Monday, 2015-08-10

*** dimtruck is now known as zz_dimtruck		00:09
*** vivek-ebay has quit IRC		00:44
pksingh	Hi alee , are you around?	01:04
openstackgerrit	OpenStack Proposal Bot proposed openstack/barbican: Updated from global requirements https://review.openstack.org/210882	01:04
*** everjeje has quit IRC		01:32
*** zz_dimtruck is now known as dimtruck		01:34
*** edtubill has joined #openstack-barbican		01:41
openstackgerrit	Pradeep Kumar Singh proposed openstack/barbican: Make tests in test_hrefs, test_quota py3 compatible https://review.openstack.org/210946	01:44
*** vivek-ebay has joined #openstack-barbican		01:56
*** dimtruck is now known as zz_dimtruck		02:06
openstackgerrit	Pradeep Kumar Singh proposed openstack/barbican: Make tests in test_hrefs, test_quota py3 compatible https://review.openstack.org/210946	02:12
openstackgerrit	Pradeep Kumar Singh proposed openstack/barbican: Make tests in test_hrefs, test_quota py3 compatible https://review.openstack.org/210946	02:12
*** vivek-ebay has quit IRC		02:18
openstackgerrit	Zhenyu Zheng proposed openstack/barbican: Drop downgrade field in alembic script.py.mako and version https://review.openstack.org/209323	02:24
*** vivek-ebay has joined #openstack-barbican		02:59
*** zz_dimtruck is now known as dimtruck		03:39
*** vivek-ebay has quit IRC		03:54
*** dimtruck is now known as zz_dimtruck		04:27
*** edtubill has quit IRC		05:12
*** Nirupama has joined #openstack-barbican		05:46
*** Nirupama has quit IRC		06:00
*** shohel has joined #openstack-barbican		06:06
pksingh	Hi folks, i have submitted some patches related to py3 support in barbican, can you please review so that i can complete the py3 complete porting soon, these patches are currently kind of blocker for me link is "https://review.openstack.org/#/q/status:open+project:openstack/barbican+branch:master+topic:bp/barbican-py3,n,z"	06:08
*** Nirupama has joined #openstack-barbican		06:28
*** nickrmc83 has joined #openstack-barbican		06:29
*** Nirupama has quit IRC		06:45
*** everjeje has joined #openstack-barbican		07:15
*** Nirupama has joined #openstack-barbican		07:29
*** Nirupama has quit IRC		07:29
*** Nirupama has joined #openstack-barbican		07:32
*** shohel has quit IRC		08:31
*** shohel1 has joined #openstack-barbican		08:31
*** shohel1 has quit IRC		09:06
*** shohel has joined #openstack-barbican		09:06
*** tkelsey has joined #openstack-barbican		09:12
*** Nirupama has quit IRC		10:22
*** nickrmc84 has joined #openstack-barbican		11:08
openstackgerrit	Zhenyu Zheng proposed openstack/barbican: Drop downgrade field in alembic script.py.mako and version https://review.openstack.org/209323	11:09
*** nickrmc83 has quit IRC		11:09
openstackgerrit	Tim Kelsey proposed openstack/barbican: Fixing service endpoints for use with devstack https://review.openstack.org/211114	11:40
*** dave-mccowan has joined #openstack-barbican		12:01
*** cbader has quit IRC		12:52
*** elmiko has joined #openstack-barbican		13:03
openstackgerrit	Joel Coffman proposed openstack/castellan: Remove copy_key operation https://review.openstack.org/206126	13:04
*** xek_ has joined #openstack-barbican		13:06
*** lisaclark1 has joined #openstack-barbican		13:06
*** diazjf has joined #openstack-barbican		13:07
*** xek_ has quit IRC		13:11
*** nkinder has joined #openstack-barbican		13:16
*** alee_ has joined #openstack-barbican		13:19
*** xek has quit IRC		13:24
*** xek has joined #openstack-barbican		13:25
*** xek has quit IRC		13:26
*** xek has joined #openstack-barbican		13:26
*** lisaclark1 has quit IRC		13:31
*** kfarr has joined #openstack-barbican		13:50
tkelsey	kfarr: are you about?	13:56
kfarr	tkelsey I was just about to step away for a meeting	13:56
kfarr	Will be back in an hour?	13:56
tkelsey	ah kk, just wnated to let you know you were right about that Barbican endpoint :)	13:57
tkelsey	np	13:57
kfarr	Ok! Sounds like that bug needs to be fixed, but temporary workaround is setting the barbican endpoint in the config file?	13:59
*** edtubill has joined #openstack-barbican		14:00
*** pglass has joined #openstack-barbican		14:05
*** SheenaG1 has left #openstack-barbican		14:06
*** lisaclark1 has joined #openstack-barbican		14:07
*** tkelsey has quit IRC		14:08
*** tkelsey has joined #openstack-barbican		14:09
tkelsey	kfarr: , yup I put up a patch https://review.openstack.org/#/c/211114/	14:09
*** silos has joined #openstack-barbican		14:12
*** lisaclark1 has quit IRC		14:16
*** silos is now known as silos_away		14:20
*** silos_away is now known as silos		14:20
dave-mccowan	reaperhulk ping	14:20
*** lisaclark1 has joined #openstack-barbican		14:22
*** lisaclark1 has quit IRC		14:30
*** lisaclark1 has joined #openstack-barbican		14:33
*** lisaclark2 has joined #openstack-barbican		14:35
openstackgerrit	Michael McCune proposed openstack/castellan: refactoring castellan configuration https://review.openstack.org/206180	14:35
openstackgerrit	Michael McCune proposed openstack/castellan: refactoring castellan configuration https://review.openstack.org/206180	14:36
elmiko	reaperhulk, kfarr ^^ =)	14:37
*** lisaclark1 has quit IRC		14:38
*** lisaclark1 has joined #openstack-barbican		14:38
*** lisaclark2 has quit IRC		14:39
*** spotz_zzz is now known as spotz		14:45
*** dave-mcc_ has joined #openstack-barbican		15:00
*** shohel has quit IRC		15:00
*** dave-mccowan has quit IRC		15:04
*** dave-mccowan has joined #openstack-barbican		15:07
*** dave-mcc_ has quit IRC		15:09
openstackgerrit	Dave McCowan proposed openstack/barbican: Catch any exception from base64.b64decode during validation https://review.openstack.org/211224	15:09
*** lisaclark1 has quit IRC		15:10
*** lisaclark1 has joined #openstack-barbican		15:19
*** darrenmoffat has quit IRC		15:26
*** shakamunyi has joined #openstack-barbican		15:27
reaperhulk	dave-mccowan: what's up	15:27
*** arunkant has joined #openstack-barbican		15:27
dave-mccowan	reaperhulk when working on py3 compatibility issues, have you run across the API changes for base64.b64decode? i was wondering if you have an endorsed solution (throw exception when input is not valid base64) that works for py2 and py3.	15:27
reaperhulk	py3 might care more that it be a byte string? I don't remember	15:29
reaperhulk	but for base64 itself python (and most other impls) are super liberal	15:29
reaperhulk	they just throw away crap that's not valid	15:29
reaperhulk	silently.	15:29
reaperhulk	which leads to: https://github.com/pyca/cryptography/issues/1994	15:29
dave-mccowan	py3 does that (discards silently), with additional param (validate=True) if you want an exception. py2 throws an exception always, and does not accept the validate= parameter.	15:30
dave-mccowan	your example is on point. barbican validators will start accepting/discarding crap in payload when using py3, which would be a change in behavior.	15:32
reaperhulk	py2 actually accepts crap too as long as it's after a valid pad point	15:32
reaperhulk	e.g. base64.b64decode("AAA=hello")	15:32
reaperhulk	that will decode as \x00\x00	15:32
reaperhulk	which is obviously BS	15:33
*** zz_dimtruck is now known as dimtruck		15:34
*** darrenmoffat has joined #openstack-barbican		15:34
dave-mccowan	so, is the right answer for barbican to create a wrapper in barbican/common for b64encode, with "if py3: else:" to ensure the behavior we want?	15:36
*** rellerreller has joined #openstack-barbican		15:42
*** jorge_munoz has joined #openstack-barbican		15:53
reaperhulk	dave-mccowan: probably yes if you want strict decoding	15:56
reaperhulk	how you implement validation in py2 is an interesting question though	15:56
reaperhulk	I guess you could look at the python source code to see if it's done in python or C ;)	15:56
*** nickrmc84 has quit IRC		16:02
*** silos1 has joined #openstack-barbican		16:05
dave-mccowan	reaperhulk i'm most interested in keeping barbican's behavior consistent between py2 and py3. ideally, they'll accept and reject the same variations of garbage.	16:08
*** silos has quit IRC		16:08
*** lisaclark1 has quit IRC		16:10
reaperhulk	dave-mccowan: I'd say that strict decoding errors in py3 represents a significant improvement so trying to make py2 do that is a worthy goal	16:20
*** lisaclark1 has joined #openstack-barbican		16:27
*** vivek-ebay has joined #openstack-barbican		16:33
*** diazjf has quit IRC		16:52
kfarr	jvrbanac, was that your camera we used to take the group photos for the midcycle? Can you please forward them to me?	16:53
*** pglass has quit IRC		16:56
*** xaeth_afk is now known as xaeth		17:07
*** jamielennox is now known as jamielennox\|away		17:11
*** dave-mccowan has quit IRC		17:26
rellerreller	kfarr I was just about to send the same message to jvrbanac :)	17:28
*** diazjf has joined #openstack-barbican		17:31
*** pglass has joined #openstack-barbican		17:35
elmiko	rellerreller, kfarr, i updated the config review to take the latest functional test config changes	17:35
kfarr	ok elmiko, will take a look :)	17:35
elmiko	thanks =)	17:35
diazjf	Hey everyone, my patch is ready!! https://review.openstack.org/#/c/196876/ Also do you have the pictures from the mid-cycle meetup :)	17:36
*** dave-mccowan has joined #openstack-barbican		17:56
*** dave-mcc_ has joined #openstack-barbican		17:58
jvrbanac	kfarr, rellerreller, yes I did. I just downloaded the photos yesterday. I'll send them when I get back home tomorrow	18:00
jvrbanac	^night	18:00
jvrbanac	^tonight	18:00
* jvrbanac can't spell today		18:00
kfarr	thanks jvrbanac!!	18:00
*** dave-mccowan has quit IRC		18:01
*** rellerreller has quit IRC		18:01
*** vivek-ebay has quit IRC		18:04
diazjf	^^ awesome	18:06
*** pglbutt has joined #openstack-barbican		18:09
*** lisaclark1 has quit IRC		18:09
*** everjeje has quit IRC		18:12
*** lisaclark1 has joined #openstack-barbican		18:12
*** pglass has quit IRC		18:12
*** vivek-ebay has joined #openstack-barbican		18:23
*** lisaclark1 has quit IRC		18:28
*** everjeje has joined #openstack-barbican		18:29
*** ngupta has joined #openstack-barbican		18:34
*** rm_work\|away is now known as rm_work		18:36
*** lisaclark1 has joined #openstack-barbican		18:36
*** lisaclark1 has quit IRC		18:43
*** SheenaG1 has joined #openstack-barbican		18:51
*** SheenaG1 has left #openstack-barbican		18:51
*** dave-mcc_ has quit IRC		18:55
*** crc32 has joined #openstack-barbican		19:05
*** dave-mccowan has joined #openstack-barbican		19:07
*** gyee has joined #openstack-barbican		19:16
*** ngupta_ has joined #openstack-barbican		19:20
*** ngupta has quit IRC		19:21
*** atiwari has joined #openstack-barbican		19:28
*** rellerreller has joined #openstack-barbican		19:29
*** jhfeng has joined #openstack-barbican		19:50
redrobot	Weekly meeting is starting in 1 min on #openstack-meeting-alt	19:59
*** igueths has joined #openstack-barbican		20:01
*** lisaclark1 has joined #openstack-barbican		20:02
*** woodster_ has joined #openstack-barbican		20:03
*** lisaclark1 has quit IRC		20:03
*** lisaclark1 has joined #openstack-barbican		20:04
*** lisaclark1 has quit IRC		20:04
*** lisaclark1 has joined #openstack-barbican		20:04
*** vivek-ebay has quit IRC		20:17
*** tkelsey has quit IRC		20:19
openstackgerrit	Kaitlin Farr proposed openstack/castellan: Add unit tests for managed objects https://review.openstack.org/206649	20:25
*** diazjf has left #openstack-barbican		20:37
*** lisaclark1 has quit IRC		20:37
*** rellerreller has quit IRC		20:41
*** chlong has joined #openstack-barbican		20:49
*** lisaclark1 has joined #openstack-barbican		20:55
*** silos1 has left #openstack-barbican		21:00
rm_work	the sooner we can get all those Castellan CRs merged, the better	21:00
rm_work	I saw a couple go in, but there's still quite a few pending	21:00
alee	rm_work, woodster_ but yes, potentially it could be helpful in providing some migration options	21:00
rm_work	yeah	21:00
alee	so I'd want to evaluate whats in there in light of said migration	21:01
rm_work	how is THIS still not merged: https://review.openstack.org/#/c/191884/	21:01
alee	and make it easier on ourselves	21:01
rm_work	ah -1 from doug	21:01
kfarr	rm_work, it would be helpful to have the changes you are proposing posted somewhere for comments. I realize you have working code in other projects, but it will look differently in castellan as the key manager interface has already changed from what was in cinder	21:02
rm_work	yeah	21:02
rm_work	i know, that is why i have been pushing to get your CRs merged	21:03
rm_work	so I can really get down to updating my code	21:03
rm_work	based on something more stable and clean :P	21:03
rm_work	I was hoping that would have happened during the midcycle	21:04
woodster_	rm_work: you could just depend on a stack of CRs :) Don't want to spend hours rebasing things? :)	21:04
rm_work	but i guess focus was elsewhere	21:04
rm_work	woodster_: heh. heh heh. heh. T_T	21:04
rm_work	I will probably just have to do that, though there were some that aren't on top of each other	21:05
rm_work	like https://review.openstack.org/#/c/206180/	21:05
kfarr	rm_work, can you please post links to your implementations? I want to know more about how you've done it so maybe we can find a solution that will work for everyone	21:05
kfarr	yeah, elmiko just rebased that one earlier today, it had been out of sunc	21:06
kfarr	sync	21:06
rm_work	https://github.com/openstack/octavia/tree/master/octavia/certificates	21:06
rm_work	that is current, but it has diverged a bit from the original stuff	21:06
rm_work	and been packaged up in a way that more closely fits octavia	21:07
rm_work	I want to split it back out again to more closely match the Castellan packages	21:07
rm_work	but it's honestly going to be pretty trivial i think	21:07
elmiko	rm_work, do you think i should base that config change on top of some others? (i didn't want to create a crazy dep chain)	21:08
rm_work	elmiko: eh, i am hoping it won't be an issue if we can just MERGE THAT CHAIN	21:08
rm_work	lol	21:08
elmiko	hehe	21:08
elmiko	ok, was just curious	21:09
rm_work	but it might be useful to put it on the end of kfarr's chain of CRs if we really don't think that's going to happen soon <_<	21:09
elmiko	that's a fair point	21:09
kfarr	elmiko, I think yours is fine as is	21:09
elmiko	one way or the other, there will need to be changes	21:09
elmiko	kfarr, ok, cool	21:09
*** vivek-ebay has joined #openstack-barbican		21:09
rm_work	kfarr: are you going to update yours for doug's comment today?	21:10
kfarr	rm_work, that was the same one that was brought up earlier in the meeting	21:10
kfarr	We decided it is fine as-is	21:10
rm_work	ok, i may have missed that	21:10
rm_work	so that means it can merge presently? :P	21:10
kfarr	Yeah, I think so!	21:11
rm_work	redrobot: https://review.openstack.org/#/c/191884/ GOGOGOGO	21:11
*** tkelsey has joined #openstack-barbican		21:12
rm_work	that is the parent CR, right? kfarr	21:15
kfarr	rm_work yes	21:15
rm_work	i am having trouble tracking this chain, is it all one CHAIN or is it really more of a tree? >_>	21:15
kfarr	Oof, sort of a tree	21:15
rm_work	yeah... :/	21:15
kfarr	The important ones: managed objects -> api changes -> updates in plugins	21:16
rm_work	what is redrobot doing <_< just click link -> click reply -> click +2 +1	21:16
rm_work	it's so easy! :P	21:16
*** tkelsey has quit IRC		21:16
*** lisaclark1 has quit IRC		21:20
elmiko	lol	21:20
*** edtubill has quit IRC		21:29
*** ngupta_ has quit IRC		21:29
openstackgerrit	Kaitlin Farr proposed openstack/castellan: Update the key manager API https://review.openstack.org/203227	21:31
openstackgerrit	Kaitlin Farr proposed openstack/castellan: Update mock key manager https://review.openstack.org/205870	21:35
*** lisaclark1 has joined #openstack-barbican		21:40
openstackgerrit	Merged openstack/barbican: Updated from global requirements https://review.openstack.org/210882	21:41
rm_work	kfarr: just one question on https://review.openstack.org/#/c/203227/5 (commented)	21:42
rm_work	not a big deal either, just curious	21:42
rm_work	did redrobot go home?	21:57
rm_work	anyone else on with +2 powers? lol	21:57
redrobot	rm_work nope, still here... but I haven't been paying attention to IRC	21:57
rm_work	ah	21:57
redrobot	rm_work what's up?	21:57
rm_work	redrobot: https://review.openstack.org/#/c/191884/11	21:57
rm_work	redrobot: +2/+A gogogo	21:57
rm_work	augh and now woodster_ has commented	21:58
rm_work	but his comment seems to be contrary to the decision made at the meeting just an hour or two ago?	21:58
rm_work	well at the least i suppose another comment from you would be useful redrobot	21:59
rm_work	and woodster_ commented MORE just now lol	22:00
woodster_	rm_work: I thought the decision was to not pass an arg to the get_encoding or format methods? I'm bike shedding on the name :) If 'format' is indeed a synonym for 'encoding' here though, I think that would be more clear long term	22:00
woodster_	kfarr: ^^^	22:00
rm_work	classes don't need a `pass` i don't think	22:00
rm_work	they aren't functions	22:00
*** nkinder has quit IRC		22:01
redrobot	woodster_ was about to comment on there	22:01
redrobot	woodster_ "format" is a property, not a method	22:01
woodster_	rm_work: that's probably true, just different than I've seen with other empty classes in the the barbican code base...no biggy though	22:01
kfarr	I think of format and encoding as two different things	22:01
redrobot	kfarr +1, after thinking about it, they definitely are different things	22:01
*** lisaclark1 has quit IRC		22:02
woodster_	so format describes the data at rest, and encoding is the envelope around it perhaps?	22:02
*** igueths has quit IRC		22:03
redrobot	woodster_ a concret example would be for RSA keys	22:03
*** nkinder has joined #openstack-barbican		22:04
woodster_	(I feel like I was denied a good content-types discussion at the mid cycle)	22:04
kfarr	Yeah, format would be PKCS#8 or PKCS#1, encoding would be DER or PEM, yeah?	22:04
rm_work	kfarr: re-commented	22:04
rm_work	on https://review.openstack.org/#/c/203227/5	22:04
rm_work	which is actually similar to woodster's comment on the other CR that touches the same line	22:05
rm_work	https://review.openstack.org/#/c/191884/11/castellan/key_manager/barbican_key_manager.py,cm	22:05
redrobot	woodster_ what kfarr said	22:05
rm_work	woodster_: if you want to comment on the algorithm thing, see here: https://review.openstack.org/#/c/203227/5/castellan/key_manager/barbican_key_manager.py,cm	22:06
rm_work	ERK i am so sorry	22:06
rm_work	i left a parens unmatched >_<	22:06
rm_work	my own OCD requires me to make another comment	22:07
woodster_	so encoding is some operation done to data, and the data has an intrinsic format, correct? If so it seems that both format and encoding could be properties then. Certainly knowledge of the current encoding of the data is required to perform a more advanced 'get_encoded('some other encoding')' call later?	22:09
*** nkinder has quit IRC		22:09
woodster_	sorry, just trying to think this through	22:09
*** nkinder has joined #openstack-barbican		22:11
kfarr	woodster_ thanks for your thoughts! I see where you are coming from. Right now, we just assume everything is DER encoded	22:12
kfarr	And we assume only one format at the moment, adding more formats in the future could require a more hefty conversion from one to the other	22:12
*** xaeth is now known as xaeth_afk		22:12
rm_work	kfarr: re-commented again	22:15
rm_work	kfarr: maybe what you're looking for is getattr(managed_object, "algorithm", None) ?	22:16
*** crc32 has quit IRC		22:16
kfarr	rm_work: commented	22:17
rm_work	don't see a new comment yet :(	22:17
kfarr	rm_work sorry, forgot to click a button	22:18
rm_work	heh	22:18
rm_work	ok so this all changes anyway	22:19
rm_work	i'll comment once that's rebased i guess?	22:20
kfarr	Ok!	22:20
kfarr	Was hoping to make reviews easier by splitting things up into smaller patches, but I'm not so sure that's the case anymore since it's so confusing with all the dependencies :(	22:21
rm_work	heh yeah, dependency chains are rough	22:21
rm_work	especially when some of them actually do have to touch the same code	22:21
*** dimtruck is now known as zz_dimtruck		22:24
kfarr	kk I'm audi	22:27
*** kfarr has quit IRC		22:27
*** jamielennox\|away is now known as jamielennox		22:38
*** spotz is now known as spotz_zzz		22:40
*** pglbutt has quit IRC		22:41
*** vivek-ebay has quit IRC		22:44
*** lisaclark1 has joined #openstack-barbican		22:54
woodster_	alee, are you there?	23:10
*** rellerreller has joined #openstack-barbican		23:17
*** vivek-ebay has joined #openstack-barbican		23:26
*** jhfeng has quit IRC		23:33
*** lisaclark1 has quit IRC		23:43
*** rellerreller has quit IRC		23:51

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!