*** kebray has quit IRC | 00:05 | |
*** chadlung has joined #openstack-barbican | 00:12 | |
*** chadlung has quit IRC | 00:16 | |
*** gyee has quit IRC | 00:23 | |
*** zz_dimtruck is now known as dimtruck | 00:27 | |
openstackgerrit | Arun Kant proposed openstack/barbican: Adding ACL check when new stored key order is submitted https://review.openstack.org/176558 | 00:38 |
---|---|---|
*** alee_ has quit IRC | 00:39 | |
*** alee has joined #openstack-barbican | 00:39 | |
*** rm_you has joined #openstack-barbican | 01:31 | |
*** rm_you has quit IRC | 01:31 | |
*** rm_you has joined #openstack-barbican | 01:31 | |
*** david-lyle has quit IRC | 01:59 | |
*** dave-mccowan has quit IRC | 02:24 | |
*** dave-mccowan has joined #openstack-barbican | 02:25 | |
*** alee_dinner is now known as alee_ | 02:32 | |
*** dimtruck is now known as zz_dimtruck | 03:08 | |
*** rm_work is now known as rm_work|away | 04:06 | |
*** rm_you| has joined #openstack-barbican | 04:07 | |
*** rm_you has quit IRC | 04:07 | |
*** alee has quit IRC | 04:08 | |
*** alee_ has quit IRC | 04:08 | |
*** alee has joined #openstack-barbican | 04:10 | |
*** alee_ has joined #openstack-barbican | 04:11 | |
openstackgerrit | Dave McCowan proposed openstack/barbican: [WIP] Add ACL Functional Tests https://review.openstack.org/176615 | 04:29 |
*** david-lyle has joined #openstack-barbican | 04:59 | |
*** alee_ has quit IRC | 05:17 | |
*** alee has quit IRC | 05:18 | |
*** rm_you| has quit IRC | 05:22 | |
*** rm_you has joined #openstack-barbican | 05:22 | |
*** alee_ has joined #openstack-barbican | 05:31 | |
*** alee has joined #openstack-barbican | 05:33 | |
openstackgerrit | Dave McCowan proposed openstack/barbican: [WIP] Add ACL Functional Tests https://review.openstack.org/176615 | 05:44 |
*** dave-mccowan has quit IRC | 05:46 | |
*** woodster_ has quit IRC | 06:40 | |
openstackgerrit | Merged openstack/barbican: Fix failure with get on dict that was None https://review.openstack.org/176101 | 06:53 |
openstackgerrit | Merged openstack/python-barbicanclient: Cleaning up Keystone auth tests https://review.openstack.org/175597 | 07:11 |
openstackgerrit | Merged openstack/python-barbicanclient: Adding support for token based authentication https://review.openstack.org/175599 | 07:26 |
*** d0ugal has quit IRC | 09:29 | |
*** d0ugal has joined #openstack-barbican | 09:29 | |
*** d0ugal is now known as Guest81472 | 09:29 | |
*** Guest81472 is now known as d0ugal2 | 09:40 | |
*** d0ugal2 is now known as d0ugal | 09:47 | |
*** d0ugal has quit IRC | 09:47 | |
*** d0ugal has joined #openstack-barbican | 09:47 | |
*** darrenmoffat has quit IRC | 10:01 | |
*** darrenmoffat has joined #openstack-barbican | 10:06 | |
*** alkar has joined #openstack-barbican | 10:16 | |
*** jaosorior has joined #openstack-barbican | 11:26 | |
*** david-lyle has quit IRC | 11:29 | |
*** dave-mccowan has joined #openstack-barbican | 11:53 | |
*** nickrmc84 has quit IRC | 11:56 | |
*** nickrmc83 has joined #openstack-barbican | 11:58 | |
openstackgerrit | Dave McCowan proposed openstack/barbican: [WIP] Add ACL Functional Tests https://review.openstack.org/176615 | 12:01 |
*** david-lyle has joined #openstack-barbican | 12:05 | |
*** alee has quit IRC | 12:21 | |
*** woodster_ has joined #openstack-barbican | 12:29 | |
*** david-lyle has quit IRC | 12:31 | |
*** rellerreller has joined #openstack-barbican | 12:42 | |
*** zz_dimtruck is now known as dimtruck | 13:03 | |
*** joesavak has joined #openstack-barbican | 13:23 | |
*** dimtruck is now known as zz_dimtruck | 13:28 | |
*** alee has joined #openstack-barbican | 13:41 | |
*** stanzi has joined #openstack-barbican | 13:58 | |
*** paul_glass has joined #openstack-barbican | 14:06 | |
*** zz_dimtruck is now known as dimtruck | 14:40 | |
*** xaeth_afk is now known as xaeth | 14:45 | |
*** SheenaG has joined #openstack-barbican | 15:13 | |
openstackgerrit | Steve Heyman proposed openstack/python-barbicanclient: Updates for CLI testing https://review.openstack.org/175150 | 15:15 |
openstackgerrit | Steve Heyman proposed openstack/python-barbicanclient: Updates for CLI testing https://review.openstack.org/175150 | 15:20 |
openstackgerrit | Steve Heyman proposed openstack/python-barbicanclient: Updates for CLI testing https://review.openstack.org/175150 | 15:21 |
*** silos has joined #openstack-barbican | 15:22 | |
openstackgerrit | John Vrbanac proposed openstack/python-barbicanclient: Fixing misspelling in client docstring https://review.openstack.org/176816 | 15:24 |
openstackgerrit | OpenStack Proposal Bot proposed openstack/barbican: Updated from global requirements https://review.openstack.org/176821 | 15:27 |
*** david-lyle has joined #openstack-barbican | 15:29 | |
*** rm_work|away is now known as rm_work | 15:29 | |
*** igueths has joined #openstack-barbican | 15:33 | |
openstackgerrit | Steve Heyman proposed openstack/python-barbicanclient: Updates for CLI testing https://review.openstack.org/175150 | 15:35 |
*** kebray has joined #openstack-barbican | 15:35 | |
redrobot | dave-mccowan I'm backporting https://bugs.launchpad.net/barbican/+bug/1446826 for RC2 | 15:37 |
openstack | Launchpad bug 1446826 in Barbican kilo "Get secret with ACL returns 500 Internal Server Error" [Critical,New] - Assigned to Douglas Mendizábal (dougmendizabal) | 15:37 |
*** ccneill has joined #openstack-barbican | 15:42 | |
*** stanzi has quit IRC | 15:52 | |
*** stanzi has joined #openstack-barbican | 15:52 | |
*** tkelsey has joined #openstack-barbican | 15:55 | |
*** david-lyle has quit IRC | 15:56 | |
*** ccneill has quit IRC | 16:00 | |
*** rellerreller has quit IRC | 16:03 | |
*** gyee has joined #openstack-barbican | 16:03 | |
*** kebray has quit IRC | 16:04 | |
*** jsavak has joined #openstack-barbican | 16:04 | |
*** kebray has joined #openstack-barbican | 16:04 | |
*** joesavak has quit IRC | 16:06 | |
*** rm_work is now known as rm_work|away | 16:11 | |
*** arunkant_ has joined #openstack-barbican | 16:16 | |
*** jsavak has quit IRC | 16:36 | |
*** jaosorior has quit IRC | 16:42 | |
dave-mccowan | redrobot, lgtm | 16:48 |
dave-mccowan | redrobt, quick RBAC question: Does a user in an ACL list need to have some role (like role==other) in the project associated with the secret? | 16:48 |
*** igueths has quit IRC | 16:55 | |
*** igueths has joined #openstack-barbican | 16:59 | |
*** alkar has quit IRC | 17:06 | |
*** gyee has quit IRC | 17:07 | |
*** alkar has joined #openstack-barbican | 17:07 | |
*** silos has left #openstack-barbican | 17:08 | |
arunkant_ | dave-mccowan: Currently No. User does not have to have barbican role. If user is in secret ACL list with read operation, then user can read the secret. There was discussion in weekly meeting to have barbican role requirement with ACL | 17:14 |
dave-mccowan | arunkant_, thanks. i'll push up a CR in a few minutes with some test cases. hopefully you can take a look to see if my assumptions are right. | 17:17 |
openstackgerrit | Dave McCowan proposed openstack/barbican: [WIP] Add ACL Functional Tests https://review.openstack.org/176615 | 17:21 |
dave-mccowan | arunkant_ ^^^, if you look at test_acls.py lines 52 through 86, it details what i'm expecting back from a GET operation for each user, based on different ACLs. do i have those right? | 17:23 |
*** rellerreller has joined #openstack-barbican | 17:25 | |
*** alkar has quit IRC | 17:32 | |
openstackgerrit | Juan Antonio Osorio Robles proposed openstack/barbican: Migrate to oslo_context https://review.openstack.org/175338 | 17:36 |
*** jaosorior has joined #openstack-barbican | 17:36 | |
arunkant_ | dave-mccowan, in test_acls line# 56 returns 200 and line # 65 return 403 . Not sure why as it just has non-private acl (cannot tell whether auditor is allowed role or not) | 17:37 |
*** rm_work|away is now known as rm_work | 17:37 | |
dave-mccowan | arunkat_ auditor has role "audit". if i understand the spec, they can never read, so should always return 403? | 17:39 |
arunkant_ | dave-mccowan, there are two different policy rules..one for reading secret metadata and then reading actual secret (decrypt ). decrypt does not allow auditor but metadata one does. | 17:41 |
arunkant_ | dave-mccowan, regardless of that..why it will change when we just add non-private acl on secret. | 17:42 |
dave-mccowan | arunkant,_ i'll make that change: a user with audit role should always get 403 when trying to read a secret payload. right? | 17:45 |
dave-mccowan | arunkant_ is that the only issue you see? | 17:47 |
*** igueths has quit IRC | 17:48 | |
arunkant_ | dave-mccowan, yes..I am assuming admin2, observer2 are users which does not have roles in secret project. | 17:49 |
dave-mccowan | arunkant_ correct. | 17:50 |
*** stanzi has quit IRC | 17:57 | |
*** stanzi has joined #openstack-barbican | 17:58 | |
*** stanzi has quit IRC | 18:02 | |
*** stanzi has joined #openstack-barbican | 18:02 | |
dave-mccowan | arunkant_ should a secret with no acl, have the same accessability as a secret with a non-private acl with no user list? | 18:03 |
*** tkelsey has quit IRC | 18:03 | |
arunkant_ | dave-mccowan: Yes. Unless its private, ACL just adds additional users who can access it. | 18:04 |
*** david-lyle has joined #openstack-barbican | 18:07 | |
dave-mccowan | arunkant_ can a secret be private and add an ACL user? so then, the creator and the listed users are the only ones with access? | 18:09 |
arunkant_ | alee, woodster_, as discussed yesterday about order acl bug, added review https://review.openstack.org/#/c/176558/ . Its failed at devstack with no obvious reason..trying recheck | 18:09 |
arunkant_ | dave-mccowan, correct | 18:11 |
*** gyee has joined #openstack-barbican | 18:15 | |
*** SheenaG has quit IRC | 18:16 | |
*** morganfainberg is now known as grebniafnagrom | 18:24 | |
*** grebniafnagrom is now known as morganfainberg | 18:24 | |
*** SheenaG has joined #openstack-barbican | 18:25 | |
*** stanzi has quit IRC | 18:28 | |
*** stanzi has joined #openstack-barbican | 18:28 | |
*** gyee has quit IRC | 18:30 | |
openstackgerrit | Merged openstack/python-barbicanclient: Fixing misspelling in client docstring https://review.openstack.org/176816 | 18:31 |
*** stanzi has quit IRC | 18:33 | |
*** SheenaG has quit IRC | 18:35 | |
*** kebray has quit IRC | 18:37 | |
*** kebray has joined #openstack-barbican | 18:41 | |
*** SheenaG has joined #openstack-barbican | 18:41 | |
*** nickrmc83 has quit IRC | 18:53 | |
*** nickrmc83 has joined #openstack-barbican | 18:54 | |
*** SheenaG has quit IRC | 19:03 | |
dave-mccowan | hockeynut ping | 19:16 |
hockeynut | dave-mccowan yessir | 19:16 |
dave-mccowan | hockeynut when the gate runs functional tests, it runs them twice. what's the difference between the two runs? | 19:17 |
hockeynut | once in parallel and once sequentially | 19:18 |
hockeynut | looking for concurrency issues | 19:18 |
dave-mccowan | hockeynut, interesting. so, if i have a bunch of failures on second the run, is that usually a barbican problem or a test case problem? | 19:19 |
hockeynut | yes :-) if a test fails and its a new test then I'd check to see that the test is good. if its an existing test then I'd check to see what changed within barbican | 19:20 |
dave-mccowan | hockeynut, it's both. :-) new tests for a new feature. | 19:21 |
dave-mccowan | hockeynut, if you want to take a look: https://review.openstack.org/176615 | 19:21 |
hockeynut | I usually run locally and sequentially to see things pass. | 19:22 |
hockeynut | clicking... | 19:22 |
*** ccneill has joined #openstack-barbican | 19:23 | |
dave-mccowan | hockeynut, i have a good handle on the 5 failures in sequential. it's the 22 failures in parallel that i have this question on. | 19:23 |
hockeynut | ok, will peek at 'em | 19:23 |
*** chadlung has joined #openstack-barbican | 19:25 | |
*** SheenaG has joined #openstack-barbican | 19:30 | |
dave-mccowan | arunkant_ i think there might be a problem with using ACL Lists. in get_acl_dict_for_user(), the ctxt.user value is a UID (u'e8b7...3e4' in my case), but the acl_users.user_id is in "english" ('observer2' in my case) | 19:35 |
*** rellerreller has quit IRC | 19:43 | |
openstackgerrit | Merged openstack/barbican: Updated from global requirements https://review.openstack.org/176821 | 19:44 |
*** ccneill has quit IRC | 19:46 | |
*** alkar has joined #openstack-barbican | 19:48 | |
*** jaosorior has quit IRC | 19:52 | |
*** alkar has quit IRC | 19:54 | |
*** stanzi has joined #openstack-barbican | 20:01 | |
woodster_ | dave-mccowan: in reality, the user_id will be a unique key to the user in Keystone, not the actual user name. Is that what you are referring to though? | 20:01 |
*** tkelsey has joined #openstack-barbican | 20:01 | |
dave-mccowan | woodster_, when i create a secret ACL like: {'read': {'users': ['observer2'], 'creator-only': False}} should i be passing in 'observer2' as the user name? | 20:04 |
woodster_ | dave-mccowan: for a mocked unit test, or for a real functional test? | 20:04 |
dave-mccowan | woodster_ real deal | 20:05 |
woodster_ | dave-mccowan: if the latter, then you'd need the id of the actual user I believe | 20:05 |
woodster_ | dave-mccowan: so probably a call to keystone to get that user ID is needed, unless redrobot has a slicker way to do that....maybe the user-id can be overriden via keystone config somehow? | 20:06 |
*** tkelsey has quit IRC | 20:06 | |
*** stanzi has quit IRC | 20:06 | |
*** stanzi has joined #openstack-barbican | 20:07 | |
redrobot | dave-mccowan I haven't had a chance to look at your WIP yet, so you may have already done this | 20:08 |
redrobot | dave-mccowan but the first thing you'll need to do is add keystone cli commands to create the 6 different users, since each devstack run is going to start with a brandh new database | 20:08 |
redrobot | dave-mccowan https://github.com/openstack/barbican/blob/master/contrib/devstack/lib/barbican#L194 is the relevant bash function that needs to be edited | 20:09 |
dave-mccowan | woodster_ that would make the test case pass. :-) i guess the API deals with secret IDs and container IDs, so the user ID (instead of user name) makes sense. | 20:09 |
dave-mccowan | redrobot. yep, did that. i'm past that now. | 20:10 |
redrobot | dave-mccowan so, at creation time, you can parse out the user IDs, and maybe set them as bash environment variables. | 20:10 |
redrobot | dave-mccowan or you can use keystoneclient to auth and programatically get to the user ids | 20:11 |
dave-mccowan | redrobot: woodster_ and I just agreed that I should: {'read': {'users': ['134abdef4367328cdf32'], 'creator-only': False}} instead of {'read': {'users': ['reader_name'], 'creator-only': False}} | 20:11 |
*** stanzi has quit IRC | 20:11 | |
redrobot | dave-mccowan yep, I agree as well. | 20:11 |
woodster_ | dave-mccowan: that user ID will change from run to run though, so I don't think you could hard code that if that's what you mean? | 20:12 |
woodster_ | dave-mccowan: well, I'm assuming the ID is generated by the keystone db | 20:13 |
dave-mccowan | redrobot. cool. after i fix that, all tests should pass in the gate when run in serial. but, several will still fail in parallel. maybe a critical section failure in the ACL repos? | 20:13 |
redrobot | woodster_ it is | 20:13 |
woodster_ | dave-mccowan: it could also be a clean up issue with the parallel tests...hockeynut, tdink wasn't an original issue with parallel testing related to deleting test entities too soon? | 20:15 |
tdink | woodster_: not exactly had to do with the paging tests running in parallel and it would mess with the pref/next ref | 20:24 |
tdink | so when secrets were created or deleted those paging tests would freak out sometimes | 20:24 |
*** kebray has quit IRC | 20:26 | |
woodster_ | arunkant_: I added a comment to your CR please: https://review.openstack.org/#/c/176558/ | 20:28 |
hockeynut | woodster_ I believe the problem was that a single user was adding/removing secrets and that confused the (parallel) list tests that were counting secrets | 20:29 |
woodster_ | hockeynut: tdink that all make sense then | 20:31 |
woodster_ | dave-mccowan: interesting that the test take a lot longer under the parallel testing mode: http://logs.openstack.org/15/176615/4/check/gate-barbican-devstack-dsvm/ab14725/console.html#_2015-04-23_18_31_57_104 | 20:31 |
dave-mccowan | woodster_ lots of interesting stuff in these tests. :-) the new errors are when setting an ACL for a new secret or container. the message is "already have an ACL" | 20:34 |
woodster_ | dave-mccowan: hockeynut tdink is it easy to test the parallel mode locally? I've only run tox -e functional locally | 20:34 |
woodster_ | dave-mccowan: hockeynut tdink it would be good to get at the server-side errors | 20:34 |
hockeynut | woodster_ testr run --parallel --subunit | subunit-trace --no-failure-debug -f | 20:35 |
tdink | woodster_: if i recall properly i couldnt get these errors running tox, had to run testr | 20:35 |
tdink | ....what hockeynut said | 20:36 |
dave-mccowan | woodster_ for the server side error, search on HTTPClientError: Existing ACL cannot be updated with POST method. in the barbican screen in the log. | 20:36 |
hockeynut | in functionaltests/run_tests.sh you can see how they are run in devstack | 20:36 |
hockeynut | dave-mccowan so its doing a lookup for a count of acls and getting back a > 0 value? | 20:40 |
dave-mccowan | hockeynut, that's what i'm reading too. the traceback points to that line of code, and the exception message matches. | 20:42 |
hockeynut | but this doesn't happen locally? | 20:42 |
hockeynut | sounds like reusing a container id perhaps? | 20:43 |
hockeynut | container ID on post is 8f3bcc82-7491-4595-9495-6320177eee2b and I only see that once in the log | 20:44 |
hockeynut | its interesting that the failures are grouped - I wonder if there is a race condition within the acl POST | 20:46 |
hockeynut | for a quick+dirty test you could try serializing the POST code - that could help narrow down | 20:47 |
*** SheenaG has quit IRC | 20:48 | |
hockeynut | none of those errors happened during the serialized run, only during the parallel run. | 20:49 |
woodster_ | hmmmm...I see an odd query for the count: | 20:49 |
woodster_ | https://www.irccloud.com/pastebin/hbHkmZJ7 | 20:49 |
woodster_ | I think that just counts all the container ACL records, not just for the one we are interested in | 20:50 |
woodster_ | arunkant: arunkant_ I think that query needs an optional filter for the container ID | 20:51 |
hockeynut | dave-mccowan might be good to put out that count in a debug msg so you can see it in the log | 20:51 |
woodster_ | dave-mccowan: I'm pretty sure that query is not correct. Sequential tests will always clear out the container before reating the next one so you'll only have one ACL record. In parallel more than one is likely | 20:52 |
dave-mccowan | hockeynut, i'll try. sounds like a good way to "fix" the problem, if it a race condition. :-) | 20:52 |
hockeynut | putting on my performance guy hat. NOOOOO! | 20:53 |
hockeynut | taking off my performance guy hat now. | 20:53 |
dave-mccowan | woodster_ there's an interesting test: create 3 secrets, then add an ACL to each. | 20:54 |
woodster_ | dave-mccowan: that query needs to accept a container_id, and then do: if container_id: query = query.filter(models.ContainerACL.container_id == container_id) | 20:55 |
woodster_ | dave-mccowan: that needs to be put in both the SecretACLRepo and ContainerACLRepo's get_count() methods | 20:56 |
woodster_ | dave-mccowan: then that container_id/secret_id needs to be passed in from the secret and container acl controller get_count() calls | 20:57 |
woodster_ | hockeynut: tdink score +1 for the parallel tests! | 20:58 |
hockeynut | w00t w00t! | 20:58 |
hockeynut | cc: every manager ever :-) | 20:58 |
woodster_ | dave-mccowan: can you give all that a try with that CR then? | 20:58 |
dave-mccowan | woodster_ will do now | 20:59 |
*** kebray has joined #openstack-barbican | 21:03 | |
*** chadlung has quit IRC | 21:14 | |
*** SheenaG has joined #openstack-barbican | 21:20 | |
*** chadlung has joined #openstack-barbican | 21:26 | |
openstackgerrit | Dave McCowan proposed openstack/barbican: [WIP] Add ACL Functional Tests https://review.openstack.org/176615 | 21:29 |
dave-mccowan | woodster_ hockeynut, tdink ^^ test underway | 21:31 |
*** alee has quit IRC | 21:33 | |
*** chadlung has quit IRC | 21:39 | |
*** gyee has joined #openstack-barbican | 21:48 | |
*** rm_work is now known as rm_work|away | 21:55 | |
woodster_ | dave-mccowan: a watched gate job never finishes | 22:02 |
*** xaeth is now known as xaeth_afk | 22:03 | |
openstackgerrit | Merged openstack/python-barbicanclient: Cleaning up validate_ref() https://review.openstack.org/175605 | 22:05 |
dave-mccowan | woodster_ :-) it'll give me time to code the other fix too. | 22:08 |
*** openstackstatus has quit IRC | 22:09 | |
arunkant_ | woodster_, thanks for review, will refactor in next patch | 22:15 |
*** paul_glass has quit IRC | 22:15 | |
*** ccneill has joined #openstack-barbican | 22:17 | |
*** tkelsey has joined #openstack-barbican | 22:17 | |
ccneill | hey guys, any thoughts on my comments here on the keystone middleware signing_dir question? https://review.openstack.org/#/c/176071/ | 22:18 |
*** greghaynes has quit IRC | 22:18 | |
*** tkelsey has quit IRC | 22:22 | |
redrobot | ccneill I'm OK with leaving it off, as per my +2. Juan works out of Finland, so he probably won't see your comment until early AM for us. | 22:22 |
ccneill | ah gotcha | 22:22 |
redrobot | ccneill maybe you can poke woodster_ for a review | 22:22 |
* ccneill pokes woodster_ | 22:23 | |
ccneill | :) | 22:23 |
ccneill | yeah, I mean the worst case scenario is that someone has to set their own signing_dir value, which I could call out in the config with a comment if you think that'd help | 22:23 |
redrobot | ccneill yeah, the comment in the linked Nova cr was pretty helpful. | 22:24 |
ccneill | k I'll go ahead and add that to my commit | 22:25 |
*** arunkant_ has quit IRC | 22:27 | |
openstackgerrit | Charles Neill proposed openstack/barbican: Removing signing_dir directive from config https://review.openstack.org/176071 | 22:30 |
*** alee_ has quit IRC | 22:30 | |
openstackgerrit | Charles Neill proposed openstack/barbican: Removing signing_dir directive from config https://review.openstack.org/176071 | 22:31 |
*** chadlung has joined #openstack-barbican | 22:40 | |
*** chadlung has quit IRC | 22:41 | |
*** chadlung has joined #openstack-barbican | 22:41 | |
*** alee has joined #openstack-barbican | 22:43 | |
*** alee_ has joined #openstack-barbican | 22:44 | |
woodster_ | ccneill: lgtm! | 22:45 |
ccneill | shweet | 22:45 |
*** kebray has quit IRC | 22:51 | |
*** arunkant_ has joined #openstack-barbican | 22:55 | |
arunkant_ | woodster_, you are right, get_count ACL query need to use id filter. Is there a bug for that. Will fix it soon. | 23:06 |
*** chadlung has quit IRC | 23:07 | |
*** arunkant_ has quit IRC | 23:18 | |
*** dimtruck is now known as zz_dimtruck | 23:34 | |
woodster_ | arunkant: that sounds good | 23:35 |
woodster_ | dave-mccowan: Please see my comments on https://review.openstack.org/#/c/176615 | 23:36 |
dave-mccowan | woodster_ yep, i've got it working now, but looks like arunkant_ just volunteered to take it | 23:38 |
woodster_ | dave-mccowan: did you want to rebase on that fix for your CR then? | 23:43 |
dave-mccowan | woodster_ yea, they need to be separate. i assume the bug fix will be backported, and the test cases not. | 23:44 |
woodster_ | arunkant: I'd think the full query for count could be: | 23:45 |
woodster_ | https://www.irccloud.com/pastebin/UBSnl4Cs | 23:45 |
dave-mccowan | woodster_, arunkant_ this is what i ended up with, getting the models right too: http://www.fpaste.org/214995/32804142/ | 23:47 |
woodster_ | dave-mccowan: yeah that looks good | 23:47 |
woodster_ | dave-mccowan: so I think the only thing missing was passing the id into the get_count calls...so not much else arunkant would need to do then? | 23:48 |
woodster_ | dave-mccowan: arunkant ...assuming your CR landed that is Dave? | 23:49 |
dave-mccowan | woodster_, arunkant, yes i've got it done | 23:50 |
Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!