| *** mhen_ is now known as mhen | 01:41 | |
| xek | #startmeeting barbican | 15:01 |
|---|---|---|
| opendevmeet | Meeting started Mon Jun 17 15:01:35 2024 UTC and is due to finish in 60 minutes. The chair is xek. Information about MeetBot at http://wiki.debian.org/MeetBot. | 15:01 |
| opendevmeet | Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. | 15:01 |
| opendevmeet | The meeting name has been set to 'barbican' | 15:01 |
| xek | #topic Roll Call | 15:01 |
| xek | Courtesy ping for dmendiza[m] ade_lee d34dh0r53 Luzi tosky tobias-urdin jjung mharley lpiwowar | 15:01 |
| dmendiza[m] | 🙋♂️ | 15:02 |
| xek | As usual our agenda can be found here: | 15:02 |
| xek | #link https://etherpad.openstack.org/p/barbican-weekly-meeting | 15:02 |
| xek | Just the usual topics today | 15:03 |
| xek | #topic Review Past Meeting Action Items | 15:03 |
| xek | #link https://meetings.opendev.org/meetings/barbican/2024/barbican.2024-06-10-15.00.html | 15:03 |
| xek | There were none | 15:03 |
| xek | #topic Liaison Updates | 15:04 |
| xek | dmendiza morning :) | 15:05 |
| xek | No updates from me | 15:05 |
| xek | #topic Open Discussion | 15:05 |
| xek | #topic Bug Review | 15:07 |
| xek | There is a new bug https://bugs.launchpad.net/barbican/+bug/2069378 | 15:08 |
| xek | dmendizado you know about this one? It's about RBAC | 15:09 |
| xek | Looks like Sam described a scenario which should be reproducable | 15:12 |
| rajiv | Hi, is the meeting over ? | 15:16 |
| xek | Not yet | 15:16 |
| rajiv | :) | 15:16 |
| xek | rajivyou may speak :) | 15:17 |
| rajiv | i wanted to follow up on the Barbican-HSM upgrade topic, is the PR merged ? | 15:18 |
| rajiv | Thales HSM A790 with FIPS operational mode cannot be upgraded to the next version from 7.3.3 due to current encryption restriction on Barbican | 15:18 |
| rajiv | regarding my second topic, thanks for reviewing xek is it worth proceeding this idea and this format ? https://review.opendev.org/c/openstack/barbican/+/920305 | 15:22 |
| rajiv | lastly, i mailed these questions on the mailing list but it wasnt moderated and forwarded. | 15:23 |
| xek | ack, thanks for the update! | 15:24 |
| xek | I'm not sure which PR you are refering to | 15:24 |
| xek | the KMIP secret store was not merged yet https://review.opendev.org/c/openstack/barbican/+/914745 | 15:24 |
| rajiv | https://review.opendev.org/c/openstack/barbican/+/920305 | 15:24 |
| xek | oh, right and you had a question about this one - I can't decide for myself, I would need a second reviewer to take a look | 15:26 |
| xek | ^ dmendiza | 15:26 |
| opendevreview | Merged openstack/barbican master: Replace pyOpenSSL by cryptography https://review.opendev.org/c/openstack/barbican/+/913561 | 15:26 |
| rajiv | okay, thanks. | 15:27 |
| xek | I would also like to have more information about the use case, I think it would then make it easier to make a decision as to whether we want to add features like that, or if other openstack services have similar features we could base this on | 15:27 |
| rajiv | cinder already provides this feature | 15:28 |
| rajiv | https://github.com/sapcc/cinder/blob/stable/wallaby-m3/cinder/transfer/api.py | 15:28 |
| rajiv | https://www.alibabacloud.com/tech-news/a/cinder_/gvdyfkdkbj-cinder-volume-transfer-a-how-to-guide | 15:29 |
| rajiv | to confirm https://review.opendev.org/c/openstack/barbican/+/913561 would help me upgrade to the next version ? | 15:29 |
| rajiv | HSM upgrade* | 15:29 |
| xek | yes, I think so | 15:31 |
| rajiv | ah ok, i can cherry pick this commit to 2023.2 branch and test it ? | 15:32 |
| xek | yep | 15:33 |
| rajiv | does this replace CKM_AES_CBC_PAD mechanism ? | 15:33 |
| xek | from what I see in the patch, the library was only used for converting between formats | 15:35 |
| xek | (pem/der) | 15:36 |
| rajiv | okay, so we are unsure if the HSM upgrade would work or not ? else shall i raise a Ticket with Thales to confirm ? | 15:37 |
| xek | maybe you should, I don't specifically recall what was the cause of the issue | 15:39 |
| rajiv | okay, i will raise a ticket. | 15:40 |
| xek | ok, I guess that's everything for today | 15:40 |
| xek | See y'all next week! | 15:41 |
| xek | #endmeeting | 15:41 |
| opendevmeet | Meeting ended Mon Jun 17 15:41:11 2024 UTC. Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4) | 15:41 |
| opendevmeet | Minutes: https://meetings.opendev.org/meetings/barbican/2024/barbican.2024-06-17-15.01.html | 15:41 |
| opendevmeet | Minutes (text): https://meetings.opendev.org/meetings/barbican/2024/barbican.2024-06-17-15.01.txt | 15:41 |
| opendevmeet | Log: https://meetings.opendev.org/meetings/barbican/2024/barbican.2024-06-17-15.01.log.html | 15:41 |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!