| arozman | Hi Ironic ! | 06:38 |
|---|---|---|
| arne_wiebalck | Good morning arozman and Ironic! | 07:21 |
| rpittau | good morning ironic! o/ | 09:25 |
| samuelkunkel[m] | Good morning | 10:13 |
| samuelkunkel[m] | TheJulia: I did some investigation into the iDRAC 6.10 stuff with the suggested adjustments (adding 400 into the "allowed" response status to continue). The issue seems that, despite all the handling, we never see an etag provided as argument from the patch function to the _etag_handler. Therefore there is an initial patch called and within the exception handling we always fail here | 10:15 |
| samuelkunkel[m] | https://opendev.org/openstack/sushy/src/branch/master/sushy/connector.py#L325 as etag is always None from what I see. | 10:15 |
| samuelkunkel[m] | * TheJulia: I did some investigation into the iDRAC 6.10 stuff with the suggested adjustments (adding 400 into the "allowed" response status to continue). The issue seems that, despite all the handling, we never see an etag provided as argument from the patch function to the \_etag\_handler. Therefore there is an initial patch called and within the exception handling we always fail here | 10:17 |
| samuelkunkel[m] | https://opendev.org/openstack/sushy/src/branch/master/sushy/connector.py#L325 as etag is never declared(None) from what I see. | 10:17 |
| samuelkunkel[m] | Any further idea? | 10:17 |
| dtantsur | anyone is seeing some absurd behavior by tox? | 12:25 |
| dtantsur | in my case, `tox -epy39` completely ignores the 'py39' part and just runs everything | 12:25 |
| dtantsur | it also uses sdist now, which is something we wanted to avoid? | 12:26 |
| dtantsur | Works with tox 4.0. I guess we just broke tox 3. FYI rpittau, JayF | 12:28 |
| opendevreview | Dmitry Tantsur proposed openstack/ironic-python-agent master: [WIP] Make logs collection a hardware manager call https://review.opendev.org/c/openstack/ironic-python-agent/+/871708 | 12:34 |
| iurygregory | dtantsur, by "runs everything" you mean it runs the all tests under the default python version in your system? | 12:44 |
| kubajj | dtantsur: in https://review.opendev.org/c/openstack/ironic/+/871394 should I include something else for the exception or is the logging enough? | 12:50 |
| dtantsur | iurygregory: it didn't reach tests for me, fails on reno | 12:50 |
| dtantsur | kubajj: I'll check a bit later | 12:50 |
| iurygregory | dtantsur, ok, let me try to run here, you were running the tests for ironic or other project? | 12:51 |
| iurygregory | (ipa, inspector etc) | 12:51 |
| kubajj | dtantsur: thanks | 12:51 |
| dtantsur | iurygregory: IPA | 12:52 |
| iurygregory | ok o/ | 12:52 |
| iurygregory | jesus | 12:53 |
| iurygregory | this doesn't look good '-' | 12:53 |
| iurygregory | https://paste.opendev.org/show/bgVQYOMbnhDQPpb6lP37/ | 12:54 |
| iurygregory | dtantsur, so I was checking the ironic tox.ini vs ipa tox.ini the only diff that caught my eye was that in ironic we still have usedevelop = True in [testenv] but in IPA we don't have | 13:15 |
| iurygregory | https://opendev.org/openstack/ironic-python-agent/commit/3ded705e5601da8f8447281cd0a1bae5b3c5b592 maybe we should only have removed skipsdist ... | 13:16 |
| rpittau | usedevelop is supported, skipsdist is not since a while | 13:30 |
| rpittau | also they are (were) mutually exclusive | 13:30 |
| iurygregory | yeah, I'm trying to understand why adding to ipa helps... | 13:30 |
| rpittau | iurygregory: adding what ? | 13:30 |
| iurygregory | because I just removed from ironic and it also worked | 13:31 |
| iurygregory | usedevelop = True back to tox.ini in IPA | 13:31 |
| rpittau | iurygregory: usedevelop=True install the current package in development mode with “setup.py develop” instead of installing from the sdist package. | 13:33 |
| rpittau | so adding usedevelop remove sdist usage | 13:33 |
| rpittau | I haven't even noticed it was removed to be honest | 13:34 |
| rpittau | it should be readded | 13:34 |
| rpittau | IWas planning to cut bugfix today but I'll wait for that to be readded | 13:37 |
| dtantsur | iurygregory: I see the same thing (as in your paste) | 13:38 |
| opendevreview | Riccardo Pittau proposed openstack/ironic-python-agent master: Readd usedevelop true to tox.ini https://review.opendev.org/c/openstack/ironic-python-agent/+/871728 | 13:41 |
| rpittau | dtantsur, iurygregory, this ^ should fix things | 13:42 |
| dtantsur | rpittau: do we plan to use the new branch downstream? I'd like to get https://review.opendev.org/c/openstack/ironic-python-agent/+/871708 in if possible | 13:42 |
| rpittau | we should check the other repos | 13:43 |
| dtantsur | (just waiting for CI results to check the approach) | 13:43 |
| iurygregory | ok, good o/ | 13:43 |
| rpittau | dtantsur: we'll probably use the new bugfix branch downstream | 13:43 |
| rpittau | we can wait for early next week I guess | 13:43 |
| dtantsur | I'll try to finish this one today | 13:45 |
| opendevreview | Merged openstack/ironic bugfix/20.2: Use cinder from stable/zed for CI jobs https://review.opendev.org/c/openstack/ironic/+/871604 | 14:12 |
| opendevreview | Dmitry Tantsur proposed openstack/ironic-python-agent master: Make logs collection a hardware manager call https://review.opendev.org/c/openstack/ironic-python-agent/+/871708 | 14:17 |
| dtantsur | rpittau: ready for review ^^ | 14:17 |
| rpittau | ack, I'll check ASAP | 14:18 |
| iurygregory | releasenote failed .-. ValueError: Unknown reference 'stable/8.4' | 14:22 |
| dtantsur | we could have screwed up EOL'ing branches.. | 14:24 |
| TheJulia | o/ | 14:28 |
| iurygregory | dtantsur, yeah, I have this feeling | 14:32 |
| iurygregory | morning TheJulia, I hope you are feeling better today o/ | 14:32 |
| TheJulia | somewhat, not 100%. Trying to figure out at the moment if it is the cold meds that make me feel awful this morning, or if it is still the cold | 14:43 |
| TheJulia | Laying in bed, I felt great | 14:43 |
| TheJulia | Getting up and moving around... ugh | 14:44 |
| TheJulia | interesting, a job failed and it looks like libvirt compeltely failed to actually start the VMs, no logs. :\ | 15:14 |
| dtantsur | wow | 15:43 |
| dtantsur | kubajj: a new review incoming | 15:43 |
| kubajj | dtantsur: thanks, on it | 15:45 |
| dtantsur | TheJulia: was it you who added TLS 1.3 topic to the B PTG? | 15:46 |
| dtantsur | would be curious to hear details. I seem to vaguely recall seeing TLS 1.3... | 15:47 |
| JayF | it was me | 15:48 |
| JayF | Adam from Metal3 mentioned it | 15:49 |
| JayF | we absolutely do not support TLSv3 on IPA's wsgi server | 15:49 |
| JayF | with the TLS support stuff I put in and you hooked up with automation thru ironic | 15:49 |
| TheJulia | me? I'm still a brainless zombie | 15:49 |
| TheJulia | braaaaainnnss | 15:49 |
| JayF | I do not know about clients/servers from the ironic or inspector side | 15:49 |
| dtantsur | sorry TheJulia | 15:49 |
| JayF | re: tls1.3 | 15:49 |
| TheJulia | c'est la vie | 15:49 |
| JayF | dtantsur stunned to learn I do more than edit etherpads and run meetings? ;) | 15:49 |
| dtantsur | no way! | 15:50 |
| JayF | Just joking :P | 15:50 |
| dtantsur | right, I don't think I use built-in TLS anywhere except for IPA in deployments I care about (bifrost and metal3) | 15:50 |
| JayF | I am talking in #openstack-oslo | 15:50 |
| JayF | they have nobody working on oslo.service at all anymore | 15:50 |
| dtantsur | ouch | 15:50 |
| JayF | so I'm going to look and see if we're the only folks using that code | 15:50 |
| JayF | if not, maybe we keep using oslo.service and enhance it | 15:50 |
| JayF | if so... then maybe we migrate to something else, or adopt the code directly into IPA | 15:51 |
| TheJulia | I think we're one of many | 15:51 |
| TheJulia | honestly | 15:51 |
| dtantsur | I have a nagging feeling that updating oslo.service is somewhat easier | 15:51 |
| TheJulia | ++ | 15:51 |
| JayF | good, maybe we can talk someone !ironic into helping us with that lol | 15:51 |
| TheJulia | ++ | 15:51 |
| dtantsur | running IPA behind a normal server could be beneficial, but requires some rework of the auto-TLS effort | 15:52 |
| TheJulia | and increased memory footprint | 15:52 |
| dtantsur | also true :( | 15:52 |
| TheJulia | which is not an issue in reality outside of CI | 15:52 |
| JayF | I don't think "run an extra service in the ramdisk" is ever going to be the answer | 15:52 |
| JayF | because of the amount of pain it adds to customers | 15:52 |
| dtantsur | yeah | 15:52 |
| JayF | and there's no need to do it at IPA scale | 15:52 |
| TheJulia | ++ | 15:53 |
| JayF | we just gotta make the support work :) | 15:53 |
| dtantsur | especially those of us dealing with containers :) | 15:53 |
| TheJulia | It just needs to "work" | 15:53 |
| JayF | I should probably hit the list with this tbh | 15:53 |
| TheJulia | and we hide a lot of complexity to just make sure it "just works" | 15:53 |
| JayF | I'm going to email the list and basically assume for now someone (me if nobody else) is picking this up for bobcat | 15:53 |
| TheJulia | It seems like a really valid ptg-wide topic, tbh | 15:54 |
| dtantsur | I think the problem with PROTOCOL_TLSv1_* is that these variables are deprecated | 15:54 |
| JayF | yep | 15:54 |
| JayF | I spent two hours digging this yesterday | 15:54 |
| JayF | if that wasn't the case; I would've JFDI'd a patch | 15:55 |
| JayF | beccause I thought it would be that easy lol | 15:55 |
| dtantsur | hmmmm wait | 15:55 |
| dtantsur | https://opendev.org/openstack/oslo.service/src/branch/master/oslo_service/sslutils.py#L91 | 15:55 |
| dtantsur | does it mean that we can simply unset this option? | 15:55 |
| dtantsur | (if we ever set it) | 15:56 |
| * dtantsur is confused again | 15:57 | |
| TheJulia | confusion is a valid state of being | 15:57 |
| dtantsur | New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384 | 15:59 |
| dtantsur | just tested local Ironic with a self-signed cert | 15:59 |
| dtantsur | CLOSED WORKSFORME? | 15:59 |
| JayF | dtantsur: I did hit the list about this, if you are going to dig harder might wanna put your findings there | 15:59 |
| JayF | nope, because you can't configure TLS v1.3 only, right? | 16:00 |
| JayF | "You can make TLS 1.3 work by turning off all config about ciphers and versions" is a workaround, not a fix | 16:00 |
| dtantsur | was it the request? | 16:00 |
| dtantsur | Adam was asking about "TLS 1.3 support". The support is there. | 16:00 |
| JayF | I don't know what Adam's exact request was; but I know I've had similar requirements to that in the past | 16:00 |
| dtantsur | I'm not sure how easy it is, to disable TLS 1.2- | 16:00 |
| JayF | (where you have to be able to limit it to only latest ciphers/only approved cipher/etc) | 16:01 |
| dtantsur | (quite easy with nginx/httpd) | 16:01 |
| JayF | Well yeah, but IPA doesn't have those bits and we all just agreed they shouldn't | 16:01 |
| dtantsur | Deprecated since version 3.6: OpenSSL has deprecated all version specific protocols. | 16:01 |
| JayF | so perhaps it really is just a "remove the config" and "fix the docs" | 16:01 |
| JayF | dtantsur: you going to correct my post to the list or should I self-reply | 16:01 |
| * JayF afk/distracted, TC meeting | 16:02 | |
| dtantsur | I will, but need to run today | 16:02 |
| dtantsur | noticing though that https://docs.python.org/3/library/ssl.html#ssl.TLSVersion is not deprecated, maybe we can use that if the request is to limit version | 16:02 |
| JayF | ack | 16:02 |
| JayF | did you know some of this beforehand? | 16:03 |
| JayF | if not, how the hell did you figure it out so quick? | 16:03 |
| JayF | you have some kind of magically good docs somewhere? lol | 16:03 |
| dtantsur | haha, I did have some exposure to Python's TLS support after I implemented auto-TLS | 16:03 |
| JayF | my knowledge was all dated to before they deprecated the TLS_VERSION stuff | 16:04 |
| JayF | so wheen I went digging and there was no ssl.PROTOCOL_TLS_V13 or whatever | 16:04 |
| JayF | I started up with the WTFs | 16:05 |
| kubajj | dtantsur: for the test where swiftclient raises exception, should I mock an exception? | 16:11 |
| JayF | What exactly aree you trying to determine? | 16:19 |
| JayF | If the method you called raises? | 16:19 |
| kubajj | dtantsur: any clue what I'm doing wrong if I get this error when trying to test the destroy_node? https://paste.opendev.org/show/beLJJ1xQjsIe7BSwQuJU/ | 16:30 |
| kubajj | JayF: sorry, didn't see this. I have a function that tries to delete a swift object, which might not exist which raises ClientException | 16:31 |
| JayF | assertRaises is what you're looking for | 16:32 |
| JayF | self.assertRaises(method_call(x,y), MyException) | 16:32 |
| JayF | I may have that call order outta whack, or it might be the wrong test library | 16:32 |
| JayF | but you get the idea :D | 16:32 |
| kubajj | JayF: but I'm mocking the call that would raise the exception, if you know what I mean. | 16:46 |
| JayF | so you can do like | 16:47 |
| JayF | mock_thing.side_effect = MyException() | 16:47 |
| JayF | i think? | 16:47 |
| kubajj | JayF: thanks | 16:47 |
| JayF | google/search repo for side_effect and you should get good syntax | 16:47 |
| rpittau | good night! o/ | 17:12 |
| JayF | So FYI; we're working this in #openstack-releases | 17:18 |
| JayF | CI is busted on release notes | 17:18 |
| JayF | and has been apparently since bugfix branch retirement | 17:18 |
| JayF | for $reno_reasons | 17:18 |
| JayF | I'm going to be working on this now, trying to fix it :( | 17:18 |
| * JayF put it in whiteboard | 17:19 | |
| JayF | I think our bugfix branch chickens are coming home to roost | 17:47 |
| JayF | in the form of reno likely needing major changes | 17:47 |
| opendevreview | Merged openstack/ironic bugfix/20.2: Prevent pxe retry when agent token exists https://review.opendev.org/c/openstack/ironic/+/868026 | 18:00 |
| stevebaker[m] | good morning | 20:03 |
| TheJulia | o/ stevebaker[m] | 20:03 |
| JayF | this reno algo is exactly the sort of thing I'm bad at | 20:18 |
| JayF | but I think I'm figuring it out | 20:18 |
| JayF | I was hoping for a quick fix but no dice | 20:18 |
| JayF | tl;dr: reno parses out numbers from any branch ending in -eol, and expects for there to be an equivalent `stable/x.y` | 20:19 |
| JayF | so our new `bugfix-x.y-eol` tags are breaking reno builds | 20:19 |
| JayF | just excluding bugfix tags seems to have a negative impact on the build because it's unable to track some of the release notes | 20:19 |
| JayF | so I'm trying to grok the algorithm that the tracker in reno is using | 20:20 |
| TheJulia | Hmm I would think it would be okay to just exclude them | 20:52 |
| JayF | yeah, see -release | 20:53 |
| JayF | the bad logs I was getting appear in the last good run before I retired the branches | 20:53 |
| JayF | so I think the updated-config for the regexps of eol tags to care about is the fix | 20:53 |
| JayF | going to push that shortly | 20:53 |
| JayF | TheJulia: it's accurate to say the releasenotes job should only run on master; yeah? | 20:58 |
| TheJulia | JayF: for what is published, afaik, it runs from master | 20:58 |
| JayF | ack; so the "backport" will be to kill the job on younger branches | 20:59 |
| TheJulia | so | 20:59 |
| TheJulia | the conundrum is you still need it there if you want to validate you made branch specific changes on the change | 20:59 |
| TheJulia | because once merged, the job on master will pick it up | 20:59 |
| TheJulia | but not beforehand | 20:59 |
| JayF | ah, so we still have to backport the conf fix | 20:59 |
| JayF | got it | 20:59 |
| TheJulia | yeah | 20:59 |
| JayF | damn, I think we still need a reno change | 21:02 |
| JayF | because it doesn't look like config is hooke dup | 21:02 |
| JayF | *hooked up | 21:02 |
| opendevreview | Jay Faulkner proposed openstack/ironic-python-agent master: Make reno ignore bugfix eol tags https://review.opendev.org/c/openstack/ironic-python-agent/+/871786 | 21:20 |
| opendevreview | Jay Faulkner proposed openstack/ironic master: Make reno ignore bugfix eol tags https://review.opendev.org/c/openstack/ironic/+/871787 | 21:21 |
| opendevreview | Jay Faulkner proposed openstack/ironic-inspector master: Make reno ignore bugfix eol tags https://review.opendev.org/c/openstack/ironic-inspector/+/871788 | 21:22 |
| JayF | just kidding I read some docs | 21:27 |
| JayF | beautiful \o/ | 21:27 |
| JayF | that ironic change needs revision, I probably won't get to it until after my next meeting | 21:52 |
| JayF | apparently we already had a reno.yaml for ironic | 21:52 |
| opendevreview | Jay Faulkner proposed openstack/ironic master: Make reno ignore bugfix eol tags https://review.opendev.org/c/openstack/ironic/+/871787 | 21:56 |
| TheJulia | ahh, yeah, kilo is why this is ringing a bell in myead | 23:08 |
| TheJulia | my head | 23:08 |
| vanou | good morning ironic | 23:54 |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!