Wednesday, 2015-07-22

« Tuesday, 2015-07-21 Index Thursday, 2015-07-23 »
*** boris-42 has joined #openstack-keystone00:02
*** richm has quit IRC00:05
*** piyanai has joined #openstack-keystone00:05
*** hrou has quit IRC00:09
*** zzzeek has quit IRC00:10
*** htruta_ has joined #openstack-keystone00:22
*** geoffarnold has quit IRC00:32
*** darrenc is now known as darrenc_afk00:35
*** _cjones_ has quit IRC00:39
*** hrou has joined #openstack-keystone00:44
*** sunil_ has joined #openstack-keystone00:45
*** stevemar has joined #openstack-keystone00:45
*** ChanServ sets mode: +v stevemar00:45
*** sunil_ is now known as snapdey00:48
*** snapdey has quit IRC00:49
*** darrenc_afk is now known as darrenc01:00
*** mylu has joined #openstack-keystone01:03
*** browne has quit IRC01:03
*** jdandrea has quit IRC01:11
*** amickus has quit IRC01:14
*** hrou has quit IRC01:14
*** hrou has joined #openstack-keystone01:15
*** jasonsb has quit IRC01:33
*** jasonsb has joined #openstack-keystone01:34
*** ankita_wagh has quit IRC01:37
*** davechen1 has joined #openstack-keystone01:37
*** spandhe has quit IRC01:38
*** jasonsb has quit IRC01:38
*** nkinder has quit IRC01:43
openstackgerritjiaxi proposed openstack/keystone: Suppressing the request when creating endpoint with invalid urls  https://review.openstack.org/20051201:46
*** nkinder has joined #openstack-keystone01:47
openstackgerritjiaxi proposed openstack/keystone: Suppressing the request when creating endpoint with invalid urls  https://review.openstack.org/20051201:50
*** bradjones has quit IRC01:54
*** fangzhou has quit IRC01:56
*** bradjones has joined #openstack-keystone01:56
*** bradjones has quit IRC01:56
*** bradjones has joined #openstack-keystone01:56
*** chenhong has joined #openstack-keystone01:57
*** chenhong1 has joined #openstack-keystone02:00
*** chenhong has quit IRC02:01
*** ankita_wagh has joined #openstack-keystone02:03
*** ankita_wagh has quit IRC02:07
*** ankita_wagh has joined #openstack-keystone02:08
*** stevemar has quit IRC02:10
*** stevemar has joined #openstack-keystone02:10
*** ChanServ sets mode: +v stevemar02:10
*** stevemar has quit IRC02:14
*** dims_ has joined #openstack-keystone02:25
*** mylu has quit IRC02:32
openstackgerritLi Yingjun proposed openstack/python-keystoneclient: Fixes table when there are multiline in result data  https://review.openstack.org/20434202:34
*** jasonsb has joined #openstack-keystone02:35
*** mylu has joined #openstack-keystone02:36
*** gyee has quit IRC02:39
*** jasonsb has quit IRC02:39
*** davechen1 is now known as davechen02:41
*** browne has joined #openstack-keystone02:45
*** jasonsb has joined #openstack-keystone02:45
*** stevemar has joined #openstack-keystone02:49
*** ChanServ sets mode: +v stevemar02:49
*** jecarey has joined #openstack-keystone02:49
*** hakimo has joined #openstack-keystone02:52
*** hakimo_ has quit IRC02:55
*** jecarey has quit IRC03:10
openstackgerritHenrique Truta proposed openstack/keystone: Add is_domain field in Project Table  https://review.openstack.org/15742703:10
openstackgerritHenrique Truta proposed openstack/keystone: Change project name constraints  https://review.openstack.org/15837203:10
*** kiran-r has joined #openstack-keystone03:10
*** mylu has quit IRC03:12
*** dims_ has quit IRC03:15
*** stevemar has quit IRC03:22
*** stevemar has joined #openstack-keystone03:22
*** ChanServ sets mode: +v stevemar03:22
*** stevemar has quit IRC03:24
*** mylu has joined #openstack-keystone03:26
*** kiran-r has quit IRC03:28
*** stevemar has joined #openstack-keystone03:29
*** ChanServ sets mode: +v stevemar03:29
*** ankita_w_ has joined #openstack-keystone03:34
*** piyanai has quit IRC03:35
*** h00327910_ has quit IRC03:35
*** ankita_wagh has quit IRC03:37
mfischdolphm: morganfainberg I'm running benchmarks now with your new code that landed to not always do deletes03:37
morganfainbergmfisch: hopefully better03:38
morganfainbergShould be a good bit better afaict03:38
morganfainbergSince revokes happen less than "get"03:39
morganfainbergNow... There *are* still performance issues.03:39
morganfainbergBut thats a separate task to identify where and how to handle them03:39
*** gus_ is now known as gus03:45
*** mylu has quit IRC03:47
*** dims_ has joined #openstack-keystone03:49
*** mylu has joined #openstack-keystone03:53
*** dims_ has quit IRC03:56
*** mylu has quit IRC04:06
mfischmorganfainberg: I had an issue with my package build probably nothing until tomorrow04:07
morganfainbergDoh!04:07
*** Kennan2 has joined #openstack-keystone04:14
*** Kennan has quit IRC04:15
openstackgerritOpenStack Proposal Bot proposed openstack/keystoneauth: Updated from global requirements  https://review.openstack.org/20437104:24
*** boris-42 has quit IRC04:32
*** hightall has joined #openstack-keystone04:47
openstackgerritMerged openstack/keystone: Avoid the hard coding of admin token  https://review.openstack.org/20354604:47
*** htruta_ has quit IRC04:51
openstackgerritOpenStack Proposal Bot proposed openstack/keystone: Updated from global requirements  https://review.openstack.org/20430004:56
openstackgerritOpenStack Proposal Bot proposed openstack/keystoneauth: Updated from global requirements  https://review.openstack.org/20437104:56
openstackgerritOpenStack Proposal Bot proposed openstack/keystonemiddleware: Updated from global requirements  https://review.openstack.org/19725404:56
*** darrenc is now known as darrenc_afk04:58
openstackgerritOpenStack Proposal Bot proposed openstack/python-keystoneclient: Updated from global requirements  https://review.openstack.org/20313704:59
*** dramakri has joined #openstack-keystone05:05
*** lhcheng has quit IRC05:06
openstackgerritOpenStack Proposal Bot proposed openstack/keystone: Updating sample configuration file  https://review.openstack.org/20430005:11
openstackgerritOpenStack Proposal Bot proposed openstack/keystone: Updated from global requirements  https://review.openstack.org/20443205:13
*** spandhe has joined #openstack-keystone05:21
*** hrou has quit IRC05:25
*** ankita_wagh has joined #openstack-keystone05:38
*** ankita_w_ has quit IRC05:40
*** spandhe has quit IRC05:43
*** afazekas has quit IRC05:55
*** ankita_wagh has quit IRC06:04
*** darrenc_afk is now known as darrenc06:05
*** stevemar has quit IRC06:11
*** stevemar has joined #openstack-keystone06:12
*** ChanServ sets mode: +v stevemar06:12
*** lhcheng has joined #openstack-keystone06:13
*** ChanServ sets mode: +v lhcheng06:13
*** stevemar has quit IRC06:15
*** topol has joined #openstack-keystone06:16
*** ChanServ sets mode: +v topol06:16
*** dims_ has joined #openstack-keystone06:17
*** ParsectiX has joined #openstack-keystone06:19
*** ankita_wagh has joined #openstack-keystone06:21
*** dims_ has quit IRC06:22
*** kiran-r has joined #openstack-keystone06:26
*** lsmola has joined #openstack-keystone06:29
*** boris-42 has joined #openstack-keystone06:29
*** pnavarro has joined #openstack-keystone06:32
*** afazekas_ has joined #openstack-keystone06:39
marekdmorning.06:43
*** dims_ has joined #openstack-keystone06:47
jiaxiafternoon06:49
*** henrynash has joined #openstack-keystone06:52
*** ChanServ sets mode: +v henrynash06:52
*** dims_ has quit IRC06:53
*** rletrocquer has joined #openstack-keystone06:54
*** miguelgrinberg has quit IRC06:56
*** miguelgrinberg has joined #openstack-keystone06:58
openstackgerritDeepti Ramakrishna proposed openstack/keystone: Verify that get_trust() fails when auth context is missing.  https://review.openstack.org/20446106:59
openstackgerritDeepti Ramakrishna proposed openstack/keystone: Reuse token_ref fetched in AuthContextMiddleware.  https://review.openstack.org/19086307:05
bigjoolsanyone know if the k2k region switcher is still getting looked at / worked on? This review seems like it's stalled.07:06
bigjoolshttps://review.openstack.org/#/c/15991007:06
*** ankita_wagh has quit IRC07:06
marekdbigjools: it's rather stalled.07:08
bigjoolsmarekd: are you involved in it at all?07:09
marekdnot really.07:09
bigjoolsI want to give it a shove07:09
marekdhowever, if you have time/resources i can help reviewing etc.07:09
marekdbigjools: yes, please do!07:09
marekdbigjools: make it pass gate tests and i can review then.07:09
bigjoolsI am playing with it now, and the underlying auth stuff is a problem, it's moved from ksc to keystoneauth and changed signatures07:10
bigjoolsso trying to get my head around things07:10
marekdbigjools: yes.07:11
marekdbigjools: so, the new stuff is rather easier07:11
*** browne has quit IRC07:11
bigjoolsyeah it looked it07:11
marekdbigjools: so you are trying to work on https://review.openstack.org/#/c/159910/10 or some other patch?07:11
bigjoolsmarekd: that one.07:12
*** dims_ has joined #openstack-keystone07:12
openstackgerritMarek Denis proposed openstack/keystone: Correct spacing in ``mapping_combinations.rst``  https://review.openstack.org/20446407:12
bigjoolsI wanted to try and get hold of the branch author before committing too hard07:13
marekdhenrynash: ^^ easy review!07:13
bigjoolsbut if ther07:13
bigjoolse's no reply I'll just dive it07:13
marekdbigjools: talk to the author but i think he is no longer actively working on it.07:13
bigjoolsin*07:13
bigjoolsmarekd: ah bummer, ok. Was the general approach OK though?07:13
bigjoolsas soon as I saw a way to not need Shibboleth IdP I was all over it :)07:14
marekdhehe07:14
bigjoolsis anyone here going to pyconau?07:15
marekdmorganfainberg goes for sure.07:15
marekdmaybe jamielennox ?07:15
bigjoolsI'll look forward to meeting a few folks07:16
lhchengbigjools: I think doug is still working on it07:16
lhchenghe's in the horizon midcycle atm07:16
bigjoolsah good to know, thanks lhcheng07:16
*** dims_ has quit IRC07:16
lhchenghttps://etherpad.openstack.org/p/YVR-horizon-liberty-priorities07:16
marekdlhcheng: are you at the midcycle too ?07:16
lhchengsee line 102 for the status07:16
lhchengmarekd: nope07:17
lhchengmarekd: got approval to attend only one midcycle07:18
lhchengmarekd: trying to listen remotely in the horizon midcycle whenever I get the chance07:19
marekdlhcheng: bigjools i can review the patch but only if there is somebody willing to work on it.07:19
marekdotherwise waste of time.07:20
bigjoolsmarekd: I want to get it working for sure. I will try to get hold of Doug.07:20
henrynashmarekd: done!07:20
marekdhenrynash: thank you!07:20
lhchengbigjools: I haven't reviewed the patch for django_openstack_auth since it is still wip07:20
lhchengby looking at it, still looks rough07:20
bigjoolsit is rough07:20
marekdlhcheng: https://review.openstack.org/#/c/204464/ you can be another one!07:21
jiaxiwho want to exchange review ?  https://review.openstack.org/#/c/203312/07:21
bigjoolsand needs changing to work with the new keystoneauth stuff07:21
marekdbigjools: yep, actually the patch has some bad assumptions from the very beginning so i'd consider creating another pass on it, in a separate patchset07:21
lhchengmarekd: looks good!07:21
marekdlhcheng: hard engineering is being done there07:22
*** e0ne has joined #openstack-keystone07:22
marekdlhcheng: thanks.07:22
bigjoolsmarekd: While I am experienced in Python I am rather new to keystone code so I am relying on others for advice in that regard.07:23
dramakrihenrynash: ping...Henry, when you get a chance, can you please re-look at https://review.openstack.org/#/c/199414/ ? I have replied to your comment. Thanks!07:23
henrynashdramakri: will do, thx07:23
-openstackstatus- NOTICE: zuul is undergoing an emergency restart. Jobs will be re-queued but some events may be lost.07:23
lhchengbigjools: IBM demo'd the k2k patch in the summit, I think it also has opportunity for improvement on the changes made on the ui side.07:24
lhchengmarekd: hah yeah that is a tough patch to review :)07:25
bigjoolslhcheng: sadly I missed the summit.07:26
lhchengbigjools: you can watch it here: https://www.openstack.org/summit/vancouver-2015/summit-videos/presentation/enabling-real-world-interoperable-hybrid-cloud-use-cases-using-openstack-and-039s-federated-identity-capabilities07:28
marekdlhcheng: i can you also for this: https://review.openstack.org/#/c/203572/ :-)07:28
bigjoolsah cool thanks07:28
marekdbigjools: yeah, all talks were recorded07:28
dramakrihenrynash: thanks for the prompt review!07:28
lhchengyou'll see topol -1'd by brant in the video :P07:29
henrynashdramakr: yw07:29
lhchengmarekd: looking07:30
marekdhttps://review.openstack.org/#/c/203301/2//COMMIT_MSG why bug?07:31
*** fhubik has joined #openstack-keystone07:31
marekdc'mon07:31
lhchengmarekd: it seems like a series of moving files around07:32
lhchengit would be nice to track why are we moving the files around07:33
marekdeeee07:34
*** odyssey4me has quit IRC07:34
*** dramakri has left #openstack-keystone07:34
*** odyssey4me has joined #openstack-keystone07:37
*** dims_ has joined #openstack-keystone07:44
*** afazekas_ has quit IRC07:45
*** dguerri` is now known as dguerri07:48
*** dims_ has quit IRC07:54
*** afazekas_ has joined #openstack-keystone07:58
*** bdossant has joined #openstack-keystone08:02
*** jistr has joined #openstack-keystone08:03
*** e0ne has quit IRC08:05
*** topol has quit IRC08:06
jiaxiwake it up08:06
*** lhcheng has quit IRC08:09
*** aix has joined #openstack-keystone08:10
openstackgerritlei zhang proposed openstack/keystone: Set db_options for CONF.database  https://review.openstack.org/20448708:11
jiaxianyone who want to exchange a review ?08:11
jiaxihttps://review.openstack.org/#/c/203312/08:11
*** dims_ has joined #openstack-keystone08:12
openstackgerritlei zhang proposed openstack/keystone: Set db_options for CONF.database  https://review.openstack.org/20448708:14
-openstackstatus- NOTICE: zuul jobs are currently stuck while problems with gearman are debugged08:14
*** ChanServ changes topic to "zuul jobs are currently stuck while problems with gearman are debugged"08:14
*** dims_ has quit IRC08:16
openstackgerritMarek Denis proposed openstack/keystone: Adds a base class for functional tests  https://review.openstack.org/20314208:18
*** kiran-r has quit IRC08:24
*** boris-42 has quit IRC08:32
*** dims_ has joined #openstack-keystone08:41
*** dims_ has quit IRC08:45
*** pnavarro is now known as pnavarro|afk08:50
*** stevemar has joined #openstack-keystone09:01
*** ChanServ sets mode: +v stevemar09:01
*** stevemar has quit IRC09:05
*** topol has joined #openstack-keystone09:06
*** ChanServ sets mode: +v topol09:06
*** e0ne has joined #openstack-keystone09:07
*** gus has quit IRC09:10
*** topol has quit IRC09:11
*** dims_ has joined #openstack-keystone09:15
*** dims_ has quit IRC09:20
*** dims_ has joined #openstack-keystone09:23
*** dims_ has quit IRC09:27
*** e0ne has quit IRC09:29
*** hightall has quit IRC09:30
*** fhubik is now known as fhubik_afk09:32
*** pnavarro|afk is now known as pnavarro09:34
*** tsubic has joined #openstack-keystone09:39
*** davechen has left #openstack-keystone09:41
*** fhubik_afk is now known as fhubik09:45
*** dims_ has joined #openstack-keystone09:47
openstackgerritDave Chen proposed openstack/keystone: Minor fix in the `configuration.rst`  https://review.openstack.org/20452909:55
jamielennoxbigjools: yep, i'll be at pyconau09:56
*** gus has joined #openstack-keystone09:57
openstackgerrithenry-nash proposed openstack/keystone: Add support for data-driven backend assignment testing  https://review.openstack.org/14917810:02
openstackgerrithenry-nash proposed openstack/keystone: Add support for effective & inherited mode in data driven tests  https://review.openstack.org/15162310:03
openstackgerritDavid Charles Kennedy proposed openstack/keystone: Move endpoint catalog filtering to default driver  https://review.openstack.org/16767510:05
bigjoolsjamielennox: see you there then10:05
jamielennoxbigjools: looking forward to it, though a little stressed about the presentations i've got to do10:06
bigjoolsjamielennox: I avoid stress like that where possible :)10:06
jamielennoxbigjools: yea, i'm an idiot but it's how i get sponsored10:07
*** topol has joined #openstack-keystone10:08
*** ChanServ sets mode: +v topol10:08
bigjoolsall's fair in love and war. And Python.10:08
openstackgerrithenry-nash proposed openstack/keystone: Improve List Role Assignments Filters Performance  https://review.openstack.org/13720210:11
openstackgerrithenry-nash proposed openstack/keystone: Add support for effective & inherited mode in data driven tests  https://review.openstack.org/15162310:11
openstackgerrithenry-nash proposed openstack/keystone: Add support for group membership to data driven assignment tests  https://review.openstack.org/15196210:11
openstackgerrithenry-nash proposed openstack/keystone: Add support for data-driven backend assignment testing  https://review.openstack.org/14917810:11
jamielennoxbigjools: all's fair in ruby, in python we obey the rules10:12
*** topol has quit IRC10:12
bigjoolsI dunno, I've seen some code in my time :)10:12
jamielennoxfair10:13
openstackgerrithenry-nash proposed openstack/keystone: Broaden domain-group testing of list_role_assignments  https://review.openstack.org/15430210:13
openstackgerrithenry-nash proposed openstack/keystone: Test list_role_assignment in standard inheritance tests  https://review.openstack.org/15389710:13
openstackgerrithenry-nash proposed openstack/keystone: Support project hierarchies in data driver tests  https://review.openstack.org/15448510:14
jamielennoxmarekd: how do you guys handle logging out with websso?10:15
*** e0ne has joined #openstack-keystone10:17
*** dims_ has quit IRC10:18
*** aix has quit IRC10:19
*** fhubik has quit IRC10:23
*** fhubik has joined #openstack-keystone10:23
marekdhorizon should redirect to keystone.cern.ch/Shibboleth.sso/Logout like URL.10:23
marekdand shibboleth should clean the cookies.10:23
marekdfor that session.10:23
*** fhubik is now known as fhubik_afk10:26
tsubicIf I run devstack on a single machine, should it matter if I use localhost or the internal IP for the enviornment vars?10:33
*** dims_ has joined #openstack-keystone10:36
*** fhubik_afk is now known as fhubik10:37
openstackgerritMarek Denis proposed openstack/keystone: Adds a base class for functional tests  https://review.openstack.org/20314210:38
openstackgerritMarek Denis proposed openstack/keystone: Federation Identity Provider functional tests  https://review.openstack.org/20325810:39
*** dims_ has quit IRC10:41
*** dims_ has joined #openstack-keystone10:41
jamielennoxmarekd: ok, so nothing is actually required from keystone, you don't kill tokens or anything10:47
*** piyanai has joined #openstack-keystone10:50
*** pnavarro is now known as pnavarro|lunch10:53
samueldmq+ayoung | samueldmq, if the catalog does not have enough information in it to determine the endpoint id,  DENY10:57
samueldmqayoung: that's only valid for endpoint enforcement right ?10:57
samueldmqayoung: for policy, that means if a request arrives with an URL that doesn't map to the endpoint_id which has the policy associated with it, we wouldn't fetch the policy10:58
*** fhubik is now known as fhubik_afk11:12
*** amakarov_away is now known as amakarov11:12
samueldmqhenrynash: thanks for your review on the 'Dynamic Policies Delivering Mechanism'11:13
samueldmqhenrynash: did you have a chance to look at the entire spec ? or not yet ?11:13
samueldmqhenrynash: I just wanted to know if the rest of it looked clear11:13
ParsectiXhi guys again.11:14
ParsectiXjust a quick question. I want to update the default project quota after creating a project. I will use the ProjectManager for this ?11:15
samueldmqParsectiX: I don't think so, depending on the resource you want to define quotas, you should use different clients11:17
samueldmqParsectiX: I mean, the service owning the resource is in charge of managing its quota11:17
*** aix has joined #openstack-keystone11:18
*** bradjones has quit IRC11:18
samueldmqParsectiX: for example, nova has quotas for vcores/ram/disk quota,11:18
samueldmqParsectiX: tl;dr keystone doesn't manage quotas itself :)11:19
*** chenhong1 has quit IRC11:20
*** jaosorior has joined #openstack-keystone11:20
ParsectiXsamueldmq: Thanks. and this what it does ?  http://docs.openstack.org/developer/python-keystoneclient/api/keystoneclient.v3.html#keystoneclient.v3.projects.ProjectManager.update11:20
*** bradjones has joined #openstack-keystone11:20
*** bradjones has quit IRC11:20
*** bradjones has joined #openstack-keystone11:20
ParsectiXupdates the general info for the project ?11:20
bretonyes11:21
samueldmqParsectiX: exactly, that updates the project information (name, description, enabled ..) :)11:21
samueldmqbreton: ++11:21
openstackgerrithenry-nash proposed openstack/keystone: Remove manager-driver assignment metadata construct  https://review.openstack.org/14899511:21
bretonParsectiX: the list of parameters is the same as for create -- http://docs.openstack.org/developer/python-keystoneclient/api/keystoneclient.v3.html#keystoneclient.v3.projects.ProjectManager.create11:22
breton(I wonder why update is not documented)11:22
*** fhubik_afk is now known as fhubik11:23
ParsectiXbreton, samueldmq: thanks guys11:24
samueldmqParsectiX: np11:24
samueldmqbreton: I'll get a new member here to document it, if you aren't going to do so11:24
jiaxiwhat done np mean ?11:25
bretonsamueldmq: ok, go ahead11:25
ParsectiXI can do it guys if you guide me as it will be my first contribution11:25
ParsectiXAlso found this describing the quotas: http://docs.openstack.org/openstack-ops/content/projects_users.html#quotas11:25
samueldmqjiaxi: 'done' is just.. done :) 'np' is No Problem11:25
samueldmqjiaxi: hope that was your question :)11:26
samueldmqParsectiX: ah ok go ahead then11:26
jiaxisamueldmq: How to read keystone code ?11:26
samueldmqParsectiX: do you have setup your accounts etc ?11:26
jiaxisamueldmq: I want to understand keystone throughly11:27
samueldmqjiaxi: what do you mean, get familiar with the code ? you need a specific part of keystone (identity, assignment?)?11:27
jiaxisamueldmq : I need to know all11:27
samueldmqParsectiX: see http://docs.openstack.org/infra/manual/developers.html11:28
samueldmqParsectiX: to setup your accounts, env11:28
jiaxisamueldmq : know the data flow, work principle.11:28
samueldmqjiaxi: wow that's too much11:28
jiaxisamueldmq: Today, I read code one by one.11:29
samueldmqjiaxi: keep in mind that know everything is hard, since things are being added/changing all the time11:29
jiaxiA little confused, a little tired.11:29
samueldmqjiaxi: start with documentation, so you can understand better the principles11:29
samueldmqjiaxi: what keystone stands for, etc11:29
jiaxisamueldmq: I have read the docs.11:30
jiaxisamueldmq: I know keystone in general. but not in details.11:30
samueldmqjiaxi: give me an example of what you read in the docs and wanted to see in the code11:30
jiaxisamueldmq : for example. I don't know why the expired trust can't be deleted.11:30
samueldmqjiaxi: getting familiar with the code takes time, that's an exercise11:30
samueldmqjiaxi: reviewing code is a good approach to exercise that11:31
ParsectiXsamueldmq: okay11:31
samueldmqjiaxi: ok so let's see a good approach to find that code11:31
jiaxisamueldmq: I read what's function of identity, catalog, token, and so on.11:31
jiaxisamueldmq: The code is too many. I want to know what done the code mean ? every line.11:32
jiaxisamueldmq: I reviewed others code. A little hard for me. I often give +111:33
samueldmqjiaxi: k, as I said knowing *all* the code by hard is somehting very... well, I think I can't do that11:33
samueldmqjiaxi: first, put in your mind that you won't get familiar with the keystone code within a week11:34
jiaxisamueldmq: You are right. Maybe I just try to understand keystone more11:34
samueldmqjiaxi: as I said, that's an exercise that takes time, like learning a new language, every day you learn new things11:34
samueldmqjiaxi: yeah that's better now11:34
samueldmq:)11:34
samueldmqjiaxi: in your example, you could start by looking where the trust code lives11:35
samueldmqjiaxi: start looking at https://github.com/openstack/keystone/tree/master/keystone11:35
samueldmqjiaxi: then you can easily see a directory called 'trust', that's where it lives11:35
jiaxisamueldmq: The reason is the trust that expired can't be found11:35
samueldmqjiaxi: one more thing you need to know once you get into that directory11:36
samueldmqjiaxi: in keystone, we organize things in levels.. router -> controller -> manager -> driver11:36
jiaxisamueldmq,dirver is the database ?11:36
samueldmqjiaxi: router receives the requests by URL match and queries the controller11:36
*** henrynash has quit IRC11:37
samueldmqjiaxi: controller asks the proper manager methods to get the response it needs .. then controller do the formatting  of the results11:37
samueldmqjiaxi: the manager (core.py) is in charge o the business logic.. i.e most of logic will be there, but it needs to get info from the database11:38
jiaxisamueldmq: It's the manager who does the logical work?11:38
samueldmqjiaxi: so the manager qqueries the driver, that can be sql or ldap drivers11:38
samueldmqjiaxi: in every keystone module you'll find that organization (router -> controller -> manager -> driver)11:39
jiaxisamueldmq: Good guide, It seems that I know better now..11:39
samueldmqjiaxi: I hope that will help you to get through the code and understand it11:39
samueldmqjiaxi: fell free to ask questions, and exercise learning the code every day :)11:40
jiaxisamueldmq: some files dont's in directory,    cli.py  config.py etc11:40
jiaxiWhy not put the in common ?11:40
samueldmqjiaxi: common is not for 'homeless' files :) it's for common code that is used in several places11:41
jiaxisamueldmq: so cli.py config.py is homeless file ?11:42
*** edmondsw has joined #openstack-keystone11:43
ParsectiXsamueldmq: a lot of stuff in this page :)11:47
samueldmqjiaxi: no, as they're a kind of entry point for the service, they live in the main directory11:47
samueldmqjiaxi: that's my understanding11:48
samueldmqParsectiX: yeah basically just follow the account setups, after that you would be able to login in review.openstack.org11:48
samueldmqParsectiX: and Installing git-review as well :)11:49
ParsectiXwhere a you develop guys on a linux box ?11:49
jiaxisamueldmq: Good guide,much better than the doc.11:50
samueldmqParsectiX: btw you do that just once :) yeah I use an ubuntu box11:50
samueldmqjiaxi: you can always come here and ask quesitons about the code11:50
samueldmqjiaxi: docs are good as well, but asking here can be quicker :)11:51
jiaxisamueldmq: You are so kind. Thank you.11:51
samueldmqjiaxi: you're welcome11:51
*** david-lyle has joined #openstack-keystone11:52
jiaxisamueldmq:  Could you have time to review my patch set https://review.openstack.org/#/c/200512/11:53
jiaxisamueldmq: if have no time ,no problem.  I can review your. I have much time.11:54
samueldmqjiaxi: I will review it later today, thanks11:55
ayoungsamueldmq, sorry, left this running all night to see what happened with an install.  Just seeing your message now, about to head into the office.11:55
ayoungBut if dyn pol is on, and there is not enough info to fetch policy, probablyh should be a deny11:55
samueldmqayoung: np sir11:55
ayoungsamueldmq, back in about an hour11:55
*** ayoung has quit IRC11:55
samueldmqayoung: sure11:55
samueldmqoops11:55
*** raildo has joined #openstack-keystone12:07
marekddstanek: hi.12:10
dstanekmarekd: hi!12:10
marekdhttps://review.openstack.org/#/c/203142/7 - so there is this patch and i wanted to hear your opinoin whether we should to inherit/reuse as much as possible from unit tests helpers or let's go ahead and almost recode everything.12:11
marekdesp assertValidResponse et all12:11
marekddstanek: i also think we should't really care about cleaning objects added during tests. All in all this will probably go somewhere in the gate and each time a VM ill be killed, right?12:13
marekdactually i will ask on infra.12:13
marekddstanek: you may also want to take a look at https://review.openstack.org/#/c/203258/3/keystone/tests/functional/federation/test_v3_crud.py and see it if's going in the right direction.12:14
dstanekmarekd: some of those assertion methods could be put somewhere where they can be shared. in the future the v3 tests will go away12:14
marekddstanek: hum, it's a great refactoring effort12:15
marekddstanek: cause clearly some of those are in the classes that we don't really want to reuse in functional tests.12:15
dstanekmarekd: ah, nice.12:15
dstanekmarekd: only pull the things you need, when you need them and it won't be too bad12:15
dstanekrewriting all of the v3 tests will be quite a lot of work for sure12:16
*** jdandrea has joined #openstack-keystone12:17
marekddstanek: i actually tried to do multi inheritance problem (MRO problems) and gave up for now, but for sure I will want to check whether server responds correctly, not only it's HTTP  status code.12:18
dstanekmarekd: i can get a patch together on top of yours that brings in that functionality12:19
openstackgerritSamuel de Medeiros Queiroz proposed openstack/keystone-specs: Dynamic Policies Delivering Mechanism  https://review.openstack.org/19798012:19
marekddstanek: maybe not on top of mine, rather on top of https://review.openstack.org/#/c/203142/7 or simply modify that one.12:19
*** fhubik is now known as fhubik_afk12:20
dstanekmarekd: sure12:22
*** fhubik_afk is now known as fhubik12:22
marekddstanek: thanks.12:23
dstanekmarekd: i'm going to go for a morning run and then i'll start working on it shortly after12:23
marekddstanek: i can probably help in building this framework, as I guess I will be one of the early adopter with my federation functional tests...:-)12:23
marekdsure, no rush12:23
dstanekmarekd: i'm pretty sure that the VMs are trashed after use, but i'm curious what infra has to say12:23
marekddstanek: they are,12:23
marekddstanek: just confirmed12:24
dstanekcool12:24
*** dims_ has quit IRC12:24
dstaneki'll bring over some of the helpers that i think will be useful12:24
marekdthey just suggested cleaning after ourselves as it may be better for us, dev running func tests on local devstacks.12:24
marekddstanek: i am wondering if there are kind of methods, something like setUp() but called after the test...12:25
*** dguerri is now known as dguerri`12:25
marekdloks like a perfect place for cleaning and not having to call it explicitely every time.12:25
bretonmarekd: tearDown()?12:26
marekdbreton: is it called after each test ?12:27
marekdbreton: if it is, that's cool12:27
marekdi was already thinking about some decorators or so12:27
bretonmarekd: > Method called immediately after the test method has been called and the result recorded12:27
marekdbreton: oh, cool12:28
marekdgood to know.12:28
dstanekmarekd: yeah, tearDown is called after each test, but you don't want to use it12:28
marekddstanek: why not?12:28
dstanekuse clean ups instead like we do in the unit tests12:28
* breton is interested why not too12:28
marekddstanek: clean ups?12:28
marekdanyway, go running and we talk later12:28
dstanekthere are corner cases where tearDown is not called and things are not properly destroyed when there are exceptions during the setUp12:28
samueldmqdstanek: and I think as you add the cleanup calls as you setup, we ensure a proper cleanup will happen (inverse order)12:30
dstanekin the setUp you add a clean up to clean whatever stuff you set up :-) http://git.openstack.org/cgit/openstack/keystone/tree/keystone/tests/unit/core.py#n33512:30
samueldmqdstanek: is that right or am I saying silly things ? :)12:31
breton> If setUp() fails, meaning that tearDown() is not called, then any cleanup functions added will still be called12:31
bretonthat's cool12:31
dstanekhmmm....or maybe it's an exception in tearDown causes tear downs to bail...either way tearDown is broken12:31
dstaneksamueldmq: yes, clean ups are called in order12:32
samueldmqI think tear down methods should be teared down ...12:32
samueldmqI wonder why we even have them anyway, if cleanup is always better12:33
bretonwe don't12:34
* breton always wondered why we don't use them. Now he knows.12:34
dstanekyeah, i spent some time a while back removing them12:36
samueldmqyeah, this guy is always making nice cleanups ^12:37
*** gordc has joined #openstack-keystone12:37
samueldmq:)12:37
*** stevemar has joined #openstack-keystone12:39
*** ChanServ sets mode: +v stevemar12:39
*** piyanai has quit IRC12:39
*** stevemar has quit IRC12:43
*** jsavak has joined #openstack-keystone12:49
marekddstanek: ok, so i don't understand - so addCleanup() is called from inside of setUp() ?12:50
*** pnavarro|lunch is now known as pnavarro12:50
*** ParsectiX has quit IRC12:51
*** dguerri` is now known as dguerri12:51
lbragstaddstanek: i think i finished the federation testing stuff...12:52
lbragstadcc marekd ^12:52
bretonmarekd: yes12:52
bretonmarekd: it addCleanup adds a callback12:52
marekdbreton: so, addCleanup is called after the tests.12:53
bretonerr, no12:53
bretonaddCleanup(function_that_does_cleanup) adds function that does cleanup12:53
bretonand that function is called after a test12:54
marekdbreton: then i am good, otherwise it would not call after the last tests.12:54
*** hrou has joined #openstack-keystone12:54
jiaxidstanek: Hello, david.12:55
bretonthe order is the following: setUp -> test -> tearDown -> function_that_does_cleanup12:55
bretonbut function_that_does_cleanup is called regardless of previous functions' success12:56
*** bknudson has joined #openstack-keystone12:59
*** ChanServ sets mode: +v bknudson12:59
lbragstaddstanek: https://github.com/lbragstad/keystone-deploy/blob/federation/test_federation_exercises.py should contain everything for setting up two individual keystone nodes, and bootstrapping both the idp and sp13:02
*** edmondsw has quit IRC13:02
lbragstadso, running $ ansible-playbook -i federation-inventory --user="root" deploy.yaml   # will give you k2k federation13:03
lbragstadon two separate nodes13:04
*** fhubik is now known as fhubik_afk13:04
*** topol has joined #openstack-keystone13:07
*** ChanServ sets mode: +v topol13:07
lbragstadyou should need  http://cdn.pasteraw.com/cme0rmk0hearm9pqrqkywdkajb442v3 to deploy, bootstrap, and run a single test against k2k federation13:08
lbragstadcc dolphm marekd ^13:08
*** topol has quit IRC13:11
*** chenhong has joined #openstack-keystone13:12
*** ParsectiX has joined #openstack-keystone13:14
*** stevemar has joined #openstack-keystone13:14
*** ChanServ sets mode: +v stevemar13:14
*** henrynash has joined #openstack-keystone13:14
*** ChanServ sets mode: +v henrynash13:14
samueldmqhenrynash: hey, just saw your review on the middleware spec for dynamic policies13:15
samueldmqhenrynash: so basically that's a naming issue ...13:15
samueldmqrihgt ?13:15
henrynashsamueldmq: hi13:15
samueldmqhenrynash: so the policy stored in the server is not necessarily a complete policy, it can be just some rules, which are customized13:16
henrynashsamueldmq: for me, yes…..I think all we doing here is saying “we think keystone should be a polciy CMS”….and here’s how we make it so….and this has nothing to do with polciy being more granular, dynamic or anything else13:16
samueldmqhenrynash: so dynamic means dynamically delivered by openstack13:17
henrynashsamueldmq: well, are we sure that’s what people will always want?13:17
samueldmqhenrynash: but that can be a complete policy13:17
henrynashsamueldmq: …will always want....13:17
samueldmqhenrynash: not sure I follow13:18
samueldmqhenrynash: btw I have a new patchset with a better problem description... you'll like it better I think https://review.openstack.org/#/c/197980/6/specs/backlog/dynamic-policies-delivering-mechanism.rst13:18
henrynashsamueldmq: so I’d have thought that a common scenario would be “my endpoints get their policy from keystone CMS, period.”13:18
henrynashsamueldmq: and I don;t want some other mechanism to enable an endpoint to have any other kind of rules13:19
henrynashsamuelmq: so I can imagine some providers wanting the one served up form keystone to be the only one, other might want it it overlayed on the local one13:19
samueldmqhenrynash: if you want it to be the only one, create a complete policy13:20
henrynashsamueldmq: in this patch we should not assume how the endpoint will use the policy…that’s for a differet patch13:20
samueldmqhenrynash: overlaying everything is like just it existed all the time13:20
henrynashsamueldmq: I don’t mean a unified policy file….13:21
henrynashsamueldmq: just no overlay13:21
samueldmqhenrynash: for now we write it in a different policy file, called for example /etc/glance/dynamic-policy.json13:21
samueldmqhenrynash: at enforcement time we do the overlay13:21
samueldmqhenrynash: so that dynamic-policy.json has priority over policy.json13:22
henrynashsamueldmq: so for one thing, I would suggest this is “keystone-cms-polocy.json13:22
henrynashsamueldmq: don’t call it dynmaic13:22
samueldmqhenrynash: why ? is it confusing calling it dynamic ?13:23
henrynashsamueldmq: for me, sure13:23
samueldmqhenrynash: for me dynamic means it is dynamically defined (using the api) and dynamically delivered13:23
henrynashsamuedmq: I’d like to banish the word dynmical for all these specs and codings13:24
samueldmqhenrynash: but I am open on that front13:24
samueldmqhenrynash: btw the file naming is configurable in oslo.policy13:24
henrynashsamueldmq: and the oslo.policy patch should take a config seting that determins if we overaly the file or ONLY use the keystone cms one and ignore the loca one13:24
samueldmqhenrynash: hmm I think I have a solution for your usecase13:25
samueldmqhenrynash: if you want to only use the policy from keystone, set the 'policy_file' config to be the same as 'dynamic_policy_file' setting13:25
samueldmqhenrynash: if that makes sense, we could configure that, or add a config option13:25
samueldmqI meant 'we could document that'13:26
*** ParsectiX has quit IRC13:26
samueldmqhenrynash: this https://github.com/openstack/oslo.policy/blob/master/oslo_policy/opts.py#L2813:26
henrynash…and if we did that, would our oslo patch be smart enough to not try and overaly with itself?13:27
samueldmqhenrynash: would be the same as the new option 'dynamic_policy_file' (ignore the naming..)13:27
*** david-lyle has quit IRC13:27
samueldmqhenrynash: sure we can add this inteligence there :)13:27
henrynashsamueldmq: so that might work…agreed…..I need to think about my othe goal here ( :-) ), in that I want the ability for keystone to return an ordered list of policies to overaly on each other13:28
samueldmqhenrynash: ok so on that point I think keystone should return a single policy, and do some internal overlay if needed13:30
*** chenhong1 has joined #openstack-keystone13:30
henrynashwhat I want is to add a new API to endpoint policy to return the a list of policies that should be applied for this endpoint - i.e. allowing high level policy rules at the cloud level, to be overridden by those at the service level, to be overriden by those at the region+service level, to be overridden by those at the endpoint level....13:30
samueldmqhenrynash: we'll avoid unecessary network overload13:30
samueldmqhenrynash: sure, the result would be a kind of 'effective' policy, right?13:31
henrynashso it *could* do that…..if we think it’s OK to have overalaying in both places13:31
henrynashwas trying to avoid duplicating that ability13:31
samueldmqhenrynash: so I think the API *always* returns teh effective policy, considering higher policies (service, etc)13:31
samueldmqhenrynash: one thing is the overlay inside the API defined policies, so that is managed by keystone13:32
henrynashah yes, but today the “closest” one wins and superceedes EVREYTHING higher up13:32
samueldmqhenrynash: another is how we deal with the old-defined policies, which is an oslo.policy capability13:32
*** chenhong has quit IRC13:32
henrynashyeah, so hence trying to not split this fucntionaliy13:33
samueldmqhenrynash: keystone delivers the Custom Policy, what to do with it is to oslo.policy decide, I think that makes sense13:34
samueldmqhenrynash: and we avoid oslo.policy knowing about policies hierarchies13:34
samueldmqhenrynash: and avoid overload in the responses, etc :) well that makes sense to me13:34
henrynashsamueldmq: well, it’s going to know about a hierarchy of 2, right?13:34
samueldmqhenrynash: regions can be nested13:35
henrynashsamueldmq: ok, I’ll think some more on that score...13:35
samueldmqhenrynash: yes please, I like your concerns, and the fact you're getting involved13:36
samueldmqhenrynash: thanks13:36
samueldmqhenrynash: btw, I will wait to see other people opinion about the policy naming on https://review.openstack.org/#/c/134655/9/specs/backlog/dynamic-policies-fetch-cache.rst13:36
samueldmqhenrynash: I am not against, I am very open, just want to make sure we do the better we can :)13:37
*** dsirrine has quit IRC13:43
*** TheIntern has joined #openstack-keystone13:44
*** dsirrine has joined #openstack-keystone13:45
jiaxiIn catalog/controller.py   @dependency.requires('catalog_api')  34 class Service(controller.V2Controller):13:45
jiaxiwhere is the catalog_api ?13:45
jiaxicatalog_api will be an attribute of class Service. But how does Service find the catalog_api ?13:46
samueldmqjiaxi: https://github.com/openstack/keystone/blob/master/keystone/catalog/core.py#L8813:47
samueldmqjiaxi: remember the controller uses the manager, that's the dependency13:48
*** dims_ has joined #openstack-keystone13:48
*** edmondsw has joined #openstack-keystone13:48
samueldmqjiaxi: the link I sent you (core.py) contains the manager13:48
samueldmqjiaxi: remember (router -> controller -> manager -> driver)13:48
jiaxisamueldmq: okay , I will look how does it find the manager.13:49
*** ParsectiX has joined #openstack-keystone13:50
*** jecarey has joined #openstack-keystone13:52
samueldmqbknudson: do you think some documentation on introducing the keystone code would be helpful ?13:52
samueldmqbknudson: I know the code itself is documented, but I mean something else like explaining how our code is organized13:53
marekdstevemar: erm, did oauth deps changed in ksc?13:53
bknudsonsamueldmq: sure, if we don't have anything already13:53
samueldmqbknudson: the (router -> controller -> manager -> driver) structure, etc13:53
samueldmqbknudson: nice, I will check, thanks13:53
marekdstevemar: some tests are failing on http://cdn.pasteraw.com/98ee5x6uox0n8rf7y53a8mur9ntwn8r13:54
marekdits pure mare13:54
marekdmaster13:54
marekdwhich is strange.13:54
*** fhubik_afk is now known as fhubik13:57
bknudsonmarekd: https://pypi.python.org/pypi/oauthlib -- 2015-07-2013:59
bknudsonmight have to cap <1.0.0 in global-requirements14:00
samueldmqbknudson: what is cap ?14:02
samueldmqdstanek: what the right import order in a python file, is it : i) std libs, ii) external libs and then iii) internal deps14:03
bknudsonsamueldmq: https://www.google.com/search?q=define+cap&ie=utf-8&oe=utf-8 -- see verb #214:03
ParsectiXI have an architecture question. I have my public endpoints and use a private internal subnet for the for them inside. when I'm trying to use the APIs from outside in a point they are tying to access a private IP14:03
samueldmqdstanek: so those are three blocks in the file .. should we need more than that in any case ? I'm asking because of the review I  got in https://review.openstack.org/#/c/188561/4/keystonemiddleware/auth_token/_policy.py14:03
*** btully has joined #openstack-keystone14:03
ParsectiXand they fail14:03
samueldmqbknudson: yeah, I want to know how that applies in the context of dependencies, I've seen that term sometimes before14:04
bknudsonsetting the maximum version we allow14:05
ParsectiX can somehow use only the Public andpoints from my laptop that I make the API calls ?14:05
samueldmqbknudson: k so the upper version limit, thanks sir14:06
*** zzzeek has joined #openstack-keystone14:06
*** bknudson has quit IRC14:06
*** piyanai has joined #openstack-keystone14:07
marekdwhere is bkudson ? :/14:09
marekdbknudson14:09
*** mestery has joined #openstack-keystone14:11
*** bknudson has joined #openstack-keystone14:14
*** ChanServ sets mode: +v bknudson14:14
-openstackstatus- NOTICE: CI is currently recovering from an outage overnight. It is safe to recheck results with NOT_REGISTERED errors. It may take some time for zuul to work through the backlog.14:15
*** ChanServ changes topic to "CI is currently recovering from an outage overnight. It is safe to recheck results with NOT_REGISTERED errors. It may take some time for zuul to work through the backlog."14:15
openstackgerritMarek Denis proposed openstack/python-keystoneclient: Constrain oauthlib versions  https://review.openstack.org/20463214:15
marekdbknudson: i don't know whether this is a right way to proceed.14:16
marekd^^14:16
*** boris-42 has joined #openstack-keystone14:16
*** ParsectiX has quit IRC14:16
marekdstevemar: ^^14:16
bknudsonmarekd: the change will have to be made to http://git.openstack.org/cgit/openstack/requirements/tree/global-requirements.txt first14:16
marekdbknudson: uh, ok14:17
*** tsubic has left #openstack-keystone14:17
openstackgerritMarek Denis proposed openstack/python-keystoneclient: Constrain oauthlib versions  https://review.openstack.org/20463214:17
*** richm has joined #openstack-keystone14:17
jiaxihttps://review.openstack.org/#/c/200512/14:19
*** browne has joined #openstack-keystone14:19
jiaxiDolph Mathews suggest me to validate url in V3,too.14:20
*** sigmavirus24_awa is now known as sigmavirus2414:20
jiaxiI do not know whether it's proper. Because this bug is caused in v214:20
marekddo we have something like Partially-Closes-Bug ?14:22
marekdbknudson: ^^ ?14:22
bknudsonmarekd: Partial-Bug14:22
bknudsonor Related-Bug14:23
marekdbknudson: https://review.openstack.org/#/c/204633/14:23
bknudsonmarekd: thanks!14:27
*** mylu has joined #openstack-keystone14:27
*** topol has joined #openstack-keystone14:29
*** ChanServ sets mode: +v topol14:29
marekdbknudson: i am not sure whether we should do this or try adjust ksc code.14:29
bknudsonmarekd: we'll have to do both14:30
bknudsonwe'll have to fix keystoneclient eventually14:30
marekdbknudson: oh, so this is just a quick workaround.14:30
bknudsony, if it's easy to fix then there's no need for the cap.14:30
bretonhenrynash: why -2 on https://review.openstack.org/#/c/168087/2 ?14:31
bknudsonbut the way things are now we won't be able to merge anything in ksc until the cap is in place or the fix is merged14:31
henrynashbreton: talking with jamielennox, we might do away with the raw mode stuff I was using the follow on patch…and hence this patch would not be needed14:32
*** piyanai has quit IRC14:32
*** mylu has quit IRC14:32
-openstackstatus- NOTICE: CI is slowly recovering, please be patient while the backlog is worked through.14:33
*** ChanServ changes topic to "Welcome back from the meetup | MidCycle Etherpad: https://etherpad.openstack.org/p/keystone-liberty-midcycle-meetup"14:33
stevemarmarekd: booooooo14:44
stevemardamn oauthlib14:44
*** mylu has joined #openstack-keystone14:44
*** ayoung has joined #openstack-keystone14:45
*** ChanServ sets mode: +v ayoung14:45
marekdstevemar: heh, thought i was boooo'ed :P14:45
stevemarmarekd: you? never. only cheers and applause for marek14:45
marekdstevemar: yea, sure!14:46
marekdhttps://review.openstack.org/#/c/204632/14:46
marekdfeel free to vote14:46
marekdhttps://review.openstack.org/#/c/204633/ here too14:46
*** piyanai has joined #openstack-keystone14:49
bretonmarekd: looks like they thought that their get_oauth_params will not be used by anybody14:52
*** hrou has quit IRC14:53
*** hrou has joined #openstack-keystone14:54
marekdbreton: maybe :-)14:54
marekdbreton: if you have time you can try adjusting ksc14:54
marekd:-)14:55
bretonmarekd: I will now. We are not planning to drop oauthlib, are we?14:55
marekdstevemar: ^^ ?14:55
marekdbreton: ok, so i am going to WIP my patches maybe fixing keystoneclient will be faster14:57
*** marzif has quit IRC15:00
*** _hrou_ has joined #openstack-keystone15:01
*** jsavak has quit IRC15:03
*** aix has quit IRC15:03
*** hrou has quit IRC15:04
*** hrou has joined #openstack-keystone15:04
*** _hrou_ has quit IRC15:06
*** mylu has quit IRC15:06
*** TheIntern has quit IRC15:08
*** TheIntern has joined #openstack-keystone15:09
stevemarmarekd: fixing keystoneclient will be the easiest course of action15:09
*** david-lyle has joined #openstack-keystone15:09
stevemardo you have logs?15:10
bknudsonrun tox -e py27 and you'll see the failure15:10
*** mylu has joined #openstack-keystone15:10
marekdi might get them but ...just pull ksc master and run tox -repy2715:10
marekdi didn't really dive into root cause of the problem, wanted to do sth else.15:11
stevemarbknudson: i could15:11
marekdi actaly want to move k2k plugin to ksc and start working on osc implementation15:11
marekdas we still don't have ksa released.15:11
bretonstevemar: https://github.com/idan/oauthlib/blob/master/oauthlib/oauth1/rfc5849/__init__.py#L181 -- this is the problem15:12
bretonstevemar: we pass None as request15:12
stevemari'm wondering if the server side is broken too15:12
*** piyanai has quit IRC15:13
stevemarthats the second time that method signature has changed on us15:13
bretonstevemar: no, the signature has not changed15:13
bretonstevemar: they just started to use the parameter15:14
stevemarbreton: oh? i thought marek said it did15:14
stevemarah15:14
*** piyanai has joined #openstack-keystone15:14
marekdstevemar: i did, cause this is something i noticed vaguely but honestly i didn't dive into code....15:14
marekdwell, it's clearly a problem with new version of the lib15:15
stevemarhttps://github.com/idan/oauthlib/commit/14061935013ae20f58995dd2918c009166010bbc15:15
stevemaryeah, there was a change in the signature15:15
bretonbut changing the signature the first time was very stupid.15:15
stevemarbreton: it happens, i guess...15:16
stevemarmarekd i'll look at this after lunch, doing a few things in the morning15:17
bretonstevemar: I am looking at it now15:17
marekdstevemar: thanks!15:17
bknudsonthere's no operators at the nova meetup. :(15:20
marekdare yu at the nova meetup ?15:21
stevemarmarekd: yes, he is. the nova meetup is in rochester where bknudson lives :)15:21
stevemarsame logic as for why dims_ was at keystone meetup15:22
bknudsondims_ is here too15:22
marekdstevemar: oh, cool!15:22
* dims_ waves to stevemar and bknudson and marekd15:22
marekddims_: shall i assume you moved to Rochester ? :-)15:22
dims_marekd: lol15:22
marekdor this implication doesn't work in that direction :D15:22
dstaneksamueldmq: did you get the answers to your questions?15:22
*** stevemar has quit IRC15:29
*** stevemar has joined #openstack-keystone15:29
*** ChanServ sets mode: +v stevemar15:29
*** diazjf has joined #openstack-keystone15:31
*** stevemar has quit IRC15:32
bretonerr15:32
breton_validate_oauth_headers looks very weird.15:33
*** nkinder has quit IRC15:33
*** jsavak has joined #openstack-keystone15:34
*** piyanai has quit IRC15:35
*** kiran-r has joined #openstack-keystone15:38
*** chmouel has quit IRC15:44
*** aix has joined #openstack-keystone15:46
*** jsavak has quit IRC15:46
*** jsavak has joined #openstack-keystone15:46
*** aix has quit IRC15:46
*** nkinder has joined #openstack-keystone15:49
*** bdossant has quit IRC15:50
*** chmouel has joined #openstack-keystone15:51
openstackgerritBoris Bobrov proposed openstack/python-keystoneclient: Fix the test with oauthlib  https://review.openstack.org/20467815:55
*** aix has joined #openstack-keystone15:55
bretonthe tests are going to fail, but what do you think of the idea? ^15:55
*** piyanai has joined #openstack-keystone15:57
bretonit seens that `parameters` where used not from requests_mock, but from oauthlib and then compared with parameters from oauthlib. Which is weird.15:57
breton*seems15:57
*** TheIntern has quit IRC15:58
*** mylu has quit IRC16:00
*** topol has quit IRC16:02
*** lars1 has quit IRC16:03
*** lars1 has joined #openstack-keystone16:03
*** henrynash has quit IRC16:05
*** mylu has joined #openstack-keystone16:08
*** topol has joined #openstack-keystone16:10
*** ChanServ sets mode: +v topol16:10
*** geoffarnold has joined #openstack-keystone16:11
*** gyee has joined #openstack-keystone16:12
*** ChanServ sets mode: +v gyee16:12
*** piyanai has quit IRC16:13
*** geoffarnold has quit IRC16:13
bretonwhy do we need time_patcher in keystoneclient/tests/unit/utils.py ?16:14
*** fhubik is now known as fhubik_afk16:15
*** jiaxi has quit IRC16:16
*** geoffarnold has joined #openstack-keystone16:16
openstackgerritBoris Bobrov proposed openstack/python-keystoneclient: Fix the test with oauthlib  https://review.openstack.org/20467816:18
*** chenhong1 has quit IRC16:19
*** jistr has quit IRC16:19
*** iamjarvo has joined #openstack-keystone16:20
*** fhubik_afk is now known as fhubik16:21
*** piyanai has joined #openstack-keystone16:24
*** browne has quit IRC16:25
*** kiran-r has quit IRC16:26
*** ankita_wagh has joined #openstack-keystone16:26
*** lhcheng has joined #openstack-keystone16:26
*** ChanServ sets mode: +v lhcheng16:26
*** jsavak has quit IRC16:31
*** jsavak has joined #openstack-keystone16:33
*** kiran-r has joined #openstack-keystone16:38
*** _cjones_ has joined #openstack-keystone16:40
*** piyanai has quit IRC16:45
*** snapdey has joined #openstack-keystone16:45
*** piyanai has joined #openstack-keystone16:49
*** roxanaghe has joined #openstack-keystone16:51
openstackgerritBoris Bobrov proposed openstack/python-keystoneclient: Make OAuth testcase use actual request headers  https://review.openstack.org/20467816:52
*** roxanaghe has quit IRC16:52
*** jasonsb has quit IRC16:53
*** roxanaghe has joined #openstack-keystone16:53
bretonstevemar: marekd: https://review.openstack.org/#/c/204678/3/keystoneclient/tests/unit/v3/test_oauth1.py what do you think?16:54
*** kiran-r has quit IRC16:54
*** piyanai has quit IRC16:55
*** TheIntern has joined #openstack-keystone16:56
*** jsavak has quit IRC16:56
*** fhubik has quit IRC16:57
*** stevemar has joined #openstack-keystone16:57
*** ChanServ sets mode: +v stevemar16:57
*** ankita_wagh has quit IRC16:57
*** jsavak has joined #openstack-keystone17:01
stevemarbreton: thanks for the fix17:02
samueldmqdstanek: hi, no, actually I think the imports should be that way, but I'd like to confirm with you :)17:03
*** piyanai has joined #openstack-keystone17:03
samueldmqdstanek: to check if I what I think is correct17:03
samueldmqdstanek: sorry was afk (English class)17:03
bretonstevemar: I'd really appreciate your review, because I am not sure that it's the right fix17:04
bretonI will clean it up and provide a description now17:04
*** zzzeek has quit IRC17:05
bknudsonbreton: note that the change has to work on <1.0, too.17:05
lhchengbknudson: how trivial should a patch be to decide that it does not require a bug to be opened?17:06
lhchengbknudson: like to get your feedback on: https://review.openstack.org/#/c/203297/317:06
stevemarbknudson: looks like breton is suggesting to not use get_oauth_params, but rather split the string ourselves17:06
bknudsonlhcheng: if a customer wouldn't see it then there's no need for a bug.17:07
*** zzzeek has joined #openstack-keystone17:07
bknudsonlhcheng: since customers don't care where clean.py is then there's no need for a bug17:08
bretonstevemar: the problem is that get_oauth_params did not do anything about auth_header17:08
lhchengbknudson: cool, just to want to align the expectation.17:08
lhchengbknudson: thanks17:08
lhchengbknudson: I'll revert my vote17:08
stevemarlhcheng: yeah, but we should probably open one for creating the keystone.version module17:09
lhchengstevemar: ah the last one in the chain, yeah it does update the docs17:10
stevemarlhcheng: yep17:10
bretonstevemar: _validate_oauth_headers was supposed to check that auth_headers, which are what manager.create() sent to mocked url, are correct ones, and use oauth_client for comparison17:10
stevemarbreton: correct17:10
bretonstevemar: but instead it took parameters from oauth_client and compared it basically with themselves, but acquired as attributes17:11
*** spandhe has joined #openstack-keystone17:12
bretonstevemar: note that auth_headers passed to _validate_oauth_headers was not used17:14
*** marzif has joined #openstack-keystone17:15
*** piyanai has quit IRC17:16
*** ankita_wagh has joined #openstack-keystone17:17
*** aix has quit IRC17:20
*** browne has joined #openstack-keystone17:21
openstackgerritBoris Bobrov proposed openstack/python-keystoneclient: Make OAuth testcase use actual request headers  https://review.openstack.org/20467817:23
*** e0ne has quit IRC17:24
*** snapdey has quit IRC17:24
*** marzif has quit IRC17:25
*** afazekas_ has quit IRC17:26
*** marzif has joined #openstack-keystone17:26
*** TheIntern has quit IRC17:27
*** snapdey has joined #openstack-keystone17:29
*** marzif has quit IRC17:31
*** marzif has joined #openstack-keystone17:32
*** jasonsb has joined #openstack-keystone17:38
stevemarclassic dolphm17:38
*** mylu has quit IRC17:40
*** ericksonsantos has quit IRC17:42
openstackgerritBoris Bobrov proposed openstack/python-keystoneclient: Make OAuth testcase use actual request headers  https://review.openstack.org/20467817:43
mfischmorganfainberg, dolphm I'll have some numbers and graphs for you shortly, the tl;dr is that its not helping17:46
mfischdo I need anything besides that patch?  I have a package built from yesterday plus I patched your patch on top of the code and restarted17:47
morganfainbergThen it isnt the event db table its the event processing code17:47
morganfainbergWe knew that was a bottleneck before17:48
*** mylu has joined #openstack-keystone17:48
mfischThis might still help in the real world reduce deadlocks17:48
mfischin my test env there's not much going on17:48
morganfainbergSure.17:48
morganfainbergDeadlock reduction = good17:48
mfischesp in a globally replicated db17:49
morganfainbergBut performance, known bad with the tree matcher. Our slowest tests are the tree thing.17:49
morganfainbergTl;dr we need a new17:49
morganfainbergMatcher.17:49
stevemarsomething wrong with gerrit?17:49
morganfainbergstevemar: earlier today.17:49
bretonstevemar: it is overloaded now I think17:49
mfischthere was an issue last night with gearman I think17:50
morganfainbergShpuld be just slow due to recovering from icky earlier on.17:50
*** roxanaghe has quit IRC17:50
stevemarah17:50
*** snapdey has quit IRC17:50
stevemari haven't had issues until just now17:50
*** TheIntern has joined #openstack-keystone17:51
*** rletrocquer has quit IRC17:51
*** snapdey has joined #openstack-keystone17:52
*** amickus has joined #openstack-keystone17:53
*** roxanaghe has joined #openstack-keystone17:55
*** jasonsb has quit IRC17:56
*** jasonsb_ has joined #openstack-keystone17:56
*** diazjf has quit IRC17:56
stevemarbreton: why remove the timestamp check?18:01
mfischmorganfainberg: I'm not clear on where you are storing the event that has the timestamp18:01
mfischwhats the mechanism there?18:01
*** marzif has quit IRC18:02
openstackgerritBrant Knudson proposed openstack/keystone: test_base64utils works with py34  https://review.openstack.org/20385318:02
openstackgerritBrant Knudson proposed openstack/keystone: Fix pemutils for py34  https://review.openstack.org/20389218:02
*** ericksonsantos has joined #openstack-keystone18:03
openstackgerritBrant Knudson proposed openstack/keystone: Fix pemutils for py34  https://review.openstack.org/20389218:03
*** jasonsb has joined #openstack-keystone18:03
*** piyanai has joined #openstack-keystone18:04
*** Kennan has joined #openstack-keystone18:04
openstackgerritBrant Knudson proposed openstack/keystone: Fix test_utils for py34  https://review.openstack.org/20389618:04
*** Kennan2 has quit IRC18:04
*** marzif has joined #openstack-keystone18:04
openstackgerritBrant Knudson proposed openstack/keystone: Ensure database options registered for tests  https://review.openstack.org/20390018:04
*** snapdey has quit IRC18:05
*** jasonsb_ has quit IRC18:07
*** marzif_ has joined #openstack-keystone18:07
bknudsonpython3 changes ^18:08
*** marzif has quit IRC18:11
*** alex_xu has quit IRC18:11
*** alex_xu has joined #openstack-keystone18:13
*** woodster_ has joined #openstack-keystone18:14
openstackgerritHenrique Truta proposed openstack/keystone: Add is_domain field in Project Table  https://review.openstack.org/15742718:15
*** marzif_ has quit IRC18:19
*** diazjf has joined #openstack-keystone18:19
openstackgerritDeepti Ramakrishna proposed openstack/keystone: Reuse token_ref fetched in AuthContextMiddleware.  https://review.openstack.org/19086318:21
openstackgerritHenrique Truta proposed openstack/keystone: Change project name constraints  https://review.openstack.org/15837218:25
*** piyanai has quit IRC18:33
*** piyanai has joined #openstack-keystone18:35
*** ayoung has quit IRC18:36
*** iamjarvo has quit IRC18:41
*** piyanai has quit IRC18:42
*** dims_ has quit IRC18:42
openstackgerritBoris Bobrov proposed openstack/python-keystoneclient: Make OAuth testcase use actual request headers  https://review.openstack.org/20467818:44
bretonstevemar: because the timestamp is not passed in actual request18:45
mfischmorganfainberg: no measurable perf impact, but I think it's still useful to not call DELETE so much18:45
*** diegoadolfo has joined #openstack-keystone18:45
*** e0ne has joined #openstack-keystone18:45
stevemarbreton: nice patch ;)18:46
bretonstevemar: it is generated by oauthlib and is a timestamp, not what we passed before18:46
stevemarbreton: mention that in the commit msg18:46
bretonstevemar: already there18:46
stevemarbreton: sweet18:46
*** piyanai has joined #openstack-keystone18:47
*** dims_ has joined #openstack-keystone18:47
lbragstadmorganfainberg: do you want this proposed for a stable freeze exception? https://review.openstack.org/#/c/186376/18:49
diegoadolfolbragstad, Hi Lance18:50
lbragstaddiegoadolfo: hey18:50
diegoadolfolbragstad, you would have the time to look me the bug 147449018:51
openstackbug 1474490 in Keystone "keystone.tests.unit.common.test_notifications.NotificationsTestCase fails in isolation" [Low,Triaged] https://launchpad.net/bugs/1474490 - Assigned to Diego Adolfo (diegoado)18:51
diegoadolfolbragstad, Link -> https://bugs.launchpad.net/keystone/+bug/147449018:51
lbragstaddiegoadolfo: are you attempting to fix it?18:53
diegoadolfolbragstad, yes18:53
diegoadolfolbragstad, a few hours18:54
lbragstaddiegoadolfo: can you recreate it?18:54
lbragstadwith the latest master branch?18:55
diegoadolfolbragstad, yes18:57
lbragstaddiegoadolfo: that trace looks like an import order issue18:58
myluHi I'm working on bi-direction k2k for the next step of MOC federation. I see a 401 Unauthorized: could not map user error. can anyone help me with that?18:58
mylukeystone.log in SP shows keystone.contrib.federation.utils [-] identity_values: []. and that explains why it couldn't map user. And my mapped_proproties: : {'group_ids': [], 'user': {'domain': {'id': 'Federated'}, 'type': 'ephemeral'},'group_names': []}19:01
diegoadolfolbragstad, I found a solution19:02
diegoadolfolbragstad, What is deleting the following lines19:03
diegoadolfolbragstad, fixture = self.useFixture(config_fixture.Config(CONF))19:03
diegoadolfolbragstad, fixture.config(rpc_backend='fake', notification_driver=['fake'])19:04
diegoadolfolbragstad, the setup NotificationsTestCase class19:05
diegoadolfolbragstad, with that all tests are still going and the simple test of this class also passes19:07
lbragstaddiegoadolfo: can you propose a patch? it will be easier to iterate over19:07
*** iamjarvo has joined #openstack-keystone19:07
diegoadolfolbragstad, ok19:07
diegoadolfolbragstad, I will do that now19:08
lbragstadawesome, thanks!19:08
diegoadolfolbragstad, Thank you for helping me19:09
stevemarkeystoners: assemble to unbreak the keystoneclient gate! https://review.openstack.org/#/c/204678/19:09
lbragstaddiegoadolfo: no problem, it will be easier once you have a review up19:09
stevemarlbragstad: dstanek dolphm ^19:10
*** pauloewerton has joined #openstack-keystone19:10
dstanekstevemar: looking19:12
dstanekstevemar: breton: why remove the timestamp?19:14
*** topol has quit IRC19:15
*** henrynash has joined #openstack-keystone19:15
*** ChanServ sets mode: +v henrynash19:15
*** amakarov is now known as amakarov_away19:15
stevemardstanek: refer to commit msg19:16
*** Guest4324 has joined #openstack-keystone19:17
*** jdandrea has left #openstack-keystone19:18
*** afazekas has joined #openstack-keystone19:19
openstackgerritMerged openstack/keystone: Adding Documentation for Mapping Combinations  https://review.openstack.org/19285019:19
dstanekstevemar: odd19:20
*** iamjarvo has quit IRC19:20
stevemardiazjf: your first keystone commit!!!!!!!!!!!!!!19:20
dstanekdiazjf: nice19:20
stevemardiazjf: Merged openstack/keystone: Adding Documentation for Mapping Combinations  https://review.openstack.org/192850 YAY19:20
stevemarprint that out and frame it19:21
dstanekstevemar: i think mine was a 1 letter doc change while in the airport on the way to interview with Rax19:21
stevemardstanek: mine: https://review.openstack.org/#/c/18054/19:22
stevemarhey mordred had +2 on keystone at that time19:22
stevemardstanek: diazjf definitely picked a harder first patch!19:23
openstackgerritMerged openstack/keystone: Correct spacing in ``mapping_combinations.rst``  https://review.openstack.org/20446419:23
*** topol has joined #openstack-keystone19:24
*** ChanServ sets mode: +v topol19:24
stevemardstanek's first: https://review.openstack.org/#/c/43799/19:24
*** amickus has quit IRC19:24
dstanekgood stuff19:24
stevemardstanek: solid first patch19:25
dstaneki have to admit the tooling was intimidating at first...so much stuff to know before submitting a patch19:25
diazjfstevemar, thanks :)19:27
*** topol has quit IRC19:28
stevemardstanek: agreed19:31
stevemardiazjf: frame it19:31
stevemardstanek: the ksc oauthlib patch make sense?19:31
stevemaroh you already +2/+Aed ;)19:31
dstanekstevemar: yes already +A19:31
dstaneknow jenkins just has to do it's job19:32
*** jsavak has quit IRC19:34
*** jsavak has joined #openstack-keystone19:35
*** topol has joined #openstack-keystone19:38
*** ChanServ sets mode: +v topol19:38
openstackgerritHenrique Truta proposed openstack/keystone: Add is_domain field in Project Table  https://review.openstack.org/15742719:39
*** ayoung has joined #openstack-keystone19:43
*** ChanServ sets mode: +v ayoung19:43
henrynashthere are two specs that we agreed should go in on yesterday’s IRC meeting: https://review.openstack.org/#/c/200624/ and https://review.openstack.org/#/c/200434/ - keen to get those specs merged asap…so if anyone can add comments or +1/+2s, please go ahead :-)19:47
*** jasonsb has quit IRC19:47
*** jasonsb has joined #openstack-keystone19:49
openstackgerritDiego Adolfo proposed openstack/keystone: NotificationsTestCase running in isolation  https://review.openstack.org/20473919:49
openstackgerritOpenStack Proposal Bot proposed openstack/keystone: Updating sample configuration file  https://review.openstack.org/20443219:50
openstackgerritOpenStack Proposal Bot proposed openstack/keystone: Updating sample configuration file  https://review.openstack.org/20443219:51
morganfainberglbragstad: can either freeze exception it or grt it in post freeze19:54
morganfainberglbragstad: your call on how much effort you want to put in. I dont think itll make a huge difference either way.19:55
*** snapdey has joined #openstack-keystone19:55
*** iamjarvo has joined #openstack-keystone19:56
*** ankita_w_ has joined #openstack-keystone19:59
*** ankita_wagh has quit IRC19:59
*** ankita_wagh has joined #openstack-keystone20:00
*** ankita_w_ has quit IRC20:00
dolphmmorganfainberg: FYI, i suspect lbragstad is already AFK for the week20:03
morganfainbergThen not a worry. Will just ride out freeze on that patch20:03
* morganfainberg sees little benefit to fighting for stable freeze exceptions unless it is right before eol20:04
openstackgerritIan Cordasco proposed openstack/python-keystoneclient: Set reasonable defaults for TCP Keep-Alive  https://review.openstack.org/20474120:04
morganfainbergIf the patch matters that much, the distributions will grab it anyway.20:04
*** marzif_ has joined #openstack-keystone20:05
lbragstadmorganfainberg: do you have a preference/20:05
bknudsonmorganfainberg: I'm grabbing the ldap fix right now!20:06
dolphmsigmavirus24: nice ^20:06
morganfainberglbragstad: nope. Really up to you on how much work you want to put in ^^ see my last statement20:06
sigmavirus24dolphm: file a bug, fix a bug =P20:06
morganfainbergbknudson: my point exactly20:06
dolphmsigmavirus24: according to my metrics, you're not measurably improving openstack, sir.20:06
sigmavirus24dolphm: too bad20:07
sigmavirus24I'm apparently in the 20s for reviews across openstack20:07
sigmavirus24(according to stackalytics)20:07
morganfainbergI hear you have to open bugs and expect someone else to fix it, and whine about the fix being wrong to improve openstack >.>20:07
bknudsonnobody counts reviews20:07
dolphmsigmavirus24: nice20:07
morganfainberg(That wasnt directed at anyone particular, most people dont whine)20:08
dolphmmorganfainberg: whining is how best motivate the PTL20:09
*** TheIntern has quit IRC20:13
*** jasonsb has quit IRC20:14
*** jasonsb has joined #openstack-keystone20:14
dstanekhenrynash: just added some comments on the clarification spec review20:17
mfischdolphm: do you know why revoke driver is in contrib?20:21
sigmavirus24morganfainberg: I'd rather sit around all day and fix bugs in openstack than open them and then fix them20:21
sigmavirus24But infra pinged me about this because it's related to requests so, sorry =P20:21
*** diegoadolfo has quit IRC20:24
*** e0ne has quit IRC20:26
raildodstanek: I just answered some questions in this spec, just to speed up the review process20:26
dstanekraildo: thanks! do you know about the resources question?20:28
openstackgerritMerged openstack/keystone: Fix docs in federation.routers  https://review.openstack.org/20357220:28
raildodstanek: yes, we can have resouces in a project.is_domain=True20:30
raildodstanek: but you must need grant a role assingment to a user be able to get a project scoped token20:30
dstanekraildo: that review explicitly called out that the project will act as a domain, but not necessarily that it would still act as a project20:32
morganfainbergmfisch: because it was an "extension" before. We're slowly cleaning that up.20:32
*** snapdey has quit IRC20:33
mfischmorganfainberg: thx20:33
raildodstanek: right... I'll talk with henrynash, we can add some explanation about it20:33
raildojust to be more clear20:34
*** mestery has quit IRC20:42
openstackgerritOpenStack Proposal Bot proposed openstack/keystone: Updating sample configuration file  https://review.openstack.org/20443220:42
*** jsavak has quit IRC20:43
*** jsavak has joined #openstack-keystone20:43
openstackgerritHenrique Truta proposed openstack/keystone: Change project name constraints  https://review.openstack.org/15837220:44
*** henrynash has quit IRC20:44
*** snapdey has joined #openstack-keystone20:47
*** jsavak has quit IRC20:47
*** ankita_w_ has joined #openstack-keystone20:47
*** stevemar has quit IRC20:48
*** stevemar has joined #openstack-keystone20:49
*** ChanServ sets mode: +v stevemar20:49
*** ankita_wagh has quit IRC20:51
*** hrou has quit IRC20:53
*** stevemar has quit IRC20:53
bretonwhat does pep8 want? http://logs.openstack.org/78/204678/6/gate/gate-python-keystoneclient-pep8/daebddc/console.html20:54
dstanekbreton: friends20:55
dstanekbreton: it looks like maybe there was a problem with flake8? doesn't look like it found any issues in the code20:56
bretonhm, my local tox -e pep8 says that there is unused import20:56
bretonI wonder why gate doesn't.20:57
openstackgerritBoris Bobrov proposed openstack/python-keystoneclient: Make OAuth testcase use actual request headers  https://review.openstack.org/20467820:58
bretondstanek: ^ made pep8 a little happier, please +2 again20:59
dstanekbreton: done21:00
pauloewertonhi there. question about keystoneauth21:01
pauloewertonI believe that @missingproperty decorator is incorrectly applied here: https://github.com/openstack/keystoneauth/blob/master/keystoneauth1/access.py#L60221:02
pauloewertoncan anyone confirm?21:02
*** jasonsb has quit IRC21:03
dstanekpauloewerton: why do you say that?21:03
*** jasonsb has joined #openstack-keystone21:03
pauloewertondstanek, other internal properties like _user or _project are marked as @property21:04
pauloewertonalso, I'm having issues trying to get domain_id property, for example21:05
dstanekpauloewerton: just quickly looking at the code i don't think it would matter if _domain was @property or @missingproperty if it's failing in _user21:07
*** shaleh has quit IRC21:08
pauloewertondstanek, it fails when I try to get properties domain_id and domain_name21:08
dstanekpauloewerton: if it was @property you'd just get a keyerror instead of a typeerror21:09
dstanekpauloewerton: oops i meant domain_id and typed _user21:09
pauloewertonI get a keyerror when using @missingproperty and no error at all using @property in _domain21:10
*** raildo has quit IRC21:10
dstanekpauloewerton: i'm not sure how property works then. missingproperty seems to only do something different (return None) if the function fails. since it's the same function called by property i have no idea what's happening. i'd have to get together some test cases to find out.21:12
dstanekpauloewerton: so you actually get back a valid domain when @property is used?21:13
pauloewertondstanek, I believe so, but I would have to look it up more carefully21:14
pauloewertonbut I'm almost sure it returns a valid domain or None, as it was supposed to21:15
dstanekpauloewerton: i would expect you to see a TypeError when using @missingproperty since it defaults to None and domain_id can't handle that21:15
pauloewertonyeah, sorry I get TypeError using @missingproperty not keyerror as I told earlier21:16
*** pnavarro has quit IRC21:16
dstanekpauloewerton: I would only expect a KeyError is a dict is being returned that isn't valid or if you changed @missingproperty to @property you'd also get it21:17
*** david-lyle has quit IRC21:17
dstanekpauloewerton: so i do think there is a bug, but I'm not convinced it's because of the @missingproperty because either way domain_id needs to be smarter21:17
dstanekpauloewerton: can you file a bug?21:17
*** jsavak has joined #openstack-keystone21:17
pauloewertondstanek, I was going to do just that and submit a fix, bug wanted to confirm first21:18
pauloewertonbut*21:20
*** TheIntern has joined #openstack-keystone21:21
*** iamjarvo_ has joined #openstack-keystone21:22
*** iamjarvo_ has quit IRC21:22
*** TheIntern has quit IRC21:22
*** iamjarvo_ has joined #openstack-keystone21:22
*** TheIntern has joined #openstack-keystone21:23
dstanekpauloewerton: i'm not really sure what the fix should be...probably just fixing the things that use _domain? anyway, submit some tests that break without your fix21:24
*** iamjarvo has quit IRC21:25
*** marzif_ has quit IRC21:25
pauloewertondstanek, I was thinking of just switching decorators from @missingproperty to @property. seems consistent with the other internal properties21:26
dstanekpauloewerton: but that doesn't fix the bug21:26
pauloewertondstanek, but no problem, I wil file the bug21:26
*** dan_ has joined #openstack-keystone21:27
dstanekit just goes from TypeError to KeyError - the question is what should the behavior be? an exception or a default value? and if an exception...which one?21:27
*** dan_ is now known as Guest5685521:27
*** henrynash has joined #openstack-keystone21:29
*** ChanServ sets mode: +v henrynash21:29
*** snapdey has quit IRC21:29
pauloewertondstanek, I see. I'll try to exercise the bug in a test21:30
*** e0ne has joined #openstack-keystone21:30
*** hrou has joined #openstack-keystone21:30
*** iamjarvo_ has quit IRC21:31
*** snapdey has joined #openstack-keystone21:34
openstackgerritBoris Bobrov proposed openstack/python-keystoneclient: Remove unused time_patcher  https://review.openstack.org/20477121:35
*** iamjarvo has joined #openstack-keystone21:36
*** diazjf has left #openstack-keystone21:41
openstackgerritMerged openstack/keystone: Refactor websso ``origin`` validation  https://review.openstack.org/20352521:42
openstackgerritOpenStack Proposal Bot proposed openstack/keystone: Updating sample configuration file  https://review.openstack.org/20430021:43
openstackgerrithenry-nash proposed openstack/keystone-specs: Move inherited assignments to core, and support new inheritance rules  https://review.openstack.org/20043421:44
*** mylu has quit IRC21:47
*** dims_ has quit IRC21:53
openstackgerrithenry-nash proposed openstack/keystone-specs: Clarify project hierachy and parent usage within the API  https://review.openstack.org/20062421:54
*** edmondsw has quit IRC21:54
*** e0ne has quit IRC21:58
openstackgerritMerged openstack/keystoneauth: Updated from global requirements  https://review.openstack.org/20437121:59
openstackgerritBoris Bobrov proposed openstack/python-keystoneclient: Remove unused time_patcher  https://review.openstack.org/20477122:01
*** tsymanczyk has quit IRC22:01
*** Kennan has quit IRC22:02
*** sigmavirus24 is now known as sigmavirus24_awa22:03
*** Kennan has joined #openstack-keystone22:03
*** gordc has quit IRC22:06
*** tsymanczyk has joined #openstack-keystone22:06
*** htruta_ has joined #openstack-keystone22:07
*** bknudson has quit IRC22:08
*** nkinder has quit IRC22:10
*** jsavak has quit IRC22:12
*** spandhe has quit IRC22:15
pauloewertondstanek, link for the bug https://bugs.launchpad.net/keystoneauth/+bug/1477327. can you please take a look when you have some time?22:18
openstackLaunchpad bug 1477327 in keystoneauth "TypeError raised when trying to get domain properties in AccessInfo object" [Undecided,New]22:18
mfischCan someone tell me which of the memcache server list settings are used? Both?  I see memcache/servers and cache/memcache_servers22:18
pauloewertondstanek, I've written a really simple test case, but that reports the exact error I'm getting22:18
*** iamjarvo has quit IRC22:20
*** WormMan has left #openstack-keystone22:23
*** henrynash has quit IRC22:25
bretonmfisch: both22:29
bretonmfisch: one for cache and one for other stuff22:29
mfisch"other stuff"?22:29
bretonmfisch: tokens22:32
bretonlooks like we removed everything else.22:33
bretonmfisch: so yeah, only tokens.22:33
bretonwhy do we have fixtures in keystoneauth outside of tests?22:40
*** TheIntern has quit IRC22:41
*** piyanai has quit IRC22:45
*** tsymanczyk has quit IRC22:46
*** piyanai has joined #openstack-keystone22:46
*** piyanai has quit IRC22:47
*** tsymancz1k has joined #openstack-keystone22:51
openstackgerritEric Brown proposed openstack/keystoneauth: py34 not py33 is tested and supported  https://review.openstack.org/20108822:57
*** spandhe has joined #openstack-keystone23:02
bretonpauloewerton: it seems that the default fixture token is not domain-scoped23:02
bretonpauloewerton: you need to provide domain_id or domain_name to make it scoped-token23:02
breton*to make it domain-scoped23:02
*** iamjarvo has joined #openstack-keystone23:11
*** snapdey has quit IRC23:12
*** 77CAAEJLH has joined #openstack-keystone23:13
*** fangzhou has joined #openstack-keystone23:19
*** iamjarvo has quit IRC23:26
*** jasonsb has quit IRC23:27
*** Guest56855 has quit IRC23:29
*** roxanaghe has quit IRC23:31
dstanekbreton: i think that code is flawed23:37
*** jecarey has quit IRC23:37
*** ankita_wagh has joined #openstack-keystone23:38
dstanekpauloewerton: you can submit your test case as a review23:38
dstanekpauloewerton: but change your print to be an assertion of some sort23:39
*** ankita_w_ has quit IRC23:41
openstackgerritEric Brown proposed openstack/keystoneauth: py34 not py33 is tested and supported  https://review.openstack.org/20108823:42
bretondstanek: you think a token should be domain-scoped by default?23:49
dstanekbreton: why do you say that?23:49
*** jecarey has joined #openstack-keystone23:50
bretondstanek: ok, i misunderstood you. What code if flawed?23:51
dstanekbreton: i explain it here https://bugs.launchpad.net/keystoneauth/+bug/147732723:51
openstackLaunchpad bug 1477327 in keystoneauth "TypeError raised when trying to get domain properties in AccessInfo object" [Low,Confirmed]23:51
bretonoh23:53
bretonooh, I see a discussion above23:53
*** rm_work is now known as rm_work|away23:53
bretonok, thanks.23:53
dstaneknp23:54
*** jaosorior has quit IRC23:56
*** tsymancz1k is now known as tsymanczyk_23:56
*** tsymanczyk_ is now known as tsymanczyk23:58
« Tuesday, 2015-07-21 Index Thursday, 2015-07-23 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!