Wednesday, 2017-06-07

« Tuesday, 2017-06-06 Index Thursday, 2017-06-08 »
*** markvoelker has quit IRC00:07
*** r-daneel has quit IRC00:17
*** adriant has joined #openstack-keystone00:19
*** ducttape_ has joined #openstack-keystone00:35
*** lucasxu has joined #openstack-keystone00:42
*** lucasxu has quit IRC00:44
*** lucasxu has joined #openstack-keystone00:45
*** shuyingya has joined #openstack-keystone00:45
*** lucasxu has quit IRC00:47
*** lucasxu has joined #openstack-keystone00:50
*** lucasxu has quit IRC00:56
*** dave-mccowan has joined #openstack-keystone00:57
*** lucasxu has joined #openstack-keystone00:58
*** dave-mccowan has quit IRC01:02
*** markvoelker has joined #openstack-keystone01:03
*** lucasxu has quit IRC01:05
*** thorst_afk has joined #openstack-keystone01:06
*** namnh has joined #openstack-keystone01:07
*** ducttape_ has quit IRC01:08
*** thorst_afk has quit IRC01:11
*** thorst_afk has joined #openstack-keystone01:11
*** thorst_afk has quit IRC01:20
*** gyee has quit IRC01:25
openstackgerritMerged openstack/keystone master: Move user policies to DocumentedRuleDefault  https://review.openstack.org/44924001:28
*** zhurong has joined #openstack-keystone01:28
*** liujiong has joined #openstack-keystone01:34
*** edmondsw has quit IRC01:36
*** gongysh has joined #openstack-keystone01:41
*** chlong has quit IRC01:50
*** lbragstad has joined #openstack-keystone01:51
*** ChanServ sets mode: +o lbragstad01:51
*** Shunli has joined #openstack-keystone01:54
*** thorst_afk has joined #openstack-keystone01:56
*** cheran has quit IRC02:13
*** piliman974 has quit IRC02:25
*** r-daneel has joined #openstack-keystone02:26
*** lbragstad has quit IRC02:30
*** zhurong has quit IRC02:30
*** thorst_afk has quit IRC02:32
*** thorst_afk has joined #openstack-keystone02:33
*** r-daneel has quit IRC02:33
*** thorst_afk has quit IRC02:37
*** piliman974 has joined #openstack-keystone02:42
*** edmondsw has joined #openstack-keystone02:46
*** shuyingya has quit IRC02:50
*** shuyingya has joined #openstack-keystone02:51
*** edmondsw has quit IRC02:51
*** links has joined #openstack-keystone02:52
*** shuyingy_ has joined #openstack-keystone02:53
*** shuyingya has quit IRC02:57
*** aojea has joined #openstack-keystone03:04
openstackgerritzhengliuyang proposed openstack/keystone master: A clean and simple fix about explicit_unscoped_string  https://review.openstack.org/47155703:07
*** shuyingy_ has quit IRC03:08
*** aojea has quit IRC03:08
*** shuyingya has joined #openstack-keystone03:08
*** piliman974 has quit IRC03:11
*** ducttape_ has joined #openstack-keystone03:14
*** thorst_afk has joined #openstack-keystone03:43
*** namnh_ has joined #openstack-keystone03:54
*** aselius has quit IRC03:55
*** namnh has quit IRC03:56
*** nicolasbock has joined #openstack-keystone03:57
*** namnh has joined #openstack-keystone03:57
*** namnh_ has quit IRC03:59
*** zhurong has joined #openstack-keystone04:00
*** ducttape_ has quit IRC04:02
*** thorst_afk has quit IRC04:02
*** shuyingy_ has joined #openstack-keystone04:11
*** shuyingya has quit IRC04:12
*** hoonetorg has quit IRC04:29
*** zhurong has quit IRC04:30
*** adriant has quit IRC04:35
*** edmondsw has joined #openstack-keystone04:35
*** adriant has joined #openstack-keystone04:39
*** edmondsw has quit IRC04:39
*** zhurong has joined #openstack-keystone04:40
*** adriant has quit IRC04:40
*** adriant has joined #openstack-keystone04:41
*** shuyingy_ has quit IRC04:42
*** liujiong has quit IRC04:43
*** shuyingya has joined #openstack-keystone04:46
*** hoonetorg has joined #openstack-keystone04:46
*** zig_ has joined #openstack-keystone04:56
*** pcaruana has joined #openstack-keystone04:56
zig_Hello Everyone. I need some help in configuring Keystone with OIDC. I am getting a HTTP 401: Missing entity ID from environment error inspite of having set remote_id_attribute in keystone.conf. Can someone please help me with this04:57
*** shuyingy_ has joined #openstack-keystone05:00
*** shuyingya has quit IRC05:00
*** aojea has joined #openstack-keystone05:02
bretonzig_: are you sure remote_id_attribute is correct? Why are you sure?05:04
*** dims has quit IRC05:09
*** pcaruana has quit IRC05:14
zig_breton: i have set remote_id_attribute=HTTP_OIDC_ISS under [oidc] and [federation] section in keystone.conf.05:23
openstackgerritzhengliuyang proposed openstack/keystone master: A simple fix about explicit unscoped string  https://review.openstack.org/47155705:37
*** namnh_ has joined #openstack-keystone05:38
zig_breton: Is there any additional parameter that i need to set in the horizon environment?05:38
*** namnh has quit IRC05:39
*** dims has joined #openstack-keystone05:41
*** thorst_afk has joined #openstack-keystone05:59
Dinesh_Bhorbreton: ping06:01
Dinesh_Bhorbreton: I just reported a bug: https://bugs.launchpad.net/keystone/+bug/1696308 If you have any info on this then that will help.06:03
openstackLaunchpad bug 1696308 in OpenStack Identity (keystone) "list revoked tokens API returns 500 InternalServerError" [Undecided,New]06:03
*** thorst_afk has quit IRC06:04
*** zig_ has quit IRC06:06
*** aojea has quit IRC06:06
*** jaosorior_away is now known as jaosorior06:11
*** tobberydberg has joined #openstack-keystone06:14
*** tobberydberg has quit IRC06:14
*** tobberydberg has joined #openstack-keystone06:14
bretonDinesh_Bhor: list revoked tokens API is for PKI tokens only06:15
bretonDinesh_Bhor: if you use uuid tokens, it will not work06:15
bretonzigo: in horizon no. Why do you think it should be HTTP_OIDC_ISS?06:16
bretonoh06:16
bretonzigo: sorry06:16
Dinesh_Bhorbreton: yeah, but do you think in that case it should return 500?06:18
*** zig_ has joined #openstack-keystone06:21
*** rcernin has joined #openstack-keystone06:21
*** zsli_ has joined #openstack-keystone06:22
*** edmondsw has joined #openstack-keystone06:23
*** Shunli has quit IRC06:24
bretonDinesh_Bhor: i don't know. Maybe it would be nice to return some error, but PKI is deprecated and nobody uses it, and if they do, the call works for them.06:26
*** edmondsw has quit IRC06:28
Dinesh_Bhorbreton: OK, understood. Could you please comment on the bug for the same so that it will help other cores to decide whether to fix it or not?06:30
cmurphyzig_: check your horizon configs, make sure you have OPENSTACK_KEYSTONE_URL pointing to the right v3 endpoint and make sure WEBSSO_CHOICES has the name of the federation protocol, which is probably openidc (not oidc)06:32
cmurphyzig_: breton HTTP_OIDC_ISS is the right remote_id_attribute for openidc06:33
zig_cmurphy: Thank you. Is it possible for you to have a look at my current configuration, if i include it in paste.openstack?06:37
cmurphyzig_: sure, I can try06:38
zig_cmurphy: Thank you. Let me just paste it. I will send the link in a minute.06:39
zig_cmurphy: Please check http://paste.openstack.org/show/611650/.06:47
cmurphyzig_: what version are you running?06:48
zig_cmurphy: Newton devstack. And the identity_api_version is 306:48
cmurphyzig_: you should probably change your oidc secret in the google console :(06:51
zig_cmurphy: oops...thanks for  that. I have changed it.06:52
*** belmoreira has joined #openstack-keystone06:55
cmurphyzig_: is the OPENSTACK_KEYSTONE_URL correct? your keystone is at /identity on that domain? unless the apache vhost is snipped it doesn't look like it is06:56
cmurphyzig_: you'll probably want to change it to http://keystonegoogle.com:5000/v3 and also make sure the redirect urls match it06:59
zig_cmurphy: oh ok I will change it.06:59
*** thorst_afk has joined #openstack-keystone07:01
*** afazekas has quit IRC07:01
*** afazekas has joined #openstack-keystone07:01
cmurphyzig_: not sure if this would have helped here but setting LOGGING -> 'handlers' -> 'console' -> 'level' to 'DEBUG' in local_settings.py sometimes helps get more information from horizon on auth stuff07:02
zig_cmurphy: Should i replace the OIDCRedirectURI in vhost as well? I am using devstack version so i am not sure if keystone is at /identity :(07:03
*** pcaruana has joined #openstack-keystone07:03
zig_cmurphy: I ahve enabled Debug but nothing seems to be logged with this issue :(07:04
bretoncmurphy: it is not always right. I had to use remote_id_attribute = OIDC-iss some time ago.07:04
*** thorst_afk has quit IRC07:05
bretonzig_: are environment variables getting logged if you enable debug?07:05
cmurphyzig_: i don't remember if newton used /identity, but there will be a <Location> thing in the vhost already made by devstack and `openstack endpoint list` will show it07:06
cmurphybreton: ah okay07:06
cmurphyfor google at least i'm pretty sure it's HTTP_OIDC_ISS07:06
*** liujiong has joined #openstack-keystone07:06
bretoncmurphy: you think it is idp-specific?07:07
bretoncmurphy: my understanding was that the web server sets the variable07:07
bretoncmurphy: and we just tell keystone what's the name of the variable07:07
cmurphybreton: I know that with mod_auth_openidc and google I've used HTTP_OIDC_ISS07:08
zig_cmurphy: openstack endpoint list gives http://127.0.0.1/identity and https://127.0.0.1/identity_admin as the URL07:08
zig_breton: no it doesn't seem to07:10
*** tesseract has joined #openstack-keystone07:11
zig_cmurphy: with keystone:5000 i get Internal server error in horizon :(07:11
cmurphyzig_: yeah if the endpoint is /identity in keystone then /identity was right in horizon, sorry :(07:11
bretonzig_: can you post your logs somewhere?07:13
zig_breton: Sure. It's here: http://paste.openstack.org/show/611654/07:15
bretonzig_: there should be some more logs. Keystone logs can even be in horizon logs.07:18
*** aojea has joined #openstack-keystone07:22
*** aojea has quit IRC07:22
*** aojea has joined #openstack-keystone07:23
*** namnh_ has quit IRC07:33
*** namnh has joined #openstack-keystone07:33
zig_breton: mostly the log entries are  INFO and Debug. There are some error logs like this  ERROR keystone.federation.controllers [req-1e79d981-c5dc-4dd4-8f0e-05253c051da4 baf8a9342d8a44e695e649d5498ac079 c6f14884230942ca87aa01b9e2f895d5 - default default] Missing entity ID from environment.07:43
zig_breton: http://paste.openstack.org/show/611656/ i have appended some more log entries to it. The file is huge :(07:45
*** pnavarro has joined #openstack-keystone07:52
*** rcernin has quit IRC07:52
*** rcernin has joined #openstack-keystone07:52
bretonzig_: here is what you can do07:59
bretonzig_: open keystone/federation/controllers.py07:59
*** zzzeek has quit IRC08:00
bretonzig_: find there "def federated_sso_auth"08:00
*** zzzeek has joined #openstack-keystone08:00
bretonzig_: you will see there the message: "Missing entity ID from environment"08:00
bretonzig_: right after the assignment insert LOG.warning(request.environ)08:01
*** thorst_afk has joined #openstack-keystone08:01
bretonzig_: and look in the logs08:01
zig_breton: Thanks a lot. Will do that08:08
zig_breton: as this is a devstack setup, so restarting apache after making the change should be sufficient right?08:10
*** zsli_ has quit IRC08:11
*** edmondsw has joined #openstack-keystone08:11
*** zsli_ has joined #openstack-keystone08:12
bretonzig_: yes08:12
zig_breton: I don't understand what could be the reason. But logs aren't getting logged into key.log file now :(08:12
*** edmondsw has quit IRC08:16
zig_breton: The only option i can think of is do an unstack followed by stack :( Is there something that you can suggest08:19
*** thorst_afk has quit IRC08:21
*** gongysh has quit IRC08:25
bretonzig_: check out apache logs08:25
*** aojea has quit IRC08:28
*** phalmos has quit IRC08:29
*** gongysh has joined #openstack-keystone08:33
*** aojea has joined #openstack-keystone08:33
*** zhurong has quit IRC08:47
*** jamielennox is now known as jamielennox|away08:50
*** mvk has joined #openstack-keystone08:57
*** shuyingy_ has quit IRC08:57
*** shuyingya has joined #openstack-keystone08:58
*** zhurong has joined #openstack-keystone09:02
zig_breton: There seems to be some issue with my current devstack run. Could you let me know what is required to be present in the environ variable? I can get back to you once i resolve the devstack issue09:03
openstackgerritMerged openstack/keystoneauth master: Fix html_last_updated_fmt for Python3  https://review.openstack.org/47066309:08
*** jamielennox|away is now known as jamielennox09:10
*** zig_ has quit IRC09:13
*** zig_ has joined #openstack-keystone09:14
openstackgerritMerged openstack/python-keystoneclient master: Fix html_last_updated_fmt for Python3  https://review.openstack.org/47065809:16
*** thorst_afk has joined #openstack-keystone09:18
bretonzig_: i have no idea. There should be a variable with entity ID. We need to find that variable and put it to keystone.conf09:18
zig_breton: Oh! Ok i will check that. Thanks breton.09:19
*** thorst_afk has quit IRC09:22
*** namnh_ has joined #openstack-keystone09:22
*** namnh has quit IRC09:25
*** nishaYadav has joined #openstack-keystone09:31
* nishaYadav waves hello o/09:31
*** zsli_ has quit IRC09:36
zig_breton: I have posted the logs here. http://paste.openstack.org/show/611669/09:44
*** nkinder has quit IRC09:44
*** zhurong has quit IRC09:51
bretonzig_: well, there is nothing federation-related in the logs. At what moment of authentication flow do you get this error?09:55
*** mvk has quit IRC09:55
*** edmondsw has joined #openstack-keystone09:59
*** edmondsw has quit IRC10:04
*** nicolasbock_ has joined #openstack-keystone10:04
*** nicolasbock has quit IRC10:06
zig_breton: In horizon, i get option to select oidc. On clicking that it should ideally redirect me to the google login page. But instead it gives me authorization HTTP401 error10:06
*** shuyingy_ has joined #openstack-keystone10:07
*** liujiong has quit IRC10:09
*** shuyingya has quit IRC10:11
bretonzig_: oooh. Then your openidc apache module is misconfigured10:13
zig_breton: Do you suggest any document to fix it?10:14
*** nishaYadav_ has joined #openstack-keystone10:16
*** nishaYadav has quit IRC10:18
*** piliman974 has joined #openstack-keystone10:19
*** sjain has joined #openstack-keystone10:22
*** mvk has joined #openstack-keystone10:27
bretonzig_: well, search in google i guess. Keystone shouldn't do anything at this point, it's mod-auth-openidc misconfigured. http://paste.openstack.org/show/611675/ -- this apache config i used for my devstack in a virtualbox10:28
*** Shunli has joined #openstack-keystone10:29
*** Shunli has quit IRC10:29
*** namnh has joined #openstack-keystone10:30
*** namnh_ has quit IRC10:33
zig_breton: Thanks for that. Could you please let me know how to set these parameters :OIDCProviderAuthorizationEndpoint, OIDCProviderTokenEndpoint, OIDCProviderUserInfoEndpoint, OIDCProviderTokenEndpointAuth10:34
bretonzig_: nope, don't know10:35
openstackgerritSamriddhi proposed openstack/keystone master: Move role policies to DocumentedRuleDefault  https://review.openstack.org/44925110:40
openstackgerritSamriddhi proposed openstack/keystone master: Move role policies to DocumentedRuleDefault  https://review.openstack.org/47171410:40
*** nkinder has joined #openstack-keystone10:41
*** shuyingy_ has quit IRC10:47
*** shuyingya has joined #openstack-keystone10:48
*** sjain has quit IRC10:48
*** nishaYadav_ has quit IRC10:56
*** namnh has quit IRC10:56
*** raildo has joined #openstack-keystone11:08
*** aojea has quit IRC11:16
*** piliman974 has quit IRC11:19
*** piliman974 has joined #openstack-keystone11:20
*** Drankis has joined #openstack-keystone11:24
*** edmondsw has joined #openstack-keystone11:27
*** zig_ has quit IRC11:37
*** sjain has joined #openstack-keystone11:38
openstackgerritSamriddhi proposed openstack/keystone master: Move role policies to DocumentedRuleDefault  https://review.openstack.org/47171411:42
*** dikonoor has joined #openstack-keystone11:45
*** sjain has quit IRC11:47
*** thorst_afk has joined #openstack-keystone11:49
*** chlong has joined #openstack-keystone12:02
*** nishaYadav has joined #openstack-keystone12:04
*** gongysh has quit IRC12:19
*** gongysh has joined #openstack-keystone12:19
*** piliman974 has quit IRC12:23
*** gongysh has quit IRC12:23
*** piliman974 has joined #openstack-keystone12:25
*** nishaYadav_ has joined #openstack-keystone12:31
*** nishaYadav has quit IRC12:34
*** nishaYadav_ is now known as nishaYadav12:36
*** shuyingya has quit IRC12:42
*** nishaYadav_ has joined #openstack-keystone12:54
*** ducttape_ has joined #openstack-keystone12:57
*** nishaYadav has quit IRC12:58
*** ducttape_ has quit IRC13:06
*** rmascena has joined #openstack-keystone13:08
*** raildo has quit IRC13:10
*** ducttap__ has joined #openstack-keystone13:14
*** nishaYadav__ has joined #openstack-keystone13:23
*** aojea has joined #openstack-keystone13:23
*** nishaYadav_ has quit IRC13:24
*** nishaYadav__ is now known as nishaYadav_13:26
*** links has quit IRC13:30
*** r-daneel has joined #openstack-keystone13:31
*** r-daneel has quit IRC13:33
*** r-daneel has joined #openstack-keystone13:33
*** dave-mccowan has joined #openstack-keystone13:36
*** dave-mccowan has quit IRC13:41
*** chlong has quit IRC13:43
*** dave-mccowan has joined #openstack-keystone13:45
*** ducttap__ has quit IRC13:45
*** ducttape_ has joined #openstack-keystone13:46
*** zhurong has joined #openstack-keystone13:54
*** ducttape_ has quit IRC14:01
*** dave-mccowan has quit IRC14:12
*** evgenyf has joined #openstack-keystone14:15
*** zhurong has quit IRC14:17
*** ducttape_ has joined #openstack-keystone14:20
EmilienMhey folks, I saw debug option in keystone can be changed without restarting keystone. I'm running Keystone with Apache and changed the option to be false, but I still see DEBUG in the logs. Did I miss something?14:21
evgenyfHi Folks! can someone help with keystone KILO issue while using identity v3?  "nova list" and other CLI commands response with The request you have made requires authentication. (HTTP 401)14:25
*** jaosorior is now known as jaosorior_away14:31
*** aojea has quit IRC14:37
*** iurygregory has quit IRC14:42
*** lucasxu has joined #openstack-keystone14:44
*** lbragstad has joined #openstack-keystone14:52
*** ChanServ sets mode: +o lbragstad14:52
knikollao/14:55
morgano/14:58
lbragstado/14:58
*** aselius has joined #openstack-keystone15:02
*** Drankis has quit IRC15:05
*** dikonoor has quit IRC15:05
*** tobberyd_ has joined #openstack-keystone15:06
*** nishaYadav_ has quit IRC15:10
*** tobberydberg has quit IRC15:10
*** rcernin has quit IRC15:11
*** tobberyd_ has quit IRC15:14
*** piliman974 has quit IRC15:17
hrybackilbragstad: can't make policy mtg today, heading out to meet family. Anything you need from me in advance?15:18
lbragstadhrybacki: sounds good - thanks for the heads  up15:18
lbragstadhrybacki: enjoy the family!15:18
hrybackiNP. Still keeping an eye out on those policy reviews. Looks like we got 1 +1 one the rolecall vote atm15:18
lbragstadhrybacki: yep - i saw that this morning15:19
lbragstadwhich is good!15:19
*** piliman974 has joined #openstack-keystone15:19
lbragstadhrybacki: i plan on reviewing the rest of the policy docs patches today15:19
hrybackiack15:20
*** dave-mccowan has joined #openstack-keystone15:21
openstackgerritSamuel de Medeiros Queiroz proposed openstack/keystone master: Move grant policies to DocumentedRuleDefault  https://review.openstack.org/44924415:23
*** chlong has joined #openstack-keystone15:27
*** lucasxu has quit IRC15:30
*** nishaYadav has joined #openstack-keystone15:33
*** rderose has joined #openstack-keystone15:34
*** nishaYadav has quit IRC15:36
*** gyee has joined #openstack-keystone15:41
*** belmoreira has quit IRC15:44
*** aojea has joined #openstack-keystone15:45
*** spilla has joined #openstack-keystone15:46
*** aojea has quit IRC15:50
openstackgerritSamuel de Medeiros Queiroz proposed openstack/keystone master: Move grant policies to DocumentedRuleDefault  https://review.openstack.org/44924416:03
samueldmqhrybacki: lbragstad: cmurphy ^ this one for grants is pretty complex when compared to the others16:03
*** dave-mccowan has quit IRC16:05
*** david-lyle has joined #openstack-keystone16:07
*** evgenyf has quit IRC16:22
*** lucasxu has joined #openstack-keystone16:28
*** tesseract has quit IRC16:34
*** tobberydberg has joined #openstack-keystone16:36
*** tobberydberg has quit IRC16:41
*** dave-mccowan has joined #openstack-keystone16:42
*** ediardo has quit IRC16:45
*** tobberydberg has joined #openstack-keystone16:57
*** tobberydberg has quit IRC17:02
*** pnavarro has quit IRC17:04
*** mvk has quit IRC17:10
*** pnavarro has joined #openstack-keystone17:17
*** iurygregory has joined #openstack-keystone17:18
*** rcernin has joined #openstack-keystone17:30
*** aojea has joined #openstack-keystone17:42
*** sjain_ has joined #openstack-keystone17:55
morgancmurphy: good catches on the start of the ksa patch change mordred is working on18:01
cmurphymorgan: :)18:02
* cmurphy helping18:02
cmurphynow to go through the rest of the stack18:04
morgani am holding on some of the rest until the earlier ones are addressed, the stack is deep and i'm not sure what the fixes for compat may do to the upper ends.18:04
cmurphythat's probably a good idea18:05
*** dave-mccowan has quit IRC18:12
*** sjain_ has quit IRC18:18
*** aojea has quit IRC18:20
openstackgerritSamuel de Medeiros Queiroz proposed openstack/keystone master: Move grant policies to DocumentedRuleDefault  https://review.openstack.org/44924418:37
samueldmqlbragstad: done ^18:37
lbragstadsamueldmq: woo - sweet18:37
lbragstadsamueldmq: i'll review18:37
lbragstadfyi team - this might be interesting and has a couple reviewed that pertain to us http://lists.openstack.org/pipermail/openstack-dev/2017-June/117967.html18:43
lbragstadspecifically in oslo.cache and keystone18:43
*** ayoung has quit IRC18:43
*** spilla has quit IRC18:56
*** thorst_afk has quit IRC19:11
*** thorst_afk has joined #openstack-keystone19:15
*** p_arch has joined #openstack-keystone19:16
p_archHi - Is there someone who can help me.  I'm trying to set up SSL for keystone on Newton and failing miserably.  Help please!!19:17
*** rcernin has quit IRC19:17
*** aojea has joined #openstack-keystone19:17
*** thorst_afk has quit IRC19:20
*** dave-mccowan has joined #openstack-keystone19:23
*** thorst_afk has joined #openstack-keystone19:29
*** rcernin has joined #openstack-keystone19:35
-openstackstatus- NOTICE: The Gerrit service on review.openstack.org is being restarted now to clear some excessive connection counts while we debug the intermittent request failures reported over the past few minutes20:05
*** tobberydberg has joined #openstack-keystone20:10
*** nicolasbock_ has quit IRC20:14
*** tobberydberg has quit IRC20:15
lbragstadsamueldmq: just getting around to reviewing https://review.openstack.org/#/c/449244/7/keystone/assignment/routers.py20:36
samueldmqlbragstad: yes?20:37
samueldmqthere are a couple of places where we have get_action rather than get_head, we should look for consistency, but I'd like to have an overview of all we have20:37
samueldmqbefore the move20:38
lbragstadsamueldmq: interesting20:38
lbragstadso does that API not support HEAD methods?20:38
samueldmqno20:38
samueldmqwhich is pretty inconsistent20:38
lbragstadhuh - but the rest of the assignment API does?20:38
samueldmqyes20:38
lbragstadbecause it uses get_head_action20:38
lbragstadhmmm20:38
samueldmqwe should migrate all to get_head I guess, and remove the possibility of get_action at all20:38
lbragstadthat should be backwards compatible20:39
samueldmqand will be20:39
*** pnavarro has quit IRC20:39
lbragstadok - that makes senes20:39
lbragstadsamueldmq: i wonder if we should open a bug for that?20:39
lbragstaddoesn't seem like specification material20:39
openstackgerritGage Hugo proposed openstack/keystone master: Prep for is_admin_project for scoped operations  https://review.openstack.org/47191120:40
samueldmqlbragstad: well that would make sense20:40
lbragstadsamueldmq: a bug report?20:40
samueldmqyes20:40
samueldmqmorgan started that20:40
lbragstadsamueldmq: cool - i agree20:40
lbragstadsamueldmq: is there one already created?20:41
samueldmqwhen he said all get apis should have respective heads20:41
* lbragstad must have missed it20:41
samueldmqthe thing is that we didnt migrate 100% or we didnt continue in the approach20:41
samueldmqI think it's time to revisit20:41
lbragstadsamueldmq: do you have a link to the bug report?20:41
samueldmqlooking20:41
samueldmqlbragstad:  bug 137033520:44
openstackbug 1370335 in OpenStack Identity (keystone) "Keystone should support HEAD requests for all GET /v3/* actions" [Wishlist,Fix released] https://launchpad.net/bugs/1370335 - Assigned to Colleen Murphy (krinkle)20:44
lbragstadah20:45
lbragstadwe should figure out where that isn't true anymore20:46
lbragstadsamueldmq: ok - finished reviewing, just a couple more wording suggestions that I should have caught when I suggested them the first time around20:50
lbragstadsamueldmq: should we create a new bug report for the get_head_action inconsistencies you found?20:51
lbragstadsamueldmq: these are the get_actions i see in the source today - http://paste.openstack.org/show/611770/20:52
*** pcaruana has quit IRC20:53
*** pcaruana has joined #openstack-keystone20:53
*** ayoung has joined #openstack-keystone21:08
samueldmqlbragstad: yes I think a new bug makes sense21:09
samueldmqthen we study them closer and decide what to do21:09
openstackgerritLance Bragstad proposed openstack/keystone master: Flag GET APIs that need corresponding HEAD API  https://review.openstack.org/47191921:09
lbragstadsamueldmq: done ^21:10
samueldmqlbragstad: reviewed :)21:12
lbragstadcmurphy: proposed the original fix, she might have some useful context there, too21:16
*** pcaruana has quit IRC21:16
openstackgerritLance Bragstad proposed openstack/keystone master: Flag GET APIs that need corresponding HEAD API  https://review.openstack.org/47191921:18
*** edmondsw_ has joined #openstack-keystone21:22
*** frickler_ has joined #openstack-keystone21:26
*** SamYaple_ has joined #openstack-keystone21:27
*** rmascena has quit IRC21:27
*** odyssey4me_ has joined #openstack-keystone21:28
*** Alex_Oughton has joined #openstack-keystone21:29
*** evrardjp has quit IRC21:29
*** mtreinish has quit IRC21:29
*** AlexOughton has quit IRC21:29
*** adriant has quit IRC21:29
*** aloga has quit IRC21:29
*** SamYaple has quit IRC21:29
*** frickler has quit IRC21:29
*** edmondsw has quit IRC21:29
*** hoonetorg has quit IRC21:29
*** odyssey4me has quit IRC21:29
*** aloga has joined #openstack-keystone21:30
*** mtreinish has joined #openstack-keystone21:30
*** hoonetorg has joined #openstack-keystone21:30
*** evrardjp has joined #openstack-keystone21:30
cmurphyhi21:32
gagehugocmurphy o/21:33
cmurphydid we miss those in the first pass or did new ones come up?21:34
lbragstadcmurphy: that's a good question21:38
lbragstadcmurphy: pulling up the change21:38
lbragstadcmurphy: i found those by doing a grep21:38
* lbragstad is super fancy21:38
cmurphypulling out all the stops21:38
lbragstadi even used --exclude-dir21:39
lbragstadcmurphy: it looks like there are some get_actions here https://review.openstack.org/#/c/295641/2/keystone/assignment/routers.py21:40
lbragstadfor the implied roles stuff21:40
*** piliman974 has quit IRC21:40
cmurphyheh so there is21:41
lbragstadspecifically looking at get_action='list_implied_roles',21:43
cmurphyyeah i don't know what i was thinking21:43
*** rcernin has quit IRC21:44
lbragstadcmurphy: :) no worries - it's an easy fix21:44
lbragstadsome of those might be new APIs too21:44
openstackgerritMerged openstack/keystone master: Quotation marks should be included in http url using curl  https://review.openstack.org/45873621:44
cmurphyi'm not worried, that was one of my first keystone patches :)21:45
cmurphynot that shabby for a noob21:45
*** lucasxu has quit IRC21:45
cmurphylbragstad: commented on your patch, i don't think it would be that hard to just fix it rather than marking them?21:46
lbragstadcmurphy: good point21:46
lbragstadcmurphy: "sir, stop being lazy and just fix the bug" ;)21:47
cmurphy:P21:47
*** catintheroof has joined #openstack-keystone21:47
*** thorst_afk has quit IRC21:53
*** piliman974 has joined #openstack-keystone21:54
*** SamYaple_ has quit IRC21:57
*** SamYaple has joined #openstack-keystone21:57
*** edmondsw_ has quit IRC21:58
*** aojea has quit IRC22:18
*** thorst_afk has joined #openstack-keystone22:28
*** thorst_afk has quit IRC22:32
*** chlong has quit IRC22:32
*** adriant has joined #openstack-keystone22:37
*** piliman974 has quit IRC22:38
*** ayoung has quit IRC22:40
*** piliman974 has joined #openstack-keystone22:40
*** catintheroof has quit IRC22:46
*** lbragstad has quit IRC23:00
*** rderose has quit IRC23:01
*** thorst_afk has joined #openstack-keystone23:02
*** openstack has joined #openstack-keystone23:13
*** thorst_afk has quit IRC23:17
*** edmondsw has joined #openstack-keystone23:18
*** edmondsw has quit IRC23:23
*** ducttape_ has quit IRC23:24
openstackgerritNicolas Helgeson proposed openstack/keystone master: Added versions to keyston headers  https://review.openstack.org/46818923:26
*** ducttape_ has joined #openstack-keystone23:26
*** ducttape_ has quit IRC23:52
« Tuesday, 2017-06-06 Index Thursday, 2017-06-08 »

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!