Wednesday, 2016-09-14

« Tuesday, 2016-09-13 Index Thursday, 2016-09-15 »
*** martinus__ has quit IRC00:01
*** martinus__ has joined #openstack-keystone00:03
*** roxanaghe has quit IRC00:16
*** xenogear has quit IRC00:17
*** sdake_ has quit IRC00:17
*** sdake has joined #openstack-keystone00:17
*** nk2527 has quit IRC00:18
*** tqtran has quit IRC00:25
*** adrian_otto has quit IRC00:27
*** esp has quit IRC00:29
*** itsuugo has quit IRC00:40
*** itsuugo has joined #openstack-keystone00:40
*** browne has quit IRC00:43
*** dave-mccowan has joined #openstack-keystone00:43
*** itsuugo has quit IRC00:45
*** itsuugo has joined #openstack-keystone00:46
*** itsuugo has quit IRC00:51
*** itsuugo has joined #openstack-keystone00:53
*** asettle has joined #openstack-keystone00:59
openstackgerritMerged openstack/keystone: Fix links on configure_federation documentation  https://review.openstack.org/36974101:02
*** gyee has quit IRC01:03
*** asettle has quit IRC01:04
*** xenogear has joined #openstack-keystone01:10
*** itsuugo has quit IRC01:10
*** itsuugo has joined #openstack-keystone01:11
dstaneksamueldmq: ?01:11
dstaneksamueldmq: oh, the comment for the test describes the corner case01:12
*** nk2527 has joined #openstack-keystone01:14
samueldmqdstanek: ah yes, "slight clock skew"01:15
samueldmqdstanek: thanks01:15
dstaneksamueldmq: ma pleasure01:16
*** itsuugo has quit IRC01:26
*** jamielennox is now known as jamielennox|away01:26
*** itsuugo has joined #openstack-keystone01:27
*** itsuugo has quit IRC01:39
*** itsuugo has joined #openstack-keystone01:41
*** davechen has joined #openstack-keystone01:42
*** sdake_ has joined #openstack-keystone01:45
*** sdake_ has quit IRC01:45
*** sdake_ has joined #openstack-keystone01:45
*** sdake has quit IRC01:47
*** itsuugo has quit IRC01:52
tonybI was lookign for ayoung.  Anyone that can help me with his requests-kerberos [requirements) FFE?01:54
*** itsuugo has joined #openstack-keystone01:54
*** fangxu has quit IRC01:58
*** fangxu has joined #openstack-keystone02:00
stevemar_tonyb: whaddup02:05
*** adriant has quit IRC02:05
tonybstevemar_: I get that the requests-kerberos is marked as py27/py2602:07
stevemar_tonyb: right, that has been my understanding for a while02:07
tonybstevemar_: ayoung says "Getting this restriction removed means we don't have to edit away the tests for Kerberos in python3"02:07
stevemar_tonyb: but apparently it's now py3 friendly?02:07
tonybwhat does that actually mean? where are the tests being blacklisted?02:07
tonybstevemar_: Can this be done in Ocata and then backported?02:08
stevemar_tonyb: i think it can definitely be done in ocata02:08
stevemar_tonyb: let me take a peek, 1 sec02:08
tonybstevemar_: that'd be great.02:08
stevemar_tonyb: fwiw, the only repo that would be affected is https://github.com/openstack/keystoneauth/02:10
tonybstevemar_: that explains why I did understand while I was looking at keystone ;P02:11
stevemar_:)02:13
stevemar_tonyb: looking at keystoneauth1, we pull in requests-kerberos (which claims py2/3), which pulls in pykerberos (which also claims py2/3)02:13
stevemar_so i'm not sure why we were blacklisting this, maybe one of those libs wasn't py3 friendly before (i think this was ayoung's point)02:14
stevemar_yes, it is:02:14
stevemar_"The requests-kerberos package was marked as available for only python 2.6 and python 2.7 because pykerberos did not support python 3. This has since been fixed, however we don't directly have a kerberos dependency we can increase so just leave this unbound."02:14
stevemar_tonyb: i have no idea why that is in quotes, there's no citation02:15
tonybstevemar_: I kinda glossed over that ;P02:16
stevemar_tonyb: his comment about tests is referring to the py3-blacklist thing we did in keystone02:17
stevemar_i guess ayoung didn't want to do that, so he just limited the kerb plugin to py26/2702:17
stevemar_tonyb: maybe he wants this for newton cause of tripleo stuff02:18
stevemar_i'm not sure why he needs it in02:18
stevemar_tonyb: did i make this more confusing :)02:19
stevemar_laundry is done, yay02:19
tonybstevemar_: No you confirmed a bunch of stuff for me which is good.02:19
*** woodster_ has quit IRC02:19
tonybstevemar_: a quick git ls-files | grep blacklist doesn't have any hits in keystone or keystoneauth02:20
openstackgerritMerged openstack/keystone: Add edge case tests for disabling a trustee  https://review.openstack.org/35660702:20
stevemar_tonyb: give me 5 minutes to push a patch for keystoneauth so we can see if anything fails02:20
tonybstevemar_: Thanks.02:20
openstackgerritSteve Martinelli proposed openstack/keystoneauth: remove py26/py27 restriction for requests-kerberos  https://review.openstack.org/36978302:21
tonybstevemar_: interestingly my get-all-users doesn't find that keystoneauth uses requests-kerberos, so that's a bug02:21
stevemar_tonyb: do you check for setuptools' optional install?02:22
stevemar_tonyb: https://github.com/openstack/keystoneauth/blob/master/setup.cfg#L26-L3602:22
tonybyeah I do ....02:22
stevemar_hmm02:22
*** ayoung has joined #openstack-keystone02:23
*** ChanServ sets mode: +v ayoung02:23
stevemar_tonyb: theres the man of the hour -- ayoung in the flesh02:23
ayoungAMBUSH!02:23
ayoungstevemar_, OOC, is the baby on your lap right now?02:24
stevemar_ayoung: the only question i couldn't answer from tonyb is why you need the requests-kerb FFE, i assumed tripleo02:24
stevemar_ayoung: sleeping :)02:24
ayoungstevemar_, so, in order to have the auth plugins built for both py27 and py34/502:25
tonybgrab him!02:25
ayoungits really python3 support for something that works in python2, so more a Fedora thing02:25
ayoungtonyb, I was a wrestler.  You might want to rethink the grabbing02:25
tonybayoung: :)02:25
ayoungtonyb, its not a super critical, but it is also a low risk FFE02:26
ayoungI didnt realize we had intentionally ignored the Kerberos py3 stuff.02:26
ayoungI am thinking more community than distribution here02:26
ayoungdoes something need to be in the global reqs to be pulled in for testing, or just for requirem,ents?02:27
tonybayoung: The implementation and the ideal are different02:28
ayoungtonyb, the reason I ask is the tests for py3 were skipped before. I could leave them that way and release, but I'd rather run the tests02:28
tonybayoung: we dpn't verify that extras in setup.cfg match g-r so you can do what you're asking but the idea is that requirement is co-installable02:28
*** adriant has joined #openstack-keystone02:29
tonybayoung: but you could enable them in the next newton point release, it's not now or never02:29
ayoungI's rather get this approved across the board.  It would be dumb to tell people that they can't use python3 and kerberos due to something that has already been fixed02:29
ayoungand we do already have the dep, just not the py3 versions02:29
ayoungtonyb, I need to fix the Kerberos plugins now02:30
ayoungthe question is whether I do a complete fix or hack off the tests for py302:30
stevemar_tonyb: ayoung the other question in this is -- will this trigger a relrease of keystoneauth, and subsequently a relrelease of a bunch of other things?02:30
ayoungI;d rather have the tests run02:30
tonybayoung: and if  the dep was right today would that code land by Friday or woul you need a keystone FFE?02:30
ayoungstevemar_, once my path lands, I will *request* a release for something that is broken (bugfix)02:31
ayounghere is the fix:02:31
ayoungits KSA, not keystone server02:31
tonybstevemar_: Well the re-release *should* be limted to keystone unless we then need to bump the minimum on keystoneauth02:31
stevemar_tonyb: fwiw, KSA has passing unit tests with https://review.openstack.org/#/c/369783/02:31
ayounghttps://review.openstack.org/#/c/368017/  and https://review.openstack.org/#/c/368288/5  with the second one being the important one02:32
stevemar_tonyb: true, only keystoneauth will be re-released02:32
tonybstevemar_, ayoung: where does python-keystoneclient-kerberos fit in the conversation?02:32
ayoungDead.  All dead.02:33
stevemar_tonyb: it's dead jim02:33
ayoungneeds to go away02:33
tonybstevemar_: okay that makes life better02:33
ayoungit was an impl of an auth plugin, but in the Py KClient style02:33
stevemar_tonyb: i've deprecated the whole repo last cycle, i'll probably attic it in O02:33
ayoungwhen we moved to KSA we redid it using extras02:33
stevemar_yarp02:33
tonybstevemar_: okay.  It's the only otehr thing using requests-kerberos AFAICT (modulo the bug in my scripts we just uncovered)02:34
ayoungstevemar_, I have not tested the kerbers auth plugin, but I realize I can do that now...don't need an actual kerberso set up to see if the plugin loads02:34
stevemar_tonyb: we're not accepting any patches there, so its a non-issue02:36
tonybstevemar_: sure.02:36
stevemar_its strictly isolated to keystoneauth02:36
ayounghmmm...it has soemthign wrong, but it might be workable...let's see02:36
stevemar_ayoung: i'm thinking this can wait til O, as much as the community would benefit from it02:37
ayoungstevemar_, these are bugs02:38
ayoungI can skip getting the Py3 if it is going to cause heartburn, but it really is the same library we already ship02:38
stevemar_ayoung: they are, but we can backport the fixes once they land in O02:38
*** dave-mccowan has quit IRC02:38
ayoungstevemar_, or release an update of KSA02:39
ayoungif KSA comes out late, it is fine by me, we will be able to grab it for RDO and OSP. I just don't want to be selfish02:39
tonybbrb just need to pay someone ...02:39
ayoungsmall, unmarked, nonsequential bills only02:40
stevemar_ayoung: the next ksa lib release will happen until first week of oct, and it can have as many fixes as you want02:40
ayoungOK.  That works for me02:40
stevemar_that'll be 2.13.002:40
ayoungstevemar_, I just need the Global reqs updated by then02:40
stevemar_ayoung: tonyb can answer that one for ya :)02:41
ayoungstevemar_, yeah, but he's talking to a guy about a horse02:41
tonyb*sigh*02:42
*** martinus__ has quit IRC02:42
* tonyb admits he set himself up for those ;P02:42
tonybstevemar_: ayoung ksa 2.13.0 will that be from stable/newton? or master?02:42
tonybtrying to work out if I can state 100% the g-r update will be in ....02:43
stevemar_but i think once we close out these FFEs, the sooner the requirements team can create a stable/newton branch02:43
stevemar_hehe02:43
stevemar_ayoung: what did you say in today's meeting, it was funny02:43
stevemar_18:41:33 <stevemar> #topic Newton post-mortem02:43
stevemar_18:41:42 <ayoung> He was killed by an apple02:43
stevemar_tonyb: master02:43
stevemar_tonyb: it'll be a business-as-usual release02:43
*** chrisshattuck has joined #openstack-keystone02:43
ayoungstevemar_, truth be told, I think Newton died of self administered mercury poisoning02:44
*** martinus__ has joined #openstack-keystone02:44
ayoungIsaac Newton/Cause of death02:44
ayoungKidney stone02:44
tonybokay from master I have no problem sayign the g-r chnage will be in.02:44
ayoungCool.  We can wait until then02:45
tonybso I *think* we just agreeed to say "no" to the requessts-kerberos FFE as we can do it from master in the next couple of weeks02:45
tonybayoung: doing it on master means we can if desired bump the minimum also ....02:46
ayoungtonyb, so, when should I look for that?  I'll hold of on bugging people about the review until then.  1st wek of Octish?02:47
tonybayoung: Yeah no later than that.02:47
tonybayoung: add yourself as a reviewer on https://review.openstack.org/#/c/368530/ and you'll see the -2 go real soon02:48
tonybayoung: I can also pop in here and poke you, jamielennox|away and stevemar_02:48
stevemar_why am i an underscore now02:49
*** stevemar_ is now known as stevemar02:49
stevemarfixed02:49
tonybstevemar: :)02:49
stevemartonyb: on a separate note, how are you feeling about the keystonemiddleware bump?02:49
stevemarerrr, not bump, rather a blacklist02:50
tonybstevemar: I was just about to re-read your email to look at that ;P02:50
stevemartonyb: there is also the oslo.log one, which is all kinds of ugh, but i'll let you catch up on keystonemiddleware first :)02:51
tonybstevemar: I really don't want to think about oslo.log02:51
stevemartonyb: and the 100 projects it'll cause to respin, yeah...02:51
*** fangxu has quit IRC02:58
tonybstevemar: keystonemiddleware ... I'm so conflicted02:58
tonybstevemar: part of me wants to say: We know we're broken with lower bounds packagers should be using u-c and move on02:59
tonybstevemar: but I know that's wrong so I feel like we should fix it :/02:59
stevemartonyb: totally get you there03:03
stevemartonyb: it's the lowest of the packages, and there are 9 others you can use03:03
tonyb:)03:03
stevemartonyb: i don't know enough about how packagers and deployers use global-requirements03:03
stevemari agree, it is wrong that it's there, but... will anyone even notice?03:03
tonybstevemar: part of the problem is it varies from distro to distro03:03
tonybstevemar: also there's the contrast on what we'd like vs what people can actually do03:04
*** esp has joined #openstack-keystone03:04
stevemartonyb: the only plus side is that most of the server side projects are going through their RC phase, i'm not sure any have proposed RC candidates yet03:07
tonybstevemar: none have AFAICT so we have a very small window that makes this okay03:08
tonybwell less "okay" and more "not terrible"03:08
stevemar:)03:08
tonybstevemar: there are a whole bunch of projects that'd need to merge g-r updates03:10
tonybstevemar: I'm sure it'll use up some of my brownie points but I think I should +W the ksm FFE03:14
* stevemar shrugs at tonyb 03:17
stevemar¯\_(ツ)_/¯03:17
tonyb:)03:17
tonybActually I'm going to flip-flop the other way.  I can't make this decision that will add another thing to 37 projects most of which are trying to get RC1 done.03:20
tonybthen the realease mangers will ned to double check they have a correct ksm03:20
*** itsuugo has quit IRC03:21
*** tqtran has joined #openstack-keystone03:22
*** itsuugo has joined #openstack-keystone03:23
*** fangxu has joined #openstack-keystone03:24
*** tqtran has quit IRC03:26
stevemartonyb: see what dhellmann says, he always has great insight into these things03:27
tonybstevemar: sure.03:28
stevemartonyb: gah, ksm 4.0.0 is so old03:30
stevemarit was introduced in M03:30
stevemarwhy anyone would use that now, beyond me03:30
tonybstevemar: Sure, the good news is in about a week you can bump it to 4.9.0 :)03:30
*** adrian_otto has joined #openstack-keystone03:31
stevemar:)03:31
tonybstevemar: I totally agree.  It's a small "correctness" issue but one I'm commited to fixing in Ocata03:31
tonybstevemar: testing lower-bounds in projecst that support constraints is actually pretty easy now03:32
tonybstevemar: I only worked out how to do it last week so too late for Newton :(03:32
stevemarrderose: did you just +W your first patch?03:32
stevemartonyb: great to hear that03:32
*** itsuugo has quit IRC03:32
stevemartonyb: looking forward to it03:32
tonybstevemar: you signing up to be a test subject?03:33
*** itsuugo has joined #openstack-keystone03:34
stevemartonyb: i'll happily assign the keystone project to be a test subject, my days of being a guinea pig are over03:37
tonybstevemar: okay.  Thanks.03:38
*** chrisshattuck has quit IRC03:39
*** david_cu has joined #openstack-keystone03:41
*** itsuugo has quit IRC03:48
*** itsuugo has joined #openstack-keystone03:49
*** oomichi has joined #openstack-keystone03:53
oomichistevemar: hi, thanks for your comment on https://bugs.launchpad.net/keystone/+bug/162280603:53
openstackLaunchpad bug 1622806 in OpenStack Identity (keystone) "v3 Credential APIs return credential in blob attribute as string instead of json object" [Undecided,Opinion]03:54
oomichistevemar: can we get more feedback?  We will release keystone clients from Tempest for testing, and we'd like to confirm current API is intentional or not03:55
*** adrian_otto has quit IRC03:56
*** adrian_otto has joined #openstack-keystone03:56
stevemaroomichi: the current API is definitely intentional03:57
openstackgerritHa Van Tu proposed openstack/keystone: Refactor Keystone admin-endpoint API  https://review.openstack.org/36980803:57
stevemaroomichi: i'll admit it's strange, but I inherited the weirdness, and i don't intend to break it :)03:58
*** hoangcx has joined #openstack-keystone03:59
*** itsuugo has quit IRC03:59
*** itsuugo has joined #openstack-keystone04:00
openstackgerritMerged openstack/keystone: Remove unused method from keystone.common.utils  https://review.openstack.org/36895404:02
*** itsuugo has quit IRC04:10
*** itsuugo has joined #openstack-keystone04:12
*** hoangcx has left #openstack-keystone04:16
*** adrian_otto has quit IRC04:18
*** itsuugo has quit IRC04:19
*** itsuugo has joined #openstack-keystone04:22
openstackgerritMerged openstack/keystone: Consistently round down timestamps  https://review.openstack.org/36824404:23
tonybstevemar: I found my bug so now I see 2 users of requests-kerberos \o/04:28
stevemartonyb: oh, what was the issue?04:28
*** esp has quit IRC04:29
tonybstevemar: 'requests-kerberos>=0.6: python_version == "2.7" or python_version == "2.6"' from setup.cfg I wasn't converting the ':' to ';' so it parsed as invalid and I had debug infor turned off :(04:30
stevemarahh04:30
stevemarmystery solved, for now :)04:31
tonyb:)04:31
*** esp has joined #openstack-keystone04:32
*** fangxu has quit IRC04:36
stevemartonyb: i am gonna bug you again, and get you to remark on https://bugs.launchpad.net/keystone/+bug/162316804:40
openstackLaunchpad bug 1623168 in OpenStack Identity (keystone) "referencing versionutils.deprecated.NEWTON in oslo.log <3.4.0" [Medium,Confirmed]04:40
stevemartonyb: eh, i guess prometheanfire already commented on the review: https://review.openstack.org/#/c/366418/04:41
*** itsuugo has quit IRC04:42
tonybstevemar: Sure looking at it now.04:43
*** jaosorior has joined #openstack-keystone04:44
*** itsuugo has joined #openstack-keystone04:44
*** itsuugo has quit IRC04:51
*** itsuugo has joined #openstack-keystone04:53
*** roxanaghe has joined #openstack-keystone04:56
*** jaosorior has quit IRC05:00
*** jaosorior has joined #openstack-keystone05:01
*** mordred has quit IRC05:16
*** roxanaghe has quit IRC05:19
*** roxanaghe has joined #openstack-keystone05:20
*** mordred has joined #openstack-keystone05:20
*** joerch has quit IRC05:22
*** esp has quit IRC05:26
*** itsuugo has quit IRC05:28
*** ChanServ sets mode: +o stevemar05:28
*** itsuugo has joined #openstack-keystone05:29
*** rcernin has joined #openstack-keystone05:33
*** richm has quit IRC05:40
*** jamielennox|away is now known as jamielennox05:40
*** itsuugo has quit IRC05:43
*** itsuugo has joined #openstack-keystone05:45
*** itsuugo has quit IRC05:52
*** itsuugo has joined #openstack-keystone05:53
davechenhenrynash: did you figure out how to run testcase with the DB other than sqlite? like we use to do the live test?05:59
davechenhenrynash: run it locally it always skipped, but gate test it well, any idea how to run it locally?06:00
*** roxanaghe has quit IRC06:04
*** itsuugo has quit IRC06:07
*** adriant has quit IRC06:08
*** itsuugo has joined #openstack-keystone06:09
*** fangxu has joined #openstack-keystone06:26
*** itsuugo has quit IRC06:27
*** itsuugo has joined #openstack-keystone06:29
*** jaosorior has quit IRC06:29
*** jaosorior has joined #openstack-keystone06:30
*** pcaruana has joined #openstack-keystone06:32
*** itsuugo has quit IRC06:34
*** aswadr_ has joined #openstack-keystone06:34
*** itsuugo has joined #openstack-keystone06:35
*** code-R has joined #openstack-keystone06:38
openstackgerritDave Chen proposed openstack/keystone: Add foreign keys to trust table  https://review.openstack.org/36842206:40
openstackgerritDave Chen proposed openstack/keystone: Invalidate trust when the trustor or trustee is deleted  https://review.openstack.org/36935406:40
*** itsuugo has quit IRC06:40
*** iurygregory has quit IRC06:40
*** iurygregory has joined #openstack-keystone06:40
*** code-R_ has joined #openstack-keystone06:41
*** mlovell has quit IRC06:41
*** itsuugo has joined #openstack-keystone06:41
*** joerch has joined #openstack-keystone06:42
*** code-R has quit IRC06:44
openstackgerritHa Van Tu proposed openstack/keystone: Refactor Keystone admin-tenant API v2  https://review.openstack.org/36984906:44
*** mlovell has joined #openstack-keystone06:45
*** namnh has joined #openstack-keystone06:48
*** itsuugo has quit IRC06:49
*** itsuugo has joined #openstack-keystone06:50
*** EinstCrazy has joined #openstack-keystone06:55
*** tesseract- has joined #openstack-keystone06:57
*** EinstCra_ has joined #openstack-keystone06:58
*** EinstCrazy has quit IRC06:58
*** diltram has quit IRC07:00
*** EinstCra_ has quit IRC07:04
*** jistr is now known as jistr|mtgs07:09
*** jistr|mtgs is now known as jistr|mtg07:09
*** baffle has quit IRC07:09
*** diltram has joined #openstack-keystone07:09
*** baffle has joined #openstack-keystone07:10
*** bjolo has quit IRC07:13
*** bjolo has joined #openstack-keystone07:15
*** tqtran has joined #openstack-keystone07:26
*** jaosorior has quit IRC07:27
*** EinstCrazy has joined #openstack-keystone07:27
*** jaosorior has joined #openstack-keystone07:27
*** jaosorior has quit IRC07:29
*** jaosorior has joined #openstack-keystone07:30
*** tqtran has quit IRC07:31
*** EinstCrazy has quit IRC07:32
*** amoralej|off is now known as amoralej07:39
*** itsuugo has quit IRC07:39
*** EinstCrazy has joined #openstack-keystone07:40
*** itsuugo has joined #openstack-keystone07:41
*** EinstCrazy has quit IRC07:41
*** jpena|off is now known as jpena07:42
*** zzzeek has quit IRC08:00
*** zzzeek has joined #openstack-keystone08:00
*** permalac has joined #openstack-keystone08:03
openstackgerritHa Van Tu proposed openstack/keystone: Refactor Keystone admin-tokens and admin-users v2  https://review.openstack.org/36988308:08
*** pnavarro has joined #openstack-keystone08:09
*** code-R_ has quit IRC08:13
*** asettle has joined #openstack-keystone08:29
*** oomichi has quit IRC08:31
*** oomichi has joined #openstack-keystone08:32
*** andreykurilin has joined #openstack-keystone08:36
openstackgerritDave Chen proposed openstack/keystone: Refactor: Generate entity id in a consistent way  https://review.openstack.org/36843208:37
*** itsuugo has quit IRC08:51
*** itsuugo has joined #openstack-keystone08:52
*** davechen has left #openstack-keystone08:54
*** itsuugo has quit IRC09:02
*** itsuugo has joined #openstack-keystone09:03
*** mvk has quit IRC09:19
*** bjolo_ has joined #openstack-keystone09:20
*** bjolo has quit IRC09:20
*** code-R has joined #openstack-keystone09:27
*** tqtran has joined #openstack-keystone09:28
*** sdake_ has quit IRC09:28
*** code-R_ has joined #openstack-keystone09:29
openstackgerritHa Van Tu proposed openstack/keystone: Refactor Keystone admin-tokens and admin-users v2  https://review.openstack.org/36988309:31
openstackgerritHa Van Tu proposed openstack/keystone: Refactor Keystone admin-tenant API v2  https://review.openstack.org/36984909:31
*** tqtran has quit IRC09:32
*** code-R has quit IRC09:32
*** itsuugo has quit IRC09:33
*** itsuugo has joined #openstack-keystone09:35
*** permalac has quit IRC09:38
*** daemontool has joined #openstack-keystone09:46
*** mvk has joined #openstack-keystone09:52
*** jaosorior is now known as jaosorior_lunch09:54
*** richm has joined #openstack-keystone10:08
openstackgerritItxaka Serrano Garcia proposed openstack/keystone: Allow compatibility with keystonemiddleware 4.0.0  https://review.openstack.org/37001110:26
*** jaosorior_lunch is now known as jaosorior10:27
*** fangxu has quit IRC10:29
*** fangxu has joined #openstack-keystone10:29
*** EinstCrazy has joined #openstack-keystone10:30
*** itsuugo has quit IRC10:36
*** itsuugo has joined #openstack-keystone10:37
openstackgerritItxaka Serrano Garcia proposed openstack/keystone: Allow compatibility with keystonemiddleware 4.0.0  https://review.openstack.org/37001110:41
*** EinstCrazy has quit IRC10:48
*** itsuugo has quit IRC10:48
*** itsuugo has joined #openstack-keystone10:49
*** itsuugo has quit IRC10:56
*** itsuugo has joined #openstack-keystone10:58
*** nicolasbock has joined #openstack-keystone11:07
*** itsuugo has quit IRC11:10
*** itsuugo has joined #openstack-keystone11:11
*** thebloggu has joined #openstack-keystone11:12
*** jpena is now known as jpena|lunch11:17
*** amoralej is now known as amoralej|lunch11:18
*** itsuugo has quit IRC11:24
*** itsuugo has joined #openstack-keystone11:26
*** namnh has quit IRC11:29
*** tqtran has joined #openstack-keystone11:29
*** tqtran has quit IRC11:34
*** openstackgerrit has quit IRC11:34
*** openstackgerrit has joined #openstack-keystone11:34
*** asettle has quit IRC11:42
*** asettle has joined #openstack-keystone11:43
*** asettle has quit IRC11:47
*** dave-mccowan has joined #openstack-keystone11:47
*** woodster_ has joined #openstack-keystone11:49
*** itsuugo has quit IRC11:54
*** edmondsw has joined #openstack-keystone11:55
*** itsuugo has joined #openstack-keystone11:56
stevemaro/12:02
*** asettle has joined #openstack-keystone12:07
*** lamt has quit IRC12:17
*** thebloggu has quit IRC12:19
*** pauloewerton has joined #openstack-keystone12:25
openstackgerritSteve Martinelli proposed openstack/keystone: Allow compatibility with keystonemiddleware 4.0.0  https://review.openstack.org/37001112:30
openstackgerritBoris Bobrov proposed openstack/keystone: Allow compatibility with keystonemiddleware 4.0.0  https://review.openstack.org/37001112:32
stevemarbreton: doh!12:32
*** itsuugo has quit IRC12:32
*** Guest98165 is now known as zeus12:32
*** zeus has quit IRC12:33
*** zeus has joined #openstack-keystone12:33
*** itsuugo has joined #openstack-keystone12:33
*** gordc has joined #openstack-keystone12:35
*** itsuugo has quit IRC12:38
*** itsuugo has joined #openstack-keystone12:39
stevemardolphm: when you get a chance: https://review.openstack.org/#/c/369618/812:42
*** lamt has joined #openstack-keystone12:48
*** itsuugo has quit IRC12:50
*** itsuugo has joined #openstack-keystone12:52
*** jpena|lunch is now known as jpena12:55
*** amoralej|lunch is now known as amoralej12:56
*** jaosorior has quit IRC13:01
*** jaosorior has joined #openstack-keystone13:01
*** afred312 has joined #openstack-keystone13:04
*** afred312 has quit IRC13:14
*** lamt has quit IRC13:18
*** jistr|mtg is now known as jistr13:24
*** tqtran has joined #openstack-keystone13:31
*** zhugaoxiao has quit IRC13:35
*** tqtran has quit IRC13:35
*** itsuugo has quit IRC13:42
*** markvoelker has joined #openstack-keystone13:43
*** itsuugo has joined #openstack-keystone13:44
*** jistr is now known as jistr|mtg13:49
*** itsuugo has quit IRC13:50
*** itsuugo has joined #openstack-keystone13:52
*** lamt has joined #openstack-keystone13:52
*** ddieterly has joined #openstack-keystone13:52
*** woodburn has quit IRC13:54
*** afred312 has joined #openstack-keystone13:56
openstackgerritSteve Martinelli proposed openstack/keystone: Allow compatibility with keystonemiddleware 4.0.0  https://review.openstack.org/37001113:56
stevemardolphm: also when you get a chance... https://review.openstack.org/#/c/370011/513:57
*** sdake has joined #openstack-keystone13:58
*** gagehugo_ has joined #openstack-keystone13:59
bretonbug 1623091 needs to be reassigned again14:02
openstackbug 1623091 in OpenStack Identity (keystone) "keystonemidleware dependency should be > 4.0.0" [Medium,In progress] https://launchpad.net/bugs/1623091 - Assigned to Steve Martinelli (stevemar)14:02
stevemarbreton: your comment made me lol14:04
*** rodrigods has quit IRC14:06
*** rodrigods has joined #openstack-keystone14:06
*** lamt has quit IRC14:06
*** gagehugo_ has quit IRC14:07
bretondstanek: i also was wrong about expiration time none being 600. I've just checked dogpile code and could not find anything like this. Not sure why i saw that yesterday in the debugger.14:08
*** ayoung has quit IRC14:08
alogastevemar: o/14:09
*** Daviey_ is now known as Daviey14:12
*** gagehugo has joined #openstack-keystone14:13
fricklerso how should keystoneclient behave if e.g. both user_domain_name and user_domain_id are specified? currently it looks like _id is used and _name ignored, is this expected and documented?14:14
fricklersee https://bugs.launchpad.net/glance-store/+bug/1620999 for context14:14
openstackLaunchpad bug 1620999 in glance_store "glance_store ignores user_domain_name and project_domain_name settings" [Undecided,New]14:14
*** spedione|AWAY is now known as spedione14:16
*** code-R_ has quit IRC14:17
*** code-R has joined #openstack-keystone14:17
*** raildo has joined #openstack-keystone14:22
bretoncan we get 409 Conflict on PATCH /v3/services/{service_id}?14:23
*** tonytan4ever has joined #openstack-keystone14:24
bretonfrickler: it is in keystoneauth14:25
breton 43             if self.user_domain_id:14:25
breton 44                 user['domain'] = {'id': self.user_domain_id}14:25
breton 45             elif self.user_domain_name:14:25
breton 46                 user['domain'] = {'name': self.user_domain_name}14:25
bretonfrickler: so i think it's expected. Not sure it's documented though.14:27
bretonand i think it won't be fixed for compatibility reasons14:30
*** ravelar has joined #openstack-keystone14:31
*** jaosorior has quit IRC14:31
*** Marcellin__ has joined #openstack-keystone14:31
*** pnavarro has quit IRC14:32
stevemaraloga: ahoy14:34
alogastevemar: howdy14:34
*** esp has joined #openstack-keystone14:34
*** woodburn has joined #openstack-keystone14:36
openstackgerritRon De Rose proposed openstack/keystone: Fixes password created_at errors due to the server_default  https://review.openstack.org/36702514:41
stevemarrderose: thanks for the fix14:43
stevemaraloga: i know you sent me that email ages ago14:43
stevemaraloga: i still don't have an answer for you :(14:43
alogastevemar: ahaha :)14:43
alogastevemar: no worries, good to know that you are aware of it14:43
stevemaraloga: aside from -- let's make our CLI work with openidconnect the same way GCE and launchpad work with it14:43
stevemaraloga: where a browser pops up after invoking the CLI for the first time, and it saves an access token somewhere for a long time14:44
alogastevemar: then that's the way it's implemented right now, except the access token part (that is not saved)14:44
*** esp has quit IRC14:45
alogastevemar: anyway, this would require an extra plugin on the keystone server side14:45
alogastevemar: so that we query the oidc userinfo endpoint to obtain any additional claim for an access token14:46
stevemaraloga: fetching the claims from keystone (the shadowed user) or from the identity provider?14:47
alogafrom the idp14:47
stevemaraloga: damn14:47
*** raildo has quit IRC14:47
alogastevemar: :(14:47
*** raildo has joined #openstack-keystone14:47
stevemarbrb14:47
alogastevemar: ok, ping me whenever you're back14:48
openstackgerritLance Bragstad proposed openstack/keystone: Add unit tests for isotime()  https://review.openstack.org/37018214:51
lbragstadrderose rodrigods ^14:51
lbragstadaddressed your comments there since the original patch merged14:51
stevemaraloga: back14:52
rodrigodslbragstad, nice! thanks for adding the test14:52
rodrigodswill review in a bit14:52
alogastevemar: o/14:52
lbragstadrodrigods no problem - thanks14:52
openstackgerritRon De Rose proposed openstack/keystone: Fixes password created_at errors due to the server_default  https://review.openstack.org/36702514:53
lbragstadrodrigods I actually couldn't find any existing tests for that method14:53
rodrigodslbragstad, imagined that14:53
*** ddieterly is now known as ddieterly[away]14:54
*** itsuugo has quit IRC14:54
alogastevemar: roughly speaking, the access_token carries only some claims (oauth2.0), but not all the openid stuff, that is to be retrieved from the userinfo endpoint14:54
alogastevemar: some oidc providers (like google) serialize these claims in the access token14:55
alogastevemar: but this is not mandatory14:55
stevemaraloga: would you be open to creating a keystone-spec for this issue?14:55
*** itsuugo has joined #openstack-keystone14:56
bretonwhy all the hype about oauth2 lately?14:57
stevemarbreton: no idea'14:59
*** ddieterly[away] is now known as ddieterly14:59
openstackgerritRon De Rose proposed openstack/keystone: Fixes password created_at errors due to the server_default  https://review.openstack.org/36702515:00
*** ddieterly has quit IRC15:01
*** jistr|mtg is now known as jistr15:01
*** LamT_ has quit IRC15:01
alogastevemar: yes, but I cannot promise a deadline15:02
*** BjoernT has joined #openstack-keystone15:03
*** david-lyle_ has joined #openstack-keystone15:06
*** david-lyle_ has quit IRC15:06
dolphmstevemar: where do we test federation outside of keystone's own tests, and keystone's tempest plugin? don't we test against shib somewhere?15:11
*** ddieterly has joined #openstack-keystone15:13
*** lamt has joined #openstack-keystone15:15
*** ddieterly has quit IRC15:17
*** ddieterly has joined #openstack-keystone15:18
bretonhenrynash: rodrigods: could you please revisit https://review.openstack.org/#/c/339294/13 ?15:18
*** dnalezyty has joined #openstack-keystone15:19
rodrigodsbreton, sure, will take a look later today15:19
*** dnalezyty has quit IRC15:19
stevemardolphm: we do not15:23
openstackgerritLance Bragstad proposed openstack/keystone: Switch fernet to be the default token provider.  https://review.openstack.org/34568815:23
stevemardolphm: and the tempest tests only test keystone APIs, just CRUD stuff15:23
dolphmstevemar: boo, i was hoping we had more than just the API coverage15:23
stevemardolphm: i wish15:23
stevemardolphm: i've wanted to / have been advocating that for many releases now15:23
*** joerch has quit IRC15:23
rodrigodsdolphm, stevemar, WIP for that effort: https://review.openstack.org/324769 and https://review.openstack.org/#/c/320623/15:24
*** adrian_otto has joined #openstack-keystone15:27
dolphmrodrigods: awesome15:29
rodrigodsdolphm, will revisit the devstack plugin once I have free cycles (expect to be soon)15:30
dolphmrodrigods: good to hear15:30
rodrigodsdolphm, the test itself runs successfully in manual deployments15:31
*** ddieterly is now known as ddieterly[away]15:31
BjoernTdolphm: can you briefly describe how token caching work inside the keystone client ? I see odd behaviors of cinder-api, not caching tokens correctly15:31
*** rcernin has quit IRC15:34
stevemardolphm / lbragstad i need reviews for https://review.openstack.org/#/c/369618/ and https://review.openstack.org/#/c/370011/ please and thank you :)15:36
* stevemar is eager to get a mitaka release out this week too!15:36
*** pcaruana has quit IRC15:40
*** roxanaghe has joined #openstack-keystone15:41
*** ddieterly[away] has quit IRC15:41
*** code-R has quit IRC15:43
*** daemontool_ has joined #openstack-keystone15:45
*** BjoernT has quit IRC15:45
*** daemontool has quit IRC15:48
bretoni would like to hear dstanek's opinion on https://review.openstack.org/#/c/369618/ too15:49
*** ddieterly has joined #openstack-keystone15:50
*** roxanaghe has quit IRC15:51
openstackgerritLance Bragstad proposed openstack/keystone: Adds tests for verify_length_and_trunc_password()  https://review.openstack.org/37023915:51
stevemarbreton: for sure15:51
*** code-R has joined #openstack-keystone15:52
bretonharlowja: where will the meeting be?15:52
*** BjoernT has joined #openstack-keystone15:52
dstanekbreton: i just figured out the other bug... so i can go ahead and take a look in just a few15:53
*** ayoung has joined #openstack-keystone15:57
*** ChanServ sets mode: +v ayoung15:57
*** fangxu has quit IRC15:57
openstackgerritLance Bragstad proposed openstack/keystone: Add unit tests for isotime()  https://review.openstack.org/37018215:59
*** gyee has joined #openstack-keystone16:01
*** browne has joined #openstack-keystone16:03
*** ayoung has quit IRC16:04
lbragstaddoes anyone know if setup_remote_pydev_debug is used anywhere? Seems like a helper method but I don't see it used anywhere in keystone/16:06
openstackgerritRichard Avelar proposed openstack/keystone: Reduce revoke events for disabled domains/projects  https://review.openstack.org/37025216:07
stevemarlbragstad: i was going to remove that too, but notmorgan said to keep it around16:07
stevemari trust him16:07
lbragstadstevemar ah - makes sense16:07
lbragstadi wonder what the reason was16:07
stevemarlbragstad: i assume magic16:08
lbragstadout keystone.common.utils module seems to have a bunch of unused or untested things16:08
stevemarlbragstad: that's not unusual16:08
lbragstadstevemar that's a scary reason to keep something around ;)16:08
stevemaris there a tool that analyses if functions are unused?16:08
dstanekstevemar: nothing really good16:09
stevemardstanek: https://pypi.python.org/pypi/vulture ?16:09
dstanekstevemar: yep, nothing good. you still have to do a good amount of due diligenge to make sure things are not actually used16:11
*** jpena is now known as jpena|off16:11
stevemarlbragstad: dstanek if you want a starting point... http://paste.openstack.org/show/576298/16:12
stevemardstanek: seems that way, yeah16:12
lbragstadoh man...16:13
*** antonbud has joined #openstack-keystone16:14
*** ddieterly has quit IRC16:16
*** ravelar has quit IRC16:19
*** esp has joined #openstack-keystone16:20
*** amoralej is now known as amoralej|off16:21
*** code-R has quit IRC16:21
*** ddieterly has joined #openstack-keystone16:27
stevemarlbragstad: you could probably filter those through a grep and get a basic set of dead functions16:30
lbragstadyeah - some of those don't necessarily apply but I can start poking at it16:31
openstackgerritRon De Rose proposed openstack/keystone: Fixes password created_at errors due to the server_default  https://review.openstack.org/36702516:31
openstackgerritDolph Mathews proposed openstack/keystone: Add an "observer" role to policy.json  https://review.openstack.org/27415716:31
stevemarlbragstad: dead for sure: https://github.com/openstack/keystone/blob/8ebeb6415efd26498f498c2080710f2dd04241af/keystone/common/fernet_utils.py#L7116:31
stevemarlbragstad: these: https://github.com/openstack/keystone/blob/0340cd0150af04f950e2b868c932dfee2dbf8530/keystone/common/utils.py#L203-L22016:32
*** rcernin has joined #openstack-keystone16:34
stevemarlbragstad: this, but ravelar is looking at it: https://github.com/openstack/keystone/blob/0340cd0150af04f950e2b868c932dfee2dbf8530/keystone/models/revoke_model.py#L55-L6016:34
*** roxanaghe has joined #openstack-keystone16:35
*** tesseract- has quit IRC16:35
stevemarlbragstad: yeh, theres definitely some valid stuff to remove16:36
stevemarlots of false positives though16:36
lbragstadstevemar we still test these apparently - https://github.com/openstack/keystone/blob/0340cd0150af04f950e2b868c932dfee2dbf8530/keystone/common/utils.py#L203-L22016:37
lbragstadstevemar http://104.130.175.68/master/16:38
stevemarlbragstad: not sure how...16:38
lbragstadlooks like it's called from the ec2 controller?16:39
*** ddieterly is now known as ddieterly[away]16:39
*** ddieterly[away] is now known as ddieterly16:46
*** mvk has quit IRC16:47
*** roxanaghe has quit IRC16:50
*** ravelar has joined #openstack-keystone16:53
*** lamt has quit IRC16:54
*** roxanaghe has joined #openstack-keystone16:57
*** ravelar has quit IRC16:58
*** jed56 has joined #openstack-keystone16:59
openstackgerritLance Bragstad proposed openstack/keystone: Remove unused _convert_to_integers() method  https://review.openstack.org/37030517:01
*** adrian_otto has quit IRC17:03
harlowjabreton let me double check, making sure that people are actually gonna show up :-P17:05
harlowjakfox1111 u poked anyone in k8s ?17:05
harlowjai still am learning the whole (how do u schedule a meeting thing, ha)17:05
*** ddieterly is now known as ddieterly[away]17:06
harlowjaso breton notmorgan let me just double check first17:07
openstackgerritLance Bragstad proposed openstack/keystone: Add unit tests for isotime()  https://review.openstack.org/37018217:12
*** ddieterly[away] has quit IRC17:16
*** lamt has joined #openstack-keystone17:17
*** adrian_otto has joined #openstack-keystone17:17
*** asettle has quit IRC17:17
*** asettle has joined #openstack-keystone17:18
*** gagehugo has quit IRC17:18
*** adrian_otto has quit IRC17:19
notmorganharlowja: ?17:19
*** antonbud has quit IRC17:19
*** adrian_otto has joined #openstack-keystone17:20
*** daemontool_ has quit IRC17:21
*** fangxu has joined #openstack-keystone17:25
*** asettle has quit IRC17:26
*** ddieterly has joined #openstack-keystone17:30
harlowjanotmorgan rescheduling17:31
harlowjastill learning how to actually connect with the k8s way of doing meetings17:31
notmorganharlowja: okie17:31
harlowjawhich seems to be in a google doc somewhere17:31
harlowjalol17:31
notmorganjust let me know when.17:31
harlowjacool17:31
*** tqtran has joined #openstack-keystone17:34
crinklewhat should the config option [saml]/idp_sso_endpoint point to on a keystone IdP? i have a URI ending in /v3/OS-FEDERATION/saml2/sso like the example but I'm seeing "unable to locate compatible SSO service for provider", probably because it doesn't resolve17:34
*** adrian_otto has quit IRC17:34
rodrigodscrinkle, is that for websso or ecp?17:37
rodrigodswebsso, right?17:37
crinklerodrigods: websso17:37
*** tqtran has quit IRC17:38
*** Alexey_Abashkin has joined #openstack-keystone17:38
rodrigodscrinkle, k2k with websso?17:39
rodrigodsstevemar, it still not possible, right? ^ (without some tweaks)17:39
crinklerodrigods: yes17:39
crinkleaha17:39
*** gagehugo has joined #openstack-keystone17:40
*** ddieterly is now known as ddieterly[away]17:40
rodrigodscrinkle, for k2k we do a crippled ecp, so basically, the SP side doesn't care about the sso endpoint in the metadata17:41
rderosestevemar: this one is ready: https://review.openstack.org/#/c/367025/17:41
*** AlexeyAbashkin has quit IRC17:41
crinklerodrigods: is there documentation or a blog post you could point me to about that?17:46
rodrigodscrinkle, about what? making k2k websso possible?17:46
crinklerodrigods: about "crippled ecp"17:46
crinkleor is that what the Keystone2Keystone ksa plugin is doing?17:47
crinklebecause i have that working17:47
*** ravelar has joined #openstack-keystone17:47
rodrigodscrinkle, ah... not sure where to find... but if you check the complete ecp flow in wikipedia and compare on what we do for k2k17:47
rodrigodsyou will see that we "jump" some initial steps17:47
rodrigodscrinkle, and ksa plugin implements exactly that17:48
rodrigodsfor example... compare the steps of the saml ecp plugin with the k2k one17:48
crinkleokay i understand now17:48
*** ddieterly[away] has quit IRC17:50
crinklein what context is the idp_sso_endpoint option useful then?17:51
*** adrian_otto has joined #openstack-keystone17:54
*** tqtran has joined #openstack-keystone17:54
*** adrian_otto has quit IRC18:01
*** adrian_otto has joined #openstack-keystone18:02
*** BjoernT has quit IRC18:03
*** mvk has joined #openstack-keystone18:03
*** adrian_otto has quit IRC18:10
*** adrian_otto has joined #openstack-keystone18:10
*** itsuugo has quit IRC18:19
*** itsuugo has joined #openstack-keystone18:20
*** chrisshattuck has joined #openstack-keystone18:43
openstackgerritDolph Mathews proposed openstack/keystone: Test that rolling upgrade repos are in lockstep  https://review.openstack.org/37037018:45
*** tonytan4ever has quit IRC18:51
*** ayoung has joined #openstack-keystone19:01
*** ChanServ sets mode: +v ayoung19:01
*** pcaruana has joined #openstack-keystone19:07
*** ddieterly has joined #openstack-keystone19:20
*** adrian_otto has quit IRC19:22
*** jed56 has quit IRC19:25
*** sdake_ has joined #openstack-keystone19:29
stevemarcrinkle: it may be used in the assertion for something, i forget the details19:31
*** aswadr_ has quit IRC19:32
stevemarcrinkle: but there were a bunch of those things that needed to be configured (with not null values) to actually produce a meaningful assertion19:32
stevemarlbragstad: did i read the meeting transcript correctly? you are gonna update the install guide?!? :)19:33
*** sdake has quit IRC19:33
lbragstadstevemar yeah - working on fixing up some of the issues now19:33
crinklestevemar: ah okay19:33
crinklethanks stevemar and rodrigods19:34
* stevemar thanks lbragstad19:34
stevemarcrinkle: what do you have cooking?19:34
stevemarcrinkle: nobody whips up a k2k PoC for fun19:35
lbragstadstevemar no problem19:35
crinklestevemar: just want to enhance/correct the federation docs, this stuff is not super easy to figure out19:35
knikollak2k is fun19:41
stevemarcrinkle: i would appreciate that immensely19:43
*** asettle has joined #openstack-keystone19:43
stevemarknikolla: you have a strange sense of fun19:43
knikollastevemar: stockholm syndrome i guess19:45
stevemarknikolla: :)19:45
*** fangxu has quit IRC19:48
*** pnavarro has joined #openstack-keystone19:52
*** tonytan4ever has joined #openstack-keystone19:52
*** hoonetorg has quit IRC19:53
*** tonytan4ever has quit IRC19:53
*** tonytan4ever has joined #openstack-keystone19:54
*** chrisshattuck has quit IRC19:54
*** can8dnSix has joined #openstack-keystone19:55
*** pcaruana has quit IRC20:00
*** lamt has quit IRC20:01
*** lamt has joined #openstack-keystone20:07
*** hoonetorg has joined #openstack-keystone20:08
*** can8dnSix has quit IRC20:08
*** can8dnSix has joined #openstack-keystone20:13
openstackgerritRon De Rose proposed openstack/keystone: Fixes password created_at errors due to the server_default  https://review.openstack.org/36702520:16
*** pauloewerton has quit IRC20:21
*** tonytan4ever has quit IRC20:22
*** rcernin has quit IRC20:36
*** rcernin has joined #openstack-keystone20:40
*** rcernin has quit IRC20:41
*** rcernin has joined #openstack-keystone20:41
*** rcernin has quit IRC20:42
*** rcernin has joined #openstack-keystone20:42
*** pnavarro has quit IRC20:47
*** fangxu has joined #openstack-keystone20:53
*** can8dnSix has quit IRC20:59
*** gyee has quit IRC21:04
*** ddieterly is now known as ddieterly[away]21:05
*** jlwhite has joined #openstack-keystone21:08
*** roxanaghe has quit IRC21:09
*** roxanaghe has joined #openstack-keystone21:14
dstanekmfisch: have you taken a look at https://review.openstack.org/#/c/369618 ? it's a mitaka backport for the cache invalidation issue. you were seeing this on mitaka right?21:20
*** edmondsw has quit IRC21:21
*** asettle has quit IRC21:25
*** ddieterly[away] is now known as ddieterly21:31
openstackgerritMerged openstack/keystone: Add unit tests for isotime()  https://review.openstack.org/37018221:33
*** joerch has joined #openstack-keystone21:45
openstackgerritRichard Avelar proposed openstack/keystone: Reduce revoke events for disabled domains/projects  https://review.openstack.org/37025221:46
*** dave-mccowan has quit IRC21:48
*** asettle has joined #openstack-keystone21:53
*** tonytan4ever has joined #openstack-keystone21:53
openstackgerritRichard Avelar proposed openstack/keystone: Reduce revoke events for disabled domains/projects  https://review.openstack.org/37025221:53
*** ravelar has quit IRC21:54
*** tonytan4ever has quit IRC21:58
openstackgerritMerged openstack/keystone: Allow compatibility with keystonemiddleware 4.0.0  https://review.openstack.org/37001122:05
*** esp has quit IRC22:11
*** asettle has quit IRC22:12
*** esp has joined #openstack-keystone22:12
*** spedione is now known as spedione|AWAY22:13
*** browne has quit IRC22:13
*** gyee has joined #openstack-keystone22:17
*** gordc has quit IRC22:20
*** itsuugo has quit IRC22:26
*** itsuugo has joined #openstack-keystone22:28
*** lamt has quit IRC22:29
*** sdake_ has quit IRC22:40
*** chrisshattuck has joined #openstack-keystone22:40
*** rcernin has quit IRC22:43
*** itsuugo has quit IRC22:52
*** itsuugo has joined #openstack-keystone22:53
*** ddieterly has quit IRC22:53
*** roxanaghe has quit IRC22:54
*** roxanaghe has joined #openstack-keystone22:55
*** adrian_otto has joined #openstack-keystone22:56
*** lamt has joined #openstack-keystone23:06
*** itsuugo has quit IRC23:10
*** itsuugo has joined #openstack-keystone23:11
*** browne has joined #openstack-keystone23:13
*** chrisshattuck has quit IRC23:20
*** jamielennox is now known as jamielennox|away23:22
*** chrisshattuck has joined #openstack-keystone23:23
*** chrisshattuck has quit IRC23:25
*** adriant has joined #openstack-keystone23:28
openstackgerritMerged openstack/keystone: Remove unused _convert_to_integers() method  https://review.openstack.org/37030523:43
openstackgerritMerged openstack/keystone: Remove unused read_cached_file method from utils  https://review.openstack.org/37022823:43
*** browne has quit IRC23:45
*** itsuugo has quit IRC23:57
*** itsuugo has joined #openstack-keystone23:58
« Tuesday, 2016-09-13 Index Thursday, 2016-09-15 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!