| johnsom | All that lovely override stuffs for keytsone endpoints | 00:00 |
|---|---|---|
| rm_work | hmmm | 00:02 |
| *** dave-mccowan has quit IRC | 00:02 | |
| rm_work | let me look at another one really quick | 00:02 |
| *** namnh has joined #openstack-barbican | 00:04 | |
| johnsom | by others I mean openstack clients | 00:05 |
| rm_work | hmm | 00:07 |
| rm_work | yea was taking a look at ours, and then glance | 00:07 |
| rm_work | ours just uses osc_lib or something O_o there's no real code | 00:07 |
| johnsom | Right, ours i all magical | 00:08 |
| johnsom | Nova is a lot of stuffs: https://docs.openstack.org/python-novaclient/latest/reference/api/novaclient.v2.client.html | 00:09 |
| johnsom | In Octavia we usually allow these overrides: https://github.com/openstack/octavia/blob/master/etc/octavia.conf#L389 | 00:09 |
| *** namnh has quit IRC | 00:10 | |
| johnsom | Which it looks like we have for barbican: https://docs.openstack.org/octavia/latest/configuration/configref.html#certificates | 00:10 |
| rm_work | johnsom: looks like the cacert is in the keystone session? | 00:10 |
| rm_work | so that's our responsibility to set | 00:10 |
| rm_work | since we just pass a keystone session to Barbican | 00:11 |
| rm_work | when we make the session we need to pass it? | 00:11 |
| *** pbourke has quit IRC | 00:12 | |
| johnsom | Hmm, yeah, could be missing on our side for that part | 00:12 |
| johnsom | Ah, that is a bug too in our barbican code. It's using the service auth settings and not the certificate section settings. | 00:14 |
| rm_work | err where | 00:22 |
| rm_work | it just seems to straight up USE the keystoneauth1 adapter | 00:22 |
| rm_work | that's it | 00:22 |
| rm_work | all that stuff should be handled inside that | 00:22 |
| rm_work | get() / post() etc is all just inside the session auth | 00:23 |
| rm_work | so if keystone has it, keystone should use it, and if it isn't that's a *keystone* bug IMO | 00:23 |
| johnsom | rm_work here: https://github.com/openstack/octavia/blob/master/octavia/certificates/common/auth/barbican_acl.py#L41 | 00:32 |
| johnsom | and https://github.com/openstack/octavia/blob/master/octavia/common/keystone.py#L29 | 00:32 |
| rm_work | oh, in Octavia | 00:34 |
| rm_work | yeah, quite possibly | 00:34 |
| rm_work | AH you said "our Barbican code" | 00:35 |
| rm_work | yeah ok | 00:35 |
| rm_work | I missed "our" | 00:35 |
| *** namnh has joined #openstack-barbican | 01:08 | |
| *** namnh has quit IRC | 01:13 | |
| *** mhen has quit IRC | 01:33 | |
| *** mhen has joined #openstack-barbican | 01:34 | |
| *** namnh has joined #openstack-barbican | 01:35 | |
| *** dave-mccowan has joined #openstack-barbican | 01:47 | |
| *** namnh has quit IRC | 01:59 | |
| *** namnh has joined #openstack-barbican | 02:08 | |
| *** dave-mccowan has quit IRC | 03:33 | |
| *** namnh has quit IRC | 03:44 | |
| *** FrankZhang has quit IRC | 04:41 | |
| *** Luzi has joined #openstack-barbican | 06:12 | |
| *** velizarx has joined #openstack-barbican | 07:04 | |
| *** strigazi has quit IRC | 07:45 | |
| *** velizarx has quit IRC | 07:59 | |
| *** velizarx has joined #openstack-barbican | 08:04 | |
| *** pcaruana has joined #openstack-barbican | 09:00 | |
| *** salmankhan has joined #openstack-barbican | 09:03 | |
| *** velizarx has quit IRC | 10:52 | |
| *** velizarx has joined #openstack-barbican | 10:53 | |
| *** ducnv_ has quit IRC | 11:00 | |
| *** dave-mccowan has joined #openstack-barbican | 11:27 | |
| *** ade_lee has joined #openstack-barbican | 11:34 | |
| ade_lee | johnsom, looking now | 11:35 |
| ade_lee | johnsom, is this related to the patch that rm_work posted? | 11:37 |
| ade_lee | johnsom, https://review.openstack.org/588104 | 11:38 |
| *** abishop has joined #openstack-barbican | 11:57 | |
| *** jmlowe has quit IRC | 12:35 | |
| *** velizarx has quit IRC | 12:48 | |
| *** velizarx has joined #openstack-barbican | 12:55 | |
| *** raildo has joined #openstack-barbican | 12:55 | |
| johnsom | ade_lee: yes, that patch is to help address our problem with the client, when used as an sdk | 13:14 |
| *** jaosorior has quit IRC | 13:20 | |
| ade_lee | johnsom, ok - I'll take a closer look at it prob tommorow or early next week. | 13:26 |
| *** jaosorior has joined #openstack-barbican | 13:33 | |
| *** Luzi has quit IRC | 13:35 | |
| *** velizarx has quit IRC | 13:41 | |
| *** velizarx has joined #openstack-barbican | 13:42 | |
| *** ade_lee has quit IRC | 14:05 | |
| *** FrankZhang has joined #openstack-barbican | 15:07 | |
| *** gagehugo has joined #openstack-barbican | 15:33 | |
| *** spotz has quit IRC | 16:18 | |
| *** velizarx has quit IRC | 16:25 | |
| *** raildo has quit IRC | 16:38 | |
| *** raildo has joined #openstack-barbican | 16:42 | |
| *** salmankhan has quit IRC | 17:23 | |
| *** salmankhan has joined #openstack-barbican | 19:35 | |
| *** salmankhan has quit IRC | 19:39 | |
| openstackgerrit | Paul Belanger proposed openstack/barbican master: Switch to fedora-latest for testing https://review.openstack.org/588369 | 19:59 |
| *** FrankZhang_ has joined #openstack-barbican | 21:18 | |
| *** FrankZhang has quit IRC | 21:18 | |
| *** FrankZhang_ has quit IRC | 21:22 | |
| *** abishop has quit IRC | 21:24 | |
| openstackgerrit | Paul Belanger proposed openstack/barbican master: Switch to fedora-latest for testing https://review.openstack.org/588369 | 23:31 |
Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!