| *** rlandy|ruck is now known as rlandy|out | 00:37 | |
| *** ysandeep|out is now known as ysandeep | 03:31 | |
| *** ysandeep is now known as ysandeep|afk | 03:38 | |
| *** ysandeep|afk is now known as ysandeep | 05:08 | |
| *** ykarel_ is now known as ykarel | 06:13 | |
| opendevreview | Dmitriy Rabotyagov proposed openstack/project-config master: Add Backport-Candidate label to openstack-ansible ACL https://review.opendev.org/c/openstack/project-config/+/824229 | 07:51 |
|---|---|---|
| *** ysandeep is now known as ysandeep|lunch | 08:16 | |
| *** jpena|off is now known as jpena | 08:37 | |
| *** ysandeep|lunch is now known as ysandeep | 08:59 | |
| *** elodille1 is now known as elodilles | 09:29 | |
| *** ysandeep is now known as ysandeep|afk | 10:09 | |
| *** rlandy|out is now known as rlandy|ruck | 11:04 | |
| *** ysandeep|afk is now known as ysandeep | 11:10 | |
| *** dviroel_ is now known as dviroel | 11:21 | |
| opendevreview | Dmitriy Rabotyagov proposed openstack/project-config master: Add Backport-Candidate label to openstack-ansible ACL https://review.opendev.org/c/openstack/project-config/+/824229 | 11:27 |
| *** ysandeep is now known as ysandeep|brb | 11:49 | |
| *** sshnaidm|afk is now known as sshnaidm | 11:58 | |
| *** ysandeep|brb is now known as ysandeep | 12:06 | |
| *** jcapitao is now known as jcapitao_lunch | 12:10 | |
| *** ysandeep is now known as ysandeep|brb | 12:20 | |
| *** ysandeep|brb is now known as ysandeep | 12:59 | |
| *** jcapitao_lunch is now known as jcapitao | 13:46 | |
| *** dasm|off is now known as dasm | 14:00 | |
| *** ykarel_ is now known as ykarel | 14:06 | |
| outbrito | G'day folks! I have this patch to fix the LOCI jobs for now, but the loci-watcher job is still failing due to a dependency on ceilometerclient requesting a different version of prettytable. | 14:47 |
| outbrito | I'm trying to assert what would be the best path here: make this non-voting while watcher fixes it or add a depends-on | 14:48 |
| outbrito | The second option sounds best, but might take a while | 14:48 |
| outbrito | https://review.opendev.org/c/openstack/loci/+/823721 | 14:54 |
| *** dviroel is now known as dviroel|lunch | 15:13 | |
| *** xek_ is now known as xek | 16:02 | |
| *** dviroel|lunch is now known as dviroel | 16:11 | |
| *** ysandeep is now known as ysandeep|out | 16:16 | |
| fungi | outbrito: if you don't have much control over the pace at which watcher fixes their dependencies, then not running loci-watcher in check/gate (maybe move it into the experimental pipeline instead?), or setting it non-voting is going to be your best bet for getting things moving in the meantime | 16:16 |
| fungi | outbrito: you might also want to discuss in #openstack-tc if the openstack-helm team is blocked by watcher and having trouble getting them to fix something on their end, maybe the tc can find them some additional assistance | 16:19 |
| opendevreview | Martin Kopec proposed openstack/openstack-zuul-jobs master: Add nodejs-16 *-docs and *-jobs templates https://review.opendev.org/c/openstack/openstack-zuul-jobs/+/824461 | 16:47 |
| *** jcapitao is now known as jcapitao_off | 17:25 | |
| *** jpena is now known as jpena|off | 17:40 | |
| outbrito | fungi, will do, tks | 18:09 |
| opendevreview | Merged openstack/openstack-zuul-jobs master: Remove centos-8 https://review.opendev.org/c/openstack/openstack-zuul-jobs/+/824236 | 18:35 |
| *** opendevreview is now known as Guest393 | 18:35 | |
| clarkb | thats curious why did the review bot get guested | 18:35 |
| clarkb | fungi: ^ | 18:36 |
| fungi | it must have failed to authenticate | 18:39 |
| fungi | i set all the bot accounts to protected so if they don't identify they'll have their nicks forcibly reset | 18:40 |
| fungi | taking a look at the log now | 18:40 |
| sean-k-mooney | o/ clarkb | 18:41 |
| clarkb | hrm but it would've been authenticated before? Unless it restarted and that was why it joined the channel not the channel round robin | 18:41 |
| clarkb | sean-k-mooney: hello | 18:41 |
| fungi | netsplit, i'm betting | 18:41 |
| sean-k-mooney | by the way i just regenerated my ssh key and learned something neat you proably already knew | 18:41 |
| clarkb | fungi: aha ya that could be it | 18:41 |
| fungi | it probably joined on the side of the split separate from the services bots | 18:41 |
| fungi | i just saw my connection bounce for libera as well, so suspect there may be internet issues at play | 18:42 |
| sean-k-mooney | i didnt realise that id_rsa was called that because of the algorthim and thant the ed25519 key would be called id_25519 | 18:42 |
| sean-k-mooney | and that it will try both automatically | 18:42 |
| fungi | since the split seems to have resolve for the moment, i'll restart the gerritbot container | 18:43 |
| clarkb | ya the client and the server negotiate a common set of algorithms and then they are tried in some order (it is ordered btu I don't recall how) | 18:43 |
| sean-k-mooney | yep it makes moveign between key type much simpler | 18:43 |
| clarkb | sean-k-mooney: the problem with the whole rsa sha1 thing is that some server like Gerrit and old dropbear don't negotiate with the client that sha2 is ok for rsa. | 18:44 |
| sean-k-mooney | since i can keep both and move service one at a time | 18:44 |
| fungi | looks like meetbot rejoined too but not statusbot | 18:44 |
| sean-k-mooney | ack | 18:44 |
| clarkb | sean-k-mooney: in the case of gerrit it does actually support sha2+rsa it just doesn't support the key exchange extension that negotiates that as valid. And openssh fallback to rsa + sha1 by default even when they have completely disabled sha1 | 18:44 |
| clarkb | this is the thing that irritates me most. The client should default to rsa + sha2 instead when they have killed sha1 | 18:45 |
| clarkb | and then it has a chance of working against some servers like Gerrit | 18:45 |
| sean-k-mooney | ya | 18:45 |
| sean-k-mooney | has that been raised with openssh | 18:45 |
| sean-k-mooney | as a posiblity to change? | 18:45 |
| clarkb | not that I know of. The rfc says they should do it already | 18:45 |
| sean-k-mooney | or is that required by the rfc | 18:45 |
| sean-k-mooney | oh ok | 18:46 |
| clarkb | I did mention it to red hatters when fedora switched and sugested they updated their default | 18:46 |
| sean-k-mooney | so its likely a defect in the impelmentaiton | 18:46 |
| clarkb | ya it could be. I looked at the source a while back and couldn't quite figure out how it picks the default but sorted out where it does it. Though I don't know the exact file/line anymore | 18:46 |
| clarkb | Anyway I solved it by changing my key | 18:46 |
| sean-k-mooney | yep same | 18:47 |
| fungi | welcome back, opendevstatus | 18:47 |
| ade_lee | fungi, https://review.opendev.org/c/openstack/openstack-zuul-jobs/+/816855 please | 18:48 |
| fungi | ade_lee: i've approved it, but noted this has the potential to create massive disruption if it has any bugs we failed to spot, so we need to keep a close eye on tox jobs for unexpected failures and revert immediately if we suspect a problem | 18:50 |
| ade_lee | ack | 18:51 |
| ade_lee | thanks | 18:51 |
| opendevreview | Merged openstack/openstack-zuul-jobs master: Enable support for fips on the jobs https://review.opendev.org/c/openstack/openstack-zuul-jobs/+/816855 | 18:59 |
| *** timburke__ is now known as timburke | 19:12 | |
| *** sshnaidm is now known as sshnaidm|afk | 19:20 | |
| *** dviroel is now known as dviroel|afk | 20:04 | |
| *** promethe- is now known as prometheanfire | 20:42 | |
| *** gagehugo_ is now known as gagehugo | 22:27 | |
| *** dasm is now known as dasm|off | 22:45 | |
| *** rlandy|ruck is now known as rlandy|out | 23:16 | |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!