Tuesday, 2017-10-10

*** gyee has quit IRC		00:03
*** edmondsw has quit IRC		00:04
*** Shunli has joined #openstack-keystone		01:08
*** catintheroof has quit IRC		01:09
*** edmondsw has joined #openstack-keystone		01:28
SamYaple	rybridges: you might be interested in openstack-shade. it makes simple tasks like that trival AND the code doesnt change from one version to another (the same list_user() fucntion works for v2 and v3)	01:41
*** dikonoor has joined #openstack-keystone		02:08
*** wxy_ has joined #openstack-keystone		02:09
*** thingee has joined #openstack-keystone		02:11
*** thingee has left #openstack-keystone		02:11
*** jamesbenson has joined #openstack-keystone		02:12
*** jamesbenson has quit IRC		02:17
*** thorst has quit IRC		02:23
*** thorst has joined #openstack-keystone		02:24
*** thorst has quit IRC		02:28
*** dave-mccowan has quit IRC		02:31
*** thorst has joined #openstack-keystone		02:37
*** thorst has quit IRC		02:37
openstackgerrit	Merged openstack/keystone master: Use stestr directly instead of ostestr https://review.openstack.org/508611	02:43
*** links has joined #openstack-keystone		02:44
*** nicolasbock_ has quit IRC		02:47
*** catintheroof has joined #openstack-keystone		02:57
*** catintheroof has quit IRC		03:06
*** iurygregory has quit IRC		03:07
*** clenimar has quit IRC		03:07
*** clenimar has joined #openstack-keystone		03:10
*** iurygregory has joined #openstack-keystone		03:10
*** edmondsw has quit IRC		03:23
*** namnh has joined #openstack-keystone		03:32
*** iurygregory has quit IRC		03:34
*** clenimar has quit IRC		03:34
*** clenimar has joined #openstack-keystone		03:38
*** iurygregory has joined #openstack-keystone		03:40
openstackgerrit	Gage Hugo proposed openstack/keystone master: Add JSON schema validation for project tags https://review.openstack.org/484483	03:47
openstackgerrit	Gage Hugo proposed openstack/keystone master: Add policy for project tags https://review.openstack.org/486757	03:47
openstackgerrit	Gage Hugo proposed openstack/keystone master: Implement backend logic for project tags https://review.openstack.org/499726	03:47
openstackgerrit	Gage Hugo proposed openstack/keystone master: Implement project tags logic into manager https://review.openstack.org/499727	03:47
openstackgerrit	Gage Hugo proposed openstack/keystone master: Implement project tags API controller and router https://review.openstack.org/499728	03:47
*** jaosorior has joined #openstack-keystone		04:00
*** edmondsw has joined #openstack-keystone		04:21
*** edmondsw has quit IRC		04:26
*** dikonoor has quit IRC		04:28
*** dikonoor has joined #openstack-keystone		04:28
*** gyee has joined #openstack-keystone		04:32
*** pcaruana has joined #openstack-keystone		04:32
*** lkwan has quit IRC		04:33
*** oikiki has quit IRC		04:35
*** dikonoo has joined #openstack-keystone		04:37
*** dikonoor has quit IRC		04:37
*** dikonoo has quit IRC		04:38
*** dikonoo has joined #openstack-keystone		04:38
*** dikonoor has joined #openstack-keystone		04:40
*** dikonoo has quit IRC		04:41
*** dikonoor has quit IRC		04:46
*** gyee has quit IRC		04:51
*** pcaruana has quit IRC		04:58
*** dikonoor has joined #openstack-keystone		05:20
*** jaosorior has quit IRC		05:27
*** lkwan has joined #openstack-keystone		05:47
*** dikonoor has quit IRC		05:50
*** jaosorior has joined #openstack-keystone		06:03
*** jrist has quit IRC		06:03
*** dikonoor has joined #openstack-keystone		06:04
*** edmondsw has joined #openstack-keystone		06:10
*** edmondsw has quit IRC		06:14
*** zxy has joined #openstack-keystone		06:15
*** jrist has joined #openstack-keystone		06:16
*** spectr has joined #openstack-keystone		06:22
*** rcernin has joined #openstack-keystone		06:58
*** pcaruana has joined #openstack-keystone		07:04
*** jaosorior has quit IRC		07:04
*** josecastroleon has joined #openstack-keystone		07:10
*** tesseract has joined #openstack-keystone		07:27
*** zxy has quit IRC		07:29
*** zxy has joined #openstack-keystone		07:30
*** jaosorior has joined #openstack-keystone		07:33
*** aselius has quit IRC		07:49
openstackgerrit	ChangBo Guo(gcb) proposed openstack/oslo.policy master: Warn only one time for each deprecated policy rule https://review.openstack.org/510779	07:55
*** edmondsw has joined #openstack-keystone		07:58
*** edmondsw has quit IRC		08:02
kashyap	kmalloc: Sure, it's doable, not conteseting that :-) And yes, have debugged in context of Gate, for Nova many times :-)	08:07
*** ioggstream has joined #openstack-keystone		08:13
*** rob_d_ has quit IRC		08:22
*** aloga has joined #openstack-keystone		09:02
*** rob_d_ has joined #openstack-keystone		09:03
*** Shunli has quit IRC		09:28
*** spectr has quit IRC		09:29
*** spectr has joined #openstack-keystone		09:29
*** david-lyle has quit IRC		09:29
*** spectr has quit IRC		09:32
*** spectr has joined #openstack-keystone		09:34
*** thorst has joined #openstack-keystone		09:41
*** edmondsw has joined #openstack-keystone		09:46
*** thorst has quit IRC		09:47
*** edmondsw has quit IRC		09:51
*** Suramya has joined #openstack-keystone		10:34
*** nkinder has quit IRC		10:43
*** dikonoor has quit IRC		10:44
*** dikonoor has joined #openstack-keystone		10:58
*** nkinder has joined #openstack-keystone		11:02
*** nicolasbock_ has joined #openstack-keystone		11:04
*** dikonoor has quit IRC		11:14
*** dikonoor has joined #openstack-keystone		11:15
*** nicolasbock_ has quit IRC		11:16
*** mvk has quit IRC		11:24
*** nicolasbock_ has joined #openstack-keystone		11:28
*** AlexeyAbashkin has joined #openstack-keystone		11:32
*** dikonoor has quit IRC		11:38
*** dikonoor has joined #openstack-keystone		11:43
*** dikonoor has quit IRC		11:50
*** mvk has joined #openstack-keystone		11:58
*** edmondsw has joined #openstack-keystone		12:03
*** edmondsw has quit IRC		12:04
*** edmondsw_ has joined #openstack-keystone		12:05
*** zzzeek has quit IRC		12:07
*** zzzeek has joined #openstack-keystone		12:10
*** raildo has joined #openstack-keystone		12:16
*** thorst has joined #openstack-keystone		12:16
*** namnh has quit IRC		12:25
openstackgerrit	OpenStack Proposal Bot proposed openstack/keystonemiddleware master: Updated from global requirements https://review.openstack.org/500005	12:27
*** dikonoor has joined #openstack-keystone		12:43
*** thorst_ has joined #openstack-keystone		12:49
*** thorst has quit IRC		12:49
*** panbalag has joined #openstack-keystone		12:52
*** panbalag has left #openstack-keystone		12:53
*** spectr has quit IRC		12:53
*** panbalag has joined #openstack-keystone		12:53
*** spectr has joined #openstack-keystone		12:55
*** zhurong has joined #openstack-keystone		12:58
*** efried has quit IRC		12:58
*** efried has joined #openstack-keystone		12:58
*** edmondsw_ is now known as edmondsw		13:01
*** bhagyashris has joined #openstack-keystone		13:03
bhagyashris	mordred: Hi,	13:05
*** david-lyle has joined #openstack-keystone		13:06
mordred	hi bhagyashris	13:08
bhagyashris	mordred: Just wanted to discuss about the patch https://review.openstack.org/#/c/505764/ ?	13:08
mordred	bhagyashris: yes! (I need to update that patch so that it's not failing tests)	13:09
*** jistr is now known as jistr\|mtg		13:11
bhagyashris	mordred: as the logger name used is like keystoneauth1.session.request_id but by default the oslo.log uses the keystoneauth.session so i am curious about the name used like keystoneauth1.session.request_id riht	13:11
bhagyashris	mistakenly riht is type plz ignore	13:12
bhagyashris	mordred: means is there any reason behind this	13:13
mordred	bhagyashris: yah - so - with python logging it's hierarchical - and is set up to allow consumers to control how logs are emitted	13:14
mordred	bhagyashris: so people who only ever reference "keystoneauth1.session" will be unaffected, that will also cover keystoneauth1.session.request_id	13:15
mordred	bhagyashris: but - for people who would like more fine-grained control over what gets logged, they can be more specific in their logging config (this is motivated by issues in nodepool logging where we either get too much or not enough logging from thekeystoneauth layer)	13:16
*** jistr\|mtg is now known as jistr		13:19
bhagyashris	mordred: yeah i agree, but there is some disturbancy in name of logger in oslo.log the name is keystoneauth.session and you patch its keystoneauth1.session so which one is correct name keystoneauth.* or keystoneauth1.*	13:21
bhagyashris	mordred s/ disturbancy/Discrepancy	13:22
mordred	bhagyashris: oh! that's just a bug somewhere - I'd say that keystoneauth1.* is the correct one	13:24
mordred	bhagyashris: however, the old code I'm changing did this:	13:24
mordred	_logger = utils.get_logger(__name__)	13:24
mordred	which would expand to	13:24
mordred	_logger = utils.get_logger('keystoneauth1.session')	13:24
mordred	bhagyashris: so I'd say anywhere using keystoneauth.session is a bug and not doing what it thinks it's doing	13:24
mordred	bhagyashris: can you point me to a something using keystoneauth.session?	13:25
*** lbragstad has joined #openstack-keystone		13:28
*** ChanServ sets mode: +o lbragstad		13:28
*** links has quit IRC		13:29
*** dave-mccowan has joined #openstack-keystone		13:33
*** efried has quit IRC		13:34
bhagyashris	mordred: in the oslo.log library: https://github.com/openstack/oslo.log/blob/master/oslo_log/_options.py#L29 the default_log_level contains the logger_name=level so there keystoneauth is used	13:35
openstackgerrit	Lance Bragstad proposed openstack/oslo.policy master: Add functionality to deprecate policies https://review.openstack.org/509909	13:38
openstackgerrit	Lance Bragstad proposed openstack/oslo.policy master: Warn only one time for each deprecated policy rule https://review.openstack.org/510779	13:39
mordred	bhagyashris: ah! thanks. I'd say that is a bug in oslo.log - keystoneauth library isn't making a keystoneauth.session logger anywhere	13:40
mordred	bhagyashris: or a keystoneauth logger	13:40
bhagyashris	mordred: ok. thanks for your inputs :)	13:43
mordred	bhagyashris: thanks for noticing that!	13:44
mordred	bhagyashris: are you going to make a patch to oslo.log or do you want me to?	13:44
*** zhurong has quit IRC		13:45
bhagyashris	mordred: np. i will going to make patch for oslo.log asap. :)	13:46
*** itlinux has joined #openstack-keystone		13:47
*** chlong_ has joined #openstack-keystone		13:47
*** chlong has joined #openstack-keystone		13:48
mordred	cool	13:49
mordred	bhagyashris: link me to it and I'll go +1 :)	13:50
bhagyashris	mordred: ohh thanks :). that will be great :)	13:50
*** McClymontS has joined #openstack-keystone		13:52
*** d0ugal has quit IRC		14:00
*** d0ugal has joined #openstack-keystone		14:00
*** d0ugal has quit IRC		14:00
*** d0ugal has joined #openstack-keystone		14:00
*** d0ugal has quit IRC		14:00
*** d0ugal has joined #openstack-keystone		14:00
*** d0ugal has quit IRC		14:01
*** d0ugal has joined #openstack-keystone		14:02
*** d0ugal has quit IRC		14:02
*** d0ugal has joined #openstack-keystone		14:02
*** jmlowe has joined #openstack-keystone		14:03
*** thorst_ has quit IRC		14:18
*** spilla has joined #openstack-keystone		14:19
*** dikonoor has quit IRC		14:21
*** efried has joined #openstack-keystone		14:23
*** edmondsw has quit IRC		14:25
*** edmondsw has joined #openstack-keystone		14:26
*** edmondsw_ has joined #openstack-keystone		14:27
*** edmonds__ has joined #openstack-keystone		14:28
*** edmondsw has quit IRC		14:30
*** Suramya has quit IRC		14:30
*** thorst has joined #openstack-keystone		14:31
*** edmondsw_ has quit IRC		14:31
*** chlong has quit IRC		14:36
*** chlong_ has quit IRC		14:36
*** chlong has joined #openstack-keystone		14:36
*** jamesbenson has joined #openstack-keystone		14:46
*** rcernin has quit IRC		14:49
*** links has joined #openstack-keystone		14:51
*** wes_dillingham has joined #openstack-keystone		14:57
*** cfriesen has joined #openstack-keystone		15:00
*** thorst has quit IRC		15:01
rybridges	Hello. Have a quick question. In python with the keystoneclient bindig, I used to be able to do keystone_client.tenants.list_users(tenant) to get a list of tenants that a user was associated with. How can I do the same thing in python now with the latest binding?	15:04
rybridges	I see that from the cli, openstack user list --project <project_id> works	15:04
*** lucasxu has joined #openstack-keystone		15:05
rybridges	SamYaple: Saw your comment about shade. I will consider migrating to that. I am very close to getting my app working with just the bare apis though so was hoping I could just find a way to do this quickly	15:05
*** gyee has joined #openstack-keystone		15:05
*** itlinux has quit IRC		15:05
rybridges	I also I am not sure if shade will support all of the stuff I am trying to do	15:06
*** spectr has quit IRC		15:07
lbragstad	rybridges: mordred is one of our local shade experts	15:08
rybridges	okay that is good to know	15:18
rybridges	Is there no longer a simple way to list the users under a project from the python keystone client?	15:18
*** spectr has joined #openstack-keystone		15:20
*** links has quit IRC		15:20
*** thorst has joined #openstack-keystone		15:23
lbragstad	rybridges: there should be - i need to check	15:24
lbragstad	rybridges: is that broken for you?	15:24
rybridges	I am looking through this document https://docs.openstack.org/python-keystoneclient/latest/api/keystoneclient.v3.html#keystoneclient.v3.users.UserManager	15:24
rybridges	And I do not see anything anywhere on that page which would allow me to simply list the users that are associated with a given project	15:25
kmalloc	It might be under the project manager in v3	15:25
kmalloc	Not under the user manager.	15:25
rybridges	clients.users.list(project=<project_id>) would be the most intuitive, but does not seem to work	15:25
kmalloc	Yeah that won't work, that doesn't have insight to filter or ask about projects. It would need to use a lot of apis and filter client side	15:26
rybridges	This functionality used to be there in older versions... and it was so easy and intuitive. I could do keystone_client.tenants.list_users(tenant)	15:27
mordred	bhagyashris: I WAS TOTALLY WRONG I'M SORRY	15:27
mordred	rybridges: reading scrollback	15:28
rybridges	I am finding it hard to believe that there is no equivalent in the newer client	15:28
kmalloc	You're looking for https://github.com/openstack/python-keystoneclient/blob/master/keystoneclient/v3/role_assignments.py#L49	15:29
kmalloc	In v2 we only had 2 roles, not groups, etc	15:29
*** edmonds__ has quit IRC		15:29
rybridges	Yea I was trying to play with role assignments a bit earlier	15:30
kmalloc	In v3 we represent the data in a different way, so that will list users and groups.	15:30
rybridges	I did: k_client.role_assignments.list(project='ac8ce531f41b4d3ba8cb127a918c2d46')	15:30
*** thorst has quit IRC		15:30
rybridges	problem is, if a user has 3 roles under a project, then I get the user listed 3 times in the output.	15:30
*** gyee has quit IRC		15:30
rybridges	Also, I Was unable to find a way to get the list of role assignments back with the usernames, not just the user ids	15:31
rybridges	to me, it looks as though I would have to call role assignments (like I did above), then filter out duplicates, then make an additional call per user (like client.user.get(<user_id>)) in order to get each user's user name	15:31
rybridges	that is brutal...	15:31
cmurphy	rybridges: that method has an include_names parameter	15:32
rybridges	ahhh oj	15:32
cmurphy	that does the right thing	15:32
rybridges	ok*	15:32
*** gyee has joined #openstack-keystone		15:32
*** edmondsw has joined #openstack-keystone		15:32
lbragstad	https://github.com/openstack/python-keystoneclient/blob/master/keystoneclient/v3/role_assignments.py#L74-L75	15:32
lbragstad	rybridges: ^	15:33
kmalloc	What cmurphy said :)	15:33
*** thorst has joined #openstack-keystone		15:34
rybridges	okay great! thanks guys this is really helpful. Now I would just need to filter out the duplicates because I am getting back one entry per role per user	15:34
*** efried has quit IRC		15:34
kmalloc	Which is correct behavior, since you have multiple roles. In v2 we had only two roles supported	15:34
kmalloc	It is a little more verbose for usability sake	15:35
rybridges	not saying its wrong.. just confirming :)	15:35
*** edmondsw_ has joined #openstack-keystone		15:36
*** edmondsw has quit IRC		15:37
kmalloc	If you get duplicate entries from that api, then yes, you would need to filter locally.	15:38
*** thorst has quit IRC		15:39
mordred	bhagyashris: all of them shoujld be keystoneauth.session not keystoneauth1.session - I didn't realize there was a function that manipulates the __name__ value	15:39
rybridges	Okay great. Thanks so much for the help. Really appreciate it!!	15:39
*** efried has joined #openstack-keystone		15:40
kmalloc	rybridges: also shade is much much much much much much better. Use it if it meets your needs.	15:40
*** edmondsw_ has quit IRC		15:41
rybridges	Yes I will definitely look into it	15:41
mordred	rybridges, kmalloc: we'll also be integrating/merging shade and openstacksdk this cycle - I'll send out some info on that as soon as zuul v3 transition is done	15:41
kmalloc	Keystone-client is bad and doesn't really add value. You could also directly use keystone	15:41
kmalloc	auth1.session	15:41
rybridges	okay	15:42
rybridges	One more question. I am noticing that k_client.role_assignments.list() is not returning the user's email in the response	15:42
kmalloc	If I had my way I'd rm -rf keystoneclient. It adds negative value at this point ;)	15:42
rybridges	Looking at those arguments, I am assuming there is no way to get it to return email addresses?	15:42
kmalloc	No it wouldn't, user email is not a first order column	15:42
rybridges	T.T	15:43
kmalloc	Nothing but get user (maybe list) will ever return that.	15:43
rybridges	okay	15:43
*** thorst has joined #openstack-keystone		15:43
kmalloc	User email should never have been encoded in the user object at the api layer, it is stored as an "extra" (lecagy bad blob of data)	15:44
rybridges	the old keystone_client.tenants.list_users(tenant) was returning email :D	15:44
rybridges	and I did not have to filter	15:44
rybridges	miss the good ole days	15:44
kmalloc	V2 was broken in that regard, sorry to say	15:44
kmalloc	Email is PII we shouldn't be storing in keystone unless it is used at the username	15:45
rybridges	well i can give you an example of why we like having it..	15:45
kmalloc	I have many examples why people like it. It is data that doesn't belong in keystone ;). I have built clouds that relied on it for billing.	15:46
*** thorst_ has joined #openstack-keystone		15:46
kmalloc	And notifications	15:46
rybridges	we have an automated job that shuts down user's VMs when they leave the company. The job has the ability to send emails out to the managers of the users and to the users themselves when a vm is getting shut down	15:46
rybridges	the ability to do that adds a lot of value for us	15:46
kmalloc	Yep.	15:47
kmalloc	And having dealt with all the headaches, I'm going to say something unpopular: map the user id in your crm tool (users are customers even if internal, and can be linked to AD for example that way) and make that utility do the lookup once before shutting down. Storing data in keystone that is not kept in sync (ldap backend is weird) poses issues. We have to assume the lowest common backend in keystone.	15:49
*** thorst has quit IRC		15:49
kmalloc	You could use emails as username for the users as well. Now let me be clear we won't stop you storing the email in keystone at this point.	15:50
*** edmondsw has joined #openstack-keystone		15:50
kmalloc	It's just the wrong tool for that kind of data in our opinion (we have been over this a ton over the years)	15:50
*** thorst has joined #openstack-keystone		15:53
rybridges	ehh i dont really see what the big deal is about storing emails	15:53
rybridges	i think it would be cool to just have a "properties" field for users just like for nova instance	15:54
rybridges	where you can just store any custom key/value pairs in there	15:54
*** thorst_ has quit IRC		15:54
rybridges	and the properties just get returned as a dict whenever you do anything	15:54
rybridges	just like user name and id get returned	15:54
*** edmondsw has quit IRC		15:55
rybridges	then people could store whatever they want with no fuss	15:55
kmalloc	We have that, it is called extras. It is terrible and should never have been implemented	15:55
*** edmondsw has joined #openstack-keystone		15:56
rybridges	lmao	15:56
kmalloc	Anything not a fully supported, via SQL as a column (they are limited in count), is stored that way	15:56
kmalloc	Except with ldap, not doable really.	15:57
kmalloc	If I could delete extras from our api, I would.	15:57
kmalloc	Everyone keeps asking to make it searchable, indexable, etc.	15:58
kmalloc	It is stored as json in the back end, it also can be corrupted and break the loading of the object. (based upon serialization methods, etc) it also causes db bloat when used and slows down keystone a lot.	15:59
kmalloc	Data stored in keystone should be highly controlled. Extras prevent us from doing that and limit the json schema validation we can do. It's a bad design :(	16:00
*** dave-mcc_ has joined #openstack-keystone		16:02
*** dave-mccowan has quit IRC		16:04
rybridges	lol searchable and indexable what a headache	16:06
rybridges	I can see why you would want to get rid of it	16:06
*** AlexeyAbashkin has quit IRC		16:07
rybridges	from a user PoV it is really really nice for some things though	16:07
rybridges	You gotta admit that	16:07
*** pcaruana has quit IRC		16:07
kmalloc	Most of that data belongs in a CRM though.	16:07
kmalloc	And keystone is not that.	16:08
kmalloc	Keystone just doesn't have the support for that kind of business app. Salesforce and sugar, etc do better, and keystone can be a dumb OpenStack only identity Store.	16:08
kmalloc	(what it's pretty good at)	16:09
kmalloc	Ok I need to coffee, drugs, dog walk. Will be back.	16:10
kmalloc	rybridges: glad to discuss more in detail or help hunt for apis again anytime ;)	16:11
*** spzala has joined #openstack-keystone		16:13
*** spzala has quit IRC		16:13
*** aselius has joined #openstack-keystone		16:19
rybridges	Heh thanks kmalloc	16:19
rybridges	Also just noticed that this role_assignments api does not return whether or not the user is enabled :(	16:20
knikolla	o/	16:21
kmalloc	rybridges: let me check, disabled users shouldn't show in that iirc.	16:22
kmalloc	I might be wrong though	16:22
kmalloc	knikolla: hi	16:23
*** mvk has quit IRC		16:27
rybridges	why dont we just have this api return full user objects like client.users.list()? Instead it is returning this json blob that only has a few fields in it which is marginally useful	16:31
*** Guest66098 is now known as mgagne		16:34
*** mgagne has quit IRC		16:34
*** mgagne has joined #openstack-keystone		16:34
*** aojea has joined #openstack-keystone		16:35
rybridges	@kmalloc just tested the role_assignments API... If a user is not enabled, it is still returned in the role_assignments.list response. and we have no way of knowing whether the user is disabled from the response because the field is not included	16:44
rybridges	There is no way that I can do an extra call per user to check whether the user is enabled at our scale	16:45
kmalloc	rybridges: it's expensive to look up the user data	16:45
kmalloc	we are only looking at the role assignment table	16:45
rybridges	right	16:46
rybridges	it makes sense that this api only shows minimal data about the user	16:46
rybridges	because api seems more suited toward roles	16:46
rybridges	but it still leaves a major gap in the API	16:46
kmalloc	the keystone direct api might work better.	16:46
rybridges	you know.. when I do openstack user list --project ac8ce531f41b4d3ba8cb127a918c2d46 --long from the CLI	16:49
rybridges	it gives me everything i need in the exact perfect format and everything	16:49
rybridges	its beautiful	16:49
kmalloc	i think osc is doing a ton of extra work behind the scenes	16:49
kmalloc	keystoneclient is bad.	16:49
kmalloc	really, it adds negative value for the most part	16:49
kmalloc	it is really only built to do service (nova, cinder, etc) to service type work. (horizon uses it)	16:50
kmalloc	but genrrally, it is myopic compared to direct REST	16:50
kmalloc	or something like shade	16:50
rybridges	ya openstack client is doing a ton of extra work	16:52
rybridges	it does a user lookup call on each individual user that gets returned	16:52
rybridges	which is a lot of rest calls	16:53
*** tesseract has quit IRC		16:53
kmalloc	we could add the stuff to the keystone API, but frankly I wouldn't want to add stuff to keystoneclient to do this work.	16:53
*** MasterOfBugs has joined #openstack-keystone		17:02
*** lifeless has quit IRC		17:03
rybridges	the old client just had a native api	17:08
rybridges	I could do keystone user-list --tenant admin and it would first do a tenant list (to look up the tenant name), and once it had that, it would immediately return the list of users associated with that tenant in nice objects	17:10
rybridges	openstack user list --project ac8ce531f41b4d3ba8cb127a918c2d46 --long is doing so many more rest calls to do the exact same thing	17:11
rybridges	we use this type of functionality in so many places. we have some projects with 300+ users in them... now just to see which users are in that project (and are enabled), we will have to do a separate call per user	17:12
*** mvk has joined #openstack-keystone		17:12
*** lifeless has joined #openstack-keystone		17:20
*** MasterOfBugs has quit IRC		17:27
*** AlexeyAbashkin has joined #openstack-keystone		17:37
*** nicolasbock_ has quit IRC		17:38
*** nicolasbock has joined #openstack-keystone		17:39
*** AlexeyAbashkin has quit IRC		17:42
*** panbalag has quit IRC		17:50
lbragstad	ping ayoung, breton, cmurphy, dstanek, edmondsw, gagehugo, henrynash, hrybacki, knikolla, lamt, lbragstad, lwanderley, notmorgan, rderose, rodrigods, samueldmq, spilla, aselius, dpar	17:55
rodrigods	yo	17:55
hrybacki	o/	17:55
lbragstad	gentle 5 minute meeting reminder	17:55
gagehugo	o/	17:55
lbragstad	FYI - you should only need 4 minutes to get caffeine	17:56
cmurphy	if i caffeinate now I won't sleep tonight :'(	17:57
lbragstad	aha - good point	17:59
*** ayoung has joined #openstack-keystone		18:10
*** jamesbenson has quit IRC		18:36
*** jamesbenson has joined #openstack-keystone		18:39
*** jamesbenson has quit IRC		18:43
*** jamesbenson has joined #openstack-keystone		18:47
*** jamesbenson has quit IRC		18:50
openstackgerrit	OpenStack Proposal Bot proposed openstack/keystonemiddleware master: Updated from global requirements https://review.openstack.org/500005	18:54
*** AlexeyAbashkin has joined #openstack-keystone		18:57
*** jamesbenson has joined #openstack-keystone		18:58
lbragstad	#startmeeting keystone-office-hours	19:00
openstack	Meeting started Tue Oct 10 19:00:42 2017 UTC and is due to finish in 60 minutes. The chair is lbragstad. Information about MeetBot at http://wiki.debian.org/MeetBot.	19:00
openstack	Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.	19:00
*** openstack changes topic to " (Meeting topic: keystone-office-hours)"		19:00
*** ChanServ changes topic to "Queens release schedule: https://releases.openstack.org/queens/schedule.html \| Meeting agenda: https://etherpad.openstack.org/p/keystone-weekly-meeting \| Bugs that need triaging: http://bit.ly/2iJuN1h \| Trello: https://trello.com/b/5F0h9Hoe/keystone"		19:00
openstack	The meeting name has been set to 'keystone_office_hours'	19:00
*** AlexeyAbashkin has quit IRC		19:01
openstackgerrit	OpenStack Proposal Bot proposed openstack/pycadf master: Updated from global requirements https://review.openstack.org/470137	19:01
*** jamesbenson has quit IRC		19:01
openstackgerrit	OpenStack Proposal Bot proposed openstack/keystonemiddleware master: Updated from global requirements https://review.openstack.org/500005	19:09
*** aojea has quit IRC		19:16
*** rcernin has joined #openstack-keystone		19:16
openstackgerrit	OpenStack Proposal Bot proposed openstack/pycadf master: Updated from global requirements https://review.openstack.org/470137	19:17
*** aojea has joined #openstack-keystone		19:24
lbragstad	edmondsw: good questions on https://review.openstack.org/#/c/500141/6	19:36
lbragstad	i responded inline	19:36
*** aojea has quit IRC		19:41
*** jamesbenson has joined #openstack-keystone		19:42
breton	Colleen runs for tc, nice!	19:43
*** jamesbenson has quit IRC		19:44
*** thorst has quit IRC		19:46
*** jamesbenson has joined #openstack-keystone		19:50
*** wes_dillingham has quit IRC		19:50
edmondsw	lbragstad tx... responded	19:51
*** thorst has joined #openstack-keystone		19:51
*** thorst has quit IRC		19:56
*** AlexeyAbashkin has joined #openstack-keystone		19:57
*** AlexeyAbashkin has quit IRC		20:01
*** jamesbenson has quit IRC		20:02
*** jamesbenson has joined #openstack-keystone		20:04
*** panbalag has joined #openstack-keystone		20:04
*** thorst has joined #openstack-keystone		20:08
*** jamesbenson has quit IRC		20:08
*** jamesbenson has joined #openstack-keystone		20:12
*** jamesbenson has quit IRC		20:13
*** panbalag has quit IRC		20:21
openstackgerrit	OpenStack Proposal Bot proposed openstack/keystone master: Updated from global requirements https://review.openstack.org/511015	20:21
openstackgerrit	OpenStack Proposal Bot proposed openstack/keystonemiddleware master: Updated from global requirements https://review.openstack.org/500005	20:21
*** rmascena has joined #openstack-keystone		20:26
*** jamesbenson has joined #openstack-keystone		20:28
openstackgerrit	OpenStack Proposal Bot proposed openstack/pycadf master: Updated from global requirements https://review.openstack.org/470137	20:29
*** raildo has quit IRC		20:29
andreaf	lbragstad: around?	20:32
lbragstad	andreaf: yep	20:32
*** openstackgerrit has quit IRC		20:33
andreaf	we are planning to start office hours for QA this week - and do bug triage as well during that hour	20:33
andreaf	I've seen your nice reports for keystone and I was wondering if you had some automation in place for them?	20:34
andreaf	lbragstad ^^^	20:34
lbragstad	andreaf: i do - but it's pretty rough	20:34
lbragstad	i'd be happy to share what i have	20:34
lbragstad	but an action i had coming out of the pike keystone retrospective was to rework some of the tooling to incorporate other things, and not just gerrit	20:34
lbragstad	er, s/gerrit/launchpad/	20:35
lbragstad	since the thing i have only interacts with launchpad, it doesn't really do a good job of capturing other things people do during office hours	20:35
lbragstad	andreaf: but - this is what i have https://github.com/lbragstad/launchpad-toolkit	20:36
lbragstad	i've also been itching to make ^ that configuration based instead of passing everything on the command line	20:36
andreaf	heh	20:37
andreaf	thanks for sharing	20:37
lbragstad	the output spits out an entry for everything that is done in launchpad for the time period you specify... which does result in some false positives	20:37
lbragstad	I just run the tool, copy paste everything into a not, and massage it until it isn't redundant	20:38
lbragstad	s/not/note/	20:38
*** jamesbenson has quit IRC		20:47
*** jamesbenson has joined #openstack-keystone		20:48
*** openstackgerrit has joined #openstack-keystone		20:50
openstackgerrit	OpenStack Proposal Bot proposed openstack/keystone master: Updated from global requirements https://review.openstack.org/511015	20:50
openstackgerrit	OpenStack Proposal Bot proposed openstack/keystonemiddleware master: Updated from global requirements https://review.openstack.org/500005	20:50
*** catintheroof has joined #openstack-keystone		20:50
andreaf	lbragstad: nice I think I can use that as it :)	20:50
lbragstad	andreaf: awesome - hopefully it helps you out	20:51
lbragstad	andreaf: if you end up hacking on it at all, i'd gladly accept pull requests :)	20:51
andreaf	lbragstad: sure!	20:52
*** AlexeyAbashkin has joined #openstack-keystone		20:56
openstackgerrit	OpenStack Proposal Bot proposed openstack/pycadf master: Updated from global requirements https://review.openstack.org/470137	20:57
*** AlexeyAbashkin has quit IRC		21:00
openstackgerrit	OpenStack Proposal Bot proposed openstack/keystone master: Updated from global requirements https://review.openstack.org/511015	21:05
openstackgerrit	OpenStack Proposal Bot proposed openstack/keystonemiddleware master: Updated from global requirements https://review.openstack.org/500005	21:05
openstackgerrit	OpenStack Proposal Bot proposed openstack/pycadf master: Updated from global requirements https://review.openstack.org/470137	21:13
*** rcernin has quit IRC		21:19
*** thorst has quit IRC		21:21
*** ayoung has quit IRC		21:23
*** ayoung has joined #openstack-keystone		21:25
*** spilla has quit IRC		21:29
*** edmondsw has quit IRC		21:33
*** edmondsw_ has joined #openstack-keystone		21:35
*** rmascena has quit IRC		21:36
*** lucasxu has quit IRC		21:38
*** edmondsw_ has quit IRC		21:39
*** efried has quit IRC		21:46
*** ayoung has quit IRC		21:47
*** wes_dillingham has joined #openstack-keystone		21:52
*** jamesbenson has quit IRC		21:52
*** catintheroof has quit IRC		21:58
*** jamesbenson has joined #openstack-keystone		21:58
*** ayoung has joined #openstack-keystone		21:59
*** catintheroof has joined #openstack-keystone		21:59
*** catintheroof has quit IRC		21:59
lbragstad	#endmeeting	22:00
*** openstack changes topic to "Queens release schedule: https://releases.openstack.org/queens/schedule.html \| Meeting agenda: https://etherpad.openstack.org/p/keystone-weekly-meeting \| Bugs that need triaging: http://bit.ly/2iJuN1h \| Trello: https://trello.com/b/5F0h9Hoe/keystone"		22:00
openstack	Meeting ended Tue Oct 10 22:00:58 2017 UTC. Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)	22:01
openstack	Minutes: http://eavesdrop.openstack.org/meetings/keystone_office_hours/2017/keystone_office_hours.2017-10-10-19.00.html	22:01
openstack	Minutes (text): http://eavesdrop.openstack.org/meetings/keystone_office_hours/2017/keystone_office_hours.2017-10-10-19.00.txt	22:01
openstack	Log: http://eavesdrop.openstack.org/meetings/keystone_office_hours/2017/keystone_office_hours.2017-10-10-19.00.log.html	22:01
*** AlexeyAbashkin has joined #openstack-keystone		22:02
*** jamesbenson has quit IRC		22:02
*** ayoung has quit IRC		22:03
*** oikiki has joined #openstack-keystone		22:06
*** AlexeyAbashkin has quit IRC		22:06
gagehugo	lbragstad that bug you commented on is a duplicate I believe, I left a comment	22:08
gagehugo	about the doc navigation buttons	22:08
*** edmondsw has joined #openstack-keystone		22:08
*** oikiki has quit IRC		22:11
*** edmondsw has quit IRC		22:13
*** chlong has quit IRC		22:30
openstackgerrit	Gage Hugo proposed openstack/keystone master: Implement backend logic for project tags https://review.openstack.org/499726	22:35
openstackgerrit	Gage Hugo proposed openstack/keystone master: Implement project tags logic into manager https://review.openstack.org/499727	22:35
openstackgerrit	Gage Hugo proposed openstack/keystone master: Implement project tags API controller and router https://review.openstack.org/499728	22:35
*** jmlowe has quit IRC		22:47
*** wes_dillingham has quit IRC		22:50
*** oikiki has joined #openstack-keystone		22:51
*** ioggstream has quit IRC		22:57
*** AlexeyAbashkin has joined #openstack-keystone		22:57
*** AlexeyAbashkin has quit IRC		23:01
openstackgerrit	Gage Hugo proposed openstack/keystone master: Add project tags api-ref documentation and reno https://review.openstack.org/472396	23:03
*** nkinder has quit IRC		23:03
*** thorst has joined #openstack-keystone		23:22
*** thorst has quit IRC		23:27
*** jamesbenson has joined #openstack-keystone		23:32
*** nkinder has joined #openstack-keystone		23:35
*** jamesbenson has quit IRC		23:37
*** mancdaz has quit IRC		23:58

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!