Monday, 2015-05-11

« Sunday, 2015-05-10 Index Tuesday, 2015-05-12 »
*** zz_dimtruck is now known as dimtruck00:10
*** woodster_ has quit IRC00:40
*** dimtruck is now known as zz_dimtruck00:48
*** zz_dimtruck is now known as dimtruck00:55
*** kebray has quit IRC01:02
*** everjeje has quit IRC01:06
*** dimtruck is now known as zz_dimtruck01:59
*** kebray has joined #openstack-barbican02:00
*** zz_dimtruck is now known as dimtruck02:27
openstackgerritAde Lee proposed openstack/barbican: Base64 encode the cert returned from the Dogtag plugin  https://review.openstack.org/18178602:34
*** dimtruck is now known as zz_dimtruck02:40
*** zz_dimtruck is now known as dimtruck02:44
*** SheenaG has joined #openstack-barbican02:48
*** dimtruck is now known as zz_dimtruck02:59
*** dave-mccowan has quit IRC03:00
*** SheenaG has quit IRC03:01
*** SheenaG has joined #openstack-barbican03:30
*** kebray has quit IRC04:09
*** kebray has joined #openstack-barbican04:16
*** SheenaG has quit IRC04:32
openstackgerritJohn Wood proposed openstack/barbican-specs: Add Crypto/HSM MKEK Rotation Support  https://review.openstack.org/17892605:01
*** chlong has quit IRC05:09
openstackgerritJohn Wood proposed openstack/barbican-specs: Add Crypto/HSM MKEK Rotation Support (Light)  https://review.openstack.org/18159805:13
*** woodster_ has joined #openstack-barbican05:24
*** kebray has quit IRC05:27
*** kebray has joined #openstack-barbican05:28
openstackgerritOpenStack Proposal Bot proposed openstack/barbican: Imported Translations from Transifex  https://review.openstack.org/18171406:07
*** jaosorior has joined #openstack-barbican06:53
*** tkelsey has joined #openstack-barbican07:23
*** kebray has quit IRC07:23
*** woodster_ has quit IRC07:40
*** everjeje has joined #openstack-barbican10:00
*** darrenmoffat has quit IRC10:16
*** darrenmoffat has joined #openstack-barbican10:17
*** woodster_ has joined #openstack-barbican12:03
*** dave-mccowan has joined #openstack-barbican12:12
dave-mccowanjaosorior ping12:20
jaosoriordave-mccowan: pong13:01
dave-mccowanjaosorior i saw you opened a bug on stackalytics missing liberty commits for barbican.  do you know the latest?  bug looks closed, but my liberty commits are still missing.13:11
jaosoriordave-moccowan: I think they're going to the kilo release13:17
*** chlong has joined #openstack-barbican13:22
dave-mccowanjaosorior do you think it's working as intended?13:23
*** rellerreller has joined #openstack-barbican13:23
*** alee_ has quit IRC13:56
jaosoriorI don't think so13:58
jaosoriorwoodster_: got time to check this one out? https://review.openstack.org/#/c/181025/ It's related to one of your blueprints that I ended up taking14:03
*** pglass has joined #openstack-barbican14:05
*** openstackgerrit has quit IRC14:06
*** openstackgerrit has joined #openstack-barbican14:07
*** alee_ has joined #openstack-barbican14:08
*** zz_dimtruck is now known as dimtruck14:11
*** SheenaG has joined #openstack-barbican14:12
*** dave-mccowan has quit IRC14:14
*** openstack has joined #openstack-barbican14:18
woodster_jaosorior: I'll take a look, thanks!14:19
*** xaeth_afk is now known as xaeth14:19
*** dave-mccowan has joined #openstack-barbican14:29
jaosoriorwoodster_, jvrbanac: Do you know why in app.py, which is in barbican/api for the root controller pecan.make_app is used, and for the rest the contructor to the Pecan class is used? https://github.com/openstack/barbican/blob/master/barbican/api/app.py#L6714:30
*** silos has joined #openstack-barbican14:36
*** jsavak has joined #openstack-barbican14:38
*** kfarr has joined #openstack-barbican14:40
woodster_jaosorior: I'm not sure I follow you...create_main_app() -> build_wsgi_app() -> pecan.Pecan(...)14:46
jaosoriorYup14:46
jaosoriorI was just wandering if there's a reason why pecan.Pecan (the object constructor) is used of the factory method pecan.make_app14:48
jaosoriorThough that also seems to be a good thing. Since because of the way we have that call, that doesn't allow extra config for pecan, we then don't have this problem https://wiki.openstack.org/wiki/OSSN/OSSN-004614:51
woodster_jaosorior: hmmm, not really sure actually. I think jvrbanac reworked that module to clean it up.14:55
jaosoriorwoodster_: well, we don't have that security issue,  yay15:01
aleewoodster_, redrobot , jaosorior - quick one https://review.openstack.org//#/c/181786/ please/15:06
woodster_jaosorior: nice!15:07
woodster_alee: will do15:08
*** nelsnelson has joined #openstack-barbican15:11
aleewoodster_, thanks15:11
aleejaosorior, quick question ..15:11
aleejaosorior, using the barbican cli -- how do I retrieve the payload of a secret?15:12
*** kebray has joined #openstack-barbican15:12
redrobotalee barbican secret get --payload15:16
openstackgerritGrzegorz Grasza (xek) proposed openstack/barbican-specs: Use oslo.versionedobjects to help with upgrades  https://review.openstack.org/17431815:17
jaosoriorYup, there is that flag. To get more info about whats available you can do $ barbican help secret get15:17
aleeredrobot, jaosorior thanks - let me try that15:23
woodster_jaosorior: I added a long explanation to your CR...please take a look and see what you think though15:28
jaosoriorwoodster_: I'll look into it.Though I think it would be possible to migrate the data and just have one more CR to remove the old functionality15:34
jaosoriorwoodster_: thanks for taking a look into it. If you have time, there is also the first patch up there for the fix-version-api blueprint: https://review.openstack.org/#/c/178601/15:36
aleedave-mccowan, see my comment15:37
jaosoriorwoodster_: thanks for taking a look into it. If you have time, there is also the first patch up there for the fix-version-api blueprint: https://review.openstack.org/#/c/178601/15:38
*** igueths has joined #openstack-barbican15:39
*** gyee has joined #openstack-barbican15:41
*** atiwari2 has quit IRC15:42
jaosorioralee: left a question on your CR15:46
aleejaosorior, looking15:46
aleejaosorior, yes15:47
jaosorioralee: done15:48
aleejaosorior, thanks15:48
thervealee, The lower call on the constants is unnecessary16:02
aleetherve, eh?16:03
thervealee, sstore.KeyAlgorithm.AES.lower()16:03
therveYou don't need that lower() call16:03
aleetherve, ah - are they all lower already?16:03
therveYeah16:04
therveAlso, well, tests, but you probably know about that :)16:04
aleetherve, yeah - thing is though - those constants change sometimes - and there is no guarantee someone will not make something with mixed case.16:04
thervealee, "those constants change sometimes" I should frame that :D16:05
aleenothing -- other than convention right now says those should be lowercase.  so to be safe, I'd rather leave the "now unnecessary" lower()16:06
alee:)16:06
woodster_alee, I added a suggesting on your CR16:06
aleewoodster_, ok - I'll add a comment16:07
aleetherve, I'll add a dogtag specific functional test -- this wasn't noticed before because the functional tests did not go far enough16:08
aleeie. we got the container , but not the certs out of the container16:08
* therve nods16:08
thervealee, It's actually something that surprised me in barbican: sometimes storing a secret works, but not retrieving it16:09
aleetherve, yeah  - thats a bug if you find it16:09
aleetherve, if you store a secret, you better be able to retrieve it.16:10
therveCool, will see if I reproduce it16:10
woodster_therve: yeah, I guess we can't be *that* secure16:10
therveHeh heh16:11
aleewoodster_, maybe we can rename the project "Event Horizon"?16:11
woodster_alee: ha!16:12
openstackgerritSteve Heyman proposed openstack/python-barbicanclient: Create behaviors for secrets  https://review.openstack.org/17960916:27
openstackgerritSteve Heyman proposed openstack/python-barbicanclient: Add CLI smoke functional tests for containers  https://review.openstack.org/17965916:39
openstackgerritSteve Heyman proposed openstack/python-barbicanclient: Add CLI smoke functional tests for containers  https://review.openstack.org/17965916:40
openstackgerritMerged openstack/barbican: Fix snakeoil_ca plugin  https://review.openstack.org/17937416:46
openstackgerritSteve Heyman proposed openstack/python-barbicanclient: Remove tempest config dependency in functional tests  https://review.openstack.org/18068616:46
woodster_arunkant: I added comments to your CR: https://review.openstack.org/#/c/180888   I'd say that is looking good, but added comments about removing the on_post() call entirely16:49
arunkantwoodster_, thanks for review..let me check16:50
*** silos has left #openstack-barbican16:54
aleewoodster_, Sheena_ download this .. https://vakwetu.fedorapeople.org/cert-demo.tar.gz16:57
aleewoodster_, Sheena_ untar somewhere and then point a browser to it.16:57
aleewoodster_, Sheena_ I'm thiinking examples/demo4.html and then examples/demo3.html16:58
*** jsavak has quit IRC16:59
dave-mccowanalee for the plugin CR, is the value returned by dogtag base64 of DER (one long string), or a header-less and footer-less PEM with line breaks every 65 characters?17:04
aleedave-mccowan, header and footerless PEM17:05
aleedave-mccowan, and just for intermediates -- the cert itself is valid pem.17:06
alee(with headers)17:06
aleedave-mccowan, I need to fix the dogtag output so that its valid pem for the intermediates17:06
woodster_alee, jaosorior, dave-mccowan,redrobot  it would be good to get review on arunkant 's changes17:12
-openstackstatus- NOTICE: We have discovered post-upgrade issues with Gerrit affecting nova (and potentially other projects). Some changes will not appear and some actions, such as queries, may return an error. We are continuing to investigate.17:37
*** ChanServ changes topic to "We have discovered post-upgrade issues with Gerrit affecting nova (and potentially other projects). Some changes will not appear and some actions, such as queries, may return an error. We are continuing to investigate."17:37
jaosoriorwoodster_: after climbing I'll dig into those CRs17:38
*** pglass has quit IRC17:53
*** rellerreller has quit IRC18:02
*** rellerreller has joined #openstack-barbican18:02
openstackgerritSteve Heyman proposed openstack/python-barbicanclient: Remove tempest config dependency in functional tests  https://review.openstack.org/18068618:12
*** x3k has joined #openstack-barbican18:23
*** smallbig has quit IRC18:25
*** morganfainberg has quit IRC18:25
*** smallbig has joined #openstack-barbican18:27
*** morganfainberg has joined #openstack-barbican18:27
*** tkelsey has quit IRC18:47
*** rellerreller has quit IRC18:59
*** SheenaG has quit IRC19:04
*** SheenaG has joined #openstack-barbican19:04
*** everjeje has quit IRC19:06
openstackgerritSteve Heyman proposed openstack/python-barbicanclient: Pass in keystone version and correct v2 URL to CLI  https://review.openstack.org/18202419:13
*** kebray has quit IRC19:14
*** SheenaG has quit IRC19:14
jaosoriorwoodster_, arunkant: which are the CRs again?19:15
jaosoriorbefore I side-track reading other stuff again :P19:15
*** dave-mccowan has quit IRC19:17
arunkantjaosorior, https://review.openstack.org/#/c/18088819:17
jaosoriorarunkant: will check it out19:18
*** SheenaG has joined #openstack-barbican19:28
SheenaGalee can you also send me your picture for the deck?19:29
aleeSheenaG, sure - have to find one that catches my good side :/19:30
*** kebray has joined #openstack-barbican19:30
*** rellerreller has joined #openstack-barbican19:30
*** dave-mccowan has joined #openstack-barbican19:31
*** nkinder has joined #openstack-barbican19:32
SheenaGalee if all else fails I can make a stick-man Ade19:32
aleeSheenaG, ha! are you saying that me looking for a picture that captures my good side is futile?19:33
SheenaGalee hardly!  I just figured I'd give you a way worse option19:35
aleefair enough :)19:35
*** pglass has joined #openstack-barbican19:50
*** pglass has quit IRC19:51
*** pglass has joined #openstack-barbican19:52
elmikoi forget, is the meeting cancelled today?20:03
rellerrellerelmiko I have the same question. I do not see anyone at the meeting.20:04
arunkantredrobot, is there a barbican meeting today?20:04
elmikook, glad to know i'm not in an alternate dimension ;)20:05
redrobotsorry guys20:05
redrobottotally missed the meeting alarm20:05
elmikohehe20:05
redrobotmeeting is starting now in #openstack-meeting-alt20:06
*** rellerreller has quit IRC20:36
*** openstackgerrit_ has joined #openstack-barbican20:44
*** kfarr has quit IRC20:52
*** kebray has quit IRC21:26
*** silos has joined #openstack-barbican21:38
*** kebray has joined #openstack-barbican21:55
*** kebray has quit IRC21:55
*** kebray has joined #openstack-barbican21:57
*** silos has left #openstack-barbican21:59
*** pglass has quit IRC22:00
*** xaeth is now known as xaeth_afk22:04
*** x3k has quit IRC22:07
*** alee is now known as alee_dinner22:12
openstackgerritMerged openstack/barbican: Add Multi-user support for Functional Tests  https://review.openstack.org/17661522:14
*** dimtruck is now known as zz_dimtruck22:22
*** igueths has quit IRC22:23
*** nkinder has quit IRC22:37
*** nelsnelson has quit IRC22:47
*** jaosorior has quit IRC23:12
*** SheenaG has quit IRC23:19
*** nkinder has joined #openstack-barbican23:46
-openstackstatus- NOTICE: Gerrit is going offline while we perform an emergency downgrade to version 2.8.23:52
*** ChanServ changes topic to "Gerrit is going offline while we perform an emergency downgrade to version 2.8."23:52
« Sunday, 2015-05-10 Index Tuesday, 2015-05-12 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!