| opendevreview | Merged openstack/glance stable/2024.1: Add file format detection to format_inspector https://review.opendev.org/c/openstack/glance/+/923264 | 00:14 |
|---|---|---|
| abhishekk | stbale/2024.1 merged | 03:58 |
| abhishekk | I have just approved all patches for 2023.2 | 03:59 |
| abhishekk | frickler: if you around ^^^ | 03:59 |
| opendevreview | Rajat Dhasmana proposed openstack/glance stable/2024.1: Revert "[stable only] Make import jobs non-voting" https://review.opendev.org/c/openstack/glance/+/923541 | 04:06 |
| frickler | abhishekk: thx, gate is looking pretty fine so far this morning, prioritized the last patches now | 06:20 |
| abhishekk | ++, thank you! | 06:20 |
| opendevreview | Merged openstack/glance stable/2023.2: Reject qcow files with data-file attributes https://review.opendev.org/c/openstack/glance/+/923266 | 07:44 |
| opendevreview | Merged openstack/glance stable/2023.2: Extend format_inspector for QCOW safety https://review.opendev.org/c/openstack/glance/+/923267 | 07:58 |
| opendevreview | Merged openstack/glance stable/2023.2: Add VMDK safety check https://review.opendev.org/c/openstack/glance/+/923268 | 08:07 |
| opendevreview | Merged openstack/glance master: Fix: optimized upload volume in Cinder store https://review.opendev.org/c/openstack/glance/+/922316 | 08:07 |
| abhishekk | whoami-rajat: ^^ | 08:09 |
| abhishekk | does it need backport? | 08:09 |
| whoami-rajat | abhishekk, yes it does, both Pranali's patch and this one needs to be merged till antelope, i can probably squash them together for easier review? | 08:09 |
| abhishekk | good idea | 08:10 |
| abhishekk | mention the same in commit message as well | 08:10 |
| whoami-rajat | sure, thanks | 08:11 |
| opendevreview | Merged openstack/glance stable/2024.1: Revert "[stable only] Make import jobs non-voting" https://review.opendev.org/c/openstack/glance/+/923541 | 08:26 |
| opendevreview | Merged openstack/glance stable/2023.2: Reject unsafe qcow and vmdk files https://review.opendev.org/c/openstack/glance/+/923269 | 08:26 |
| opendevreview | Merged openstack/glance stable/2023.2: Add QED format detection to format_inspector https://review.opendev.org/c/openstack/glance/+/923270 | 08:26 |
| opendevreview | Merged openstack/glance stable/2023.2: Add file format detection to format_inspector https://review.opendev.org/c/openstack/glance/+/923271 | 08:26 |
| frickler | abhishekk: ^^ ready for 2023.1? also note there were two failures on https://review.opendev.org/c/openstack/glance/+/923268/1 , you may want to double check those | 08:28 |
| abhishekk | 2023.2 merged, I will be sending 2023.1 Patches in 10 minutes | 08:30 |
| abhishekk | yes | 08:30 |
| abhishekk | frickler: checked those are not related to current patches, mysql ooed | 08:30 |
| abhishekk | frickler: approved 2023.1 | 08:33 |
| abhishekk | I am not sure about unmaintained zed though, it will require lots of tweaking if wanted to merge there | 08:34 |
| frickler | I don't really cat about the unmaintained branches, you may want to check with the "maintainers" there, like elodilles or tonyb, maybe they want to just force-merge those | 08:37 |
| abhishekk | frickler: ack, thank you!! | 08:38 |
| opendevreview | Rajat Dhasmana proposed openstack/glance stable/2023.2: Revert "[stable only] Make import jobs non-voting" https://review.opendev.org/c/openstack/glance/+/923551 | 08:39 |
| opendevreview | Merged openstack/glance stable/2023.1: Reject qcow files with data-file attributes https://review.opendev.org/c/openstack/glance/+/923277 | 10:20 |
| opendevreview | Merged openstack/glance stable/2023.1: Extend format_inspector for QCOW safety https://review.opendev.org/c/openstack/glance/+/923278 | 10:20 |
| opendevreview | Merged openstack/glance stable/2023.1: Add VMDK safety check https://review.opendev.org/c/openstack/glance/+/923279 | 10:32 |
| opendevreview | Merged openstack/glance stable/2023.1: Reject unsafe qcow and vmdk files https://review.opendev.org/c/openstack/glance/+/923280 | 10:32 |
| opendevreview | Merged openstack/glance stable/2023.1: Add QED format detection to format_inspector https://review.opendev.org/c/openstack/glance/+/923281 | 10:42 |
| opendevreview | Merged openstack/glance stable/2023.1: Add file format detection to format_inspector https://review.opendev.org/c/openstack/glance/+/923282 | 10:42 |
| frickler | \o/ yay | 10:45 |
| opendevreview | Rajat Dhasmana proposed openstack/glance stable/2023.1: Revert "[stable only] Make import jobs non-voting" https://review.opendev.org/c/openstack/glance/+/923568 | 12:02 |
| abhishekk | frickler: thank you for all your support \o/ | 13:26 |
| abhishekk | dansmith: can we release m2 without release note for cve? | 13:30 |
| pdeore | dansmith, rosmaita could you please approve this reno patch? https://review.opendev.org/c/openstack/glance/+/923485 , it would be good if we could get this in before tagging m2 today | 13:30 |
| rosmaita | looking | 13:30 |
| rosmaita | done! | 13:32 |
| pdeore | rosmaita, great! Thanks!! :) | 13:33 |
| abhishekk | but now for this to get merged you need to wait at least 3-4 hours | 13:34 |
| abhishekk | then needs to backport till 2023.1 | 13:35 |
| abhishekk | and make release from each stable/branch | 13:35 |
| abhishekk | If you are lucky it will get merged in couple of hours :D | 13:36 |
| dansmith | pdeore: I do not have stable perms on glance, FYI :) | 13:36 |
| pdeore | abhishekk, I think reno patch won't take much time | 13:39 |
| abhishekk | no it's not but it's last in the queue | 13:39 |
| abhishekk | gate queue | 13:40 |
| opendevreview | Pranali Deore proposed openstack/glance stable/2024.1: Add releasenote for CVE-2024-32498 fix https://review.opendev.org/c/openstack/glance/+/923574 | 14:03 |
| opendevreview | Pranali Deore proposed openstack/glance stable/2023.2: Add releasenote for CVE-2024-32498 fix https://review.opendev.org/c/openstack/glance/+/923575 | 14:04 |
| abhishekk | pdeore: your backports don't show cherry-picked from so something went wrong there | 14:37 |
| abhishekk | have you done it from terminal? | 14:37 |
| pdeore | abhishekk, ohh yeah didn't notice it, I have done it from browser | 14:38 |
| abhishekk | not sure how that not picked then | 14:39 |
| pdeore | yeah, let me edit the commit massage | 14:40 |
| abhishekk | no abandon those and do it again | 14:40 |
| pdeore | ohk | 14:40 |
| abhishekk | try one first and then cherry pick from one stable to other | 14:41 |
| abhishekk | form master to 2024.1 to 2023.2 to 2023.1 | 14:41 |
| pdeore | trying it again but it still doesn't show cherry-picked from commit | 14:44 |
| abhishekk | also I don't see your patch in gate queue now | 14:45 |
| abhishekk | don't know why | 14:46 |
| pdeore | i can see it there in gate queue | 14:46 |
| abhishekk | it appeared now | 14:47 |
| fungi | revisiting the ossa-2024-001 changes, we sent advance copies of https://review.opendev.org/c/openstack/glance/+/923254 and its backports to downstream stakeholders, and then included the links for them in the subsequent security advisory. there may be some confusion if we end up not merging them, and i shouldn't mark the advisory task complete while they're still being reviewed. i | 15:10 |
| fungi | suppose an alternative option would be for us to state in an errata publication for ossa-2024-001 that those patches weren't necessary in order to address the vulnerability... anyone have a feel for where those are headed? | 15:10 |
| abhishekk | fungi: if we end up not merging them means upstream CVE patches? | 15:36 |
| fungi | means in a coming errata publication we'd remove the urls for those changes from the ossa-2024-001 text and add a note stating that the patches weren't necessary to fix the vulnerability | 15:38 |
| abhishekk | agree | 15:38 |
| abhishekk | https://review.opendev.org/c/openstack/glance/+/923254 is not required | 15:38 |
| fungi | i'm mainly trying to figure out where things are going so we reduce downstream confusion. because previously we led them to believe (by not stating otherwise) that they needed to apply that patch | 15:39 |
| abhishekk | ack | 15:39 |
| fungi | and so at the moment i expect a lot of them are waiting to see when it merges | 15:39 |
| fungi | and are already including copies of the original in the packages they distribute to their customers, etc | 15:40 |
| abhishekk | Ok, dansmith should we include that change or not? | 15:42 |
| abhishekk | https://review.opendev.org/c/openstack/glance/+/923254 because it says wip in commit | 15:43 |
| dansmith | fungi: sorry I noted in one of my comments that I was including that because people were asking about format_inspector local verification and such, but that it wasn't strictly required | 15:43 |
| dansmith | also the detection patch that was below it was not strictly required | 15:43 |
| dansmith | abhishekk: we can de-WIP it if we want to just merge it, I just was going to add some more stuff to it, but it's fine as is also | 15:44 |
| dansmith | so you decide | 15:44 |
| abhishekk | I think we can force merge it, right? | 15:44 |
| fungi | yeah, if we merge it then that's one less point of confusion downstream | 15:44 |
| dansmith | let's remove the WIP though if we can | 15:44 |
| dansmith | that will be even more confusing in 2 years :) | 15:44 |
| abhishekk | yes please | 15:44 |
| abhishekk | NO point running CI on those | 15:45 |
| abhishekk | * this patch | 15:45 |
| opendevreview | Dan Smith proposed openstack/glance master: Add safety check and detection support to FI tool https://review.opendev.org/c/openstack/glance/+/923254 | 15:45 |
| dansmith | yep, it changes nothing that runs in CI | 15:45 |
| fungi | i'll just do that then, gimme a sec | 15:46 |
| abhishekk | approved, | 15:46 |
| abhishekk | then will approve stable one by one | 15:46 |
| dansmith | fungi: sorry if I should have been more clear there.. I guess it could/should have been a separate FYI patch, my bad | 15:48 |
| fungi | no worries | 15:48 |
| dansmith | abhishekk: also I didn't mean to push the WIP change on top of your copy, I pushed that to show someone else because I thought that I only had it locally :) | 15:49 |
| abhishekk | Ohh | 15:49 |
| opendevreview | Merged openstack/glance master: Add safety check and detection support to FI tool https://review.opendev.org/c/openstack/glance/+/923254 | 15:49 |
| abhishekk | approving 2024.1 | 15:50 |
| abhishekk | approved ^^ | 15:52 |
| opendevreview | Merged openstack/glance stable/2024.1: Add safety check and detection support to FI tool https://review.opendev.org/c/openstack/glance/+/923265 | 15:52 |
| abhishekk | approved 2023.2 | 15:53 |
| opendevreview | Merged openstack/glance stable/2023.2: Add safety check and detection support to FI tool https://review.opendev.org/c/openstack/glance/+/923272 | 15:53 |
| * dansmith gets tingles as he watches us break all the rules | 15:53 | |
| abhishekk | we are doing it because it does not requires tempest to ack | 15:54 |
| * abhishekk satisfying himself | 15:54 | |
| dansmith | I'm well aware, this is a perfect case to do it without risk.. I'm just saying, it feels so wrong :P | 15:54 |
| abhishekk | approved 2023.1 | 15:54 |
| opendevreview | Merged openstack/glance stable/2023.1: Add safety check and detection support to FI tool https://review.opendev.org/c/openstack/glance/+/923283 | 15:55 |
| abhishekk | I agree, i witnessed it first time as well :D | 15:55 |
| dansmith | lol | 15:55 |
| abhishekk | Officially we are good now | 15:55 |
| fungi | yep! just waiting on a handful of nova backports to merge now | 15:55 |
| fungi | thanks for the help! | 15:55 |
| dansmith | abhishekk: awesome job staying on top, and sorry I gave you (glance) the most patches to merge | 15:55 |
| dansmith | also awesome that glance had the (base for) the fastest remedy that got spread to the rest of the projects :) | 15:56 |
| abhishekk | no problem at all | 15:56 |
| dansmith | now I have much work ahead to osloify that and also bring back the small tweaks nova and cinder had to make for extra stuff | 15:56 |
| abhishekk | ++ for your work | 15:57 |
| abhishekk | interested work, let me know If I can be of any help | 15:57 |
| abhishekk | writing tempest or something else | 15:57 |
| dansmith | thanks, I'm looking forward to it and also have cleanups and improvements planned | 15:57 |
| dansmith | yeah, we definitely need a repo of good and bad images as reference, and tests to confirm them all in all three projects | 15:58 |
| abhishekk | agree | 15:58 |
| abhishekk | but afaik oslo is not interested in creating new project so are we going to add it in utils? | 15:59 |
| abhishekk | pdeore: that is still gate queue :P | 15:59 |
| dansmith | yes, right next to imageutils I think.. if they don't want it we'll do something else, but hopefully they'll be good with adding it there | 15:59 |
| abhishekk | I think so | 16:00 |
| abhishekk | I think I will start fixing the revert for conversion and moving it back to queued state and deleting the partial data from staging after rejecting bad image | 16:01 |
| pdeore_ | abhishekk, yeah :/ can we tag m2 without that reno patch ? :P | 16:01 |
| dansmith | abhishekk: ++ | 16:01 |
| abhishekk | pdeore: I think so unless you confirm that from release team | 16:02 |
| abhishekk | good thing is I haven't seen timeout after whoami-rajat has increased the timeout for all jobs (except tempest-integrated-enforce-new-defaults) | 16:04 |
| *** pdeore_ is now known as pdeore | 16:12 | |
| opendevreview | Merged openstack/glance stable/2023.2: Fix import job to provide valid disk-formats list to tempest https://review.opendev.org/c/openstack/glance/+/923340 | 19:58 |
| opendevreview | Merged openstack/glance stable/2023.2: Revert "[stable only] Make import jobs non-voting" https://review.opendev.org/c/openstack/glance/+/923551 | 20:18 |
| opendevreview | Merged openstack/glance master: Add releasenote for CVE-2024-32498 fix https://review.opendev.org/c/openstack/glance/+/923485 | 20:27 |
| opendevreview | Merged openstack/glance stable/2023.1: Revert "[stable only] Make import jobs non-voting" https://review.opendev.org/c/openstack/glance/+/923568 | 20:27 |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!