Tuesday, 2019-02-12

*** jmlowe has quit IRC		00:03
*** Emine has joined #openstack-barbican		00:15
*** Emine has quit IRC		00:27
*** hrybacki has joined #openstack-barbican		00:59
*** FrankZhang has joined #openstack-barbican		00:59
*** coreycb has joined #openstack-barbican		00:59
*** jmlowe has joined #openstack-barbican		03:44
*** dave-mccowan has quit IRC		03:58
*** jmlowe has quit IRC		04:50
*** whoami-rajat has joined #openstack-barbican		06:19
*** Luzi has joined #openstack-barbican		06:53
*** Emine has joined #openstack-barbican		07:32
*** Emine has quit IRC		07:49
*** velizarx has joined #openstack-barbican		08:07
*** xek_ has joined #openstack-barbican		08:28
*** velizarx has quit IRC		08:38
*** whoami-rajat has quit IRC		08:54
*** velizarx has joined #openstack-barbican		09:04
*** Emine has joined #openstack-barbican		09:15
*** Emine has quit IRC		09:26
*** Emine has joined #openstack-barbican		09:26
*** Emine has quit IRC		11:09
*** Emine has joined #openstack-barbican		11:10
*** velizarx has quit IRC		11:34
*** raildo has joined #openstack-barbican		12:08
*** velizarx has joined #openstack-barbican		12:26
*** emine__ has joined #openstack-barbican		12:28
*** velizarx has quit IRC		12:30
*** Emine has quit IRC		12:30
*** coreycb has quit IRC		12:36
*** coreycb has joined #openstack-barbican		12:37
*** velizarx has joined #openstack-barbican		12:38
*** moguimar has joined #openstack-barbican		12:46
*** emine__ has quit IRC		12:50
redrobot	#startmeeting barbican	13:00
openstack	Meeting started Tue Feb 12 13:00:36 2019 UTC and is due to finish in 60 minutes. The chair is redrobot. Information about MeetBot at http://wiki.debian.org/MeetBot.	13:00
openstack	Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.	13:00
*** openstack changes topic to " (Meeting topic: barbican)"		13:00
openstack	The meeting name has been set to 'barbican'	13:00
redrobot	#topic Roll Call	13:01
*** openstack changes topic to "Roll Call (Meeting topic: barbican)"		13:01
redrobot	Courtesy ping for ade_lee hrybacki jamespage Luzi lxkong moguimar raildo rm_work xek	13:02
Luzi	o/	13:02
moguimar	o/	13:02
redrobot	Good morning y'all!	13:02
*** graeb has joined #openstack-barbican		13:02
redrobot	As usual our agenda can be found here:	13:02
graeb	o/	13:02
redrobot	#link https://etherpad.openstack.org/p/barbican-weekly-meeting	13:03
rm_work	OMG o/	13:03
rm_work	Hi	13:03
graeb	Hello	13:03
redrobot	rm_work, you made it!!!	13:04
rm_work	yes I'm still awake somehow 😑	13:04
redrobot	#topic Review Past Meeting Action Items	13:04
*** openstack changes topic to "Review Past Meeting Action Items (Meeting topic: barbican)"		13:04
redrobot	#link http://eavesdrop.openstack.org/meetings/barbican/2019/barbican.2019-02-05-13.00.html	13:05
redrobot	rm_work, yikes! Well, I'm glad to have you here. 😬	13:05
redrobot	ok, let's see about these action items	13:05
redrobot	First one:	13:06
redrobot	redrobot to add a story to fix functional tests to be run in parallel	13:06
redrobot	I did do this	13:07
redrobot	#link https://storyboard.openstack.org/#!/story/2004915	13:07
redrobot	I added it as a task to the gates story	13:07
rm_work	Success! Now to do the actual work :D	13:08
redrobot	I was talking to ade_lee_ about it, and he was suggesting that each tests needs to create its own project	13:08
redrobot	which makes sense	13:08
redrobot	rm_work, exactly!	13:08
redrobot	next one:	13:08
redrobot	redrobot to check with ade_lee about adding Vault features to Barbican for Rocky	13:08
rm_work	You can also just clean up better, or account for other objects existing	13:08
rm_work	We have some examples of this in the Octavia tempest tests	13:09
rm_work	Not sure which is easier	13:09
redrobot	I did not do this. My bad 😔	13:09
redrobot	rm_work, problem is quota tests that are counting # of secrets	13:09
rm_work	Maybe in functional tests, making new projects is trivial	13:09
redrobot	rm_work, obvs doesn't work when run in parallel	13:09
rm_work	Yeah you do need multiple, we use two	13:09
redrobot	yeah, this is for functional tests	13:09
rm_work	When you say functionalll	13:09
rm_work	Does that mean tempest? Against a real backend? Or is it still a fake in-memory thing	13:10
redrobot	rm_work, not tempest. The functional tests in the barbican server that run on every gate	13:11
redrobot	including simple crypto, kmip, and hopefully soon softhsm	13:11
rm_work	Yeah but do you spin up a real API or is it just a pecan-test-scaffold thing?	13:12
redrobot	it's a real api	13:12
rm_work	I forget how yours work but I seem to recall them being more heavyweight than oura	13:12
redrobot	so keystone is available for us to create projects on the fly	13:12
rm_work	*our Octavia functionals	13:12
rm_work	Hmm k	13:12
rm_work	Well whatever, this is kinda a pointless discussion, whoever does it can do whichever option they want :D	13:13
redrobot	back to the second action item that I did not do	13:13
redrobot	I think that the safe call is to make new Vault stuff for Train	13:13
redrobot	but I'll check with ade_lee_ for sure	13:13
redrobot	#action redrobot to check with ade_lee about adding Vault features to Barbican for Rocky (1)	13:13
rm_work	Wait, so ditch the existing vault driver?	13:14
redrobot	the (1) is for me to keep track of how many times I kick these things	13:14
redrobot	rm_work, no, I can't recall exactly what was needed, but it's an enhancement to the Vault driver	13:14
redrobot	new features if you will	13:14
rm_work	Ah k	13:14
* redrobot has not had his coffee yet		13:15
redrobot	ok, moving on	13:15
redrobot	next action item	13:15
redrobot	redrobot to check with ade_lee about releasing Castellan	13:15
redrobot	I did do this	13:15
redrobot	but I'm not sure if ade_lee_ got a chance to talk to the oslo folks about it	13:16
redrobot	so I'll ping him again about it	13:16
redrobot	#action redrobot to check with ade_lee about releasing Castellan (1)	13:16
moguimar	redrobot: I can do that	13:16
redrobot	awesome, thanks moguimar	13:16
moguimar	bnemec was talking about releases on our last Oslo meeting	13:17
redrobot	gotcha	13:17
redrobot	#undo	13:17
openstack	Removing item from minutes: #action redrobot to check with ade_lee about releasing Castellan (1)	13:17
moguimar	email me what you need and I'll bring it up with them	13:17
redrobot	#action moguimar to check with oslo team about releasing Castellan	13:17
redrobot	moguimar, sounds good	13:18
redrobot	ok, moving on	13:18
redrobot	We don't have any topics on the agenda	13:18
redrobot	so we'll have to play it by ear	13:19
redrobot	anything y'all want to talk about?	13:19
graeb	I write a Barbican patch for https://storyboard.openstack.org/#!/story/2004833	13:19
graeb	It is for review.	13:19
redrobot	#topic Reviews	13:19
*** openstack changes topic to "Reviews (Meeting topic: barbican)"		13:19
redrobot	graeb, awesome, do you want to post a link to the patch?	13:20
graeb	#link https://review.openstack.org/#/c/635736/	13:20
rm_work	I'm contemplating finishing the work I started four years ago and doing secret consumers XD	13:20
redrobot	rm_work, heh... go for it!	13:20
rm_work	But probably it wouldn't be supported by castellan sooooo	13:20
redrobot	That definitely sounds like a Train feature tho	13:21
rm_work	Maybe no point	13:21
rm_work	Since Octavia migrated to using the castellan interface to speak barbican	13:21
redrobot	Interesting	13:21
redrobot	How does an octavia user upload a cert when the Castellan backend is not Barbican?	13:22
rm_work	Now we store a single secret that is a pkcs12 bundle, so	13:22
rm_work	It's up to the operator	13:22
*** whoami-rajat has joined #openstack-barbican		13:22
redrobot	Ah	13:22
rm_work	At GD they had a custom API/UI	13:22
rm_work	And it would spit out a path that worked to retrive, so	13:23
redrobot	so reimplemented barbican?	13:23
rm_work	*retrieve	13:23
rm_work	Lol yes	13:23
rm_work	Because they're dumb	13:23
redrobot	lol	13:23
rm_work	I yelled at them	13:23
rm_work	And no longer work there	13:23
rm_work	So ...	13:23
redrobot	heh	13:23
* rm_work shrugs		13:23
rm_work	Point being, it is actually kinda reasonable	13:24
rm_work	Places have their own vault storage for example	13:24
rm_work	Already implemented outside of openstack	13:24
redrobot	graeb, added to my review queue	13:24
rm_work	So as long as permissions are right and paths are configured sanely... It works	13:24
redrobot	sure... though I'm still a fan of deploying Barbican->Vault	13:25
rm_work	Or it should in theory, I haven't really seen a successful full implementation in the wild yet	13:25
rm_work	Yes same	13:25
graeb	redrobot, nice! :)	13:25
redrobot	for obvious reasons 😜	13:25
rm_work	Multitenancy and openstack auth ftw	13:25
redrobot	Any other reviews that need to be mentioned?	13:26
redrobot	Or other topics?	13:26
rm_work	Apparently not? Or I bet 😉	13:28
rm_work	*or I netsplit	13:28
*** ade_lee_ has quit IRC		13:30
redrobot	I'm gonna go with we're out of topics	13:30
redrobot	thanks for coming, everyone!	13:31
redrobot	especially rm_work! 😘	13:31
redrobot	see y'all next time!	13:31
rm_work	🤣	13:31
redrobot	#endmeeting	13:31
*** openstack changes topic to "OpenStack PTG Denver - https://etherpad.openstack.org/p/barbican-stein-ptg"		13:31
openstack	Meeting ended Tue Feb 12 13:31:56 2019 UTC. Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)	13:31
openstack	Minutes: http://eavesdrop.openstack.org/meetings/barbican/2019/barbican.2019-02-12-13.00.html	13:31
openstack	Minutes (text): http://eavesdrop.openstack.org/meetings/barbican/2019/barbican.2019-02-12-13.00.txt	13:32
openstack	Log: http://eavesdrop.openstack.org/meetings/barbican/2019/barbican.2019-02-12-13.00.log.html	13:32
*** velizarx has quit IRC		13:32
*** velizarx has joined #openstack-barbican		13:37
*** openstackgerrit has quit IRC		13:37
*** zul has joined #openstack-barbican		14:07
*** moguimar has quit IRC		14:20
*** moguimar has joined #openstack-barbican		14:21
*** ade_lee_ has joined #openstack-barbican		14:31
*** arunkant has joined #openstack-barbican		15:08
*** moguimar has quit IRC		15:13
*** moguimar has joined #openstack-barbican		15:13
*** moguimar has quit IRC		15:31
*** moguimar has joined #openstack-barbican		15:32
*** moguimar has quit IRC		15:38
*** moguimar has joined #openstack-barbican		15:40
*** Luzi has quit IRC		15:41
*** moguimar has quit IRC		15:55
*** dpawlik has joined #openstack-barbican		16:14
*** graeb has quit IRC		16:19
*** abishop_ has joined #openstack-barbican		16:20
*** abishop has quit IRC		16:22
*** jmlowe has joined #openstack-barbican		16:44
*** velizarx has quit IRC		17:11
*** jmlowe has quit IRC		17:21
*** whoami-rajat has quit IRC		17:36
*** dpawlik has quit IRC		17:53
*** dpawlik has joined #openstack-barbican		18:06
*** dpawlik has quit IRC		18:10
*** dpawlik has joined #openstack-barbican		18:23
*** zul has quit IRC		19:04
*** tinwood has quit IRC		19:04
*** tinwood has joined #openstack-barbican		19:04
*** zul has joined #openstack-barbican		19:59
*** dpawlik has quit IRC		20:08
*** xek__ has joined #openstack-barbican		20:35
*** xek_ has quit IRC		20:37
*** jmlowe has joined #openstack-barbican		20:55
*** dpawlik has joined #openstack-barbican		20:59
*** dpawlik has quit IRC		21:06
*** tinwood has quit IRC		21:06
*** tinwood has joined #openstack-barbican		21:06
*** raildo has quit IRC		21:18
*** dpawlik has joined #openstack-barbican		21:20
*** dpawlik has quit IRC		21:24
*** xek__ has quit IRC		21:31
*** whoami-rajat has joined #openstack-barbican		23:12
*** ade_lee_ has quit IRC		23:47

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!