Tuesday, 2014-08-05

« Monday, 2014-08-04 Index Wednesday, 2014-08-06 »
*** david-lyle has quit IRC00:03
lbragstaddstanek: yep00:07
lbragstadsorry about that, I was just about to push that patch00:07
lbragstaddstanek: our keystone/common/serializer.py files looked exactly the same after I fixed the comments :)00:08
lbragstaddstanek: nice work on the tests00:10
dstaneklbragstad: hey, yeah i just went ahead and pushed00:11
*** gokrokve has quit IRC00:13
lbragstaddstanek: thanks00:18
*** yasukun has joined #openstack-keystone00:18
*** marcoemorais has quit IRC00:24
ayoungbknudson, did nkinder talk with you about https://review.openstack.org/#/c/109120/5/keystone/tests/test_v3_auth.py  ?  Cus it looks like those comments really were for a different patch00:24
*** marcoemorais has joined #openstack-keystone00:24
*** marcoemorais has quit IRC00:24
*** marcoemorais has joined #openstack-keystone00:24
openstackgerritSteve Martinelli proposed a change to openstack/identity-api: Add OS-FEDERATION section to scoped federation tokens  https://review.openstack.org/11187300:34
*** stevemar is now known as maybeiamstevemar00:35
*** shakamunyi has quit IRC00:43
bknudsonayoung: he commented in the review00:49
ayoungbknudson, was it meant for the othe r review, though?  THe revocation events?00:49
bknudsonayoung: no, I thought he was relying on revocation in his tests00:49
*** amcrn has quit IRC00:51
*** xianghui has quit IRC00:53
*** gyee has quit IRC00:59
*** xianghui has joined #openstack-keystone01:05
*** richm has quit IRC01:19
*** gokrokve has joined #openstack-keystone01:23
openstackgerritA change was merged to openstack/python-keystoneclient: Use token and discovery fixture in identity tests  https://review.openstack.org/10755401:32
*** morganfainberg_Z is now known as morganfainberg01:35
openstackgerritA change was merged to openstack/keystone: Fix revoking a scoped token from an unscoped token  https://review.openstack.org/10938901:37
openstackgerritLance Bragstad proposed a change to openstack/keystone: Refactor serializer import to XmlBodyMiddleware  https://review.openstack.org/11110801:41
*** shakamunyi has joined #openstack-keystone01:54
*** diegows has quit IRC01:55
*** marcoemorais has quit IRC02:06
*** shakamunyi has quit IRC02:07
*** shakamunyi has joined #openstack-keystone02:22
*** jorge_munoz has joined #openstack-keystone02:24
*** gokrokve_ has joined #openstack-keystone02:35
*** gokrokve_ has quit IRC02:35
*** gokrokve_ has joined #openstack-keystone02:35
*** browne has quit IRC02:36
*** hrybacki has joined #openstack-keystone02:36
*** gokrokve has quit IRC02:38
*** gokrokve has joined #openstack-keystone02:45
*** gokrokve_ has quit IRC02:49
*** jorge_munoz has quit IRC02:51
*** hrybacki has quit IRC02:51
*** jimbaker has quit IRC02:56
*** jimbaker has joined #openstack-keystone02:56
*** jimbaker has quit IRC02:56
*** jimbaker has joined #openstack-keystone02:56
*** gokrokve has quit IRC03:01
openstackgerritJeffrey Zhang proposed a change to openstack/keystone: Redirect stdout and stderr when using subprocess  https://review.openstack.org/5161003:04
*** jorge_munoz has joined #openstack-keystone03:14
*** browne has joined #openstack-keystone03:15
openstackgerritLance Bragstad proposed a change to openstack/keystone: Refactor serializer import to XmlBodyMiddleware  https://review.openstack.org/11110803:19
*** yasukun has quit IRC03:25
*** jorge_munoz has quit IRC03:29
*** jorge_munoz has joined #openstack-keystone03:30
*** gokrokve has joined #openstack-keystone03:31
*** gokrokve_ has joined #openstack-keystone03:33
*** gokrokve has quit IRC03:33
dstanekthe channel has been super quiet lately03:38
maybeiamstevemardstanek, howdy partner03:38
dstanekmaybeiamstevemar: hey03:39
dstanekmaybeiamstevemar: maybe not?03:39
dstanekmorganfainberg: i hate databases!03:40
maybeiamstevemardstanek, i added you to a review if that makes ya feel better03:41
dstanekmaybeiamstevemar: what review?03:41
maybeiamstevemardstanek, https://review.openstack.org/#/c/111657/03:41
maybeiamstevemardstanek, i've got like 10 open in keystone, just pick one :P03:41
*** gokrokve_ has quit IRC03:41
dstanekmaybeiamstevemar: haha, i'll start going through them for ya03:42
maybeiamstevemarwoo hoo03:42
*** gokrokve has joined #openstack-keystone03:42
dstanekmaybeiamstevemar: this one made me think https://review.openstack.org/#/c/111841/1/keystone/assignment/backends/sql.py - mostly to make sure my comments were coherent03:42
dstanekmaybeiamstevemar: i probably shouldn't be doing reviews this late03:43
maybeiamstevemardstanek, if it helps, most of mine are tiny changes03:44
maybeiamstevemargot an identity-api one queued up too03:44
*** gokrokve has quit IRC03:46
openstackgerritwanghong proposed a change to openstack/python-keystoneclient: expose the revoke token for V3  https://review.openstack.org/10270103:49
*** gokrokve has joined #openstack-keystone03:54
openstackgerritA change was merged to openstack/keystone: Improve instructions about federation  https://review.openstack.org/11170903:56
*** ayoung has quit IRC03:57
openstackgerritwanghong proposed a change to openstack/python-keystoneclient: expose the revoke token for V3  https://review.openstack.org/10270103:59
morganfainbergmaybeiamstevemar isn't it a holiday04:07
morganfainbergmaybeiamstevemar or was... WHY ARE YOU HERE?04:07
morganfainbergdstanek, why do you hate databases?04:08
maybeiamstevemarmorganfainberg, it is, but ... i dunno04:09
maybeiamstevemarmorganfainberg, i'm off tmrw too04:10
*** shausy has joined #openstack-keystone04:15
*** gokrokve has quit IRC04:21
*** gokrokve has joined #openstack-keystone04:22
*** jorge_munoz has left #openstack-keystone04:22
*** yasukun has joined #openstack-keystone04:23
*** gokrokve has quit IRC04:26
*** gokrokve has joined #openstack-keystone04:32
*** k4n0 has joined #openstack-keystone04:43
*** ajayaa has joined #openstack-keystone04:46
*** ajayaa has quit IRC04:47
*** ajayaa has joined #openstack-keystone04:50
openstackgerritLance Bragstad proposed a change to openstack/keystone: Refactor serializer import to XmlBodyMiddleware  https://review.openstack.org/11110804:51
*** gokrokve has quit IRC04:53
*** gokrokve has joined #openstack-keystone04:54
*** morganfainberg is now known as morganfainberg_Z04:54
*** gokrokve has quit IRC04:58
*** gokrokve has joined #openstack-keystone05:00
*** jaosorior has joined #openstack-keystone05:18
*** afazekas has quit IRC05:19
*** chandankumar has joined #openstack-keystone05:27
openstackgerritSteve Martinelli proposed a change to openstack/keystonemiddleware: Use oslosphinx in keystonemiddlware for documentation  https://review.openstack.org/11190905:28
*** browne has quit IRC05:29
*** hrybacki has joined #openstack-keystone05:31
*** ajayaa has quit IRC05:33
*** hrybacki_ has joined #openstack-keystone05:38
*** hrybacki has quit IRC05:38
*** shakamunyi has quit IRC05:42
*** afazekas has joined #openstack-keystone05:45
*** ajayaa has joined #openstack-keystone05:53
openstackgerritOpenStack Proposal Bot proposed a change to openstack/keystone: Imported Translations from Transifex  https://review.openstack.org/11192006:05
*** gokrokve has quit IRC06:06
*** shakamunyi has joined #openstack-keystone06:09
*** shakamunyi has quit IRC06:24
*** shausy has quit IRC06:24
*** shausy has joined #openstack-keystone06:25
openstackgerritJeffrey Zhang proposed a change to openstack/keystone: Redirect stdout and stderr when using subprocess  https://review.openstack.org/5161006:28
*** gokrokve has joined #openstack-keystone06:33
*** gokrokve has quit IRC06:34
*** gokrokve has joined #openstack-keystone06:35
*** gokrokve has quit IRC06:40
*** shakamunyi has joined #openstack-keystone06:50
*** shakamunyi has quit IRC06:58
*** hrybacki_ has quit IRC07:14
*** chandankumar has quit IRC07:21
*** chandankumar has joined #openstack-keystone07:23
*** chandankumar has quit IRC07:23
*** chandankumar has joined #openstack-keystone07:24
openstackgerritwanghong proposed a change to openstack/python-keystoneclient: move attributes of v3.client.Client into alphabetical order  https://review.openstack.org/11193907:28
*** gokrokve has joined #openstack-keystone07:35
*** gokrokve has quit IRC07:40
*** ajayaa has quit IRC07:48
*** shakamunyi has joined #openstack-keystone07:55
*** rwsu has quit IRC07:59
*** maybeiamstevemar has quit IRC08:06
openstackgerritBob Thyne proposed a change to openstack/keystone: Implementation of Endpoint Grouping  https://review.openstack.org/11194908:08
openstackgerritA change was merged to openstack/python-keystoneclient: Add docs for how to create an OAuth auth instance  https://review.openstack.org/10901308:08
*** shakamunyi has quit IRC08:10
*** ajayaa has joined #openstack-keystone08:16
openstackgerritMarek Denis proposed a change to openstack/keystone: Surround REMOTE_USER variable name with quotes.  https://review.openstack.org/11195108:30
*** gokrokve has joined #openstack-keystone08:35
*** gokrokve has quit IRC08:37
*** gokrokve has joined #openstack-keystone08:37
openstackgerritMatthieu Huin proposed a change to openstack/keystone: Check for empty string value in REMOTE_USER  https://review.openstack.org/11195308:41
*** gokrokve has quit IRC08:41
marekdmhu: hey! did you manage to setup your cloud yesterday?08:51
marekdmhu: your federated cloud.08:51
mhumarekd, yep ! Thanks to you08:51
marekdmhu: ehe, you found where the problem was :-)08:52
mhuI get my unscoped tokens alright, and my mapping works correctly08:52
marekdgreat08:52
marekd!!!!08:52
mhumarekd, yep, therefore the patch I just submitted08:52
openstackmarekd: Error: "!!!" is not a valid command.08:52
marekdsorry, openstack08:53
marekdmhu: i just commented on your patch.08:53
mhumarekd, I am in the process of documenting every step that needs to be taken to set up a federation environment, Idp, SP, keystone08:53
mhuI believe it isn't an easy task and the community could use it08:54
marekdmhu: hm, docs on developer.openstack.org are not enough?08:54
marekdmhu:  regarding SP at least.08:54
marekdmhu: or..i shall say Keystone side in general.08:54
mhumarekd, they're good as an entry point, but I thought it'd be interesting to get the whole picture08:56
marekdmhu: of course.08:56
marekdi am not trying to discourage you08:56
mhuand also some insights about how to define assertions, for example08:56
marekduhm.08:57
mhumarekd, no worries08:57
marekdmhu: hah, they are not night owls, they are simply in the different timezone :-)08:57
marekdof, there is one night owl cc/ dolphm08:58
mhumarekd, i will add a test for https://review.openstack.org/111953 but I have to fix something weird with tox and pip first, pip can't seem to fetch the right version of oslo.config from the requirements08:59
marekd:(09:00
mhutherefore I can't run tox on my local changes ... not so great09:00
marekdmhu: have you tried tox -repep8 ?09:00
mhutox --recreate yes09:01
marekdyou can try cloning the keystone repo to other dir, say /tmp and see if that helps.09:01
marekdi mean clone repo from github/openstack09:01
mhumarekd, no success :(09:13
marekdmhu: :L(09:13
mhupip complains about not finding the right version of oslo.config: "Could not find a version that satisfies the requirement oslo.config>=1.4.0.0a3 (from -r /tmp/keystone/requirements.txt (line 18)) (from versions: 1.1.0, 1.1.1, 1.2.0, 1.2.1, 1.3.0)"09:14
mhuwhich is weird since oslo.config 1.4.0.0a3 has been on pypi for about a month09:14
*** oomichi has quit IRC09:16
marekdmhu:  globally i have pip1.4.0.0a309:16
marekdbut in my virtualenv for py27 i have 1.3.009:16
mhuoslo.config you mean ?09:16
marekdoh, yes.09:16
marekdoslo.config09:16
marekdbut maybe my env is little bit outdated.09:17
mhuit'd be according to the current requirements09:18
marekdjust pip install --upgrade -requirements not in your virtualenv09:18
marekdpip install --upgrade -r requiements.txt -r test-requirements.txt09:20
openstackgerritA change was merged to openstack/keystone: Fix revocation event handling with MySQL  https://review.openstack.org/11110609:25
mhumarekd, it worked outside of the venv, but I still get the error when running tox ... it's really weird. I'll ask around and see if someone's got an idea09:26
marekdi'd change oslo.config for now09:27
marekdto 1.309:27
marekd1.3.009:27
mhumarekd, yeah I can try this, hopefully it won't break stuff09:28
marekdwell, then you can always rebuild it with proper requirements09:28
marekdit's only virtual env09:28
marekdit will not affect your global configuration.09:28
marekdrm -rf will do the job.09:28
mhuas long as the tests run :)09:29
*** gokrokve has joined #openstack-keystone09:36
*** yasukun has quit IRC09:38
*** gokrokve has quit IRC09:43
*** shakamunyi has joined #openstack-keystone09:57
*** shakamunyi has quit IRC10:01
*** kwss has joined #openstack-keystone10:34
*** gokrokve has joined #openstack-keystone10:35
*** gokrokve has quit IRC10:40
*** chandankumar has quit IRC10:42
*** ajayaa has quit IRC10:58
*** chandankumar has joined #openstack-keystone11:00
*** ajayaa has joined #openstack-keystone11:02
openstackgerrithenry-nash proposed a change to openstack/keystone-specs: Make email a first class attribute of the user entity.  https://review.openstack.org/11198211:25
*** diegows has joined #openstack-keystone11:25
*** gokrokve has joined #openstack-keystone11:35
*** chandankumar has quit IRC11:37
*** shausy2 has joined #openstack-keystone11:38
*** shausy has quit IRC11:38
*** chandankumar has joined #openstack-keystone11:38
*** gokrokve has quit IRC11:40
*** ajayaa has quit IRC11:42
*** shakamunyi has joined #openstack-keystone11:48
*** shakamunyi has quit IRC11:58
*** chandankumar has quit IRC12:02
*** ajayaa has joined #openstack-keystone12:02
openstackgerritRodrigo Duarte proposed a change to openstack/keystone: Add parent_project_id field  https://review.openstack.org/11184012:16
openstackgerritRodrigo Duarte proposed a change to openstack/keystone: Add parent_project_id field  https://review.openstack.org/11184012:17
*** chandankumar has joined #openstack-keystone12:21
openstackgerritRodrigo Duarte proposed a change to openstack/keystone: Add parent_project_id field  https://review.openstack.org/11184012:25
openstackgerritRodrigo Duarte proposed a change to openstack/keystone: Base methods to handle hierarchical projects  https://review.openstack.org/11184112:26
*** ajayaa has quit IRC12:32
*** gokrokve has joined #openstack-keystone12:35
*** gokrokve has quit IRC12:39
*** cjellick has joined #openstack-keystone12:42
*** miqui has joined #openstack-keystone12:42
*** cjellick has quit IRC12:42
*** cjellick has joined #openstack-keystone12:43
*** radez_g0n3 is now known as radez12:43
*** cjellick has quit IRC12:44
*** cjellick has joined #openstack-keystone12:44
*** k4n0 has quit IRC12:50
*** henrynash has joined #openstack-keystone12:54
*** tomoiaga has joined #openstack-keystone12:55
*** gordc has joined #openstack-keystone13:02
*** jasondotstar has joined #openstack-keystone13:03
*** ajayaa has joined #openstack-keystone13:06
*** vishy has quit IRC13:07
*** ajayaa has quit IRC13:07
*** comstud has quit IRC13:09
*** vishy has joined #openstack-keystone13:09
*** dtroyer has quit IRC13:12
*** mgagne has quit IRC13:12
*** dhellmann_ is now known as dhellmann13:12
*** mgagne has joined #openstack-keystone13:13
*** mgagne is now known as Guest2729513:13
*** gordc has quit IRC13:14
*** rharwood has quit IRC13:14
*** jamielennox|away has quit IRC13:14
*** rodrigods has quit IRC13:14
*** nonameentername has quit IRC13:14
*** chmouel has quit IRC13:14
*** morganfainberg_Z has quit IRC13:14
*** comstud has joined #openstack-keystone13:14
*** gordc has joined #openstack-keystone13:15
*** rharwood has joined #openstack-keystone13:15
*** nonameentername has joined #openstack-keystone13:15
*** jamielennox|away has joined #openstack-keystone13:15
*** rodrigods has joined #openstack-keystone13:15
*** chmouel has joined #openstack-keystone13:15
*** morganfainberg_Z has joined #openstack-keystone13:15
*** dickson.freenode.net sets mode: +o morganfainberg_Z13:15
*** dtroyer has joined #openstack-keystone13:15
*** lbragstad has quit IRC13:18
*** vishy has quit IRC13:21
*** lbragstad has joined #openstack-keystone13:23
*** vishy has joined #openstack-keystone13:24
*** joesavak has joined #openstack-keystone13:26
*** dhellmann has quit IRC13:32
*** dhellmann has joined #openstack-keystone13:33
*** gokrokve has joined #openstack-keystone13:35
*** dhellmann has quit IRC13:36
*** dhellmann has joined #openstack-keystone13:39
*** gokrokve has quit IRC13:40
*** shakamunyi has joined #openstack-keystone13:42
*** shakamunyi has quit IRC13:49
*** ajayaa has joined #openstack-keystone13:59
*** shausy2 has quit IRC14:00
*** richm has joined #openstack-keystone14:06
*** ayoung has joined #openstack-keystone14:08
*** vishy has quit IRC14:09
*** gokrokve has joined #openstack-keystone14:10
*** shakamunyi has joined #openstack-keystone14:11
*** vishy has joined #openstack-keystone14:12
*** gokrokve has quit IRC14:20
*** gokrokve has joined #openstack-keystone14:21
*** vhoward has joined #openstack-keystone14:21
*** ajayaa has quit IRC14:22
*** gokrokve has quit IRC14:25
openstackgerritRodrigo Duarte proposed a change to openstack/keystone: Base methods to handle hierarchical projects  https://review.openstack.org/11184114:27
*** david-lyle has joined #openstack-keystone14:28
*** shakamunyi has quit IRC14:32
*** david-ly_ has joined #openstack-keystone14:34
*** david-ly_ is now known as david-lyle_14:35
*** hrybacki has joined #openstack-keystone14:37
*** david-lyle has quit IRC14:38
*** KimJ has joined #openstack-keystone14:41
*** david-lyle_ is now known as david-lyle14:48
*** henrynash has quit IRC14:58
*** ukalifon has joined #openstack-keystone15:03
*** gokrokve has joined #openstack-keystone15:06
*** chandankumar has quit IRC15:07
*** jorge_munoz has joined #openstack-keystone15:10
*** shakamunyi has joined #openstack-keystone15:12
*** jorge_munoz has quit IRC15:13
*** thedodd has joined #openstack-keystone15:14
*** shausy has joined #openstack-keystone15:18
*** ukalifon has quit IRC15:24
*** doddstack has joined #openstack-keystone15:25
*** thedodd has quit IRC15:26
*** shakamunyi has quit IRC15:28
*** med_ has joined #openstack-keystone15:31
*** med_ has joined #openstack-keystone15:31
*** med_ is now known as Guest2624015:31
openstackgerritRodrigo Duarte proposed a change to openstack/keystone: Create, update and delete hierarchical projects  https://review.openstack.org/11184215:36
*** jorge_munoz has joined #openstack-keystone15:41
marekddstanek: I am having a big XML object (template) which obviously extends 80 character lines. I don't want to break them  and put within """ """. Any quick idea how to store this and do this in a Pythonic way?15:43
*** jorge_munoz has quit IRC15:47
*** gokrokve_ has joined #openstack-keystone15:55
*** marcoemorais has joined #openstack-keystone15:56
dolphm*** family emergency - I'll be MIA for today's meetings (keystone & cross project) ***15:57
*** shausy has quit IRC15:57
*** jimbaker has quit IRC15:58
hrybackithe non-discrete preoperties of a DevStack install never cease to amaze me15:58
*** gokrokve has quit IRC15:58
*** marcoemorais has quit IRC16:02
*** marcoemorais has joined #openstack-keystone16:02
dstanekmarekd: do you have an example somewhere?16:02
dstanekdolphm: hope things are alright16:02
*** jimbaker has joined #openstack-keystone16:02
*** jimbaker has quit IRC16:02
*** jimbaker has joined #openstack-keystone16:02
bknudsonI should have these security fixes for revocation events backported soon.16:03
openstackgerritMarek Denis proposed a change to openstack/python-keystoneclient: SAML2 federated authentication for ADFS.  https://review.openstack.org/11177116:06
marekddstanek: https://review.openstack.org/#/c/111771/2/keystoneclient/contrib/auth/v3/core.py something like this for now16:06
marekddstanek: (i used tuple instead of """ """) so it's like one big line for the Python interpreter)16:07
bknudsonthat's not a tuple. it would need a , to be a tuple.16:08
*** jimbaker has quit IRC16:08
dstanekmarekd: why not triple quotes?16:08
bknudsonalso, we should be using a library to build a document not hardcoding it.16:09
marekddstanek: because the xml will include \n and when I send them to the server it simply responds with HTTP 50016:09
dstanekmarekd: really? the server won't process XML with newlines?16:10
bknudsonit's also dangerous because the replacement text has to be encoded properly16:10
marekddstanek: i also think it should, but sometimes namespaces are longer than 80 characters16:10
marekddstanek: i i am guessing "http://blah.blah.blab\n.com/server/claim/blah\n" is not parsed correctly.16:11
dstanekmarekd: i'm personally fine with lines that are longer than 80 characters if it's data like this - not sure about the OpenStack stance16:12
marekdpep8 will verylikely complain.16:12
bknudsonit won't pass pep816:12
marekdbknudson: ++16:12
bknudsonI think you can put a \ at the end of the line for no \n16:12
marekdbknudson: i was thinking the same thing.16:13
marekdbknudson: all in all it will look like a mangled piece of text16:13
marekdwithout any hierarchy16:13
*** stevemar has joined #openstack-keystone16:13
bknudsonmarekd: build it using some kind of DOM library16:13
bknudsonthen the replacements can be done safely16:13
marekdusually such libraries don't obey 80 chars limit.16:14
marekdi think/16:14
marekdbut let me see again.16:14
bknudsonI mean you wouldn't even have the string constant, instead create the DOM and convert it to a string.16:15
marekdbknudson: ah16:16
marekdi can do that16:16
marekdbknudson: but one question.16:16
marekdbknudson: the best way to serialize such object?16:16
*** openstackstatus has quit IRC16:17
*** openstack has joined #openstack-keystone16:17
bknudsonmarekd: serialize it for what?16:17
*** openstackstatus has joined #openstack-keystone16:18
*** ChanServ sets mode: +v openstackstatus16:18
bknudsonmarekd: https://docs.python.org/2/library/xml.etree.elementtree.html#xml.etree.ElementTree.tostring16:18
marekdbknudson: yeah, i am using that.16:18
marekdbut i will need to somehow store ElementTree object so it's ready to be read when I run my code.16:19
*** kwss has quit IRC16:19
marekdi can either manyally prepare ElementTree object, serialize, save to a file and write code: read this, this is the XML object, now make a string out of it"16:20
marekdor i need to save a string const16:20
marekd(and i am doing this now)16:20
bknudsonis it too slow to build the ElementTree each time rather than loading it?16:21
*** tomoiaga has quit IRC16:23
marekdi don't think it's too slow but i need some input to build it for instance this ugly creature: https://review.openstack.org/#/c/111771/2/keystoneclient/contrib/auth/v3/core.py16:25
marekdanyways, if you are fine with that i am also fine.16:25
bknudsonI'd prefer that we build the XML doc.16:26
bknudsonthen the XML library will also handle properly escaping16:26
marekdbuild from input string?16:27
bknudsonlike def create_adfs_request_security_token_doc(adfs_url, date_created, ... ): envelope = XML.Element('Envelope'); envelope.add_child(XML.Element('Header')); ...16:27
bknudsonI don't know what the actual interface is to the XML library.16:28
*** henrynash has joined #openstack-keystone16:28
marekdbknudson: ok i see your point.16:28
*** doddstack has quit IRC16:30
*** rwsu has joined #openstack-keystone16:43
dstanekmorganfainberg_Z: i hate relational DBs because you have model data to the lowest common denominator - https://review.openstack.org/#/c/111841/1/keystone/assignment/backends/sql.py16:45
*** gyee has joined #openstack-keystone16:48
openstackgerritOpenStack Proposal Bot proposed a change to openstack/keystone: Updated from global requirements  https://review.openstack.org/11162016:50
*** gyee has quit IRC16:52
*** marcoemorais has quit IRC16:53
*** marcoemorais has joined #openstack-keystone16:53
*** morganfainberg_Z is now known as morganfainberg16:55
*** gyee has joined #openstack-keystone16:55
morganfainbergdstanek, ahh16:55
*** mrmoje has joined #openstack-keystone17:00
bknudsonI ran into an issue of the backport for the mysql fix... test_revoke's test_cleanup might try to add the same expiration event if it takes < 1 second to get through the loop.17:00
bknudsonnot sure why we didn't see this in master.17:01
*** ajayaa has joined #openstack-keystone17:07
lbragstadstevemar: lxml should be moved from requirement-py3.txt to test-requirements-py3.txt as well, correct? https://review.openstack.org/#/c/111108/17:22
ayoungbknudson, I saw that at some point17:23
ayoungI need to refresh my memory, but there is code in the test to deal with that17:23
stevemarlbragstad, me think so17:23
lbragstadstevemar: I removed it from requirements.txt and requirements-py3.txt17:23
stevemarnot sure how to -py3 stuff works17:23
lbragstadstevemar: ok, I'll push another patch adding it to test-requirement-py3.txt17:23
ayoungbknudson, adding the same revocation event twice should be harmless.17:24
lbragstadstevemar: I think dstanek is the master mind behind that work17:24
ayoungthe way revocations are evaluated, only the "latest" one affects change, and two duplicates would end up being one node in the tree17:24
dstaneklbragstad: stevemar: it's really handled by infra tooling17:25
stevemardstanek, lbragstad sounds like there is no need to update it then17:26
lbragstadI'll leave as is then17:26
dstanekstevemar: what needs to be updated17:26
dstanek?17:26
lbragstadmoving lxml from requirements to test-requirements17:26
stevemardstanek, if lbragstad wants to move ^17:26
dstanekstevemar: lbragstad: ah, you still have to edit manually like you would with the py2 requirements17:27
lbragstaddstanek: we moved lxml from requirements.txt to test-requirements.txt17:27
lbragstaddstanek: wondering if we should do the same for py3 requirements files17:27
dstaneklbragstad: yeah, you'll need to do the same in the py3 files too17:27
lbragstadok17:27
marekdlbragstad: why are you moving lxml to test-requirements?17:29
lbragstadlxml is still used by unit tests in keystone17:29
lbragstadbut is no longer a hard requirement for Kesytone17:29
marekdlbragstad: i am using it.17:29
lbragstadyou should still be able to use it17:30
marekdlbragstad: ah forget it :-) i am using it in keystoneclient, LOL17:30
marekdanyway i think we will need it for k2k17:30
marekdok, nevermind.17:31
marekddo whatever you need to do :-)17:31
openstackgerritMorgan Fainberg proposed a change to openstack/keystone: Make token_provider_api contain token persistence  https://review.openstack.org/10904117:31
openstackgerritLance Bragstad proposed a change to openstack/keystone: Refactor serializer import to XmlBodyMiddleware  https://review.openstack.org/11110817:31
*** abhishek has joined #openstack-keystone17:33
dstanekstevemar: looking  at https://review.openstack.org/#/c/111657 now - how to i know what the format should look like?17:37
stevemardstanek, line 48, same file17:41
morganfainberglbragstad, marekd, if we need to move it *back* for k2k, we move it back17:43
abhishekhi all, can any one review this patch, https://review.openstack.org/10748217:43
abhishekthank you17:43
marekdmorganfainberg: yep.17:43
*** amcrn has joined #openstack-keystone17:43
openstackgerritRodrigo Duarte proposed a change to openstack/keystone: Create, update and delete hierarchical projects  https://review.openstack.org/11184217:43
dstanekabhishek: you're reset is still empty17:44
dstaneklol or *your*17:44
morganfainbergabhishek, other question, why remove the .listen() ?17:45
abhishekdstanek:tes17:45
abhishek*yes17:45
morganfainbergabhishek, admittedly i haven't tried it, but i don't see a call to .listen anywhere, is that no longer needed?17:45
abhishekmorganfainber:yes its no longer needed17:46
dstanekabhishek: i still don't like putting the listen in the __init__ - i think it is better as a separate method17:46
dstanekmorganfainberg: that's because the logic was moved to the class __init__17:47
morganfainbergdstanek, ah i see it now17:47
abhishekdstanek:but in that case when you send the sighup signal then it will throw the Bad file descritor error17:47
morganfainbergdstanek, ++ i tend to agree17:48
dstanekabhishek: that's only if the listen is called more than once17:48
ayoungmarekd, got a question for you.  For SAML (WebSSO BP)  what if Horizon redirected the user to the SAML login, got the SAML assertion, and then sent the assertion to Keystone to get the token?  No WebUI in Keystone.17:48
marekdayoung: no webui17:48
ayoungmarekd, all the WebUI would be confined to Horizon17:48
ayoungwe can make an additional changes we need in Keystone to support that, though17:49
dstanekabhishek: why is the reset empty?17:49
ayoungso if the workflow needs to be stared in Keystone, the Horizon webuid could make a call to prep-for-saml17:49
dstanekabhishek: i'm assuming that if the framework is calling it then it's expected to do something17:49
marekdayoung: gorizon would sinply redirect to Keystone17:49
bknudsonayoung: I'd expect that if the same event was added twice then it would only show up once in the event tree... test_cleanup is counting events in the event_tree.17:50
ayoungmarekd, not redirect17:50
abhishekdstanek:right17:50
ayoungbknudson, are you sure the time is identical?17:50
marekdayoung: redirect, cause you need to fed-authN  with the Keystone as a SP17:50
abhishekdstanek:but as such now I haven't found any operation to do in  the reset method17:50
marekdayoung: you don't want Horizon to get your password.17:50
ayoungmarekd  I know17:51
ayoungit never would17:51
abhishekdstanek:so I have added empty method to remove the attribute error17:51
bknudsonayoung: MySQL truncates the timestamp to the nearest second so I changed the revocation events code to do the same.17:51
ayoungbknudson, no.17:51
marekdayoung: ok, so how do you see the workflow withour redirections then?17:51
ayoungbknudson, well, maybe ok17:51
ayoungbknudson, could it be straddling a cutoff time?17:52
ayounglike 4.5001  vs 4.499917:52
bknudsonayoung: that's the only way the test would pass. So I don't see why it passes on master and not on icehouse17:52
ayoungmarekd, OK,  user goes to log in to Horizon.  They are given the "auth using Federation" option17:52
marekdayoung: +++17:52
ayoungHorizon makes the call to Keystone to prep things17:53
marekdayoung: what call?17:53
ayoungmarekd, hand-wavy-new-call17:53
dstanekabhishek: what *should* it do?17:53
ayoungmarekd, enough to tell Horizon how to redirect the user to the SAML portal17:53
ayoungthen the SAML assertion comes back to Horizon.  Horizon takes it and sends it to Keystone to get a token17:53
abhishekdstanek:your concern i right17:54
ayoungbknudson, I know I faced an issue like this17:54
marekdayoung: ah, something we are gonna use in k2k bp....17:54
abhishekdstanek:I will address your comments, thank you17:54
dstanekabhishek: np17:54
bknudsonayoung: ah... test_cleanup is different in master.17:54
bknudsonlet me check the history17:55
dstanekstevemar: is there any reason that new example doesn't have a 'resource_info'? it seems to be in the other ones17:55
ayoungbknudson, if the truncation is happening in the Database, and the event is getting added prior to going into the database, then it won't be truncated17:55
marekdayoung: i think we have discussed that workflow and one concern was that IdP will issue a saml assertion for Horizon -> Keystone may reject the assertion.17:56
morganfainbergmarekd, ++17:56
morganfainbergmarekd, that *may* be worked around somehow, but that as i recall was the concern17:56
bknudsonayoung: this looks like it -- https://github.com/openstack/keystone/commit/5fbb0a28bc40d3e30b416a284cbe63f233cca39e17:56
bknudsonI'll include that in the backport17:56
marekdi can see some similarities between this workflow and k2k but in k2k keystone will build a saml assertion and address it  for another keystone17:57
marekdayoung: ^^17:57
dstaneklbragstad: stevemar: how do deployers know what to include as deps when packaging keystone?17:57
dstanekmorganfainberg: bknudson: ayoung: ^17:57
morganfainbergbknudson, yeah that was an issue we ran across that was intermittant, but could occur, making the times distinct was the solution17:57
marekdin websso Horizon would pass an assertion that was not addressed for Keystone.17:57
ayoungmarekd, make sure that the K2K workflow accounts for Horizon, then17:57
*** saipandi has joined #openstack-keystone17:57
morganfainbergdstanek, zigo might have a better idea on that17:57
morganfainbergdstanek, but that is because he helps packaging17:58
stevemardstanek, when using CADF you get a bit more info, so instead of just resource_info, it's a whole whack of data17:58
marekdayoung: as i said there is a small difference between websso and k2k.17:58
morganfainbergdstanek, iirc "requirements.txt" is the #1 source17:58
stevemardstanek, isn't that from requirements.txt?17:58
stevemarmorganfainberg, ++17:58
bknudsondstanek: it's requirements.txt17:59
marekdayoung: and only thing i could make ad-hoc was asking ppl who wrote some saml stuff - they answered workflow for k2k is feasible...not the most ideal but this should work.17:59
dstanekhmmm...i'm wondering about the impact of moving lxml out of requirements17:59
bknudsondstanek: I think we already do the same thing with some other dependencies18:00
bknudsonmaybe memcached in keystoneclient/middleware?18:00
dstanekbknudson: yes, there are a couple of things like that, but in this case we are going from bundling lxml to making it optional18:01
bknudsondstanek: good! I'm sick of lxml!18:01
dstanek++18:01
stevemarbknudson, and oauthlib in keystoneclient18:01
stevemaraint nobody like lxml18:02
*** marcoemorais has quit IRC18:04
*** marcoemorais has joined #openstack-keystone18:04
*** marcoemorais has quit IRC18:05
*** marcoemorais has joined #openstack-keystone18:05
*** afazekas has quit IRC18:07
abhishekdstanek:I have tried calling server.listen() method from create_server18:12
*** jamielennox|away is now known as jamielennox18:13
abhishekdstanek:create_server() method of bin/keystone-all, but its still raising the Bad file descriptor error18:13
dstanekabhishek: what is raising the exception?18:14
abhishekdstanek:i guess the socket is closed and its trying to listen to the same socket18:15
dstanekabhishek: is listen being called multiple times still?18:16
abhishekdstanek:IMO yes18:17
abhishekdstanek:in eventlet_server.py in start method, self.listen is called agian18:19
dstanekabhishek: why?18:19
abhishekdstanek:when the sighup signal is received then it stops the server and the calls the start method18:19
abhishekdstanek:https://github.com/openstack/oslo-incubator/blob/master/openstack/common/service.py#L48418:24
*** jorge_munoz has joined #openstack-keystone18:29
*** jorge_munoz has quit IRC18:30
*** jorge_munoz has joined #openstack-keystone18:32
*** cjellick has quit IRC18:39
*** jorge_munoz has quit IRC18:39
*** shufflebot has quit IRC18:40
*** shufflebot has joined #openstack-keystone18:40
*** jorge_munoz has joined #openstack-keystone18:40
*** jorge_munoz has quit IRC18:41
*** jorge_munoz has joined #openstack-keystone18:41
*** jorge_munoz has quit IRC18:44
*** cjellick has joined #openstack-keystone18:45
*** cjellick has quit IRC18:47
*** cjellick has joined #openstack-keystone18:47
*** jorge_munoz has joined #openstack-keystone18:50
*** jorge_munoz has quit IRC18:58
*** jorge_munoz has joined #openstack-keystone18:59
openstackgerritA change was merged to openstack/keystone: Surround REMOTE_USER variable name with quotes.  https://review.openstack.org/11195119:00
marekdthanks ^19:01
*** hrybacki has quit IRC19:03
*** hrybacki has joined #openstack-keystone19:03
*** ajayaa has quit IRC19:03
*** jorge_munoz has quit IRC19:04
morganfainberghenrynash, so should we support mapping to domain ids?19:05
morganfainberghenrynash, if i read your last comment?19:05
*** jorge_munoz has joined #openstack-keystone19:05
henrynashmorganfaiberg: I think I need to re-think this one through in my head, to be honest…I was never quite sure how we ended up after teh hackathon...19:08
henrynashmorganfainberg: in terms of the n:m relationshipds between the various entities (i.e. one mapping table per domain, or is it one mapping table per Idp etc,)19:09
morganfainberghenrynash, ah.19:09
henrynashmorganfainberg: just need to get my head roudn it agin19:10
morganfainbergsounds good19:10
stevemarmorganfainberg, henrynash bknudson I wanted to bring this up during the meeting but forgot to, what do you all think about notifications for role assignment changes?19:12
bknudsonstevemar: that sounds like an auditable event to me19:12
*** hrybacki has quit IRC19:15
*** rwsu has quit IRC19:18
*** shufflebot has quit IRC19:20
*** dhellmann is now known as dhellmann_19:22
*** cjellick has quit IRC19:28
*** cjellick has joined #openstack-keystone19:32
*** cjellick has quit IRC19:39
*** jorge_munoz has quit IRC19:40
*** cjellick has joined #openstack-keystone19:40
*** henrynash has quit IRC19:40
*** marcoemorais has quit IRC19:47
*** marcoemorais has joined #openstack-keystone19:47
*** jorge_munoz has joined #openstack-keystone19:47
*** toddnni has quit IRC19:52
*** toddnni has joined #openstack-keystone19:53
*** rwsu has joined #openstack-keystone19:54
*** abhishek has quit IRC19:55
*** afazekas has joined #openstack-keystone19:56
openstackgerritJamie Lennox proposed a change to openstack/python-keystoneclient: Isolate get_discovery function  https://review.openstack.org/10756919:59
openstackgerritJamie Lennox proposed a change to openstack/python-keystoneclient: Allow unauthenticated discovery  https://review.openstack.org/10757019:59
openstackgerritJamie Lennox proposed a change to openstack/python-keystoneclient: Version independent password authentication plugin  https://review.openstack.org/8114719:59
marekdjamielennox: dstanek: https://review.openstack.org/#/c/107393/ do you think we can land it today?19:59
marekdAlso, core eyes would be appreciated on this too: https://review.openstack.org/#/c/106751/ cc/ jamielennox20:01
jamielennoxmarekd: looking now20:01
marekdjamielennox: thanks.20:01
*** dhellmann_ is now known as dhellmann20:02
*** jorge_munoz has quit IRC20:03
*** cjellick has quit IRC20:07
*** cjellick has joined #openstack-keystone20:11
*** cjellick has quit IRC20:15
*** cjellick has joined #openstack-keystone20:16
jamielennoxmarekd: have you tried these saml plugins from a command line or CONF file?20:18
*** gokrokve has joined #openstack-keystone20:18
openstackgerritMorgan Fainberg proposed a change to openstack/keystone: Remove assignment controller dependency on token_api  https://review.openstack.org/10916220:19
openstackgerritMorgan Fainberg proposed a change to openstack/keystone: Expose token revocation list via token_provider_api  https://review.openstack.org/10917020:19
openstackgerritMorgan Fainberg proposed a change to openstack/keystone: Remove ec2 contrib dependency on token_api  https://review.openstack.org/10917320:19
openstackgerritMorgan Fainberg proposed a change to openstack/keystone: Remove trust dependency on token_api  https://review.openstack.org/10946220:19
jamielennoxmarekd: i don't think they will work20:19
marekdjamielennox: you are talking about options?20:20
jamielennoxmarekd: yea20:20
jamielennoxSaml2Unscoped lines up20:20
*** gokrokve_ has quit IRC20:20
jamielennoxbut Saml2Wrapper will have a --unscoped-token-auth parameter, and i don't see where that would be used20:21
marekdjamielennox: when i try the code i usually write wrappers, create sessions, create plugin obj and get an unscoped token, but To be honest i didn't try it with options.20:21
jamielennoxmarekd: this is a bit out of date: https://review.openstack.org/#/c/95680/ but shows basically how they look from a cmdline20:22
jamielennoxfrom a conf file is probably eaier20:23
marekdjamielennox: yeah, but it's simply argparse, nothing really custom?20:24
jamielennoxmarekd: there is some handling done, but it's argparse20:24
marekdand eventually it will read args from cmdline, and pass them to the plugin constructor.20:24
jamielennoxmarekd: if you don't care about it for now you can always drop get_options20:25
jamielennoxyou don't need it if you don't need cmdline or conf file20:26
marekdwell i wanted (as we agreed long time ago) saml2wrapper to be a top level auth plugin.20:26
jamielennoxyep20:26
jamielennoxi agree20:27
marekdso get_options() should stay there.20:27
marekdi left a question for you once: https://review.openstack.org/#/c/106751/4..6/keystoneclient/contrib/auth/v3/saml2.py (bottom of the vesion 4)20:28
*** cjellick_ has joined #openstack-keystone20:28
marekdi think it's not really doable, so we should (must) let users get their unscoped token -> saml2unscoped plugin should also be a top level auth plugin20:29
marekddstanek: what should i use instead of urllib2 in order to urlencode a string and be Python3 compatible?20:29
*** cjellick has quit IRC20:31
jamielennoxok, so at the least you are missing an option for ecp_implementation, and the unscoped_token_auth parameter will fail20:31
marekdyeah20:36
marekdi will fix that.20:36
marekdapart from that anything eyesburning?20:36
marekd(apart from your comments in general)20:37
*** cjellick_ has quit IRC20:37
*** cjellick has joined #openstack-keystone20:40
*** jorge_munoz has joined #openstack-keystone20:42
*** radez is now known as radez_g0n320:42
*** kevinbenton has quit IRC20:44
*** cjellick has quit IRC20:47
*** cjellick has joined #openstack-keystone20:48
marekdjamielennox: is there any way to issue a session cookie from self.requests.register_uri() ?20:53
jamielennoxmarekd: session cookie? isa it just a header20:53
marekdjamielennox: hm, you are right...20:54
*** kevinbenton has joined #openstack-keystone20:56
jamielennoxmarekd: if you have an idea for how it should work let me know20:58
marekdjamielennox: you are now talking about...?20:58
jamielennoxrequests-mock and cookies20:59
marekdjamielennox: nah, setting a header will be probably enough...20:59
*** jdennis has quit IRC21:02
marekdjamielennox: orrr, we could make it work like here: http://docs.python-requests.org/en/latest/user/quickstart/#cookies21:03
*** marcoemorais has quit IRC21:04
*** marcoemorais has joined #openstack-keystone21:05
jamielennoxmarekd: the goal so far has been to make the register_uri parameters as close to a requests.Respobse as possible21:05
jamielennoxtext == resp.text21:05
jamielennoxstatus_code == resp.status_code21:05
jamielennoxso i should look to do cookies == resp.cookies21:05
*** jdennis has joined #openstack-keystone21:08
marekdyeah21:11
*** openstackgerrit has quit IRC21:16
*** openstackgerrit has joined #openstack-keystone21:16
*** cjellick has quit IRC21:18
*** jasondotstar has quit IRC21:20
*** jorge_munoz has quit IRC21:20
*** joesavak has quit IRC21:26
jamielennoxsomebody +a https://review.openstack.org/#/c/111621/ please?21:28
jamielennox^ global requirements bump keystoneclient version in middleware21:28
openstackgerritMarek Denis proposed a change to openstack/python-keystoneclient: SAML2 federated authentication for ADFS.  https://review.openstack.org/11177121:28
*** hrybacki has joined #openstack-keystone21:30
*** marekd is now known as marekd|away21:31
*** gordc has quit IRC21:38
dstanekmarekd|away: 'from six.moves import urllib' and 'urllib.parse.urlencode'21:43
*** henrynash has joined #openstack-keystone21:43
jamielennoxayoung: can you do the other +A to ^21:46
ayoungjamielennox, willdo, one sec21:46
*** gokrokve has quit IRC21:50
*** henrynash has quit IRC21:51
dstanekjamielennox: done21:51
jamielennoxdstanek: ta21:51
dstanekjamielennox: will it automatically recheck?21:52
jamielennoxdstanek: it should21:52
ayoungjamielennox, dagnabit, you reverified already22:01
jamielennoxayoung: hrybacki's one?22:02
ayoungI was doing the due dilligenvce on what you reproted https://bugs.launchpad.net/nova/+bug/135313122:02
uvirtbotLaunchpad bug 1353131 in openstack-ci "Failed to commit reservations  in gate" [Undecided,New]22:02
ayoungyeah. I thuink it is22:02
ayounghttps://bugs.launchpad.net/tempest/+bug/131059722:02
uvirtbotLaunchpad bug 1310597 in tempest "race between quota setting and quota being enforced" [High,New]22:02
ayoungI didn't thin to refresh, though22:02
ayoungand submitted after you22:02
ayoungah, well, maybe it will pass gate22:03
jamielennoxayoung: oh, i went through it a bit but didn't recognise anything22:03
jamielennoxjust tag it onto the bug22:03
jamielennoxayoung: do you mind having a look at https://review.openstack.org/#/c/107555/ as well, it's got a +2 already from bk22:06
ayoungjamielennox, guang has a comment22:07
jamielennoxoh22:07
ayoungna, not a hold up22:08
ayoungjamielennox, where's self.MIN_TOKEN_LIFE_SECONDS  come from?22:08
jamielennoxayoung: replied, don't think it's a problem with this one22:08
jamielennoxayoung: defined on the class22:09
jamielennox:3022:09
ayoungjamielennox, 1 second22:09
jamielennoxsame value as before22:09
ayoungyeah.  Is the idea that eventaull that will be something (optionally) read from config ?22:10
jamielennoxayoung: could be, could be overriden from someone in python code22:10
jamielennoxi have no long term plans for that22:11
jamielennoxadd it when needed22:11
openstackgerritBrant Knudson proposed a change to openstack/keystone: Add oslo.utils requirement  https://review.openstack.org/11215622:12
openstackgerritBrant Knudson proposed a change to openstack/keystone: Use functions in oslo.utils  https://review.openstack.org/11215722:12
openstackgerritBrant Knudson proposed a change to openstack/keystone: Remove strutils and timeutils from openstack-common.conf  https://review.openstack.org/11215822:12
*** david-lyle has quit IRC22:46
*** david-lyle has joined #openstack-keystone22:47
*** david-lyle has quit IRC22:51
*** ayoung has quit IRC22:51
*** saipandi has quit IRC22:57
openstackgerritBrant Knudson proposed a change to openstack/python-keystoneclient: Add oslo.utils requirement  https://review.openstack.org/11216423:02
openstackgerritBrant Knudson proposed a change to openstack/python-keystoneclient: Use oslo.utils  https://review.openstack.org/11216523:02
*** jaosorior has quit IRC23:02
marekd|awaydstanek: this one's for ya: https://review.openstack.org/#/c/107393/ ;-)23:10
*** KimJ has quit IRC23:10
gyeebknudson, thanks for double checking on the openssl cmd stuff23:19
gyeeI though middleware also going through it, lucky it wasn't23:19
bknudsongyee: no problem... could look at how middleware calls openssl to be safe23:20
gyeebknudson, just did, I think we're ok23:20
gyeeits using ipc pipe23:20
jamielennoxbknudson: regarding the comment on https://review.openstack.org/#/c/107222/2/keystonemiddleware/auth_token.py the reason i didn't name the class is i wasn't making it public23:26
jamielennoxdo you think it's worth just making it public?23:27
bknudsonjamielennox: the base class must be public23:27
jamielennoxbknudson: is it sufficient then to put a doc string in that says that __init__ is not a stable interface23:27
bknudsonjamielennox: something about it has to be public... its properties and methods?23:27
jamielennoxbknudson: not really23:28
jamielennoxthe idea is that you receive it and then create a session with it later23:28
bknudsonjamielennox: oh, it's some opaque object?23:28
jamielennoxthe only things that are public are the things that are required by the auth plugin interface23:28
jamielennoxbknudson: yep23:28
bknudsonjamielennox: document that then23:28
bknudsonjamielennox: session could be a link to the session class23:29
jamielennoxok, i'll add that to23:29
jamielennoxi expect later that i'll need a method by which you can construct the plugin from headers - but i'm not sure yet how that will look so i was just going to keep it private until that was  needed23:30
*** ncoghlan has joined #openstack-keystone23:36
openstackgerritJamie Lennox proposed a change to openstack/keystonemiddleware: Create an Auth Plugin to pass to users  https://review.openstack.org/10722223:45
openstackgerritJamie Lennox proposed a change to openstack/python-keystoneclient: Isolate get_discovery function  https://review.openstack.org/10756923:56
openstackgerritJamie Lennox proposed a change to openstack/python-keystoneclient: Allow unauthenticated discovery  https://review.openstack.org/10757023:56
openstackgerritJamie Lennox proposed a change to openstack/python-keystoneclient: Version independent password authentication plugin  https://review.openstack.org/8114723:56
openstackgerritOpenStack Proposal Bot proposed a change to openstack/keystone: Updated from global requirements  https://review.openstack.org/11162023:58
« Monday, 2014-08-04 Index Wednesday, 2014-08-06 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!