Sunday, 2014-03-23

« Saturday, 2014-03-22 Index Monday, 2014-03-24 »
*** thedodd has joined #openstack-keystone00:13
*** arosen1 has joined #openstack-keystone00:54
*** arosen1 has quit IRC00:59
openstackgerritMarek Denis proposed a change to openstack/keystone: Filter SAML2 assertion parameters with certain prefix.  https://review.openstack.org/8094601:04
*** arosen1 has joined #openstack-keystone01:08
*** flaper87 is now known as flaper87|afk02:12
*** devlaps has quit IRC02:30
*** thedodd has quit IRC02:39
*** mberlin1 has joined #openstack-keystone02:52
*** mberlin has quit IRC02:53
*** devlaps has joined #openstack-keystone03:01
*** arosen1 has quit IRC03:01
*** arosen2 has joined #openstack-keystone03:02
*** devlaps1 has joined #openstack-keystone03:02
*** devlaps has quit IRC03:03
*** devlaps1 has quit IRC03:08
*** devlaps has joined #openstack-keystone03:30
*** devlaps has quit IRC03:35
*** devlaps has joined #openstack-keystone04:01
*** devlaps has quit IRC04:05
*** daneyon has joined #openstack-keystone04:38
*** daneyon has quit IRC04:45
*** devlaps has joined #openstack-keystone05:01
*** nkinder has quit IRC05:03
*** devlaps has quit IRC05:05
*** devlaps has joined #openstack-keystone06:01
*** thedodd has joined #openstack-keystone06:02
openstackgerritJenkins proposed a change to openstack/keystone: Imported Translations from Transifex  https://review.openstack.org/7852506:02
*** devlaps has quit IRC06:05
*** thedodd has quit IRC06:20
*** thedodd has joined #openstack-keystone06:39
*** thedodd has quit IRC06:47
*** arosen2 has quit IRC06:50
*** arosen1 has joined #openstack-keystone06:51
*** arosen1 has quit IRC07:00
*** devlaps has joined #openstack-keystone07:01
*** arosen1 has joined #openstack-keystone07:01
*** devlaps has quit IRC07:05
*** zhiyan_ is now known as zhiyan07:18
*** devlaps has joined #openstack-keystone08:01
*** devlaps has quit IRC08:05
*** devlaps has joined #openstack-keystone09:01
*** devlaps has quit IRC09:05
*** flaper87|afk is now known as flaper8709:10
*** YorikSar has quit IRC09:13
*** YorikSar has joined #openstack-keystone09:15
*** morganfainberg is now known as morganfainberg_Z09:58
*** devlaps has joined #openstack-keystone10:01
*** david_lyle_ has joined #openstack-keystone10:04
*** devlaps has quit IRC10:05
*** david-lyle has quit IRC10:07
*** leseb has joined #openstack-keystone10:18
*** huats_ has joined #openstack-keystone10:48
*** huats has quit IRC10:53
*** harlowja_away has quit IRC10:54
*** marekd|away has quit IRC10:54
*** marekd|away has joined #openstack-keystone10:54
*** devlaps has joined #openstack-keystone11:01
*** devlaps has quit IRC11:06
*** Daviey_ has joined #openstack-keystone11:28
*** marekd|away has quit IRC11:29
*** bknudson has quit IRC11:29
*** lbragstad has quit IRC11:29
*** zhiyan has quit IRC11:29
*** Daviey has quit IRC11:29
*** sudorandom has quit IRC11:29
*** chmouel has quit IRC11:29
*** Daviey_ is now known as Daviey11:29
*** arosen1 has quit IRC11:33
*** chmouel has joined #openstack-keystone11:36
*** sudorandom has joined #openstack-keystone11:45
*** marekd|away has joined #openstack-keystone11:45
*** bknudson has joined #openstack-keystone11:45
*** lbragstad has joined #openstack-keystone11:45
*** zhiyan has joined #openstack-keystone11:45
*** devlaps has joined #openstack-keystone12:01
*** devlaps has quit IRC12:05
openstackgerritDavid Stanek proposed a change to openstack/keystone: Use assertIsNone when comparing against None  https://review.openstack.org/7811812:11
openstackgerritDavid Stanek proposed a change to openstack/keystone: Adds style checks to ease reviewer burden  https://review.openstack.org/7811912:11
openstackgerritDavid Stanek proposed a change to openstack/keystone: Add a space after the hash for block comments  https://review.openstack.org/7811612:11
openstackgerritDavid Stanek proposed a change to openstack/keystone: Removes the use of mutables as default args  https://review.openstack.org/7811712:11
*** leseb_ has joined #openstack-keystone12:17
*** leseb has quit IRC12:18
*** jamielennox|away has quit IRC12:21
*** jamielenz has joined #openstack-keystone12:28
*** jamielenz has quit IRC12:32
*** jamielennox|away has joined #openstack-keystone12:36
*** zhiyan is now known as zhiyan_12:46
*** devlaps has joined #openstack-keystone13:01
*** devlaps has quit IRC13:05
*** lbragstad1 has joined #openstack-keystone13:15
*** lbragstad has quit IRC13:22
*** zhiyan_ has quit IRC13:22
*** sudorandom has quit IRC13:22
*** sudorandom has joined #openstack-keystone13:22
*** zhiyan_ has joined #openstack-keystone13:24
*** devlaps has joined #openstack-keystone14:01
*** devlaps has quit IRC14:05
*** leseb_ has quit IRC14:14
*** wchrisj has joined #openstack-keystone14:31
dstanekdolphm, bknudson: https://review.openstack.org/#/c/80946 looks good to me. is this something we should not +A until after we release?14:39
dolphmdstanek: i'm happy to have it in icehouse14:41
dstanekdolphm: sounds good - i'll change my +1 to a +214:42
dstanekdolphm: is your services patch good to go? i fixed some pep8 issues, but i noticed you had it as WIP14:42
*** david_lyle_ has quit IRC14:48
dolphmdstanek: no - it's got legit test failures i think14:50
dolphmdstanek: i was trying to do in one patch what bknudson did in 3 or 4... i think i made a mess of it14:50
bknudsonit's easy to make a mess out of multiple patches too14:51
bknudsonwhat do you think about changing devstack to not set keystone config file readable only by the user?14:52
bknudsoni.e., would be 64414:52
dolphmbknudson: why?14:53
bknudsonas it is, we can't write a tempest test that does 'keystone-manage db_version'14:53
bknudsonand that command has broken a couple of times lately14:53
bknudsonthere are tests for the nova-manage command already... we haven't had any for keystone-manage14:54
bknudsonI tried writing one and it fails because it can't find the config file, probably because it doesn't have access14:55
*** leseb has joined #openstack-keystone14:55
dolphmbknudson: but tempest isn't guaranteed to be on the same box as keystone anyway -- are there other tests that make that assumption?14:57
bknudsondolphm: I think in that case you would disable the tests, there's a config CONF.cli.has_manage14:58
bknudsonhttp://git.openstack.org/cgit/openstack/tempest/tree/tempest/cli/simple_read_only/test_nova_manage.py#n4414:59
dolphmbknudson: are there other keystone-manage tests then?14:59
bknudsondolphm: there are no existing keystone-manage tests14:59
dolphmhmm14:59
bknudsonthere's a lot of keystone functionality that's not covered by tempest14:59
dolphmbknudson: how is that tested for nova then? they're conf should be 0600 too14:59
dolphmtheir*15:00
bknudsondolphm: their conf is not 0600.15:00
dolphmbknudson: what is it?15:00
bknudson-rw-r--r-- 1 bknudson bknudson 2679 Mar 21 09:56 /etc/nova/nova.conf15:00
bknudson-rw------- 1 bknudson bknudson 38819 Mar 22 11:57 /etc/keystone/keystone.conf15:00
dolphmbknudson: hmm, well considering it's devstack... link me to the review and i'll +1 :)15:01
*** devlaps has joined #openstack-keystone15:01
dolphmbknudson: i'd definitely cite nova's precedence in the commit message15:01
bknudsonok, will propose the change15:01
*** devlaps has quit IRC15:05
*** leseb has quit IRC15:07
*** leseb has joined #openstack-keystone15:09
bknudsondolphm: https://review.openstack.org/#/c/82358/15:10
dolphmbknudson: +115:20
dolphmbknudson: i assume the tempest user can't "sudo -u keystone keystone-manage" either, right?15:21
bknudsondolphm: I haven't tried it. I hope not.15:22
bknudsonI hope the tempest user can't rm -rf /15:22
dolphmbknudson: why do you hope not?15:22
*** packet has joined #openstack-keystone15:22
*** packet has quit IRC15:24
bknudsonI'm afraid that I'd break tempest if I try to sudo -- doesn't it prompt for input?15:25
dolphmbknudson: it's worth a shot IMO -- if it can sudo, hopefully it's passwordless15:31
bknudsondolphm: ok, we'll see what happens: https://review.openstack.org/#/c/82309/15:40
openstackgerritA change was merged to openstack/keystone: Filter SAML2 assertion parameters with certain prefix.  https://review.openstack.org/8094615:45
*** leseb has joined #openstack-keystone15:47
*** leseb has quit IRC15:51
marekd|awaydolphm: dstanek bknudson : ^^ yay, thanks!15:56
dolphmmarekd|away: ++15:57
dstanekmarekd|away: you did the hard part15:57
marekd|awaydstanek:  thanks!15:57
*** marekd|away is now known as marekd15:58
*** devlaps has joined #openstack-keystone16:01
marekddolphm: there is one last thing i need to address: another endpoint to be specified in the apache virtualhost configuration. But my concern is I still don't know whether we can send normal auth JSON query. I would rather opt for something like: https://github.com/zaccone/keystone/blob/federated-apache/keystone/auth/routers.py#L41 and https://github.com/zaccone/keystone/blob/federated-apache/keystone/auth/controllers.py#L30916:04
dolphmmarekd: it's *REALLY* late to be making proposals like this now -- if you need to make that change, PLEASE get it into review ASAP16:05
*** devlaps has quit IRC16:05
marekddolphm: ok, working.16:08
*** wchrisj has quit IRC16:11
openstackgerritA change was merged to openstack/python-keystoneclient: Don't use a connection pool unless provided  https://review.openstack.org/8200716:17
*** devlaps has joined #openstack-keystone16:21
*** devlaps has quit IRC16:26
*** thedodd has joined #openstack-keystone16:36
*** leseb has joined #openstack-keystone16:48
*** leseb has quit IRC16:53
*** YorikSar has quit IRC16:56
openstackgerritBrant Knudson proposed a change to openstack/keystone: Fix doc build errors with SQLAlchemy 0.9  https://review.openstack.org/8236716:57
*** YorikSar has joined #openstack-keystone16:58
openstackgerritBrant Knudson proposed a change to openstack/keystone: Fix doc build errors with SQLAlchemy 0.9  https://review.openstack.org/8236717:07
*** YorikSar has quit IRC17:13
openstackgerritBrant Knudson proposed a change to openstack/keystone: Updated from global requirements  https://review.openstack.org/8237217:14
*** YorikSar has joined #openstack-keystone17:25
*** shakamunyi has joined #openstack-keystone17:26
*** arosen1 has joined #openstack-keystone17:31
*** shakamunyi has quit IRC17:36
*** shakamunyi has joined #openstack-keystone17:39
*** leseb has joined #openstack-keystone17:49
*** shakamunyi has quit IRC17:51
*** leseb has quit IRC17:53
*** shakamunyi has joined #openstack-keystone18:06
openstackgerritMarek Denis proposed a change to openstack/keystone: Add dedicated URL for issuing unscoped federation tokens.  https://review.openstack.org/8237518:12
marekddolphm: bknudson : ^^18:13
*** marekd is now known as marekd|away18:14
*** shakamunyi has quit IRC18:43
*** leseb has joined #openstack-keystone18:50
*** leseb has quit IRC18:55
*** leseb has joined #openstack-keystone19:51
*** leseb has quit IRC19:52
*** leseb has joined #openstack-keystone19:53
*** leseb has quit IRC19:57
*** thedodd has quit IRC20:12
*** leseb has joined #openstack-keystone20:21
*** arosen1 has quit IRC20:24
*** arosen1 has joined #openstack-keystone20:38
*** devlaps has joined #openstack-keystone21:38
openstackgerritBrant Knudson proposed a change to openstack/keystone: Reduce environment logging  https://review.openstack.org/8239122:50
openstackgerritBrant Knudson proposed a change to openstack/keystone: Cleaner LDAP debug logging  https://review.openstack.org/8239522:59
openstackgerritDavid Stanek proposed a change to openstack/keystone: Always include 'enabled' field in service response  https://review.openstack.org/8220523:01
*** leseb has quit IRC23:02
*** devlaps has quit IRC23:03
openstackgerritJohn Dennis proposed a change to openstack/keystone: code hygiene; use six.text_type, escape regexp's, use key function  https://review.openstack.org/8239623:05
openstackgerritJohn Dennis proposed a change to openstack/keystone: Refactor LDAP API  https://review.openstack.org/8239723:05
openstackgerritJohn Dennis proposed a change to openstack/keystone: Properly handle unicode & utf-8 in LDAP  https://review.openstack.org/8239823:05
openstackgerritJohn Dennis proposed a change to openstack/keystone: Expand the use of non-ascii values in ldap test  https://review.openstack.org/8239923:05
*** jamielennox|away is now known as jamielennox23:08
openstackgerritBrant Knudson proposed a change to openstack/keystone: Filter out uninteresting log messages  https://review.openstack.org/8240223:13
*** leseb has joined #openstack-keystone23:21
*** flaper87 is now known as flaper87|afk23:21
*** leseb has quit IRC23:27
openstackgerritBrant Knudson proposed a change to openstack/keystone: Cleanup revocation query  https://review.openstack.org/8240323:28
*** nkinder has joined #openstack-keystone23:42
openstackgerritJamie Lennox proposed a change to openstack/python-keystoneclient: Add a positional decorator  https://review.openstack.org/7702623:52
openstackgerritJamie Lennox proposed a change to openstack/python-keystoneclient: Start using positional decorator  https://review.openstack.org/7705523:52
« Saturday, 2014-03-22 Index Monday, 2014-03-24 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!