Thursday, 2016-07-28

dstanek	adriant: actually in thnking about it i think you need to have a full set of test cases anyway and there isn't much to share with password auth	00:02
dstanek	consider how the other auth plugins are tests	00:02
dstanek	it's possible that you can factor out the setup and use a shared set of tests that use different setup, but likely that's a later refactor	00:03
dstanek	heading to the gym now. i'll be back in about an hour	00:03
*** david-lyle_ has joined #openstack-keystone		00:28
*** dan_nguyen has quit IRC		00:30
*** roxanaghe has quit IRC		00:31
*** bigjools has quit IRC		00:43
*** code-R has joined #openstack-keystone		00:44
*** bigjools has joined #openstack-keystone		00:44
adriant	dstanek: The problem I'm having currently is that if PasswordTOTP isn't the default, my tests fail and there doesn't seem to be a way to tell the tests: "run this plugin instead"	00:50
adriant	Partly I assume because this issue here is that Password and PasswordTOTP both use the method_name 'password'	00:51
adriant	and I'm not sure if anyone has yet had a testing usecase where two plugins share the same method name	00:52
*** adu has quit IRC		00:59
*** tqtran has quit IRC		00:59
adriant	and now that my test run has finished...	01:01
adriant	1363 tests do something via the current password plugin	01:02
adriant	so by testing with my one as the default as well there are 1363 tests already that confirm my plugin works as a replacement for it should someone activate it on their deployment	01:03
*** gyee has quit IRC		01:03
adriant	That aside, I'm uploading the doc changes now and my separate bug fix patch seems to be passing Zuul. :)	01:06
*** chlong has joined #openstack-keystone		01:06
*** code-R_ has joined #openstack-keystone		01:07
*** adu has joined #openstack-keystone		01:09
*** code-R has quit IRC		01:10
*** david-lyle_ has quit IRC		01:14
*** mfisch has quit IRC		01:17
openstackgerrit	Adrian Turjak proposed openstack/keystone: adding totp support to password auth plugin https://review.openstack.org/343422	01:22
*** davechen has joined #openstack-keystone		01:26
*** shoutm has joined #openstack-keystone		01:27
*** TxGVNN has joined #openstack-keystone		01:29
davechen	rodrigods: are you arond?	01:30
*** roxanaghe has joined #openstack-keystone		01:32
openstackgerrit	Billy Olsen proposed openstack/keystone: Maintain ordered list for KVS token persistence https://review.openstack.org/348040	01:32
adriant	dstanek: just shifting computers, will be back soon. Newest patch is going through Zuul right now.	01:34
*** adriant has quit IRC		01:35
dstanek	adriant: does it have failing tests?	01:35
dstanek	davechen: i doubt it. it's late there	01:35
*** roxanaghe has quit IRC		01:36
*** mfisch has joined #openstack-keystone		01:39
*** mfisch has quit IRC		01:39
*** mfisch has joined #openstack-keystone		01:39
davechen	dstanek: thanks you, nothing major just want to have a short disccuss with him	01:39
*** dan_nguyen has joined #openstack-keystone		01:41
*** woodster_ has quit IRC		01:59
*** ddieterly has quit IRC		01:59
*** adriant has joined #openstack-keystone		02:00
*** dan_nguyen has quit IRC		02:02
*** dan_nguyen has joined #openstack-keystone		02:06
*** songjian has joined #openstack-keystone		02:08
*** browne has quit IRC		02:11
*** marekd2 has joined #openstack-keystone		02:16
*** itisha has quit IRC		02:20
*** marekd2 has quit IRC		02:21
*** ravelar159 has joined #openstack-keystone		02:22
*** songjian has quit IRC		02:24
*** songjian has joined #openstack-keystone		02:24
*** ayoung has quit IRC		02:25
*** ubuntu__ has joined #openstack-keystone		02:26
*** adu has quit IRC		02:26
*** ayoung has joined #openstack-keystone		02:27
*** ChanServ sets mode: +v ayoung		02:27
*** ubuntu__ has quit IRC		02:29
*** songjian has quit IRC		02:29
*** ayoung has quit IRC		02:32
*** roxanaghe has joined #openstack-keystone		02:33
*** richm has quit IRC		02:34
*** spandhe has joined #openstack-keystone		02:35
*** gagehugo has joined #openstack-keystone		02:35
*** ravelar159 has quit IRC		02:35
*** ayoung has joined #openstack-keystone		02:36
*** ChanServ sets mode: +v ayoung		02:36
*** jaugustine has quit IRC		02:36
*** roxanaghe has quit IRC		02:37
*** dan_nguyen has quit IRC		02:37
*** nk2527_ has quit IRC		02:38
*** songjian has joined #openstack-keystone		02:40
dstanek	adriant: are you still having a problem getting the tests to pass?	02:50
*** jrist has quit IRC		02:55
*** agireud has quit IRC		02:55
adriant	Yep	02:56
adriant	dstanek: is there a way to specify in the tests: "use this plugin"	02:56
adriant	?	02:56
*** tqtran has joined #openstack-keystone		02:57
dstanek	adriant: yes, i have made a few changes to that review. mind if i just push them?	02:58
*** agireud has joined #openstack-keystone		02:58
adriant	dstanek: based on the most recent patch? If so, then sure. :)	02:59
dstanek	adriant: yes	02:59
dstanek	on it's way	02:59
openstackgerrit	David Stanek proposed openstack/keystone: adding totp support to password auth plugin https://review.openstack.org/343422	02:59
*** browne has joined #openstack-keystone		03:00
*** adu has joined #openstack-keystone		03:01
dstanek	adriant: that will make it not the default and allow you to specify password_with_totp in your config to use the new plugin	03:01
*** tqtran has quit IRC		03:01
adriant	dstanek: awesome, I had a feeling something like that would work	03:02
adriant	now...	03:02
adriant	I could actually just extend the password auth test class	03:02
adriant	so my class uses those test cases, but with my config	03:02
adriant	save me writing duplicate test cases	03:03
adriant	dstanek: as that's my main issue with this approach, I'm not getting the befit of tests running against the passwordtotp plugin assuming it is the password one	03:04
adriant	benefit* of	03:05
*** nk2527 has joined #openstack-keystone		03:06
*** jaugustine has joined #openstack-keystone		03:08
openstackgerrit	Merged openstack/keystone: Add schema validation to v2 create tenant https://review.openstack.org/346594	03:09
openstackgerrit	Adrian Turjak proposed openstack/keystone: TOTP auth not functional in python3 https://review.openstack.org/348081	03:11
*** dikonoor has joined #openstack-keystone		03:13
*** ayoung has quit IRC		03:14
*** iurygregory has quit IRC		03:15
*** iurygregory has joined #openstack-keystone		03:15
*** sdake has joined #openstack-keystone		03:15
*** tonytan4ever has joined #openstack-keystone		03:17
*** dan_nguyen has joined #openstack-keystone		03:22
*** sdake_ has joined #openstack-keystone		03:25
*** sdake has quit IRC		03:27
rderose	adriant: test still passes with the old code: return six.text_type(totp.generate(timeutils.utcnow_ts(microsecond=True)))	03:36
adriant	the new test?	03:37
adriant	not in python3...	03:37
adriant	at least not for me	03:37
adriant	rderose: ^	03:37
rderose	ah, right. let me try that	03:38
adriant	in python2 the old code is fine	03:38
adriant	the issue is python3 specific	03:38
rderose	how do I tell tox to run in python3?	03:39
rderose	adriant^	03:39
adriant	tox -e py34	03:39
adriant	or	03:39
adriant	tox -e py35	03:39
songjian	tox -e py34	03:40
adriant	you can also tell it to run specific tests	03:40
adriant	tox -e py34 -- '(TestAuthTOTP)'	03:41
adriant	that will run just the test cases you care about in py34	03:41
songjian	hello,everybody.I have a question about keystoneclient and keystoneauth. I'm in the direction of the trove, want to replaced keystoneclient keystoneauth. But encountered in the execution of a mistake, whether is because, for help function parameter type updated?	03:42
songjian	The original code: sc = ServiceCatalog factory ({' token ': None,	03:42
songjian	'serviceCatalog: service_catalog})	03:42
songjian	Urls = sc. Get_urls (service_type = service_type, region_name = endpoint_region,	03:42
songjian	Endpoint_type = endpoint_type).	03:42
songjian	Change the code: sc = ServiceCatalog ServiceCatalogV2 (	03:42
songjian	{' serviceCatalog: service_catalog})	03:42
songjian	Urls = sc. Get_urls (service_type = service_type,	03:42
songjian	Region_name = endpoint_region,	03:42
songjian	Interface = endpoint_type)	03:42
songjian	TypeError: string indices must be integers, not str	03:43
*** dan_nguyen has quit IRC		03:45
*** david-lyle_ has joined #openstack-keystone		03:45
*** sdake_ has quit IRC		03:46
adriant	rderose: any luck (or failure as the case should be :P)?	03:46
*** sdake has joined #openstack-keystone		03:46
rderose	adriant songjian: I hate when I ask stupid questions :) I'm all looking in the ini file... been a long day	03:48
rderose	adriant: looks good, thx	03:48
adriant	rderose: It took me a while to get my head around tox. I still get very confused with it at times!	03:49
*** bill_az has quit IRC		03:49
dstanek	adriant: agreed, but i don't see it as important as long as the test cases are covered and i think your patch gets most of them	03:50
adriant	dstanek: I've managed to pretty much cover the password tests by doing this:	03:50
adriant	class TestAuthPasswordTOTP(test_v3.RestfulTestCase, TokenAPITests):	03:50
adriant	the TokenAPITests check a bunch of the password stuff, so that works out quite well	03:51
dstanek	adriant: why tokenapitests?	03:51
adriant	It seemed it contained the most password related tests, and it already extended for similar enough reasons by the other test classes	03:51
adriant	it is already extended*	03:52
adriant	There aren't any, "password auth" tests that I can see, but that class has tests which pretty much cover them it seems. :)	03:53
songjian	I am so sorry	03:53
*** songjian has left #openstack-keystone		03:53
*** david-lyle_ is now known as david-lyle		03:54
dstanek	adriant: i'll have to take acloser look at that later then	03:56
adriant	dstanek: new patch up updated docs will be up by then :)	03:56
*** julim has quit IRC		03:59
*** bill_az has joined #openstack-keystone		04:01
*** julim has joined #openstack-keystone		04:02
*** julim has quit IRC		04:02
*** links has joined #openstack-keystone		04:03
*** david-lyle has quit IRC		04:07
*** david-lyle has joined #openstack-keystone		04:11
openstackgerrit	David Stanek proposed openstack/keystone: Adds test for SecurityError's translation behavior https://review.openstack.org/348085	04:16
openstackgerrit	David Stanek proposed openstack/keystone: Adds a custom deepcopy handler https://review.openstack.org/348086	04:16
dstanek	rderose: ^	04:16
*** spandhe has quit IRC		04:20
*** spandhe_ has joined #openstack-keystone		04:20
*** dan_nguyen has joined #openstack-keystone		04:23
openstackgerrit	Dave Chen proposed openstack/keystone: Add the missing testcases for `name` and `enabled` https://review.openstack.org/348115	04:31
openstackgerrit	Dave Chen proposed openstack/keystone: No need the redundant validation in manager level https://review.openstack.org/348116	04:31
*** adu has quit IRC		04:32
stevemar	sorrison: merged https://review.openstack.org/#/c/347975/ let us know how it goes	04:36
patchbot	stevemar: patch 347975 - keystone (stable/mitaka) - Change LocalUser sql model to eager loading (MERGED)	04:36
stevemar	davechen: nice clean up patches :)	04:36
openstackgerrit	Dave Chen proposed openstack/keystone: No need the redundant validation in manager level https://review.openstack.org/348116	04:36
davechen	stevemar: ha, you are still up :)	04:39
stevemar	davechen: oh, just for a few minutes	04:39
davechen	stevemar: btw, i am not object to this one now - https://review.openstack.org/347097	04:40
davechen	stevemar: just thought there are not much value with it, and we need follow up reviews to clean all of them if we merge one.	04:41
davechen	stevemar: have a good night, sir. I am gonna leave for an while for lunch (on the bed) :)	04:43
*** davechen is now known as davechen_afk		04:44
*** bill_az has quit IRC		04:44
stevemar	davechen_afk: have a good lunch	04:45
rderose	dstanek: sweet!	04:45
stevemar	rderose: quit lying already	04:45
rderose	stevemar: huh?	04:45
stevemar	rderose (reference to the card game)	04:46
rderose	stevemar: I don't like, that's why I sucked at the resistance game. you on the other hand...	04:46
rderose	*I don't lie	04:46
stevemar	maybe you are lying about lying	04:46
stevemar	>.>	04:46
stevemar	<.<	04:46
rderose	stevemar: I'm not that smart :)	04:47
stevemar	hey thats my line!	04:47
rderose	haha	04:50
openstackgerrit	Adrian Turjak proposed openstack/keystone: adding combined password and totp auth plugin https://review.openstack.org/343422	04:51
*** tqtran has joined #openstack-keystone		04:59
*** dikonoor has quit IRC		05:00
*** jrist has joined #openstack-keystone		05:03
*** tqtran has quit IRC		05:04
*** dan_nguyen has quit IRC		05:07
*** davechen_afk has quit IRC		05:08
*** code-R_ has quit IRC		05:14
*** adriant has quit IRC		05:32
*** shoutm has quit IRC		05:34
*** shoutm has joined #openstack-keystone		05:35
*** shoutm has quit IRC		05:45
*** shoutm has joined #openstack-keystone		05:51
*** david-lyle has quit IRC		06:02
*** spandhe_ has quit IRC		06:07
*** spandhe has joined #openstack-keystone		06:07
openstackgerrit	Swapnil Kulkarni (coolsvap) proposed openstack/keystone: [WIP] Testing latest u-c https://review.openstack.org/318435	06:10
*** roxanaghe has joined #openstack-keystone		06:12
*** code-R has joined #openstack-keystone		06:12
*** roxanaghe has quit IRC		06:16
*** pcaruana has joined #openstack-keystone		06:17
*** code-R_ has joined #openstack-keystone		06:29
*** code-R has quit IRC		06:33
*** tonytan4ever has quit IRC		06:38
*** tesseract- has joined #openstack-keystone		06:42
*** sdake has quit IRC		06:42
*** code-R has joined #openstack-keystone		06:43
*** code-R_ has quit IRC		06:44
*** shoutm_ has joined #openstack-keystone		06:47
*** shoutm has quit IRC		06:47
*** songjian has joined #openstack-keystone		06:47
*** spandhe has quit IRC		06:48
*** songjian has left #openstack-keystone		06:48
*** shoutm_ has quit IRC		07:05
*** shoutm has joined #openstack-keystone		07:05
*** roxanaghe has joined #openstack-keystone		07:13
*** permalac has joined #openstack-keystone		07:13
*** davechen has joined #openstack-keystone		07:13
*** roxanaghe has quit IRC		07:17
*** pnavarro has joined #openstack-keystone		07:17
*** agireud has quit IRC		07:17
*** danpawlik has joined #openstack-keystone		07:25
*** agireud has joined #openstack-keystone		07:26
*** tonytan4ever has joined #openstack-keystone		07:29
*** pece has joined #openstack-keystone		07:29
*** marekd2 has joined #openstack-keystone		07:36
*** chlong has quit IRC		07:47
*** zzzeek has quit IRC		08:00
*** zzzeek has joined #openstack-keystone		08:00
*** code-R has quit IRC		08:06
*** browne has quit IRC		08:06
*** aastha has quit IRC		08:09
*** permalac has quit IRC		08:26
*** permalac has joined #openstack-keystone		08:26
*** tonytan4ever has quit IRC		08:51
openstackgerrit	wangxiyuan proposed openstack/keystoneauth: Fix the doc error in "using-session" https://review.openstack.org/348176	08:52
openstackgerrit	Boris Bobrov proposed openstack/keystone: Test number of queries on list_users https://review.openstack.org/347967	08:53
*** nishaYadav has joined #openstack-keystone		08:54
marekd2	breton: hi! :-)	08:56
marekd2	regarding https://review.openstack.org/347967 - what factor makes you think the number of calls should be sublinear? caching ?	08:57
*** roxanaghe has joined #openstack-keystone		09:00
*** daemontool has joined #openstack-keystone		09:03
*** roxanaghe has quit IRC		09:04
*** permalac has quit IRC		09:25
*** shoutm has quit IRC		09:35
*** brancaleone has quit IRC		09:35
*** shoutm has joined #openstack-keystone		09:38
breton	marekd2: type of calls	10:16
marekd2	breton: you mean?	10:16
breton	marekd2: 1 min	10:16
marekd2	breton: sure.	10:16
breton	marekd2: https://bugs.launchpad.net/bugs/1606426 here we had an issue that for each user a call to db was made	10:17
openstack	Launchpad bug 1606426 in OpenStack Identity (keystone) mitaka "user list is much slower in mitaka and newton" [Critical,Fix committed] - Assigned to Ron De Rose (ronald-de-rose)	10:17
marekd2	yeah, i read it	10:17
breton	marekd2: we fixed it by eagerly loading passwords	10:18
breton	marekd2: before it made 1 db query for 1 password	10:18
breton	marekd2: after the fix it made 1 db query to fetch all passwords	10:18
marekd2	breton: and match passwors w/ users in-memory	10:18
marekd2	?	10:18
breton	marekd2: before fetching users was made in O(N) time. Now in O(1).	10:19
breton	marekd2: sqlalchemy does it	10:19
breton	marekd2: probably it does it in-memory	10:19
marekd2	O(n) vs O(1) in terms of separate SQL calls ... ?	10:19
marekd2	i still think it needs to process each users query :-)	10:19
breton	marekd2: yes, in terms of SQL calls.	10:19
marekd2	breton: so it does one SELECT statement for users and somehow same thing for passwords and joins them in memeory instead of one SQL query for users and n queries for passwords?	10:20
breton	marekd2: now it works this way.	10:21
breton	marekd2: https://review.openstack.org/#/c/347972/ here it should work in 1 query	10:21
patchbot	breton: patch 347972 - keystone - Make fetching all foreign keys in a join	10:21
*** hwcomcn has joined #openstack-keystone		10:21
breton	marekd2: it == fetching everything -- local users, passwords, non-local users etc.	10:22
breton	marekd2: but it fails tests for a reason	10:22
marekd2	breton: yeah, but apart from dsvm tests it's neutron test so looks like 'not related'.	10:24
breton	marekd2: nope, it looks related. Because something about passwords fail.	10:25
breton	marekd2: and we change the way passwords are fetched	10:25
breton	marekd2: but i have not investigated it at all :(	10:26
*** brancaleone has joined #openstack-keystone		10:26
marekd2	breton: so the gerrit tests are failing while unit tests are fine...	10:28
*** davechen has left #openstack-keystone		10:30
openstackgerrit	Alexander Makarov proposed openstack/keystone: Unified delegation trust driver https://review.openstack.org/291871	10:41
*** roxanaghe has joined #openstack-keystone		10:48
*** roxanaghe has quit IRC		10:53
*** brancaleone has quit IRC		11:10
*** GB21 has quit IRC		11:18
*** tonytan4ever has joined #openstack-keystone		11:53
*** chlong has joined #openstack-keystone		11:55
*** hoonetorg has quit IRC		11:56
*** tonytan4ever has quit IRC		11:57
*** hoonetorg has joined #openstack-keystone		12:27
*** hwcomcn has quit IRC		12:31
*** dave-mccowan has joined #openstack-keystone		12:35
*** roxanaghe has joined #openstack-keystone		12:36
*** links has quit IRC		12:40
*** roxanaghe has quit IRC		12:41
*** julim has joined #openstack-keystone		12:43
*** gordc has joined #openstack-keystone		12:46
*** pauloewerton has joined #openstack-keystone		12:49
*** nishaYadav has quit IRC		12:51
*** nishaYadav has joined #openstack-keystone		12:52
*** nishaYadav is now known as Guest18526		12:52
*** woodster_ has joined #openstack-keystone		12:55
*** jsavak has joined #openstack-keystone		12:56
*** tqtran has joined #openstack-keystone		13:02
*** edmondsw has joined #openstack-keystone		13:07
*** tqtran has quit IRC		13:07
*** edmondsw has quit IRC		13:08
*** Guest18526 is now known as nishaYadav		13:12
*** richm has joined #openstack-keystone		13:13
*** edmondsw has joined #openstack-keystone		13:14
openstackgerrit	Nisha Yadav proposed openstack/python-keystoneclient: Add region functional tests https://review.openstack.org/339158	13:16
openstackgerrit	Boris Bobrov proposed openstack/keystone: Fix cache invalidation https://review.openstack.org/327885	13:19
*** daemontool has quit IRC		13:21
*** bill_az has joined #openstack-keystone		13:21
openstackgerrit	Boris Bobrov proposed openstack/keystone: Fix cache invalidation https://review.openstack.org/327885	13:22
openstackgerrit	Merged openstack/keystone: Add the missing testcases for `name` and `enabled` https://review.openstack.org/348115	13:23
*** markvoelker has joined #openstack-keystone		13:30
*** markvoelker has quit IRC		13:34
*** sdake has joined #openstack-keystone		13:36
openstackgerrit	Merged openstack/keystone: No need the redundant validation in manager level https://review.openstack.org/348116	13:37
openstackgerrit	Merged openstack/python-keystoneclient: Improve implied-role functional tests https://review.openstack.org/341612	13:39
*** code-R has joined #openstack-keystone		13:41
*** code-R_ has joined #openstack-keystone		13:42
*** ayoung has joined #openstack-keystone		13:43
*** ChanServ sets mode: +v ayoung		13:43
*** code-R has quit IRC		13:45
*** itisha has joined #openstack-keystone		13:46
*** tonytan4ever has joined #openstack-keystone		13:52
*** samueldmq has joined #openstack-keystone		13:57
*** ChanServ sets mode: +v samueldmq		13:57
*** pnavarro has quit IRC		13:57
*** ddieterly has joined #openstack-keystone		13:58
samueldmq	morning	13:58
openstackgerrit	Boris Bobrov proposed openstack/keystone: Test number of queries on list_users https://review.openstack.org/347967	14:02
*** code-R_ has quit IRC		14:03
*** code-R has joined #openstack-keystone		14:04
openstackgerrit	Nisha Yadav proposed openstack/python-keystoneclient: Improve docs for v3 endpoints https://review.openstack.org/339468	14:07
*** code-R_ has joined #openstack-keystone		14:10
*** gagehugo_ has joined #openstack-keystone		14:11
lbragstad	morning	14:12
*** code-R has quit IRC		14:13
rderose	lbragstad: good morning!	14:14
openstackgerrit	Merged openstack/keystoneauth: Fix the doc error in "using-session" https://review.openstack.org/348176	14:15
lbragstad	rderose i just cracked https://review.openstack.org/#/c/333360 open	14:16
patchbot	lbragstad: patch 333360 - keystone - PCI-DSS Password expires validation	14:16
lbragstad	I have a good feeling about landing a PCI patch today	14:18
rderose	lbragstad: that's a good feeling to have :)	14:18
lbragstad	I hope so!	14:18
stevemar	lbragstad: what should i be reviewing for pci?	14:19
lbragstad	stevemar rderose has at least three that are getting real close	14:19
lbragstad	stevemar i'm going to start with https://review.openstack.org/#/c/333360	14:19
patchbot	lbragstad: patch 333360 - keystone - PCI-DSS Password expires validation	14:19
stevemar	lbragstad: i just proposed new releases for our libs and did the post midcycle recap and mailing list blast	14:19
lbragstad	then move to https://review.openstack.org/#/c/328339/	14:19
patchbot	lbragstad: patch 328339 - keystone - PCI-DSS Password history requirements	14:19
stevemar	lbragstad: i've got time now for pci :O	14:19
lbragstad	and and finish up with - https://review.openstack.org/#/c/340074/	14:20
patchbot	lbragstad: patch 340074 - keystone - PCI-DSS Lockout requirements	14:20
stevemar	lbragstad: https://review.openstack.org/#/c/343314/ already has a +2 :O	14:20
patchbot	stevemar: patch 343314 - keystone - PCI-DSS Minimum password age requirements	14:20
openstackgerrit	Ron De Rose proposed openstack/keystone: PCI-DSS Password history requirements https://review.openstack.org/328339	14:20
lbragstad	stevemar then that one is on my list to get through today too	14:21
*** roxanaghe has joined #openstack-keystone		14:22
openstackgerrit	Merged openstack/keystone: Invalid tls_req_cert constant as default https://review.openstack.org/347523	14:23
rderose	stevemar lbragstad: because the patches are independent, it's likely that when one gets merged it will cause a merge conflict for the remaining patches	14:23
rderose	stevemar lbragstad: I'll fix those promptly though	14:23
rderose	stevemar lbragstad: anyway, just a heads up	14:24
lbragstad	rderose that sounds good	14:24
lbragstad	hopefully they are trivial	14:24
rderose	lbragstad: yeah should be	14:25
*** roxanaghe has quit IRC		14:27
*** jistr is now known as jistr\|call		14:35
dstanek	lbragstad: that's a good call on the docs. i was thinking of moving some of the text to __deepcopy__, but never did	14:36
henrynash	stevemar: do you think we still need the separate extensions repos that are in contrib for federation/endpoint filter....they just raise an exception if you call them - if not, we could remove all the db_sync extension support - making the rolling upgrade code cleaner	14:38
lbragstad	dstanek your explanation in the tests helped me a lot	14:39
lbragstad	dstanek thanks for adding it	14:39
*** shoutm has quit IRC		14:41
dstanek	i aim to please :-)	14:42
*** clenimar has joined #openstack-keystone		14:42
*** spandhe has joined #openstack-keystone		14:43
*** spandhe_ has joined #openstack-keystone		14:45
*** spandhe has quit IRC		14:47
*** spandhe_ is now known as spandhe		14:47
*** jistr\|call is now known as jistr		14:49
*** nkinder has joined #openstack-keystone		14:49
dstanek	lbragstad: i am thinking of just transporting that test docstring over to the exception module. do you think that's too much?	14:51
lbragstad	dstanek not at all	14:51
lbragstad	dstanek it's probably more discoverable in the exception module than it is in the tests	14:52
dstanek	lbragstad: yes, that's true	14:52
dstanek	thx	14:52
lbragstad	yep	14:52
lbragstad	dstanek i have both those patches on my review queue today so that we can merge them for the pci stuff	14:53
dstanek	lbragstad: updating now so that we can get this rolling :-)	14:53
*** timcline has joined #openstack-keystone		14:55
openstackgerrit	Billy Olsen proposed openstack/keystone: Maintain ordered list for KVS token persistence https://review.openstack.org/348040	14:57
*** timcline_ has joined #openstack-keystone		14:57
*** EinstCra_ has joined #openstack-keystone		14:57
*** timcline has quit IRC		15:00
*** KevinE has joined #openstack-keystone		15:04
*** KevinE has quit IRC		15:05
*** KevinE has joined #openstack-keystone		15:05
*** EinstCra_ has quit IRC		15:06
*** EinstCrazy has joined #openstack-keystone		15:06
openstackgerrit	Nisha Yadav proposed openstack/python-keystoneclient: Add endpoint functional tests https://review.openstack.org/340418	15:07
*** EinstCrazy has quit IRC		15:12
openstackgerrit	Merged openstack/keystoneauth: Use assertEqual() instead of assertDictEqual() https://review.openstack.org/346743	15:16
*** dan_nguyen has joined #openstack-keystone		15:16
*** openstackgerrit has quit IRC		15:18
*** openstackgerrit has joined #openstack-keystone		15:18
openstackgerrit	David Stanek proposed openstack/keystone: Adds a custom deepcopy handler https://review.openstack.org/348086	15:19
dstanek	dolphm: since nobody can reproduce that critical bug does it make sense to downgrade its severity?	15:20
*** pcaruana has quit IRC		15:22
dolphm	dstanek: i don't think so - if it IS reproducible, it'd still be a critical	15:29
*** browne has joined #openstack-keystone		15:29
dstanek	dolphm: when do we make that call or do we just have to wait out the 90 days with that on top?	15:29
dolphm	dstanek: it's sort of a trifecta of an upgrade blocker, affects a critical use case of keystone, and happens to result in massive data loss	15:29
dolphm	dstanek: i'd say leave our $.02 in the commetns and wait out the 90 days	15:30
dolphm	dstanek: letting it hang there as a critical might encourage someone else to try to repro, and maybe they'll figure it out?	15:31
dstanek	dolphm: sounds good. i think i need an ignore feature on os-trello	15:31
*** ddieterly is now known as ddieterly[away]		15:35
*** roxanaghe has joined #openstack-keystone		15:38
*** ddieterly[away] is now known as ddieterly		15:40
*** jistr is now known as jistr\|afk		15:42
*** roxanaghe has quit IRC		15:42
openstackgerrit	Dolph Mathews proposed openstack/keystone: Add token feature support matrix to documentation https://review.openstack.org/316118	15:44
*** woodster_ has quit IRC		15:49
stevemar	henrynash: i think they are being removed in O?	15:53
openstackgerrit	Ron De Rose proposed openstack/keystone: PCI-DSS Password expires validation https://review.openstack.org/333360	15:53
*** KevinE has quit IRC		15:54
*** timcline_ has quit IRC		15:54
*** comstud has quit IRC		15:55
*** arunkant_ has joined #openstack-keystone		15:55
*** browne has quit IRC		15:56
*** pece has quit IRC		15:58
openstackgerrit	Ron De Rose proposed openstack/keystone: PCI-DSS Password history requirements https://review.openstack.org/328339	15:59
*** gagehugo_ has quit IRC		16:03
*** david-lyle has joined #openstack-keystone		16:07
*** code-R_ has quit IRC		16:07
*** GB21 has joined #openstack-keystone		16:12
*** marekd2 has quit IRC		16:16
*** marekd2 has joined #openstack-keystone		16:17
stevemar	henrynash: we did it at the same time we did https://github.com/openstack/keystone/blob/master/keystone/contrib/oauth1/routers.py#L29-L32	16:17
stevemar	henrynash: i suppose we could remove the migrations in N and the entry points in O?	16:17
*** code-R has joined #openstack-keystone		16:18
openstackgerrit	Merged openstack/python-keystoneclient: Add project functional tests https://review.openstack.org/332871	16:19
*** woodster_ has joined #openstack-keystone		16:20
*** brancaleone has joined #openstack-keystone		16:20
openstackgerrit	Ron De Rose proposed openstack/python-keystoneclient: Removing old-new password matches validation from keystoneclient https://review.openstack.org/348464	16:20
*** adu has joined #openstack-keystone		16:21
*** ddieterly is now known as ddieterly[away]		16:21
*** aastha has joined #openstack-keystone		16:21
*** marekd2 has quit IRC		16:21
*** avvdemarchis has joined #openstack-keystone		16:24
*** ddieterly[away] is now known as ddieterly		16:26
stevemar	gagehugo: lamt_ jaugustine poke, i meant to share this earlier, dolphm kindly whipped up a performance doc: http://docs.openstack.org/developer/keystone/performance.html	16:26
stevemar	rderose: regarding https://bugs.launchpad.net/python-keystoneclient/+bug/1607436 -- what if someone doesn't have pci enabled :O	16:27
openstack	Launchpad bug 1607436 in python-keystoneclient "Remove password validation logic from client" [Undecided,In progress] - Assigned to Ron De Rose (ronald-de-rose)	16:27
*** jistr\|afk is now known as jistr		16:30
*** tesseract- has quit IRC		16:32
*** browne has joined #openstack-keystone		16:34
*** ninag has joined #openstack-keystone		16:39
henrynash	stevemar: (on migrations) - I don't see how any of the keystone-manage extension migrations commands are of any use for N, since all they would do is raise an error (e.g. MigrationMovedFailure: The oauth1 extension has been moved into keystone core and as such its migrations are maintained by the main keystone database control. Use the command: keystone-manage db_sync )	16:39
henrynash	stevemar: so I think we might as well strip not try any of those, and just return a default error if somehine trues to sue the --extension option to db_sync	16:40
*** KevinE has joined #openstack-keystone		16:41
henrynash	(that was good english....I mean strip out all the underly support in, for example, migration_helpers.py and the extension repos themselves	16:41
*** ninag has quit IRC		16:43
*** gyee has joined #openstack-keystone		16:43
*** ChanServ sets mode: +v gyee		16:43
*** TxGVNN has quit IRC		16:44
*** timcline has joined #openstack-keystone		16:45
rderose	stevemar: I'd argue that if the business logic belongs in the client, then it probably belongs in keystone	16:45
rderose	stevemar: shouldn't be duplicated in keystoneclient	16:45
lamt_	stevemar: thanks, and dolphm, thanks for the performance doc	16:46
henrynash	rderose: this goes to the point I raised on the server code...what happens if they update the user passing in the current password again...I do think we should spot that and not treat this as a "new" password	16:47
henrynash	rderose: in the server	16:47
*** gyee has quit IRC		16:48
*** jsavak has quit IRC		16:48
*** jsavak has joined #openstack-keystone		16:49
rderose	stevemar: PCI or not, the validation belongs in keystone; not keystoneclient	16:49
*** nishaYadav has quit IRC		16:50
*** nishaYadav has joined #openstack-keystone		16:51
rderose	henrynash: yeah, if they are passing in their password and calling update user, it's a password update according to the API	16:51
*** nishaYadav has quit IRC		16:52
rderose	henrynash: but I see you point. I just don't want to assume that is what the user intended.	16:52
rderose	henrynash: what is they were actually trying to do a password update, for example.	16:53
rderose	henrynash: I want to give them the appropriate error message in that case	16:53
henrynash	rderose: I must admit, until I knew keystoneclient generated an error, I would have expected such a cmd to be silient....but I can see the argument as you why chaneging the password attribute is different than any other	16:55
rderose	stevemar: And the validation should be handled in keystone regardless of the version. If v2 keystone doesn't have this check, then either it's a bug or expected behavior.	16:55
dstanek	i think v2 is a bug	16:57
*** pnavarro has joined #openstack-keystone		16:58
rderose	dstanek: ++	16:58
rderose	:)	16:58
*** ddieterly is now known as ddieterly[away]		17:01
dstanek	oh, did i say that outloud?	17:02
*** david-lyle has quit IRC		17:03
*** ddieterly[away] is now known as ddieterly		17:06
*** roxanaghe has joined #openstack-keystone		17:06
*** pnavarro has quit IRC		17:12
*** jsavak has quit IRC		17:14
*** pnavarro has joined #openstack-keystone		17:17
*** ddieterly is now known as ddieterly[away]		17:18
*** jsavak has joined #openstack-keystone		17:20
lbragstad	ok - i have to step away to grab some lunch	17:25
*** Gorian_ has joined #openstack-keystone		17:25
lbragstad	brb	17:25
*** roxanagh_ has joined #openstack-keystone		17:26
*** david-lyle has joined #openstack-keystone		17:28
*** roxanagh_ has quit IRC		17:31
*** nishaYadav has joined #openstack-keystone		17:32
*** nishaYadav is now known as Guest12676		17:32
*** Guest12676 has quit IRC		17:32
*** nisha_ has joined #openstack-keystone		17:33
*** tqtran has joined #openstack-keystone		17:33
*** nisha_ has quit IRC		17:33
*** tqtran has quit IRC		17:38
*** adu has quit IRC		17:38
*** nishaYadav has joined #openstack-keystone		17:51
*** nishaYadav is now known as Guest68314		17:51
dstanek	i think it may be lunch time for me too	17:52
*** gagehugo_ has joined #openstack-keystone		17:52
*** Guest68314 has quit IRC		17:52
*** nisha_ has joined #openstack-keystone		17:52
*** raildo has joined #openstack-keystone		17:53
jaugustine	lamt	17:55
jaugustine	whoops :)	17:56
gagehugo	stevemar dolphm: sweet	17:56
jaugustine	Thanks Steve! Will take a look	17:56
jaugustine	(And thanks dolphm ;) )	17:56
dolphm	jaugustine: of course!	17:57
*** gagehugo_ has quit IRC		17:57
harlowja	qq, trying to remember the history here	18:07
harlowja	why does keystone have an admin and public endpoint?	18:07
harlowja	vs say using policy to do this	18:07
harlowja	was just talking internally with a coworker and couldn't really remember, ha	18:07
bknudson	v2 had no policy	18:07
harlowja	that would do it :-P	18:08
dstanek	harlowja: v3 only needs a single endpoint now	18:08
harlowja	cool beans	18:09
openstackgerrit	Nisha Yadav proposed openstack/python-keystoneclient: Improve docs for v3 roles https://review.openstack.org/334546	18:10
openstackgerrit	Nisha Yadav proposed openstack/python-keystoneclient: Add role functional tests https://review.openstack.org/335118	18:10
*** ddieterly[away] has quit IRC		18:18
*** tqtran has joined #openstack-keystone		18:19
stevemar	henrynash: i'm not unopposed to returning a default "you done messed up!" if --extension is used with db_sync	18:23
stevemar	that basically serves the same purpose and should allow you to rip the extensions out	18:23
stevemar	henrynash: want me to do it?	18:23
*** nkinder has quit IRC		18:24
*** ayoung has quit IRC		18:24
*** ddieterly has joined #openstack-keystone		18:25
*** spandhe has quit IRC		18:30
openstackgerrit	Merged openstack/python-keystoneclient: Add region functional tests https://review.openstack.org/339158	18:30
openstackgerrit	Nisha Yadav proposed openstack/python-keystoneclient: Improve docs for v3 credentials https://review.openstack.org/348506	18:33
nisha_	samueldmq, ^	18:33
*** catintheroof has joined #openstack-keystone		18:34
*** GB21 has quit IRC		18:37
breton	i thought we discussed deprecating v2 in Tokyo	18:38
*** tonytan4ever has quit IRC		18:38
breton	at least non-auth API	18:38
openstackgerrit	Merged openstack/python-keystoneclient: Improve docs for v3 endpoints https://review.openstack.org/339468	18:38
breton	why we haven't done it?	18:38
*** roxanagh_ has joined #openstack-keystone		18:42
*** david-lyle has quit IRC		18:42
*** gagehugo_ has joined #openstack-keystone		18:43
dstanek	breton: i think we were waiting for all openstack projects to be off v2 and i don't think that has entirely happened yet	18:45
breton	but maybe we should start emitting deprecation warnings	18:46
*** roxanagh_ has quit IRC		18:46
breton	and they will have to move	18:46
dstanek	breton: i did that a while ago. not sure if we can put it back	18:48
*** ddieterly is now known as ddieterly[away]		18:53
*** ddieterly[away] is now known as ddieterly		18:59
openstackgerrit	Steve Martinelli proposed openstack/keystone: remove contrib migrations https://review.openstack.org/348515	19:00
dstanek	stevemar: woot!	19:02
*** ddieterly is now known as ddieterly[away]		19:02
stevemar	dstanek: i do good? yay \o/	19:02
*** fifieldt has quit IRC		19:02
dstanek	stevemar: you deserve a scooby snack	19:03
*** jsavak has quit IRC		19:07
*** jsavak has joined #openstack-keystone		19:08
openstackgerrit	henry-nash proposed openstack/keystone: Remove the extensions repos https://review.openstack.org/348521	19:15
henrynash	stevemar: bugger...we just dud the same patch!	19:17
henrynash	(did)	19:17
*** fifieldt has joined #openstack-keystone		19:18
openstackgerrit	Brian Haley proposed openstack/keystoneauth: Fix arguments to _auth_required() https://review.openstack.org/348523	19:19
*** gagehugo has left #openstack-keystone		19:19
*** avvdemarchis has quit IRC		19:20
*** gagehugo_ has quit IRC		19:20
*** gagehugo_ has joined #openstack-keystone		19:20
henrynash	stevemar: somehow I managed to delete more lines than you!	19:21
lbragstad	samueldmq do we have a bug open for the revocation event issues?	19:22
lbragstad	specifically the caching stuff with revocation events?	19:22
stevemar	henrynash: hehe	19:24
stevemar	henrynash: i waaaas 15 minutes sooner :P	19:24
stevemar	henrynash: ah nice	19:26
stevemar	henrynash: abandoned mine, yours looks nicer	19:27
*** fifieldt has quit IRC		19:27
*** tonytan4ever has joined #openstack-keystone		19:30
*** ddieterly[away] is now known as ddieterly		19:31
*** brancal has joined #openstack-keystone		19:34
*** brancaleone has quit IRC		19:36
*** fifieldt has joined #openstack-keystone		19:37
*** mvk has quit IRC		19:40
*** woodster_ has quit IRC		19:49
*** jsavak has quit IRC		19:54
dstanek	stevemar: henrynash: plus deleting more lines is more better	19:56
openstackgerrit	Gage Hugo proposed openstack/keystone: Add schema validation to create user v2 https://review.openstack.org/348531	19:56
gagehugo_	^ gonna break up create and update with the user v2 schema validation	19:57
*** jsavak has joined #openstack-keystone		19:58
*** roxanagh_ has joined #openstack-keystone		20:12
*** ddieterly is now known as ddieterly[away]		20:13
*** adu has joined #openstack-keystone		20:14
*** roxanagh_ has quit IRC		20:18
*** KevinE has quit IRC		20:20
*** gyee has joined #openstack-keystone		20:21
*** ChanServ sets mode: +v gyee		20:21
*** timcline has quit IRC		20:23
*** pnavarro has quit IRC		20:26
*** brancal has quit IRC		20:27
*** pnavarro has joined #openstack-keystone		20:29
dstanek	rderose: so with minimum password age a user can't change their password if there is a compromise right? they would have to call their cloud provider?	20:36
rderose	dstanek: correct, and an admin could do a password reset	20:38
dstanek	rderose: i think we need to loudly call that our in the release notes since that is an important new thing to know	20:39
*** ddieterly[away] has quit IRC		20:40
samueldmq	lbragstad: hmm, not sure	20:44
rderose	dstanek: hmm... it sounds like you find this troubling, but this seems like a standard way to prevent users from clearing out their password history.	20:44
lbragstad	samueldmq I have a devstack stood up and I'm seeing some weird stuff with fernet	20:44
dstanek	rderose: no troubling, but we do need to call it out.	20:45
samueldmq	lbragstad: if we do, it would be nice to make it more specific by saying the issue we've found is with cache	20:45
lbragstad	samueldmq it seems in line with what you were saying with the revocation stuff	20:45
samueldmq	lbragstad: what type of weirdness ?	20:45
samueldmq	lbragstad: hmm, nic	20:45
samueldmq	nice	20:45
rderose	dstanek: okay	20:45
openstackgerrit	henry-nash proposed openstack/keystone: Remove the extensions repos https://review.openstack.org/348521	20:46
lbragstad	samueldmq for example - this test is one of the ones failing when fernet is enabled - https://github.com/openstack/tempest/blob/5ba5d648f613822f5fe39bccece72f5f74103113/tempest/api/identity/admin/v3/test_tokens.py#L27-L50	20:46
rderose	dstanek: but I kind of find this troubling or not to my liking; wondering if I can come up with something more sophisticated here.	20:46
rderose	dstanek: I guess, it's only a problem if you account is compromised before the min password age	20:47
dstanek	rderose: what does AD do here?	20:47
lbragstad	samueldmq this line is failing because keystone is returning a valid token response instead of a HTTP NotFound exception - https://github.com/openstack/tempest/blob/5ba5d648f613822f5fe39bccece72f5f74103113/tempest/api/identity/admin/v3/test_tokens.py#L49	20:47
rderose	dstanek: AD does min password age I believe	20:47
rderose	dstanek: but the strange thing is, I just tried to change my Intel password several times and it let me	20:48
dstanek	rderose: it sounds like it's available, but rarely used https://technet.microsoft.com/en-us/library/cc779758(v=ws.10).aspx	20:48
rderose	dstanek: I wasn't able to reuse a password in my history, but it let me change it	20:48
openstackgerrit	Nisha Yadav proposed openstack/python-keystoneclient: Improve docs for v3 credentials https://review.openstack.org/348506	20:49
*** woodster_ has joined #openstack-keystone		20:49
samueldmq	lbragstad: locally in your devstack?	20:49
rderose	dstanek: hmm... then how are they enforcing password history	20:49
rderose	dstanek: maybe password history is set at a high number or something	20:49
dstanek	not sure. sounds like we need to invoke the advice of an SME?	20:50
lbragstad	samueldmq yep	20:50
rderose	dstanek: yeah	20:51
dstanek	rderose: you have to be more harsh in your reviews!	20:52
lbragstad	samueldmq the interesting part is that if i turn off caching for revocation events, it will still be transient	20:52
rderose	dstanek: why do you say that?	20:52
samueldmq	lbragstad: so it still happens with turning cache off ?	20:53
samueldmq	lbragstad: can you try applying that patch that removes the cache for revoke ?	20:53
samueldmq	lbragstad: and see if it works?	20:53
lbragstad	samueldmq actually, that was a lie... if I turn revocation event caching off the test passes for fernet	20:54
lbragstad	so - that's good	20:54
samueldmq	lbragstad: don't lie :/	20:55
samueldmq	lbragstad: hehe, nice, good to know it works :)	20:55
lbragstad	there must have been a rogue apache process still running when I did the first test that had caching enabled because it failed	20:56
lbragstad	I was able to repeatedly run it after that and it worked	20:56
samueldmq	lbragstad: and it's actually very nice we got to reproduce something locally	20:56
dstanek	lbragstad: how sold are you on the doc changes in https://review.openstack.org/#/c/348085/2/keystone/tests/unit/test_exception.py	20:56
patchbot	dstanek: patch 348085 - keystone - Adds test for SecurityError's translation behavior	20:56
dstanek	lbragstad: i'd rather address them in the follow up since i rewrote that quite a bit	20:56
*** jamielennox\|away is now known as jamielennox		20:57
samueldmq	lbragstad: going afk for a bit,back later	20:58
lbragstad	samueldmq ok	20:58
lbragstad	dstanek sure that works	20:58
lbragstad	dstanek I'd be fine to address them in a separate patch since rderose is waiting on those changes	20:58
openstackgerrit	David Stanek proposed openstack/keystone: Adds a custom deepcopy handler https://review.openstack.org/348086	20:58
dstanek	lbragstad: already addressed it in the existing follow up patch ^	20:59
*** samueldmq has quit IRC		20:59
lbragstad	dstanek awesome - thanks!	21:00
lbragstad	dstanek i +A'd the first and +2'd the second	21:00
dstanek	lbragstad: muchas gracias	21:01
lbragstad	dstanek thanks for the fix	21:01
lbragstad	I have to quick run an error but I'll be back soon	21:01
openstackgerrit	Eric Brown proposed openstack/keystone: Remove configuration references to eventlet https://review.openstack.org/348555	21:05
openstackgerrit	Nisha Yadav proposed openstack/python-keystoneclient: Add credential functional tests https://review.openstack.org/348557	21:06
*** jsavak has quit IRC		21:11
*** jsavak has joined #openstack-keystone		21:12
openstackgerrit	Eric Brown proposed openstack/keystone: Document the domain config API as stable https://review.openstack.org/348560	21:13
*** nisha__ has joined #openstack-keystone		21:16
*** nisha__ has quit IRC		21:17
*** nisha_ has quit IRC		21:19
rderose	dstanek: Regarding the password history patch, I did respond to your comments. Are you satisfied?	21:20
dstanek	rderose: looking	21:20
dstanek	rderose: i think so....i'll take a closer look after dinner	21:28
*** pauloewerton has quit IRC		21:29
rderose	dstanek: cool. the unit tests could be improved and let me know if that is what it's going to take. bottom line, what do I have to do to put you in a +2 today :)	21:30
*** ddieterly has joined #openstack-keystone		21:33
*** ddieterly is now known as ddieterly[away]		21:33
*** ddieterly[away] is now known as ddieterly		21:33
openstackgerrit	Ron De Rose proposed openstack/keystone: PCI-DSS Password expires validation https://review.openstack.org/333360	21:38
*** aastha has quit IRC		21:39
*** edmondsw has quit IRC		21:46
*** adu has quit IRC		21:46
*** aastha has joined #openstack-keystone		21:50
*** ddieterly has quit IRC		22:01
*** ddieterly has joined #openstack-keystone		22:10
*** tonytan4ever has quit IRC		22:10
*** ddieterly has quit IRC		22:11
openstackgerrit	Ron De Rose proposed openstack/keystone: PCI-DSS Minimum password age requirements https://review.openstack.org/343314	22:12
*** dan_nguyen has quit IRC		22:21
openstackgerrit	Ron De Rose proposed openstack/keystone: PCI-DSS Password expires validation https://review.openstack.org/333360	22:22
* lbragstad stevemar not sure what you wanna do about this guy - but if we don't fix it before this release we will forsure need to document the issues of running fernet with revocation event caching enabled https://bugs.launchpad.net/keystone/+bug/1607553		22:23
openstack	Launchpad bug 1607553 in OpenStack Identity (keystone) "Revocation event caching is broken" [Undecided,New]	22:23
openstackgerrit	Ron De Rose proposed openstack/python-keystoneclient: Removing old-new password matches validation from keystoneclient https://review.openstack.org/348464	22:29
*** ntpttr- has quit IRC		22:31
*** ntpttr- has joined #openstack-keystone		22:36
*** jsavak has quit IRC		22:39
*** roxanagh_ has joined #openstack-keystone		23:01
*** ddieterly has joined #openstack-keystone		23:04
*** roxanagh_ has quit IRC		23:06
*** mvk has joined #openstack-keystone		23:07
*** tonytan4ever has joined #openstack-keystone		23:11
*** ddieterly is now known as ddieterly[away]		23:13
*** tonytan4ever has quit IRC		23:16
openstackgerrit	Boris Bobrov proposed openstack/keystone: Fix cache invalidation https://review.openstack.org/327885	23:22
*** tonytan4ever has joined #openstack-keystone		23:23
*** adriant has joined #openstack-keystone		23:24
*** tonytan_brb has joined #openstack-keystone		23:24
notmyname	any ideas what would cause this uncaught exception? I haven't seen it before https://gist.github.com/notmyname/d4fd1c977ff470fcf342df73ddf3ec80	23:28
*** tonytan4ever has quit IRC		23:28
*** ddieterly[away] has quit IRC		23:28
*** iurygregory_ has joined #openstack-keystone		23:41
*** arunkant_ has quit IRC		23:42
*** timcline has joined #openstack-keystone		23:48
*** tonytan_brb has quit IRC		23:52
*** itlinux has joined #openstack-keystone		23:55
*** code-R has quit IRC		23:56

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!