Monday, 2017-07-24

« Sunday, 2017-07-23 Index Tuesday, 2017-07-25 »
*** lwanderley has joined #openstack-keystone00:06
*** jmlowe has quit IRC00:18
*** jmlowe has joined #openstack-keystone00:19
*** jmlowe has quit IRC00:19
*** jmlowe has joined #openstack-keystone00:20
*** jmlowe_ has joined #openstack-keystone00:22
*** jmlowe has quit IRC00:24
*** lbragsta_ has quit IRC00:28
*** thorst has joined #openstack-keystone00:31
*** catintheroof has joined #openstack-keystone00:33
*** thorst has quit IRC00:36
*** Shunli has joined #openstack-keystone00:46
*** lwanderley has quit IRC01:02
*** thorst has joined #openstack-keystone01:03
*** aojea has joined #openstack-keystone01:08
*** aojea has quit IRC01:13
*** r-daneel has joined #openstack-keystone01:18
*** azurepancake has joined #openstack-keystone01:52
*** ducttap__ has joined #openstack-keystone02:02
*** lwanderley has joined #openstack-keystone02:05
*** r-daneel has quit IRC02:06
*** azurepancake has quit IRC02:11
*** ducttap__ has quit IRC02:12
*** ducttape_ has joined #openstack-keystone02:19
*** ducttap__ has joined #openstack-keystone02:21
*** ducttape_ has quit IRC02:21
*** catintheroof has quit IRC02:22
*** ducttap__ has quit IRC02:22
*** r-daneel has joined #openstack-keystone02:23
*** ducttape_ has joined #openstack-keystone02:23
*** ducttape_ has quit IRC02:24
*** ducttap__ has joined #openstack-keystone02:24
*** ducttap__ has quit IRC02:28
*** ducttap__ has joined #openstack-keystone02:34
*** ducttap__ has quit IRC02:38
*** ducttape_ has joined #openstack-keystone02:38
*** ducttap__ has joined #openstack-keystone02:40
*** ducttape_ has quit IRC02:40
*** ducttap__ has quit IRC02:44
*** sbezverk has quit IRC02:44
*** lbragsta_ has joined #openstack-keystone02:47
*** ChanServ sets mode: +o lbragsta_02:47
*** thorst has joined #openstack-keystone03:04
*** Shunli has quit IRC03:05
*** Shunli has joined #openstack-keystone03:05
*** aojea has joined #openstack-keystone03:09
*** thorst has quit IRC03:10
*** aojea has quit IRC03:14
*** mtreinish has quit IRC03:14
*** ducttape_ has joined #openstack-keystone03:19
*** mtreinish has joined #openstack-keystone03:20
*** ducttape_ has quit IRC03:31
*** links has joined #openstack-keystone03:46
*** ducttape_ has joined #openstack-keystone03:52
*** ducttap__ has joined #openstack-keystone03:54
*** ducttape_ has quit IRC03:54
mordredefried_zzz, morgan, lbragstad, cmurphy: I found one more little bug in the latest ksa (somewhere in a refactor we stopped setting a variable to a value) - the fix is small and I've got it locally - but I'm working through making sure it's the only one rel quick03:55
*** ducttap__ has quit IRC03:55
mordred(this is the result of working on patches to consume)03:56
morganOmg time zone shift.03:56
morganIs it 3.0.2 worthy?03:57
morganIf so, propose a blacklist of 3.0.1?03:57
morganAnd I'm going to sigh a lot at you.03:57
morganYou owe keystone folks whiskey for 3.0.1 btw ;)03:58
morgan(not me, since I won't be in the same locale as you and the other contributors)03:59
*** lbragsta_ has quit IRC04:02
*** lbragsta_ has joined #openstack-keystone04:03
*** ChanServ sets mode: +o lbragsta_04:03
*** lbragsta_ has quit IRC04:35
*** lwanderley has quit IRC04:38
*** lwanderley has joined #openstack-keystone04:40
*** lwanderley has quit IRC04:47
*** sbezverk has joined #openstack-keystone04:51
*** ducttape_ has joined #openstack-keystone04:53
*** Dinesh_Bhor has joined #openstack-keystone04:56
*** ducttape_ has quit IRC04:58
*** wasmum has quit IRC05:01
*** wasmum has joined #openstack-keystone05:02
*** thorst has joined #openstack-keystone05:05
*** aojea has joined #openstack-keystone05:10
*** thorst has quit IRC05:10
*** aojea has quit IRC05:15
*** boris-42____ has joined #openstack-keystone05:30
*** aojea has joined #openstack-keystone05:44
mordredmorgan: yes 3.0.2 worthy - but no, don't  need a blacklist05:55
mordredmorgan: andyes to whiskey05:55
mordredmorgan: it's not a thing that will break anyone currently - it's a thing that is missing that's needed to actually use the new calls (and we have the attribute and expose it - we just forgot to actually, you know, write data into it)05:56
morganAh05:56
mordredmorgan: we don't actualy record the major version of the endpoint we discover :)05:57
morganOuch05:57
mordredyah. kinda funny05:57
mordredI have a patch that fixes it that's nice and small - writing tests ...05:58
morganWe may want to blacklist 3.0.1 as well then... Just for the sake of people leaning on new functionality and it not working.05:58
morganOnce 3.0.2 is released.05:58
mordredyah05:58
mordred++05:58
morganAlso..05:58
morganSigh05:58
morganSigh05:58
mordredyah05:58
morganSigh05:58
morganlbragstad: ^cc05:59
mordredmorgan: I actually have a video of your face sighing playing in a loop05:59
morganDims ^cc05:59
*** ducttape_ has joined #openstack-keystone06:03
*** ducttape_ has quit IRC06:08
*** aojea has quit IRC06:10
*** rcernin has joined #openstack-keystone06:23
*** thorst has joined #openstack-keystone06:27
*** thorst has quit IRC06:31
*** zsli_ has joined #openstack-keystone06:41
*** Shunli has quit IRC06:44
*** ducttape_ has joined #openstack-keystone06:57
*** phalmos has quit IRC07:01
*** ducttape_ has quit IRC07:02
*** nicolasbock has joined #openstack-keystone07:03
openstackgerritMonty Taylor proposed openstack/keystoneauth master: Record the discovered major api version  https://review.openstack.org/48650607:09
mordredmorgan, lbragstad, efried_zzz, cmurphy: ^^ there's the missing bit related to consuming the results07:10
mordredalong with tests07:10
jamielennoxwhat have we done...07:10
mordredmorning jamielennox !07:10
jamielennoxnope, but it's the first time i've looked in today07:10
jamielennoxmordred: o/07:10
mordredjamielennox: not morning for me either - although I haven't managed yet top leave my hotel room07:11
jamielennoxmordred: do you even care about little things like sun position any more07:11
mordredjamielennox: (enjoying the lovely vistas of beijing on your side of the pacific)07:11
jamielennoxoh, nice07:12
mordredjamielennox: oh golly no - I try to disavow any and all ideas that the sun is an absolute concept07:12
*** wasmum has quit IRC07:28
*** aojea has joined #openstack-keystone07:28
*** wasmum has joined #openstack-keystone07:28
*** belmoreira has joined #openstack-keystone07:39
*** david-lyle has quit IRC07:50
*** dklyle has joined #openstack-keystone07:50
*** wasmum has quit IRC08:13
*** wasmum has joined #openstack-keystone08:14
*** thorst has joined #openstack-keystone08:27
*** thorst has quit IRC08:32
*** dklyle has quit IRC08:32
*** dklyle has joined #openstack-keystone08:33
*** dklyle has quit IRC08:36
*** david-lyle has joined #openstack-keystone08:47
*** david-lyle has quit IRC08:49
*** david-lyle has joined #openstack-keystone08:50
*** dklyle has joined #openstack-keystone08:53
*** david-lyle has quit IRC08:53
*** ducttape_ has joined #openstack-keystone08:58
*** jaosorior has joined #openstack-keystone09:02
*** ducttape_ has quit IRC09:03
*** boris-42____ has quit IRC09:19
*** zsli_ has quit IRC09:29
*** ducttape_ has joined #openstack-keystone10:04
*** ducttap__ has joined #openstack-keystone10:07
*** ducttape_ has quit IRC10:08
*** ducttap__ has quit IRC10:12
*** thorst has joined #openstack-keystone10:29
*** thorst has quit IRC10:33
*** r-daneel has quit IRC10:55
*** lwanderley has joined #openstack-keystone11:01
*** Dinesh_Bhor has quit IRC11:07
*** raildo has joined #openstack-keystone11:08
*** rmascena has joined #openstack-keystone11:35
*** raildo has quit IRC11:37
*** thorst has joined #openstack-keystone11:54
*** dikonoor has joined #openstack-keystone11:55
*** thorst_ has joined #openstack-keystone11:56
*** thorst_ has quit IRC11:56
*** thorst_ has joined #openstack-keystone11:57
*** belmoreira has quit IRC11:58
*** thorst has quit IRC11:58
*** ducttape_ has joined #openstack-keystone12:03
*** ducttape_ has quit IRC12:08
* dims peeks12:31
*** catintheroof has joined #openstack-keystone12:42
*** lwanderley has quit IRC12:50
*** chlong has joined #openstack-keystone12:53
*** edmondsw has joined #openstack-keystone12:59
*** r-daneel has joined #openstack-keystone13:09
*** lucasxu has joined #openstack-keystone13:11
samueldmqmorning13:12
*** r-daneel has quit IRC13:13
*** ducttape_ has joined #openstack-keystone13:15
*** gagehugo has quit IRC13:15
*** links has quit IRC13:20
*** gagehugo has joined #openstack-keystone13:21
openstackgerritSamuel de Medeiros Queiroz proposed openstack/keystone master: Update docs: fernet is the default provider  https://review.openstack.org/48660813:23
*** ducttape_ has quit IRC13:29
*** efried_zzz is now known as efried13:29
*** Dinesh_Bhor has joined #openstack-keystone13:40
efriedmordred Reviewed13:40
*** ducttape_ has joined #openstack-keystone13:43
*** aselius has joined #openstack-keystone13:49
samueldmqgagehugo: hi, you around? re project tags14:03
knikollao/14:04
lbragstadi've proposed new stable releases for both ocata and newton https://review.openstack.org/#/c/486626/ and https://review.openstack.org/#/c/486621/14:11
gagehugosamueldmq o/14:25
openstackgerritMerged openstack/keystonemiddleware master: Updated from global requirements  https://review.openstack.org/48632115:01
*** lucasxu has quit IRC15:03
openstackgerritMerged openstack/python-keystoneclient master: Updated from global requirements  https://review.openstack.org/48633615:11
samueldmqgagehugo: o/15:13
*** dklyle is now known as david-lyle15:14
*** dikonoor has quit IRC15:14
gagehugosamueldmq what's up?15:14
samueldmqgagehugo: I am trying to understand a bit more the chain of patches for project tags15:14
samueldmqand I saw you're maintaining it15:15
openstackgerritEric Fried proposed openstack/keystoneauth master: Make discover._version_between more lenient  https://review.openstack.org/48582715:16
samueldmqgagehugo: I saw there is a 1k+ LOC patch that implements it, but still has WIP in the commit title15:16
samueldmqis all the implementation in that single patch/15:16
gagehugosamueldmq most of it is, we have pulled the schema and DB migration out into their own patches15:17
gagehugoI was going to take a look at the unit tests, I think those can be cleaned up a bit15:17
gagehugotoday*15:18
samueldmqgagehugo: cool, is the feature ready?15:18
samueldmqwhy is there a WIP in the title? it's been 80 patch sets already15:18
gagehugosamueldmq not yet, it is close though15:18
samueldmqWIP: Add project tags15:19
samueldmqAdd database migration for project tags15:19
samueldmqAdd JSON schema validation for project tags15:19
samueldmqgagehugo: are these all ^ ?15:19
gagehugoyes15:19
gagehugoother than the KSC15:19
openstackgerritEric Fried proposed openstack/keystoneauth master: Make discover._version_between more lenient  https://review.openstack.org/48582715:20
gagehugohttps://review.openstack.org/#/c/485344/15:20
gagehugo^ that too is blocking the main patch15:20
gagehugowith tempest15:20
*** chlong_ has joined #openstack-keystone15:21
samueldmqgagehugo: nice. looks like I have everything I need to start reviewing15:22
samueldmqthanks15:22
*** chlong has quit IRC15:24
openstackgerritMerged openstack/keystonemiddleware master: Enable sphinx todo extension  https://review.openstack.org/48441515:26
openstackgerritMerged openstack/keystone master: Optional request parameters should be not required  https://review.openstack.org/48541615:30
*** rcernin has quit IRC15:34
*** wasmum has quit IRC15:36
*** wasmum has joined #openstack-keystone15:39
openstackgerritMerged openstack/keystone master: Add a hacking rule for string interpolation at logging  https://review.openstack.org/48425015:39
openstackgerritMerged openstack/keystone master: Fix wording of configuration help text  https://review.openstack.org/48576015:39
samueldmqgagehugo: posted a couple of initial comments/questions to that review15:39
gagehugosamueldmq thanks! I'll take a look15:40
samueldmqgagehugo: sure. hopefully we will get that ready for landing soon15:40
samueldmqthanks for working on that15:40
*** lwanderley has joined #openstack-keystone15:44
*** lwanderley has quit IRC15:55
*** lwanderley has joined #openstack-keystone15:55
*** rmascena is now known as raildo15:56
*** nicolasbock has quit IRC15:57
*** rcernin has joined #openstack-keystone15:58
*** jmlowe_ has quit IRC15:59
openstackgerritMerged openstack/keystone master: Enable sphinx todo extension  https://review.openstack.org/48441116:00
*** aojea has quit IRC16:03
*** lwanderley has quit IRC16:04
*** aojea has joined #openstack-keystone16:12
*** chlong__ has joined #openstack-keystone16:13
*** chlong_ has quit IRC16:13
openstackgerritJaewoo Park proposed openstack/keystone master: WIP: Add project tags  https://review.openstack.org/47031716:15
*** lwanderley has joined #openstack-keystone16:16
*** aojea has quit IRC16:17
*** lwanderley has quit IRC16:19
*** aojea has joined #openstack-keystone16:21
*** lwanderley has joined #openstack-keystone16:24
*** aojea has quit IRC16:26
*** aojea has joined #openstack-keystone16:31
*** aojea has quit IRC16:36
*** aojea has joined #openstack-keystone16:40
*** chlong_ has joined #openstack-keystone16:40
*** chlong__ has quit IRC16:41
*** aojea has quit IRC16:44
dimslbragstad : around? need a quick check of "GET /v3/auth/tokens" API16:50
dims(or anyone else who knows is fine too :)16:50
lbragstaddims: yep16:50
dimsdoes X-Auth-Token need to have some kind of admin privs?16:51
dims"A valid authentication token for an administrative user." - i see that in https://developer.openstack.org/api-ref/identity/v3/?expanded=validate-and-show-information-for-token-detail,password-authentication-with-unscoped-authorization-detail,token-authentication-with-explicit-unscoped-authorization-detail#validate-and-show-information-for-token16:52
dimsapi-ref does not seem to show that - http://git.openstack.org/cgit/openstack/keystone/tree/api-ref/source/v3/authenticate-v3.inc#n43716:52
lbragstaddims:  no not necessarily16:54
lbragstadif you generate a token regardless of the roles on that token you can use it to validate itself16:55
dimsseems like i can do a curl using the "demo" devstack account and that works just fine16:55
lbragstadin order to validate other tokens, you need to be administrative16:55
lbragstadso - i as a user without administrative rights can't validate a token i steal from you16:55
jlvillalmorgan: Any plans to update the 'positional' library to remove the deprecation warning?16:56
jlvillalpython3.5/site-packages/positional/__init__.py:74: DeprecationWarning: inspect.getargspec() is deprecated, use inspect.signature() instead16:56
jlvillal  spec = inspect.getargspec(func)16:56
lbragstaddims: that is enforced by https://github.com/openstack/keystone/blob/7c3acf34fada67fd86442c1882954e903a335fd0/keystone/common/policies/token.py#L2616:57
lbragstaddims: https://github.com/openstack/keystone/blob/7c3acf34fada67fd86442c1882954e903a335fd0/keystone/common/policies/base.py#L2916:57
*** lwanderley has quit IRC16:57
lbragstadwhich allows admins to validate tokens for other users in the system *or* for a user to validate their own token16:58
dimsperfect. i wanted to make sure "whoami" scenario is supported thanks lbragstad17:02
lbragstaddims: no problem17:02
dimslbragstad : will be using it in k8s - https://github.com/dims/kubernetes/commit/9780fb65d63a5b6a98fdfea5e0c9ab82f089950e17:02
lbragstadoh - nice17:03
*** chlong_ has quit IRC17:08
*** harlowja has joined #openstack-keystone17:09
*** chlong_ has joined #openstack-keystone17:10
openstackgerritGage Hugo proposed openstack/keystone master: WIP: Add project tags  https://review.openstack.org/47031717:17
*** jmlowe has joined #openstack-keystone17:22
*** jmlowe has quit IRC17:22
*** jmlowe has joined #openstack-keystone17:25
*** jmlowe has quit IRC17:26
*** jmlowe has joined #openstack-keystone17:29
*** jmlowe has quit IRC17:31
*** otleimat has joined #openstack-keystone17:31
*** jmlowe has joined #openstack-keystone17:31
*** thorst_ has quit IRC17:38
*** thorst has joined #openstack-keystone17:44
*** thorst has quit IRC17:49
*** mvk has quit IRC17:52
*** wasmum has quit IRC18:09
*** wasmum has joined #openstack-keystone18:10
*** thorst has joined #openstack-keystone18:12
*** rcernin has quit IRC18:16
*** wasmum has quit IRC18:41
openstackgerritGage Hugo proposed openstack/keystone master: WIP: Add project tags  https://review.openstack.org/47031718:42
*** wasmum has joined #openstack-keystone18:43
openstackgerritprashkre proposed openstack/keystone master: Filter users and groups in ldap  https://review.openstack.org/48530218:48
morganjlvillal: I had not seen it, happy to take a pr for that fix.19:08
morganjlvillal: I can look at it (or jamielennox can) in a few days.19:08
*** ducttape_ has quit IRC19:14
*** thorst is now known as thorst_afk19:15
*** ducttape_ has joined #openstack-keystone19:16
*** ducttape_ has quit IRC19:19
*** ducttape_ has joined #openstack-keystone19:19
*** ducttape_ has quit IRC19:24
*** ducttape_ has joined #openstack-keystone19:35
jlvillalmorgan: Thanks. I did create a github issue for it: https://github.com/morganfainberg/positional/issues/2419:35
openstackgerritprashkre proposed openstack/keystone master: Filter users and groups in ldap  https://review.openstack.org/48530219:36
morganTy19:44
*** prashkre has joined #openstack-keystone19:50
lbragstadedmondsw: do you have any theories on why https://review.openstack.org/#/c/485818/4 is failing?19:55
edmondswlet me look19:55
lbragstadhow removing a v3 policy breaks a v2.0 API completely blows my mind19:55
lbragstadi've spent most of today trying to recreate it - i can't19:56
*** raildo has quit IRC19:56
edmondswyeah, that's very odd19:57
lbragstadthe weird part is that the users actually changes their password using v2.019:58
lbragstadbut they go to authenticate with the new password and it fails19:58
* knikolla looking also19:59
knikollaso the first error is on update password. so the password doesn't get changed.19:59
lbragstadi ran the test locally with tempest but it passes when i have the config right19:59
knikollathat explains the 401.19:59
* knikolla needs more coffee20:01
lbragstadat this point https://github.com/openstack/tempest/blob/ae90da579661f408444cba2c8fb87407c98f42da/tempest/api/identity/v2/test_users.py#L48-L5020:02
lbragstadthe user should be able to authenticate with their new password20:02
lbragstadbut apparently that's not true http://logs.openstack.org/18/485818/4/check/gate-tempest-dsvm-neutron-full-ubuntu-xenial/4906f8d/console.html#_2017-07-22_20_55_24_97618520:02
edmondswlbragstad this doesn't seem right... https://github.com/openstack/tempest/blob/ae90da579661f408444cba2c8fb87407c98f42da/tempest/api/identity/v2/test_users.py#L94-L9720:06
edmondswshouldn't the old token still work?20:06
lbragstadedmondsw: well - a revocation event will be persisted because the password used to get that token has changed20:06
edmondswand looks like it worked here: http://logs.openstack.org/18/485818/4/check/gate-tempest-dsvm-neutron-full-ubuntu-xenial/4906f8d/console.html#_2017-07-22_20_55_24_97745520:06
lbragstadso the original token should match that revocation event20:07
knikollamight be related to this? https://bugs.launchpad.net/keystone/+bug/170391720:07
openstackLaunchpad bug 1703917 in OpenStack Identity (keystone) "Sometimes test_update_user_password fails with Unauthorized" [Medium,Triaged]20:07
knikollathought the logs there have the v3 api20:07
knikollathough*20:07
edmondswI wish that log had request ids...20:07
lbragstadedmondsw: that last link you sent20:08
lbragstadedmondsw: that's the response of the v2.0 change password api20:08
lbragstadnot an authentication response20:08
lbragstadhttps://github.com/openstack/keystone/blob/7c3acf34fada67fd86442c1882954e903a335fd0/keystone/v2_crud/user_crud.py#L10620:09
*** aojea has joined #openstack-keystone20:09
edmondswoh, I thought it was the following auth attempt, my bad20:09
lbragstadedmondsw: yeah - it's weird20:09
edmondswlbragstad so here we change the password from E7... to J5... http://logs.openstack.org/18/485818/4/check/gate-tempest-dsvm-neutron-full-ubuntu-xenial/4906f8d/console.html#_2017-07-22_20_55_24_97646320:10
lbragstadyep20:10
lbragstadwhich comes into here20:10
lbragstadhttps://github.com/openstack/keystone/blob/7c3acf34fada67fd86442c1882954e903a335fd0/keystone/v2_crud/user_crud.py#L5220:10
edmondswbut then when we go to change it back, instead of changing it to E7... we change it to F3... ?  http://logs.openstack.org/18/485818/4/check/gate-tempest-dsvm-neutron-full-ubuntu-xenial/4906f8d/console.html#_2017-07-22_20_55_24_97797220:10
lbragstadoh - that's weird20:11
knikollabecause of compliance… need to be unique within n last passwords20:12
lbragstadyeah20:13
lbragstadhttps://github.com/openstack/tempest/blob/ae90da579661f408444cba2c8fb87407c98f42da/tempest/api/identity/v2/test_users.py#L61-L6520:13
*** aojea has quit IRC20:13
edmondswlbragstad the 404 must mean the user is NotFound?20:13
edmondswwell, says "Failed to validate token"... so that's weird but makes more sense20:14
lbragstadyeah20:14
lbragstadthat 404 is also coming from the _restore_password method20:15
lbragstadwhich might not be functioning properly if the previous auth didn't work?20:15
* efried sheepishly asks if we've tried it with ksa220:17
knikollalbragstad: isn't that the output of the assertraises?20:17
*** aojea has joined #openstack-keystone20:18
knikollaso everything is fine including the 401.20:18
knikollabut the next password change fails.20:18
knikollacause otherwise the tempest test would have stopped and failed at the 40120:18
knikollarather than 40420:18
lbragstadwell - the 401 is coming from https://github.com/openstack/tempest/blob/ae90da579661f408444cba2c8fb87407c98f42da/tempest/api/identity/v2/test_users.py#L48-L5020:19
knikollahmm… right20:20
lbragstadat that point - the test has failed which kicks off the cleanup actions20:20
knikollai see20:21
lbragstadat least if i'm reading http://logs.openstack.org/18/485818/4/check/gate-tempest-dsvm-neutron-full-ubuntu-xenial/4906f8d/console.html#_2017-07-22_20_55_24_975935 right20:21
knikollahas the password been changed at that point?20:21
knikollacause if so. the code wouldn't reach this point https://github.com/openstack/tempest/blob/ae90da579661f408444cba2c8fb87407c98f42da/tempest/api/identity/v2/test_users.py#L5420:21
knikollatherefore having the old password in the credentials20:21
lbragstadyeah - it should have changed20:22
lbragstadhttp://logs.openstack.org/18/485818/4/check/gate-tempest-dsvm-neutron-full-ubuntu-xenial/4906f8d/logs/screen-keystone.txt.gz#_Jul_22_20_32_54_58588320:22
lbragstadat least according to ^20:22
*** aojea has quit IRC20:22
lbragstadwhich is here - https://github.com/openstack/keystone/blob/7c3acf34fada67fd86442c1882954e903a335fd0/keystone/v2_crud/user_crud.py#L10620:22
lbragstadand we've already reset the password after normalizing the data https://github.com/openstack/keystone/blob/7c3acf34fada67fd86442c1882954e903a335fd0/keystone/v2_crud/user_crud.py#L84-L8620:23
lbragstadthen again - i have absolutely no idea how this is popping up on a v3 policy change.20:26
knikollahttps://bugs.launchpad.net/keystone/+bug/1703917 makes me think it's a transient failure20:28
openstackLaunchpad bug 1703917 in OpenStack Identity (keystone) "Sometimes test_update_user_password fails with Unauthorized" [Medium,Triaged]20:28
knikollaso might not be related to the change20:28
lbragstadknikolla: that's a possibility20:29
lbragstadthe more i dig into this - the more i don't think it's a keystone bug20:30
knikollai was able to reproduce a similar bug by running that single tempest test on a loop until it failed https://bugs.launchpad.net/keystone/+bug/170221120:31
openstackLaunchpad bug 1702211 in OpenStack Identity (keystone) "test_password_history_not_enforced_in_admin_reset failed in tempest test" [Undecided,Confirmed]20:31
knikollaprobably worth trying the same thing on master as see if we hit that failure with no changes20:31
knikollaand*20:31
lbragstadyeah20:31
lbragstadi wonder if it something with how the clients are setup20:32
knikollathat's what i'm thinking too20:32
openstackgerritGage Hugo proposed openstack/keystone master: WIP: Add new tags attribute to project  https://review.openstack.org/47031720:32
knikollaor rather how the clients cope with password changes20:33
gagehugoknikolla same with the reproducing20:33
lbragstadthis is where my knowledge of tempest gets a little fuzzy20:33
knikollarandom failures are always fun stuff20:34
lbragstadbut i wonder if the same client is getting used across multiple test classes20:34
knikollamaybe that rare case where two password changing tests run at the same time20:34
knikollaif so20:34
lbragstadright - which seems crazy unlikely20:35
lbragstadbut...20:35
knikollaalso don't think it's true.20:35
knikollaas i was able to reproduce the second failure i linked on a single test20:35
knikollarunning repeatedly20:35
knikollaand serially.20:35
lbragstadoh - sure20:35
*** aojea has joined #openstack-keystone20:45
*** ducttap__ has joined #openstack-keystone20:46
openstackgerritLance Bragstad proposed openstack/keystone master: Remove policy for self-service password changes  https://review.openstack.org/48581820:46
lbragstadcc knikolla ^20:46
lbragstadadded a depends on to see if we can get some more logging20:47
knikollalbragstad: good idea20:48
knikollai'm digging into tempest20:48
knikollait's an interesting onion of abstractions20:48
lbragstadknikolla: cool - if you end up recreating that transient i'd be curious to know what that log says20:48
*** aojea has quit IRC20:50
*** ducttape_ has quit IRC20:50
*** lwanderley has joined #openstack-keystone20:56
*** aojea has joined #openstack-keystone21:03
lbragstadknikolla: whenever i get it to fail locally i get this instead of a 401 http://paste.openstack.org/show/616354/21:03
*** edmondsw has quit IRC21:04
*** edmondsw has joined #openstack-keystone21:04
knikollalbragstad: interesting.21:05
*** edmondsw_ has joined #openstack-keystone21:05
lbragstadi can't seem to get it to give me a 40121:06
knikollalet's see if the latest patchset still fails21:06
knikollamight be something specific to the way devstack-gate configures things21:07
*** lwanderley has quit IRC21:08
*** edmondsw has quit IRC21:09
*** aojea has quit IRC21:09
*** edmondsw_ has quit IRC21:10
*** lwanderley has joined #openstack-keystone21:11
*** jmlowe has quit IRC21:11
prashkrelbragstad: could you please help me on the release notes issue w.r.t https://review.openstack.org/#/c/485302/21:11
lbragstadprashkre: yeah - i can take a look21:12
prashkreI see it is failing in some invocation error.21:12
openstackgerritGage Hugo proposed openstack/keystone master: Add new tags attribute to project  https://review.openstack.org/47031721:14
*** lwanderley has quit IRC21:20
*** lwanderley has joined #openstack-keystone21:20
*** aojea has joined #openstack-keystone21:21
*** prashkre has quit IRC21:22
*** aojea has quit IRC21:26
*** mvk has joined #openstack-keystone21:28
openstackgerritGage Hugo proposed openstack/keystone master: Add new tags attribute to project  https://review.openstack.org/47031721:34
openstackgerritGage Hugo proposed openstack/keystone master: Add JSON schema validation for project tags  https://review.openstack.org/48448321:34
openstackgerritGage Hugo proposed openstack/keystone master: Add database migration for project tags  https://review.openstack.org/48445621:34
openstackgerritGage Hugo proposed openstack/keystone master: Add policy for project tags  https://review.openstack.org/48675721:34
openstackgerritMonty Taylor proposed openstack/keystoneauth master: Record the discovered major api version  https://review.openstack.org/48650621:37
*** edmondsw has joined #openstack-keystone21:39
*** aojea has joined #openstack-keystone21:40
mordredefried: ^^ updated that - I can't find a good thing to assert in the previous patch - the requests_mock request blows up if the / is wrong, but the endpoint_data results aren't really super useful to assert on ...21:42
mordredefried: maybe need to look at calls...21:42
*** edmondsw has quit IRC21:44
*** aojea has quit IRC21:44
openstackgerritMonty Taylor proposed openstack/keystoneauth master: Record the discovered major api version  https://review.openstack.org/48650621:46
openstackgerritMonty Taylor proposed openstack/keystoneauth master: Add tests to specifically test trailing slash behavior  https://review.openstack.org/48635521:46
*** jmlowe has joined #openstack-keystone21:49
openstackgerritGage Hugo proposed openstack/keystone master: Add new tags attribute to project  https://review.openstack.org/47031721:52
*** ducttape_ has joined #openstack-keystone22:06
*** aojea has joined #openstack-keystone22:07
*** ducttap__ has quit IRC22:09
openstackgerritGage Hugo proposed openstack/keystone master: Add missing comma to json sample  https://review.openstack.org/48678022:10
*** aojea has quit IRC22:12
*** lwanderley has quit IRC22:21
openstackgerritJaewoo Park proposed openstack/keystone master: Add new tags attribute to project  https://review.openstack.org/47031722:27
*** ducttape_ has quit IRC22:36
*** lwanderley has joined #openstack-keystone22:39
lbragstadasettle: curious if you have input on https://bugs.launchpad.net/keystone/+bug/1587777 ?22:41
openstackLaunchpad bug 1587777 in OpenStack Identity (keystone) "Mitaka: dashboard performance" [Undecided,New]22:41
*** ducttape_ has joined #openstack-keystone22:47
*** ducttape_ has quit IRC22:51
*** ducttape_ has joined #openstack-keystone22:51
*** ducttape_ has quit IRC23:02
*** ducttape_ has joined #openstack-keystone23:11
*** ducttape_ has quit IRC23:12
*** ducttape_ has joined #openstack-keystone23:16
*** aojea has joined #openstack-keystone23:20
*** catintheroof has quit IRC23:21
openstackgerritGage Hugo proposed openstack/keystone master: Prep for is_admin_project for scoped operations  https://review.openstack.org/46267023:23
*** aojea has quit IRC23:24
*** lwanderley has quit IRC23:26
*** aojea has joined #openstack-keystone23:29
*** lwanderley has joined #openstack-keystone23:30
*** aojea has quit IRC23:33
*** lwanderley has quit IRC23:34
*** chlong__ has joined #openstack-keystone23:36
*** lwanderley has joined #openstack-keystone23:37
*** chlong_ has quit IRC23:37
*** aojea has joined #openstack-keystone23:38
*** aojea has quit IRC23:42
openstackgerritNicolas Helgeson proposed openstack/keystone master: Add new tags attribute to project  https://review.openstack.org/47031723:48
*** lwanderley has quit IRC23:48
*** lwanderley has joined #openstack-keystone23:50
*** sjain has joined #openstack-keystone23:55
openstackgerritSamriddhi proposed openstack/keystone master: Improve docs about token persistence drivers  https://review.openstack.org/47638423:56
« Sunday, 2017-07-23 Index Tuesday, 2017-07-25 »

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!