Tuesday, 2020-01-21

« Monday, 2020-01-20 Index Wednesday, 2020-01-22 »
*** njohnston_ has quit IRC00:23
*** goldyfruit has quit IRC02:30
*** awalende has joined #openstack-barbican02:50
*** awalende has quit IRC02:55
*** goldyfruit has joined #openstack-barbican04:34
*** awalende has joined #openstack-barbican08:07
*** tosky has joined #openstack-barbican09:07
*** goldyfruit has quit IRC09:11
*** jaosorior has joined #openstack-barbican09:19
*** xek has joined #openstack-barbican09:24
*** jaosorior has quit IRC09:54
*** ivve has joined #openstack-barbican10:07
*** openstackgerrit has quit IRC10:12
*** goldyfruit has joined #openstack-barbican10:47
*** raildo has joined #openstack-barbican11:06
*** goldyfruit has quit IRC11:10
*** awalende has quit IRC11:13
*** raildo_ has joined #openstack-barbican11:14
*** awalende has joined #openstack-barbican11:14
*** raildo has quit IRC11:17
*** Luzi has joined #openstack-barbican12:28
*** nearyo has joined #openstack-barbican12:34
moguimarredrobot: meeting?13:03
Luzio/13:06
redroboto\13:07
redrobotsorry I'm late, guys!13:07
redrobot#startmeeting barbican13:07
openstackMeeting started Tue Jan 21 13:07:27 2020 UTC and is due to finish in 60 minutes.  The chair is redrobot. Information about MeetBot at http://wiki.debian.org/MeetBot.13:07
openstackUseful Commands: #action #agreed #help #info #idea #link #topic #startvote.13:07
*** openstack changes topic to " (Meeting topic: barbican)"13:07
openstackThe meeting name has been set to 'barbican'13:07
nearyo\o/13:07
redrobot#topic Roll Call13:07
*** openstack changes topic to "Roll Call (Meeting topic: barbican)"13:07
redrobotCourtesy ping for ade_lee dave-mccowan hrybacki jamespage Luzi lxkong mhen moguimar raildo rm_work xek13:08
Luzio/ again :)13:08
redrobotOkay, let's get started!13:09
redrobot#topic Secret-Consumers broke the TripleO gate13:10
*** openstack changes topic to "Secret-Consumers broke the TripleO gate (Meeting topic: barbican)"13:10
moguimaryep, wanted to bring that one up13:11
redrobotLooks like the client can't handle changes to the API13:11
redrobotso I'm going to make a workaround patch after the meeting13:11
redrobotand then work on microversions so we don't break the client again13:11
redrobotthen work on the client so it doesn't break anymore13:11
redrobotI should have the workaround patch up soon (just removing the API response bits)13:12
redrobotand then I'll bug y'all for reviews.13:12
redrobotany questions/comments?13:12
moguimarworks for me13:14
redrobotok, moving on13:17
redrobot#topic Manipulation of ACL data in DB13:17
*** openstack changes topic to "Manipulation of ACL data in DB (Meeting topic: barbican)"13:17
redrobotThis is an old security audit finding from the Newton cycle13:17
redrobot#link https://review.opendev.org/#/c/357978/13/doc/source/artifacts/barbican/newton/review-findings.rst13:18
redrobotFinding #113:18
redrobotbasically, if an attacker can modify the database, then they can add arbitrary users to a Secret's ACL, and then retrieve the secret using the API13:18
redrobotat the time, we talked about maybe signing acl rows13:19
redrobotand then error out if the row fails to validate on retreival13:19
redrobotin any case, we should consider fixing it13:21
redrobotor at least documenting that DB manipulation is a "Bad Thing"™13:21
redrobotWhat do y'all think?13:21
Luziredrobot, i need to think about the problem a little bit more - but you are right, something has to be done :D13:22
redrobotLuzi, cool, lets revisit this in a week or two13:24
redrobotok, moving on13:25
redrobot#topic Barbican UI13:25
*** openstack changes topic to "Barbican UI (Meeting topic: barbican)"13:25
redrobotnearyo, all yours13:26
redrobot#link https://review.opendev.org/#/c/702399/13:26
nearyoHey, I finally reached a good point for the first contribution to the barbican-ui. With this contribution it is possible to list, show, create, update and delete secrets and their metadata. I left the metadata stuff inside for now, but I would say it's trivial to remove this (as we discussed in shanghai).13:26
nearyohttps://review.opendev.org/#/c/702399/13:26
redrobotnearyo, that is awesome news!13:26
nearyoWhat do I have to do, to assign this to someone? (It's my first contribution ^^)13:26
redrobotI've added myself and ade_lee as reviewers, and I may go poke folks at the horizon channel to see if anyone could also review real quick13:27
redrobotIt may take me a while though, as I have not written/read any JS in years. 😅13:28
nearyoNice, thanks :)13:28
nearyoYeah the angular stuff was also "new" for me ^^13:29
*** enriquetaso has joined #openstack-barbican13:29
redrobotcool beans13:31
redrobotman, it'll be awesome if we can ship this for the next release :D13:31
*** ade_lee has quit IRC13:31
nearyoI would say if we agree on this we can think about further panel for acls and orders.13:31
*** ade_lee has joined #openstack-barbican13:31
redrobotnearyo, sounds good13:31
nearyoCool, thats all from my side. ;-)13:32
redrobotcoolness13:32
redrobot#topic Liaison Updates13:32
*** openstack changes topic to "Liaison Updates (Meeting topic: barbican)"13:32
redrobotmoguimar, forgot to ask if you had any updates from Oslo?13:32
redrobot...13:37
redrobotI'll take that as a no13:37
redrobot#topic Open Discussion13:37
*** openstack changes topic to "Open Discussion (Meeting topic: barbican)"13:37
redrobotAny other topics we should talk about?13:37
redrobotAlrighty then13:39
redrobotthanks for coming, everyone!13:40
redrobotSee y'all next week13:40
redrobot#endmeeting13:40
*** openstack changes topic to "OpenStack Barbican Train Cycle Development - Weekly Meeting Agenda: https://etherpad.openstack.org/p/barbican-weekly-meeting"13:40
openstackMeeting ended Tue Jan 21 13:40:11 2020 UTC.  Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)13:40
openstackMinutes:        http://eavesdrop.openstack.org/meetings/barbican/2020/barbican.2020-01-21-13.07.html13:40
openstackMinutes (text): http://eavesdrop.openstack.org/meetings/barbican/2020/barbican.2020-01-21-13.07.txt13:40
openstackLog:            http://eavesdrop.openstack.org/meetings/barbican/2020/barbican.2020-01-21-13.07.log.html13:40
*** openstackgerrit has joined #openstack-barbican13:45
openstackgerritDouglas Mendizábal proposed openstack/barbican master: Revert Secret Consumers API change  https://review.opendev.org/70361613:45
*** ade_lee has quit IRC13:46
*** nearyo has quit IRC13:59
*** abishop_ has joined #openstack-barbican14:14
*** awalende has quit IRC14:16
*** ade_lee has joined #openstack-barbican14:16
*** abishop has quit IRC14:16
*** ade_lee_ has joined #openstack-barbican14:22
*** ade_lee has quit IRC14:25
*** abishop_ is now known as abishop14:33
*** Luzi has quit IRC14:46
openstackgerritDouglas Mendizábal proposed openstack/barbican master: Revert Secret Consumers API change  https://review.opendev.org/70361615:16
openstackgerritDouglas Mendizábal proposed openstack/barbican master: Revert Secret Consumers API change  https://review.opendev.org/70361616:00
*** openstackgerrit has quit IRC16:13
*** tosky has quit IRC16:33
*** raildo_ has quit IRC17:12
*** enriquetaso has quit IRC18:36
*** openstackgerrit has joined #openstack-barbican19:24
openstackgerritDouglas Mendizábal proposed openstack/barbican master: Revert Secret Consumers API change  https://review.opendev.org/70361619:24
*** tosky has joined #openstack-barbican19:25
*** abishop_ has joined #openstack-barbican20:15
*** abishop has quit IRC20:17
*** ade_lee__ has joined #openstack-barbican20:44
*** ade_lee_ has quit IRC20:46
*** ade_lee__ has quit IRC20:47
*** jmlowe has joined #openstack-barbican21:00
*** jmlowe has quit IRC22:09
*** jmlowe has joined #openstack-barbican22:13
openstackgerritDouglas Mendizábal proposed openstack/barbican master: Update README  https://review.opendev.org/70370222:13
*** jmlowe has quit IRC22:17
*** enriquetaso has joined #openstack-barbican22:30
*** tosky has quit IRC23:47
« Monday, 2020-01-20 Index Wednesday, 2020-01-22 »

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!