Thursday, 2024-09-05

TheJulia	I suspect CI lost some node connectivity and resulted in some sadness	00:03
TheJulia	we had a bunch fail in rapid succession too :\	00:04
TheJulia	recheckd change ending in -65	00:10
TheJulia	stevebaker[m]: reviews on https://review.opendev.org/c/openstack/ironic/+/927966?usp=search and https://review.opendev.org/c/openstack/ironic/+/927967?usp=search and https://review.opendev.org/c/openstack/ironic/+/927968?usp=search would be appreciated, they are all green, master branch has been rechecked	00:16
TheJulia	wut... https://zuul.opendev.org/t/openstack/build/c9280b3cbc3240f488cefaa88ee4d81f	00:18
stevebaker[m]	Ok looking	00:30
opendevreview	Julia Kreger proposed openstack/ironic master: CI: Remove scope enforced ci jobs https://review.opendev.org/c/openstack/ironic/+/928106	00:35
TheJulia	I need to step away and focus on dinner	00:35
TheJulia	stevebaker[m]: hold off on workflowing please, since stable policy and all :(	00:37
stevebaker[m]	urk	00:37
opendevreview	Verification of a change to openstack/ironic bugfix/26.0 failed: CVE-2024-44982: Harden all image handling and conversion code https://review.opendev.org/c/openstack/ironic/+/927966	00:37
opendevreview	Verification of a change to openstack/ironic bugfix/25.0 failed: CVE-2024-44982: Harden all image handling and conversion code https://review.opendev.org/c/openstack/ironic/+/927967	00:38
TheJulia	Thanks, master branch patch is pending recheck now	00:39
TheJulia	sigh	00:39
TheJulia	it has been a long day	00:39
TheJulia	ugh, zuul now verifies -2 when you change the workflow too	00:44
TheJulia	sigh	00:44
TheJulia	okay, rechecks issued	00:45
TheJulia	now to let master do its thing	00:45
stevebaker[m]	ok, all the ironic backports now have 2x +2	00:48
TheJulia	Much appreciated	00:54
TheJulia	Much happier when we don’t slam ci	01:03
opendevreview	Merged openstack/ironic-python-agent stable/2024.1: Inspect non-raw images for safety https://review.opendev.org/c/openstack/ironic-python-agent/+/927976	01:30
opendevreview	Merged openstack/ironic-python-agent stable/2023.2: Inspect non-raw images for safety https://review.opendev.org/c/openstack/ironic-python-agent/+/927978	01:30
opendevreview	Merged openstack/ironic-python-agent bugfix/9.13: Inspect non-raw images for safety https://review.opendev.org/c/openstack/ironic-python-agent/+/927981	01:30
opendevreview	Merged openstack/ironic-python-agent bugfix/9.12: Inspect non-raw images for safety https://review.opendev.org/c/openstack/ironic-python-agent/+/927983	01:30
*** dtantsur_ is now known as dtantsur		02:13
opendevreview	Merged openstack/ironic master: CVE-2024-44982: Harden all image handling and conversion code https://review.opendev.org/c/openstack/ironic/+/927965	02:43
* TheJulia dances		02:44
stevebaker[m]	heck yeah	02:51
opendevreview	Merged openstack/ironic bugfix/26.0: CVE-2024-44982: Harden all image handling and conversion code https://review.opendev.org/c/openstack/ironic/+/927966	03:00
opendevreview	Merged openstack/ironic bugfix/25.0: CVE-2024-44982: Harden all image handling and conversion code https://review.opendev.org/c/openstack/ironic/+/927967	03:00
opendevreview	Steve Baker proposed openstack/ironic-python-agent bugfix/9.9: Pin jobs to stable/2024.1 deps https://review.opendev.org/c/openstack/ironic-python-agent/+/928079	03:54
opendevreview	Merged openstack/ironic bugfix/24.0: CVE-2024-44982: Harden all image handling and conversion code https://review.opendev.org/c/openstack/ironic/+/927969	04:09
opendevreview	Taketani Ryo proposed openstack/ironic-python-agent-builder master: Add a note about the package manager on the DIB build system https://review.opendev.org/c/openstack/ironic-python-agent-builder/+/928116	06:15
opendevreview	cid proposed openstack/ironic-python-agent master: Check for the existence of an IPMI device https://review.opendev.org/c/openstack/ironic-python-agent/+/926973	06:46
frickler	so 2024.1 seems ready to approve next? https://review.opendev.org/c/openstack/ironic/+/927968 same failures as for older stable branches afaict, but n-v there	07:19
* dtantsur looking		07:25
dtantsur	W+1	07:29
frickler	thx. next up likely would be checking the redfish failures on https://zuul.opendev.org/t/openstack/build/06e37afe49bc4bdea21ad1114a4882b9 or maybe just deciding to make that n-v as for 2024.1?	07:41
dtantsur	that's what I'm doing right now, yeah	07:41
dtantsur	We could have a real bug in Ironic of that version... :(	07:43
dtantsur	Filed https://bugs.launchpad.net/ironic/+bug/2079023 maybe cid could take a look eventually?	07:50
cid	Certainly	07:52
* cid starts looking		07:52
opendevreview	Dmitry Tantsur proposed openstack/ironic-tempest-plugin master: Work around missing microversion headers on / https://review.opendev.org/c/openstack/ironic-tempest-plugin/+/928120	08:01
opendevreview	Dmitry Tantsur proposed openstack/ironic stable/2023.2: Temporary disable ironic-standalone-redfish on stable/2023.2 https://review.opendev.org/c/openstack/ironic/+/928121	08:05
dtantsur	frickler: ^^	08:05
dtantsur	I might be the only core actively present right now...	08:06
dtantsur	mgoddard, hi, are you available this morning to help with pushing forward CVE fixes?	08:07
frickler	dtantsur: I was about to say that I can only +1, but then noticed that I could actually approve with my stable-release-team hat on (which keeps collecting dust because I forget about it). thx for the patch	08:11
dtantsur	heh, that's convenient!	08:11
dtantsur	Normally, we have at least 2 cores in Europe, but the other one is on a long PTO	08:12
frickler	dtantsur: do you want to rebase the other patches on top of this? then it could all hopefully go into gate together	08:12
dtantsur	Yep, 1 sec	08:13
dtantsur	eehhh, I wonder if I need to mash it together with https://review.opendev.org/c/openstack/ironic/+/928071	08:14
dtantsur	mm, pep8 passes on my patch, this is curious	08:17
cid	Oh, already triaged. dtantsur, you meant look look. I will do sometime within the week or next.	08:17
dtantsur	cid: yeah, thank you!	08:17
opendevreview	Julia Kreger proposed openstack/ironic stable/2023.2: CVE-2024-44982: Harden all image handling and conversion code https://review.opendev.org/c/openstack/ironic/+/927970	08:23
opendevreview	Merged openstack/ironic stable/2024.1: CVE-2024-44982: Harden all image handling and conversion code https://review.opendev.org/c/openstack/ironic/+/927968	08:39
dtantsur	TheJulia, JayF, I might be quite in a trouble here downstream: 2 image inspector test fail in our builders	09:29
dtantsur	namely, test_vmdk_bad_descriptor_mem_limit ones	09:29
dtantsur	they fail on 'qemu-img convert' in the test preparation phase, so I might just remove them from our fork..	09:30
stevebaker[m]	Any review requests before i go to sleep?	10:19
dtantsur	I think we're good for now, good night!	10:20
* jssfr goes back to trying to understand why https://review.opendev.org/c/openstack/ironic-python-agent/+/925087 fails in Zuul		10:23
jssfr	`tox` locally seems to succeed, unless it's hiding its errors well	10:23
jssfr	wtf now it fails. I swear I didn't change anything inbetween, except that I now called `tox && echo true` instead of `tox`. That can't be the difference.	10:26
jssfr	aaaahahhh	10:27
jssfr	it's nondeterministic!	10:27
opendevreview	Jonas Schäfer proposed openstack/ironic-python-agent master: agent: make _find_routable_addr work with IPv4- and IPv6-only setups https://review.opendev.org/c/openstack/ironic-python-agent/+/925087	10:34
jssfr	let's see if that works	10:35
opendevreview	Merged openstack/ironic stable/2023.2: Temporary disable ironic-standalone-redfish on stable/2023.2 https://review.opendev.org/c/openstack/ironic/+/928121	10:59
opendevreview	Merged openstack/ironic stable/2023.2: CVE-2024-44982: Harden all image handling and conversion code https://review.opendev.org/c/openstack/ironic/+/927970	11:16
dtantsur	yessss!	11:47
* dtantsur sad panda because of wrong CVE number in the commit messages		11:59
TheJulia	dtantsur: yeah, just remove them, we've seen a couple others fail. Seems a bit sensitive.	12:47
* TheJulia tries to wake up		12:47
dtantsur	good morning!	12:47
TheJulia	dtantsur: by chance, have you seen https://zuul.opendev.org/t/openstack/build/324f5dd399134cc68067274a1e138a85 and managed to chase it down, or are you just rechecking?	13:10
TheJulia	oh, you made it non-voting on 2023.2	13:11
dtantsur	TheJulia: https://bugs.launchpad.net/ironic/+bug/2079023 is at least a part of it	13:12
dtantsur	but yes, it's not voting on master, there is no reason for it to block CVE's on stable branches	13:12
* dtantsur is preparing metal3 releases now		13:13
TheJulia	dtantsur: is the tl;dr that tempest-lib changed and exposed a bug on ironic's api?	13:16
dtantsur	I haven't dug into the root cause	13:17
TheJulia	I guess we may also see different behaviors based upon path location delineation as well	13:17
TheJulia	The downside is we likely have pinned our plugin in places, so we may just need to disable that test on unmaintained branches	13:19
TheJulia	which is likely okay in the grand scheme of things	13:19
TheJulia	I just approved the tempest plugin change, fwiw	13:19
TheJulia	Thasnks!	13:19
TheJulia	Checked Zed, we at least don't have any checkout override there, so we'll know fairly quickly once the tempest plugin change merges	13:25
dtantsur	My headache is not getting better, I need to lie down	13:43
TheJulia	Thanks for your work today dtantsur! feel better!	14:05
opendevreview	Julia Kreger proposed openstack/ironic-python-agent master: WIP: Provide operator an idea why the deploy failed https://review.opendev.org/c/openstack/ironic-python-agent/+/927823	14:10
opendevreview	Verification of a change to openstack/ironic-tempest-plugin master failed: Work around missing microversion headers on / https://review.opendev.org/c/openstack/ironic-tempest-plugin/+/928120	14:29
JayF	I kicked that	14:42
TheJulia	much appreciated	15:21
JayF	looks like IPA back to stable/2023.2 has landed; do we want to go ahead and start moving on a release for IPA stable branches? or wait until Ironic is happy?	15:43
JayF	did I link https://github.com/jayofdoom/disk-image-checker here yesterday?	15:48
JayF	basically just the image checker in oslo.utils hooked up to a simple CLI, useful for scripting	15:49
JayF	figure some downstreams might wanna answer the question "any of my images likely to fail validation" and/or "any of my cached images fail a safety check?"	15:49
TheJulia	you did link it, but I've not had time or any capacity to even think about the words aligned with the link	15:53
JayF	tl;dr if you have a support request for "promise my images won't break with this security change", that's your free answer	15:54
JayF	I put a +1 on https://review.opendev.org/c/openstack/releases/+/927935 -- releases for our libraries -- but someone who is a release manager or rpittau should likely take a look	16:10
dtantsur	rpittau is on a long PTO	16:10
dtantsur	iurygregory is on the summit, but you have a better chance of catching him	16:11
dtantsur	then again, this patch will be auto-merged soon	16:11
JayF	That's part of why I put the comment on. I didn't want anyone to worry about those being CVE-impacted	16:16
* dtantsur needs to rethink his IRC setup - missing a lot of messages..		16:16
JayF	dtantsur: irccloud.com is pretty great, and they have a good trial	16:18
JayF	I have not regretted the move once	16:18
JayF	they even support connecting to it as a proxy if you have strong feelings about a given client	16:19
dtantsur	I do	16:19
dtantsur	paying for IRC is a new thought for me though, especially since it's fully a work expense	16:20
JayF	I don't know RH policies, but I maintain a team plan for CID and myself (adamcarthur5 uses a personally-hosted copy of thelounge.chat)	16:21
JayF	I think that tempest-plugin change may cause actual-failures on inspector tempest job?	16:26
dtantsur	I'd have to pay from my pocket. Which is not much but it does feel annoying.	16:26
JayF	but I am unsure	16:26
dtantsur	which change?	16:26
JayF	https://review.opendev.org/c/openstack/ironic-tempest-plugin/+/928120/	16:27
JayF	inspector job seems to have failed in a similar way 2x in a row	16:27
JayF	but it did pass once, hmm	16:27
JayF	was there changes since then?	16:27
JayF	no, patchset 1	16:27
dtantsur	Not really?	16:27
JayF	flakey tests :(	16:27
dtantsur	it's a timeout, can mean anything	16:28
* JayF kicks it again		16:28
JayF	it passed once, ever, which indicates to me any issue is not the plugin change	16:28
dtantsur	HTTPConnectionPool(host='158.69.67.24', port=5050): Max retries exceeded with url: /v1/continue (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7f73be54d4c0>: Failed to establish a new connection: [Errno 113] EHOSTUNREACH'))	16:28
dtantsur	in IPA logs https://storage.gra.cloud.ovh.net/v1/AUTH_dcaab5e32b234d56b626f72581e3644c/zuul_opendev_logs_62e/928120/1/gate/ironic-inspector-tempest/62e40c4/controller/logs/ironic-bm-logs/node-0_no_ansi_2024-09-05-13%3A54%3A19_log.txt	16:28
dtantsur	ideas welcome, otherwise I can check tomorrow (dinner time now)	16:29
JayF	I rechecked it, we need that for the CVE stuff in Ironic, right?	16:29
JayF	We had that job pass once, so I think it's flakey; we need to fix the flakiness but it might not be the time to do it now	16:30
dtantsur	It's not blocking anything AFAIK	16:30
JayF	ooooh, I thought that was in front of Julia's patches	16:30
JayF	gotcha	16:30
dtantsur	I've disabled the failing standalone job on the last branch where it was enabled..	16:30
JayF	nevermind me then	16:30
dtantsur	so yeah, we need to fix it, but we don't need to fix it right here and now	16:30
JayF	this is what I get for reading backlog minutes after I wake up, before caffiene	16:30
JayF	lol	16:30
dtantsur	:D	16:30
JayF	I figured out how to get reviewstats for ironic outta bitergio	16:32
JayF	\o/ https://tinyurl.com/ironic-reviews	16:32
* TheJulia steps out of de-brained calls		16:53
TheJulia	what is brain? where did I brain? who knows where my brain is?	16:53
JayF	why do you think I'm throwing together CLI apps and doing administrivia like poking at graphs while rechecking patches	16:54
JayF	no brain left	16:54
TheJulia	I had a difficult call with account management folks about a separate issue. My brain wants a vacation.	16:55
TheJulia	ugh, https://zuul.opendev.org/t/openstack/status#928120	17:06
TheJulia	on a plus side, still green	17:06
TheJulia	but my take away is no sense to recheck any ironic patches until that has merged	17:06
opendevreview	Julia Kreger proposed openstack/ironic-python-agent master: Provide operator an idea why the deploy failed https://review.opendev.org/c/openstack/ironic-python-agent/+/927823	17:10
TheJulia	crazy, possibly un-cool idea. Change ironic-tempest-plugin to -nv current the second stable branch back instead of the third, and drop the third from running entirely	18:13
JayF	I don't really have enough information to know why that would be a bad idea	18:28
opendevreview	Verification of a change to openstack/ironic-tempest-plugin master failed: Work around missing microversion headers on / https://review.opendev.org/c/openstack/ironic-tempest-plugin/+/928120	19:37
JayF	are you serious :(	19:37
JayF	> ironic-inspector-tempest-rbac-scope-enforced https://zuul.opendev.org/t/openstack/build/7c15eee5485f40479a11012df74617f9 : FAILURE in 35m 05s	19:37
JayF	it's even a different one this time	19:37
JayF	dnsmasq crash caused a timeout	19:38
JayF	rechecking	19:38
JayF	On the bright side, I just talked to cid about the kea research and it's coming along nicely, so hopefully we'll excise this particular flake from our system	19:39
opendevreview	Ghanshyam proposed openstack/ironic master: Remove default override for RBAC config options https://review.opendev.org/c/openstack/ironic/+/928283	19:46
opendevreview	cid proposed openstack/ironic-python-agent master: Check for the existence of an IPMI device https://review.opendev.org/c/openstack/ironic-python-agent/+/926973	19:48
opendevreview	Julia Kreger proposed openstack/ironic-tempest-plugin master: CI: Remove specific scope enforced jobs https://review.opendev.org/c/openstack/ironic-tempest-plugin/+/928284	19:55
* cid good night ironic o/		19:59
TheJulia	goodnight cid	19:59
JayF	\o	19:59
JayF	Do we expect metalsmith jobs to be working on 2023.1?	20:05
TheJulia	At this point, unlikely	20:06
JayF	two metalsmith jobs are centos8	20:06
TheJulia	bahahahaha	20:06
TheJulia	no, no way then	20:06
JayF	ipa-tempest-bios-ipmi-direct-src is 404'ing pulling a centos9 image	20:07
JayF	which seems bad too but differently-shaped bad	20:07
JayF	https://zuul.opendev.org/t/openstack/build/d2b0bfd66a8a4f34a61b9ab349c89a4f	20:07
JayF	that job has never passed either	20:07
JayF	(on any of the cve patches on 2023.1 ipa)	20:08
JayF	I'm going to disable that test too, although I'll put a comment on it that I understand less why it's failing :)	20:09
TheJulia	ugh, there was a recent change on that I think	20:09
TheJulia	yeah, disable it	20:09
opendevreview	Jay Faulkner proposed openstack/ironic-python-agent stable/2023.1: Remove and disable examples job https://review.opendev.org/c/openstack/ironic-python-agent/+/928014	20:10
opendevreview	Jay Faulkner proposed openstack/ironic-python-agent stable/2023.1: Inspect non-raw images for safety https://review.opendev.org/c/openstack/ironic-python-agent/+/927979	20:11
JayF	I'm assuming we're onboard to migrate to the oslo.utils version of the security check before release?	20:13
JayF	Obviously going to wait until all the existing versions of the patches are happy	20:13
opendevreview	Julia Kreger proposed openstack/ironic master: CI: Enable the ability to have test VMs with different block sizes https://review.opendev.org/c/openstack/ironic/+/928285	20:22
TheJulia	JayF: I'm assuming so	20:22
JayF	I'm debating doing a little structural changes in IPA when I do it too; e.g. like unifying on one thing to write images to disks	20:23
JayF	which I avoided during the cve fix to get a more-backportable patch	20:23
JayF	I shouldn't let perfect be the enemy of good, I know there are 2-3 things I can improve, I should JFDI instead of talking myself out of it with ideas of a bigger refactor	20:24
TheJulia	So where are we at, what change are we pending aside from the tempest client change?	20:27
opendevreview	Verification of a change to openstack/ironic stable/2023.1 failed: CVE-2024-44982: Harden all image handling and conversion code https://review.opendev.org/c/openstack/ironic/+/927972	20:30
JayF	bugfix 9.9 IPA is busted to all hell	20:32
JayF	and has not had a functional gate since 2024.1 was released	20:33
JayF	stable/2023.1 IPA is what I just poked	20:33
JayF	I'm less clear on Ironic	20:33
TheJulia	okay	20:33
TheJulia	Okay, I think 2023.1 will be easy to fix for ironic	20:35
TheJulia	uhhhh	20:35
TheJulia	need to compare CI config across branches	20:35
JayF	I think I'm going to pin ironic-lib to 6.1.0 in bugfix-9.9	20:36
JayF	see if that does the trick	20:36
opendevreview	Jay Faulkner proposed openstack/ironic-python-agent bugfix/9.9: Pin jobs to stable/2024.1 deps https://review.opendev.org/c/openstack/ironic-python-agent/+/928079	20:37
JayF	I think bugfix 9.9 gate broke /when we did the recent ironic-lib release/	20:38
JayF	which makes sense why constraints weren't pinned until now	20:38
JayF	I'm fairly sure I'm fixing it a "wrong" way in that change, but 1) it's a bugfix branch and 2) the requirement is actually-accurate in terms of what actually works	20:38
TheJulia	okay, the issue on stable/2023.1 is the race for creating a partition image	20:39
TheJulia	ironic-tempest-partition-uefi-ipmi-pxe timed out, it ended up running a whole disk and a partition test	20:39
* TheJulia thinks we should just disable the test		20:40
TheJulia	reduce the surface on extra paths	20:40
JayF	This is a branch that will go UM in months.	20:40
JayF	as long as we have actual-tested-confidence in the paths, I'm OK with clearing the jobs out	20:40
TheJulia	yeah, I think we do	20:40
JayF	we should be minimalizing the cases we run in stable already	20:40
TheJulia	Yeah, we know the partition image generation stuff is super failure happy	20:41
TheJulia	the exact job no longer exists on master branch either	20:41
opendevreview	Julia Kreger proposed openstack/ironic stable/2023.1: CI: stable/2023.1 - remove partition job https://review.opendev.org/c/openstack/ironic/+/928290	20:46
TheJulia	JayF: ^ and https://review.opendev.org/c/openstack/ironic/+/928293	20:56
opendevreview	Julia Kreger proposed openstack/ironic stable/2023.2: CI: Remove grenade jobs for 2023.2 https://review.opendev.org/c/openstack/ironic/+/928294	20:59
TheJulia	https://review.opendev.org/c/openstack/ironic/+/928296 <-- stable/yoga job changes	21:12
TheJulia	wallaby ->>> https://review.opendev.org/c/openstack/ironic/+/928299	21:24
TheJulia	victoria ->> https://review.opendev.org/c/openstack/ironic/+/928300	21:32
opendevreview	Jay Faulkner proposed openstack/ironic-python-agent bugfix/9.9: Update bugfix 9.9 jobs https://review.opendev.org/c/openstack/ironic-python-agent/+/928079	21:33
TheJulia	It looks like we'll need to drop some tests on the stabl ebranches	21:33
TheJulia	stable branches, in regards to the format inspector	21:33
JayF	is tempest-functional on victoria a scenario test?	21:33
TheJulia	which is fine	21:33
TheJulia	no, its functional tests	21:34
JayF	just wondering if we're removing meaningful tempest testing from victoria	21:34
TheJulia	I don't know why it already got dropped on wallaby	21:34
TheJulia	but it passed	21:34
JayF	not that I'm against that, just wanna make sure I understand	21:34
TheJulia	basically devstack for all these branches is horribly broken anyway so it was really surprised that it actually worked	21:35
JayF	makes sense to me	21:35
TheJulia	running to the post office, since now we wait for CI	21:36
JayF	I'm starting to wonder if CI failures on bugfix/9.9 are real; maybe since tox wasn't pointing to the right constraint it passed locally wrongly	21:38
opendevreview	Jay Faulkner proposed openstack/ironic-python-agent bugfix/9.9: Update bugfix 9.9 jobs https://review.opendev.org/c/openstack/ironic-python-agent/+/928079	21:40
JayF	that's a silly thought, since CI failures are on the unpatched bugfix branch	21:41
JayF	although it reinforces the importance of verifying the before case is right/passing before pushing the new one	21:41
TheJulia	on the bugfix branches in particular	21:58
JayF	yeah	22:04
JayF	honestly it looks like we let these rot, generally	22:05
JayF	I had to go back several branches to find one that had CI fixed across a release boundary	22:05
JayF	we should either keep CI maintained or get rid of them	22:05
TheJulia	I do not disagree	22:08
JayF	If I hadn't promised bugfix/9.9 branch patches in the OSSA, I'd already be punting this patch :(	22:09
JayF	I am going to stop beating my head against it for now	22:09
TheJulia	++	22:15
JayF	I was looking for Ironic cycle highlights and saw they merged without mention of lessee, I've put up a PR to amend: https://review.opendev.org/c/openstack/releases/+/928305	22:28
JayF	I'd greatly appreciate automatic lessee getting landed, too: https://review.opendev.org/c/openstack/ironic/+/924887	22:31
JayF	just needs another +2a, dmitry's issues are resolved and the nova side is in	22:31
JayF	ty	22:38
opendevreview	Verification of a change to openstack/ironic master failed: Remove default override for RBAC config options https://review.opendev.org/c/openstack/ironic/+/928283	22:51
cardoe	https://opendev.org/openstack/python-ironicclient/src/commit/9feda5a8e292a93b196a4847e09586a2b4b4e6ae/ironicclient/client.py#L70 how about that consideration? :D	22:56
JayF	I'm really confused about this code	22:57
JayF	because I know `openstack baremetal` at least respects clouds.yaml	22:57
cardoe	Honestly openstacksdk is lacking and it'd be nice if there were good examples to use the individual clients.	22:57
cardoe	All the openstacksdk examples are around using their Proxy for each of the services. But until some things land in there (e.g. runbooks) the Proxy interface is lacking.	22:58
JayF	I think cid has a patch up (or if not, it's on his list) to enable runbooks in osdk	22:59
TheJulia	I would be okay if that option flipped	22:59
cardoe	JayF: yep it's there.	23:00
JayF	now is a good time to make bigger ironicclient changes, since clients for current release have been cut	23:01
cardoe	Writing something that injects a clouds.yaml secret into containers, since technically env vars aren't as secure on k8s.	23:01
JayF	I'm still confused about that code, because I know I've seen ironicclient obey a clouds.yaml	23:01
JayF	or how else would devstack work?!	23:01
JayF	does it work different in `baremetal [blah]` vs `openstack baremetal [blah]`?	23:02
TheJulia	it kind of does	23:02
TheJulia	fwiw	23:02
cardoe	Yes	23:02
JayF	okay then I'm +MAXINT to flipping that flag	23:02
* JayF o/		23:04
cardoe	iclient = ironicclient.client.get_client("1", session=openstack.config.OpenStackConfig(load_yaml_config=True, app_name="blah", app_version="1.0.0").get_one().get_session())	23:05
cardoe	technically you don't need to pass load_yaml_config=True as that's their default	23:06
opendevreview	Julia Kreger proposed openstack/ironic stable/2023.1: CI: stable/2023.1 - remove partition and older non-voting jobs https://review.opendev.org/c/openstack/ironic/+/928290	23:07
cardoe	If ya want another probably boring one Julia... https://review.opendev.org/c/openstack/sushy/+/927598	23:08
TheJulia	stevebaker[m]: rev'ed the 2023.1 change to rip out some stuff no longer running, the overall change didn't pass on the prior run due to it looks like the wsgi container went "poof" during one test	23:08
TheJulia	done	23:10
TheJulia	anything else before I try not to convice myself to make a beverage appear?	23:11
cardoe	You've had a bear of a past few days, do it.	23:11
TheJulia	heh	23:12
cardoe	The IPv6 agent guy isn't gonna like me.	23:12
cardoe	His latest change is "if DNS resolution fails, it must be an IP so just add it to the list"	23:13
* TheJulia blinks		23:14
TheJulia	my past network engineer wishes she had a teleporter to send you a beverage as well	23:15
opendevreview	Merged openstack/sushy master: add a link to the release notes in the README https://review.opendev.org/c/openstack/sushy/+/927598	23:15
stevebaker[m]	TheJulia: ok I'll keep an eye on things, let me know if there is anything else which needs reviewing	23:19
TheJulia	stevebaker[m]: nothing else right now, I'm hoping to get 2023.1 fixed and the cve fix change rechecked so we can verify if we need to remove some of the unit tests	23:21
stevebaker[m]	ok	23:22
* TheJulia fires up the gaming laptop and starts fallout 4		23:24
opendevreview	Verification of a change to openstack/ironic stable/2023.1 failed: CVE-2024-44982: Harden all image handling and conversion code https://review.opendev.org/c/openstack/ironic/+/927972	23:30
opendevreview	Merged openstack/ironic master: Support Automatic Lessee from instance metadata https://review.opendev.org/c/openstack/ironic/+/924887	23:49

Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!