.opendev.org/c/opendev/elastic-recheck/+/729623 | 16:22 |
| opendevreview | Albin Vass proposed zuul/zuul-jobs master: Add _zuul var that can be overriden when including role https://review.opendev.org/c/zuul/zuul-jobs/+/797977 | 16:25 |
| opendevreview | James E. Blair proposed zuul/zuul-jobs master: Prevent leaks of buildset registry credentials https://review.opendev.org/c/zuul/zuul-jobs/+/797909 | 16:26 |
| *** jpena is now known as jpena|lunch | 16:30 | |
| *** jpena|lunch is now known as jpena | 16:30 | |
| corvus | fungi: that looks good for the secrets; it'll need some playbook updates too | 16:30 |
| fungi | corvus: the playbooks seemed to be from parents in opendev/base-jobs | 16:30 |
| fungi | which ones did i overlook? | 16:30 |
| *** jpena is now known as jpena|off | 16:31 | |
| corvus | fungi: oh neat | 16:31 |
| corvus | then nevermind | 16:31 |
| fungi | well, i mean i won't guarantee that i didn't miss some, but i thought i checked that they were all parented to the promote job in base-jobs which was already updated to use that pattern | 16:32 |
| fungi | corvus: except for the aforementioned special_publish_directory and publish_site vars which are similarly being passed to the same parent, hence my request for clarification on the .format() suggestion | 16:33 |
| fungi | but if i interpreted your suggestion correctly, i'll need to patch that into base-jobs anyway | 16:34 |
| corvus | fungi: oh sorry, i missed that...but yes, i think that's the thing to do | 16:34 |
| fungi | thanks, change on the way for that as well | 16:35 |
| corvus | fungi: it's important to make sure that a secret that includes special_publish_directory in a template var isn't used in a job that runs in a pre-review pipeline, and that we trust the people who approve changes for the projects where it runs. | 16:36 |
| corvus | (i don't think this is a change in behavior from before though, so presumably whoever set that up originally made that determination) | 16:37 |
| fungi | yeah, it can't be used outside jobs in openstack/project-config in that case, right? | 16:37 |
| fungi | er, used by jobs defined outside | 16:37 |
| opendevreview | Jeremy Stanley proposed opendev/base-jobs master: Allow publish_site and special_publish_directory https://review.opendev.org/c/opendev/base-jobs/+/797980 | 16:44 |
| fungi | corvus: ^ like that then? | 16:44 |
| opendevreview | James E. Blair proposed zuul/zuul-jobs master: Prevent leaks of buildset registry credentials https://review.opendev.org/c/zuul/zuul-jobs/+/797909 | 16:48 |
| corvus | fungi: lgtm | 16:49 |
| fungi | thanks | 16:49 |
| opendevreview | Merged openstack/project-config master: Update promote/publish secrets and jobs https://review.opendev.org/c/openstack/project-config/+/797971 | 16:56 |
| opendevreview | James E. Blair proposed zuul/zuul-jobs master: Prevent leaks of buildset registry credentials https://review.opendev.org/c/zuul/zuul-jobs/+/797909 | 16:56 |
| opendevreview | James E. Blair proposed zuul/zuul-jobs master: Re-add buildset-registry jobs https://review.opendev.org/c/zuul/zuul-jobs/+/797986 | 16:57 |
| opendevreview | Jeremy Stanley proposed opendev/system-config master: Stop updating Gerrit RDBMS for repo renames https://review.opendev.org/c/opendev/system-config/+/797990 | 17:03 |
| opendevreview | Merged opendev/base-jobs master: Allow publish_site and special_publish_directory https://review.opendev.org/c/opendev/base-jobs/+/797980 | 17:08 |
| fungi | infra-root: now that 797971 and 797980 have merged, i'll reenqueue the saved pipeline snapshot from prior to the service restart | 17:09 |
| fungi | reenqueuing is now underway | 17:12 |
| fungi | and now it's complete | 17:21 |
| opendevreview | Merged zuul/zuul-jobs master: Prevent leaks of buildset registry credentials https://review.opendev.org/c/zuul/zuul-jobs/+/797909 | 17:23 |
| fungi | i guess this needs fixing for new zuul as well: https://zuul.opendev.org/t/openstack/build/f37fbb11e7284dc18fc54921d78dc044/console#1/0/5/localhost | 17:24 |
| fungi | i think i see where the secret needs updating in project-config, though there will need to be a corresponding change in base-jobs i think | 17:30 |
| corvus | fungi: this looks like the same turing-complete-secret pattern, so probably the format() fix again | 17:31 |
| fungi | yeah | 17:32 |
| fungi | on the base-jobs side | 17:32 |
| opendevreview | Jeremy Stanley proposed openstack/project-config master: Do var subst in openstack-github-mirroring secret https://review.opendev.org/c/openstack/project-config/+/797992 | 17:33 |
| fungi | that's the project-config half | 17:33 |
| opendevreview | Jeremy Stanley proposed opendev/base-jobs master: Use python string formatting for upload-git-mirror https://review.opendev.org/c/opendev/base-jobs/+/797993 | 17:38 |
| fungi | and the base-jobs half ^ | 17:38 |
| fungi | corvus: when you get a moment, please lmk if that pair of changes looks right | 17:42 |
| corvus | lgtm | 17:42 |
| fungi | hah, thanks! | 17:42 |
| corvus | fungi: i +2d; probably makes sense for you to +w | 17:43 |
| fungi | yep, i'll be keeping an eye on it after it runs again | 17:43 |
| opendevreview | James E. Blair proposed zuul/zuul-jobs master: Fix default value for zuul_artifacts https://review.opendev.org/c/zuul/zuul-jobs/+/798000 | 17:51 |
| opendevreview | Merged opendev/base-jobs master: Use python string formatting for upload-git-mirror https://review.opendev.org/c/opendev/base-jobs/+/797993 | 17:51 |
| fungi | mordred: back on the pbr517 topic, you may also may want to review in progress peps 660 and 662 about handling editable installs | 18:06 |
| fungi | though if pbr becomes a setuptools wrapper that's probably not terribly urgent until we try to drop setuptools | 18:06 |
| opendevreview | Merged zuul/zuul-jobs master: Fix default value for zuul_artifacts https://review.opendev.org/c/zuul/zuul-jobs/+/798000 | 18:14 |
| opendevreview | Merged openstack/project-config master: Do var subst in openstack-github-mirroring secret https://review.opendev.org/c/openstack/project-config/+/797992 | 18:18 |
| fungi | hopefully any github mirror jobs started after 18:18 should succeed now | 18:20 |
| fungi | openstack-upload-github-mirror seems to be passing as of the builds which completed for a couple of projects at 18:26 | 18:42 |
| opendevreview | James E. Blair proposed opendev/system-config master: Update Zuul job semaphore usage https://review.opendev.org/c/opendev/system-config/+/798020 | 20:21 |
| opendevreview | James E. Blair proposed openstack/project-config master: Update Zuul job semaphore usage https://review.opendev.org/c/openstack/project-config/+/798021 | 20:22 |
| *** dviroel is now known as dviroel|afk | 20:25 | |
| *** dviroel|afk is now known as dviroel | 20:54 | |
| opendevreview | Merged zuul/zuul-jobs master: Re-add buildset-registry jobs https://review.opendev.org/c/zuul/zuul-jobs/+/797986 | 21:28 |
| *** dviroel is now known as dviroel|out | 21:29 | |
| mordred | fungi: neat (re 660/662) - seem reasonable for once we have overthrown our setuptools overlords- but I agree, not urgent | 21:31 |
| ianw | o/ thanks corvus/fungi for dealing with the security rollout | 21:39 |
| fungi | ianw: you get to hit all the things we missed ;) | 21:42 |
| ianw | fungi: do you have any top-of-head thoughts on why the bullseye wheel job takes hours and times out? https://zuul.opendev.org/t/openstack/build/cd4503d0ca8f49cba83958f771f229e0/logs | 23:00 |
| fungi | ianw: gut instinct is that almost no projects on pypi publish wheels for py39 | 23:01 |
| fungi | do we build py39 wheels for any other platforms (recent fedora maybe)? | 23:02 |
| ianw | ahh, is 3.9 default or installable? we don't build fedora wheel. | 23:03 |
| fungi | default | 23:03 |
| ianw | ok, we might have to do like the arm64 build and trim to build only the latest two releases | 23:04 |
| fungi | it could either be that we end up building lots of extra pure python wheels specifically for py39, when abi3 would do, or that the lack of so many wheels on pypi for it is hamstringing pip's dep solver | 23:04 |
| ianw | this is wrt to https://review.opendev.org/c/openstack/openstack-zuul-jobs/+/797808/ ... i'm not sure we've been testing it | 23:04 |
| fungi | but sure, i also highly doubt year+ old stable branches of openstack are going to want to run jobs on bullseye | 23:05 |
| opendevreview | Ian Wienand proposed openstack/project-config master: Add python-path to Debian bullseye ARM64 images https://review.opendev.org/c/openstack/project-config/+/798029 | 23:52 |
Generated by irclog2html.py 2.17.2 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!