Thursday, 2015-02-26

« Wednesday, 2015-02-25 Index Friday, 2015-02-27 »
*** woodster_ has quit IRC00:00
*** woodster_ has joined #openstack-barbican00:07
*** gyee has joined #openstack-barbican00:13
*** david-lyle is now known as david-lyle_afk00:14
kfox1111really close now. got container name -> container id. secret_id to raw data. project validation. just need container entity name -> secret id.00:19
*** zz_dimtruck is now known as dimtruck00:28
*** rm_mobile has quit IRC00:29
kfox1111ok... got it. get request to /v1-vm/<container-id|container-name>/<container-secret-name> returns the data. :)00:36
kfox1111so this works: curl -H 'Accept: application/octet-stream' -H 'X-Talisman: '$TALISMAN http://localhost:9311/v1-vm/mycontainer/mysecret200:42
kfox1111now, is there a way to force the path to always be application/octet-stream, so it doesn't need to be explicitly specified?00:42
kfox1111That would shrink it down to a very nice:00:43
kfox1111curl -H 'X-Talisman: '$TALISMAN http://localhost:9311/v1-vm/mycontainer/mysecret200:43
*** dave-mccowan has joined #openstack-barbican00:45
kfox1111hmm.... pecan.request.accept.header_value = 'application/octet-stream' doesn't seem to work.00:56
kfox1111its bombin out in plugin.get_secret(pecan.request.accept.header_value, with a value of */*.00:57
kfox1111so it seems like a write to it doesn't work. :/00:57
kfox1111ok... well, if I force it in the middleware, it works fine. :/01:12
kfox1111ok. sweet. I was able to shorten the key fetching process to:01:13
kfox1111curl -H 'X-Talisman: '$TALISMAN $BARBICAN/v1-vm/mycontainer/mysecret201:13
*** gyee has quit IRC01:18
*** bdpayne has quit IRC01:43
*** kfox1111 has quit IRC01:43
*** dave-mccowan has quit IRC01:51
*** chlong_ has joined #openstack-barbican02:43
*** rm_work has quit IRC03:10
*** lisaclark1 has joined #openstack-barbican03:48
*** SheenaG11 has quit IRC04:01
*** lisaclark has quit IRC04:04
*** jvrbanac has quit IRC04:05
*** lisaclark has joined #openstack-barbican04:06
*** jvrbanac has joined #openstack-barbican04:06
*** kebray has joined #openstack-barbican04:11
*** rm_work|away has joined #openstack-barbican04:36
*** rm_work|away is now known as rm_work04:36
*** rm_work has joined #openstack-barbican04:36
*** woodster_ has quit IRC05:20
*** lisaclark1 has quit IRC05:30
*** woodster_ has joined #openstack-barbican06:06
*** kebray has quit IRC06:16
*** kebray has joined #openstack-barbican06:19
*** alee has quit IRC06:44
*** alee has joined #openstack-barbican06:57
*** chlong_ has quit IRC07:42
*** chlong has quit IRC07:43
*** nickrmc83 has joined #openstack-barbican08:08
*** woodster_ has quit IRC08:10
*** jaosorior has joined #openstack-barbican09:38
*** darrenmoffat1 has quit IRC10:04
*** darrenmoffat has joined #openstack-barbican10:05
*** chlong has joined #openstack-barbican11:51
*** chlong_ has joined #openstack-barbican11:51
*** kfox1111 has joined #openstack-barbican12:03
*** dimtruck is now known as zz_dimtruck12:39
*** woodster_ has joined #openstack-barbican13:07
*** zz_dimtruck is now known as dimtruck13:09
*** chlong has quit IRC13:20
*** chlong_ has quit IRC13:20
*** kebray has quit IRC13:23
openstackgerritJuan Antonio Osorio Robles proposed openstack/barbican: Refactor Secrets resource to use repository factories  https://review.openstack.org/15945713:29
*** dimtruck is now known as zz_dimtruck13:34
*** zz_dimtruck is now known as dimtruck13:36
*** lisaclark1 has joined #openstack-barbican13:51
*** lisaclark1 has quit IRC14:01
*** dimtruck is now known as zz_dimtruck14:07
*** lisaclark1 has joined #openstack-barbican14:10
*** arunkant has quit IRC14:10
*** rellerreller has joined #openstack-barbican14:42
*** ametts has joined #openstack-barbican14:58
*** lisaclark1 has quit IRC15:02
*** zz_dimtruck is now known as dimtruck15:03
*** lisaclark1 has joined #openstack-barbican15:09
*** kebray has joined #openstack-barbican15:13
*** rellerreller has quit IRC15:28
*** kebray has quit IRC15:38
*** jorge_munoz has joined #openstack-barbican15:47
*** SheenaG1 has joined #openstack-barbican15:51
*** kfox1111 has quit IRC16:01
*** mikedillion has joined #openstack-barbican16:02
*** kgriffs|afk is now known as kgriffs16:04
*** mikedillion has quit IRC16:11
*** kebray has joined #openstack-barbican16:15
*** lisaclark1 has quit IRC16:15
*** rellerreller has joined #openstack-barbican16:18
*** gyee has joined #openstack-barbican16:24
*** kfox1111 has joined #openstack-barbican16:24
kfox1111ok. here's a question... I have a vendor data plugin for barbican. which repo? :)16:25
SheenaG1Hey kfox1111 - sorry it's been so quiet the last couple of days; all the Rackspace contribs are in an annual tech conference, so they may be slow to respond16:27
SheenaG1And I unfortunately don't know which repo you should use!16:27
kfox1111no worries. :)16:27
kfox1111I'll just stick it in barbican.git for now in the review, and let the reviewers decide.16:28
*** kebray has quit IRC16:35
*** david-lyle_afk is now known as david-lyle16:36
*** kebray has joined #openstack-barbican16:52
*** paul_glass has joined #openstack-barbican16:53
*** paul_glass1 has joined #openstack-barbican16:55
*** paul_glass has quit IRC16:58
*** arunkant_ has joined #openstack-barbican16:59
arunkant_alee, ping17:01
*** bdpayne has joined #openstack-barbican17:03
*** dave-mccowan has joined #openstack-barbican17:04
kfox1111ok. sweet. got it refactored abit. now you do:17:05
kfox1111curl -f -H 'X-Token: '$BARBICAN_TOKEN $BARBICAN_URL/v1-vm/mycontainer/mysecret217:05
*** kgriffs is now known as kgriffs|afk17:16
*** kebray has quit IRC17:21
aleearunkant_, pong17:26
arunkant_alee, How can I help in per secret ACL implementation plan?17:27
aleearunkant_, oh fantastic :)17:28
*** jkf has joined #openstack-barbican17:28
aleearunkant_, being called to lunch - but I'll get back to you this afternoon17:29
arunkant_alee, I see the number of work items among two specs ..17:29
arunkant_alee, okay17:29
*** paul_glass1 has quit IRC17:32
*** kebray has joined #openstack-barbican17:34
*** kebray has quit IRC17:36
*** kebray has joined #openstack-barbican17:42
*** rellerreller has quit IRC17:44
kfox1111so, if I write a new spec real quick, where should it go?17:45
kfox1111There is only a juno and kilo dir.17:45
*** dave-mccowan has quit IRC18:01
redrobotkfox1111 kilo is the current cycle18:09
kfox1111k.18:10
aleearunkant_, ping18:13
arunkant_alee, still here18:14
aleearunkant_, ok - so per-secret implementation18:14
aleearunkant_, pulling up specs ..18:14
aleearunkant_, per secret spec -- https://review.openstack.org/#/c/127353/18:15
arunkant_alee, so are you still targeting the impl (or part of it) to be targeted for kilo? I see number of items to be done as per two specs18:15
aleewhich other spec are you referring to?18:15
aleeOr are you referring to the two blueprints in the same review ?18:16
arunkant_alee, https://review.openstack.org/#/c/127353/5/specs/kilo/add-per-secret-policy.rst and https://review.openstack.org/#/c/127353/5/specs/kilo/add-creator-only-option.rst18:16
aleegotcha18:16
arunkant_yes18:16
aleearunkant_, we were hoping to get both in kilo18:16
aleearunkant_, but I would suggest working on the first one --- add-per-secret-policy first18:17
aleethats the one that is needed most immediately18:17
aleeand the second one depends on the first18:17
aleearunkant_, so - looking at the work items in the first spec , do you have any questions?18:19
*** lisaclark1 has joined #openstack-barbican18:19
arunkant_alee, okay...are you planning to work on part of it? I can try to shoot for first spec in March 19 timeline.18:19
aleearunkant_, its going to be hard for me to work on any of it right now -- too many things pulling me off barbican -- its hard enough for me to get all the cert stuff in.18:20
aleearunkant_, I'll be willing to help out and provide reviews etc. , but I raised this as a flag at the summit18:21
aleearunkant_, jaosorior mentioned that he might be able to help work on it18:21
aleeso did rm_work18:21
*** lisaclark1 has quit IRC18:22
aleeand venkat18:22
arunkant_alee, I understand the spec..and most likely will have question on the way. But will see if can make it happen this for kilo timeline. Will start working on it next week sometime,18:22
jaosorioralee, arunkant_ I will get confirmation about it soon.18:22
jaosoriorProbably by next week also18:23
aleejaosorior, great -- I think arunkant_ will be happy for the help18:23
jaosoriorIf its possible to divide the tasks then it will work nicely18:23
aleearunkant_, definitely feel free to ping me with questions. I think the spec has been through enough reviews that a lot has been worked out18:24
aleeand it wont be too bad once we get started18:24
aleejaosorior, arunkant_ its definitely possible to divvy up the work18:24
aleejaosorior, arunkant_ I think the tasks under work items form discrete chunks18:25
aleearunkant_, very excited that you're taking it on :)18:26
aleejaosorior, you too - if you get approval :)18:26
aleeok - got to go outside to shovel snow/ play with kids etc.18:26
*** alee is now known as alee_snow18:26
arunkant_alee, yes..but they seem kind of interdependent. Will go through it next week.18:27
alee_snowthey are, but they can be sliced if needed --- I'm sure ya'll will figure it out.18:28
openstackgerritKevin Fox proposed openstack/barbican-specs: Spec for vm-integration  https://review.openstack.org/15957118:41
*** gyee has quit IRC18:48
*** lisaclark1 has joined #openstack-barbican18:48
openstackgerritKevin Fox proposed openstack/barbican: VM Integration  https://review.openstack.org/15957318:53
kfox1111Ok. there it is. :)18:54
kfox1111not nessisarily pretty at this point, but fairly functional.18:54
openstackgerritKevin Fox proposed openstack/barbican-specs: Spec for vm-integration  https://review.openstack.org/15957119:01
*** lisaclark1 has quit IRC19:03
openstackgerritKevin Fox proposed openstack/barbican-specs: Spec for vm-integration  https://review.openstack.org/15957119:10
*** dimtruck is now known as zz_dimtruck19:10
*** lisaclark1 has joined #openstack-barbican19:14
*** zz_dimtruck is now known as dimtruck19:22
*** lisaclark1 has quit IRC19:24
*** kebray has quit IRC19:48
*** bdpayne_ has joined #openstack-barbican19:59
*** bdpayne has quit IRC20:01
*** bdpayne_ has quit IRC20:02
kfox1111ok. Since I have a patch in place that will work for us, I need to try and rpmize this...20:02
kfox1111anyone with experience with https://github.com/gregswift/barbican-spec on?20:02
*** kebray has joined #openstack-barbican20:03
*** kebray has quit IRC20:04
*** kebray has joined #openstack-barbican20:05
kfox1111this is a weird build system. :/20:09
*** bdpayne has joined #openstack-barbican20:22
*** kebray has quit IRC20:24
kfox1111so what peices do you need to install? openstack-barbican, worker says it conflicts with openstack-barbican. keystone listener?20:31
*** bdpayne has quit IRC20:34
*** bdpayne has joined #openstack-barbican20:35
*** kebray has joined #openstack-barbican20:35
*** alee_snow is now known as alee20:37
*** lisaclark1 has joined #openstack-barbican20:44
*** xaeth_afk is now known as xaeth20:45
*** jorge_munoz has quit IRC20:46
*** lisaclark2 has joined #openstack-barbican20:50
*** lisaclark1 has quit IRC20:50
kfox1111hmmm... the rpms say it depends on python-cryptography. is there another package somewhere for that? rdo doesn't seem to provide it.20:50
rm_workpython-cryptography probably just provides the pypi package "cryptography"20:54
rm_workbut as a system level20:54
kfox1111looks like there is a rpmbuild/package_dependencies.sh script...20:54
kfox1111hmm... it depends on fpm, which isn't in an rpm either. :/20:56
*** morganfainberg is now known as needscoffee20:57
kfox1111arg....20:57
kfox1111fpm is buggy! :)20:57
kfox1111"FUNDAMENTAL PRINCIPLE: IF FPM IS NOT HELPING YOU MAKE PACKAGES EASILY, THEN THERE IS A BUG IN FPM."20:58
kfox1111If I have to install ruby, and load a gem, just to use it.... ;)20:58
*** paul_glass has joined #openstack-barbican21:13
*** paul_glass has quit IRC21:15
*** paul_glass has joined #openstack-barbican21:22
*** dimtruck is now known as zz_dimtruck21:25
*** kebray has quit IRC21:28
*** paul_glass has quit IRC21:33
openstackgerritSteve Heyman proposed openstack/python-barbicanclient: Add pre-test hook to configure barbican server  https://review.openstack.org/15961721:39
*** igueths has joined #openstack-barbican21:46
*** lisaclark2 has quit IRC21:48
*** kebray has joined #openstack-barbican21:59
*** kebray has quit IRC21:59
kfox1111bummer... rpm wants to start /usr/bin/barbican/barbican.sh but it doesn't exist.22:06
*** needscoffee is now known as needsmostcoffee22:12
*** needsmostcoffee is now known as morganfainberg22:13
*** igueths has quit IRC22:16
*** jorge_munoz has joined #openstack-barbican22:17
kfox1111I added the script back, but /etc/barbican/vassles is emplty too. :/22:29
kfox1111does anyone run barbican in production yet?22:30
*** jorge_munoz has quit IRC22:30
SheenaG1kfox1111: Rackspace does, in a really limited sense22:30
SheenaG1kfox1111: it's a full deployment on Production gear, but it's currently being limited to use by only a couple of teams22:30
kfox1111know who maintains https://github.com/gregswift/barbican-spec?22:33
*** gyee has joined #openstack-barbican22:38
kfox1111arg..... from oslo_config import cfg :/22:39
*** igueths has joined #openstack-barbican22:39
*** gyee has quit IRC22:40
*** jaosorior has quit IRC22:42
*** gyee has joined #openstack-barbican22:42
kfox1111hmm... oslo_log....22:45
kfox1111not in the old oslo/log location. :/22:45
*** SheenaG1 has quit IRC23:04
kfox1111arg... gona have to try and backport this to juno barbican. :/23:05
kfox1111too much has changed in kilo. :/23:05
*** xaeth is now known as xaeth_afk23:13
*** dave-mccowan has joined #openstack-barbican23:14
*** igueths has quit IRC23:18
*** lisaclark1 has joined #openstack-barbican23:19
*** lisaclark1 has quit IRC23:34
*** kfox1111 has quit IRC23:45
*** kfox1111 has joined #openstack-barbican23:50
kfox1111wow. its a pain to package openstack. :/23:51
kfox1111at least kilo versions of things getting oslo all moved around. :/23:51
*** chlong has joined #openstack-barbican23:53
« Wednesday, 2015-02-25 Index Friday, 2015-02-27 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!