Friday, 2018-05-11

openstackgerritMonty Taylor proposed openstack/keystoneauth master: Fix interface argument to get_all_version_data
mordredkmalloc: yah. and it just released a couple of days ago ... and it's 'public' everywhere else00:03
mordredI mean, the chance that anyone has even noticed the method is pretty low00:03
*** gyee has quit IRC00:04
mordredit's a pretty specific use-case :)00:04
mordred"please fetch all of the version discovery documents for every service in the catalog"00:04
mordrednot a task people need to do daily, you know?00:04
*** dave-mccowan has quit IRC00:05
*** aselius has joined #openstack-keystone00:08
mordredkmalloc: btw - is the sdk patch to consume all of the service-type alias enabled discovery we just added00:16
*** opetrenko has quit IRC00:16
mordredyay net reduction in code00:16
*** opetrenko has joined #openstack-keystone00:16
*** Dinesh_Bhor has joined #openstack-keystone00:27
kmalloclbragstad: ^ cc, lets get this fixed.00:28
*** jmlowe has quit IRC00:37
kmallocmordred: cmurphy pushed your fix in01:01
kmallocmordred: as soon as it lands either you or I will get a release patch in place01:02
kmallocmordred: thanks for turning that around quickly01:02
kmalloccmurphy: same to you01:02
*** harlowja has joined #openstack-keystone01:06
*** r-daneel has quit IRC01:09
*** jmlowe has joined #openstack-keystone01:12
*** liuzz_ has joined #openstack-keystone01:27
*** liuzz has quit IRC01:29
*** harlowja has quit IRC02:07
*** rcernin has joined #openstack-keystone02:14
*** alex_xu has joined #openstack-keystone02:21
*** nicolasbock has quit IRC02:36
*** felipemonteiro has joined #openstack-keystone02:40
openstackgerritMerged openstack/keystoneauth master: Fix interface argument to get_all_version_data
*** rm_work has quit IRC03:13
*** rm_work has joined #openstack-keystone03:23
openstackgerritwangxiyuan proposed openstack/keystone master: Clean up token extra code
openstackgerritwangxiyuan proposed openstack/keystone master: Clean up token extra code
*** germs has quit IRC04:04
*** abhi89 has joined #openstack-keystone04:15
*** gyan_ has joined #openstack-keystone04:25
*** gyankum has joined #openstack-keystone04:26
*** aselius has quit IRC04:27
*** abhi89 has quit IRC04:39
*** Dinesh_Bhor has quit IRC04:56
*** Dinesh_Bhor has joined #openstack-keystone05:00
*** dansmith has quit IRC05:11
kmalloclbragstad, mordred:
*** Guest7914 has joined #openstack-keystone05:40
*** felipemonteiro has quit IRC05:57
*** jdennis has quit IRC06:26
*** jdennis has joined #openstack-keystone06:26
*** links has joined #openstack-keystone06:31
*** pcaruana has joined #openstack-keystone06:32
*** zzzeek has quit IRC06:32
*** Dinesh__Bhor has joined #openstack-keystone06:33
*** zzzeek has joined #openstack-keystone06:33
*** Dinesh_Bhor has quit IRC06:33
*** bigjools has joined #openstack-keystone06:34
*** bigjools has joined #openstack-keystone06:34
*** annp has quit IRC06:36
*** annp has joined #openstack-keystone06:36
*** martinus__ has joined #openstack-keystone06:51
*** belmoreira has joined #openstack-keystone06:53
*** rpittau has quit IRC07:06
*** dmellado has quit IRC07:09
*** dmellado has joined #openstack-keystone07:10
*** rpittau has joined #openstack-keystone07:18
*** tesseract has joined #openstack-keystone07:20
*** Dinesh__Bhor has quit IRC07:36
*** Dinesh__Bhor has joined #openstack-keystone07:43
*** rcernin has quit IRC07:58
*** liuzz__ has joined #openstack-keystone08:39
*** liuzz_ has quit IRC08:43
*** gongysh has joined #openstack-keystone08:48
*** liuzz has joined #openstack-keystone08:53
*** liuzz__ has quit IRC08:55
*** openstack has joined #openstack-keystone09:25
*** ChanServ sets mode: +o openstack09:25
*** gongysh has quit IRC09:53
*** gongysh has joined #openstack-keystone09:53
*** Dinesh__Bhor has quit IRC09:54
*** nicolasbock has joined #openstack-keystone10:45
*** gongysh has quit IRC10:48
*** annp has quit IRC12:01
*** edmondsw has joined #openstack-keystone12:08
*** jmlowe has quit IRC12:17
*** raildo has joined #openstack-keystone12:27
*** jroll is now known as jrollinhatin12:45
*** jmlowe has joined #openstack-keystone12:46
*** germs has joined #openstack-keystone12:50
*** germs has quit IRC12:50
*** germs has joined #openstack-keystone12:50
*** zzzeek has quit IRC12:51
*** thiagolib_ has joined #openstack-keystone12:52
*** zzzeek has joined #openstack-keystone12:53
*** openstackstatus has joined #openstack-keystone13:11
*** ChanServ sets mode: +v openstackstatus13:11
-openstackstatus- NOTICE: Due to a Zuul outage, patches uploaded to Gerrit between 09:00UTC and 12:50UTC, were not properly added to Zuul. Please recheck any patches during this window and apologies for the inconvenience.13:15
*** germs has quit IRC13:20
*** germs has joined #openstack-keystone13:20
*** germs has quit IRC13:24
*** dklyle has quit IRC13:24
*** s10 has joined #openstack-keystone13:25
*** Guest7914 is now known as superdan13:26
*** superdan is now known as Guest8260913:26
*** rmascena has joined #openstack-keystone13:31
*** raildo has quit IRC13:33
*** felipemonteiro has joined #openstack-keystone13:36
*** gyan_ has quit IRC13:45
*** gyankum has quit IRC13:46
*** mvenesio has joined #openstack-keystone13:52
*** jmlowe has quit IRC13:54
lbragstadkmalloc: nice - thanks!13:54
*** mvenesio has quit IRC13:57
*** mchlumsky has quit IRC13:58
*** germs has joined #openstack-keystone13:59
*** germs has quit IRC13:59
*** germs has joined #openstack-keystone13:59
*** mchlumsky has joined #openstack-keystone14:02
*** dklyle has joined #openstack-keystone14:06
*** felipemonteiro_ has joined #openstack-keystone14:12
*** felipemonteiro has quit IRC14:13
*** felipemonteiro__ has joined #openstack-keystone14:13
*** felipemonteiro_ has quit IRC14:18
*** germs has quit IRC14:18
*** david-lyle has joined #openstack-keystone14:25
*** felipemonteiro__ has quit IRC14:25
*** r-daneel has joined #openstack-keystone14:25
*** felipemonteiro__ has joined #openstack-keystone14:25
*** dklyle has quit IRC14:25
*** dklyle has joined #openstack-keystone14:27
*** Guest82609 is now known as superdan14:27
*** david-lyle has quit IRC14:27
lbragstadayoung: do you work with ken holden?14:29
lbragstadhrybacki: do you work with ken holden?14:29
hrybackilbragstad: no but the name sounds familiar14:29
*** melwitt is now known as jgwentworth14:29
lbragstadah - i'm fishing for an irc nick14:30
hrybackilemme look14:30
lbragstadthanks - he is co-presenting a keystone talk that looks interesting14:30
lbragstadand i wanted to ask if he'd be ok with us plugging it in the project update14:31
hrybackihe's an SA on OpenStack so I'm fairly certain ayoung can point you at him -- his irc nick is noted as kholden14:32
hrybackibut he's likely at RH Summit and offline14:32
lbragstadawesome - thanks for the info!14:33
hrybackiNP :)14:33
lbragstadwhat about Krzysztof Janiszewski ?14:33
lbragstadfwiw - this is the talk i'm looking at
*** germs has joined #openstack-keystone14:47
*** germs has quit IRC14:47
*** germs has joined #openstack-keystone14:47
*** germs has quit IRC14:53
*** jmlowe has joined #openstack-keystone14:54
*** r-daneel has quit IRC14:57
*** pcichy has joined #openstack-keystone15:01
*** thiagolib_ has quit IRC15:02
ayounglbragstad, Yes15:04
ayoungand I am sure that he would be15:05
ayounglbragstad, I am so glad he is giving that talk.  Now when people internally ask me about LDAP for Keystone I can point them at him15:06
*** pcaruana has quit IRC15:07
*** belmoreira has quit IRC15:08
lbragstadayoung: thanks, i'll add it to the list, but if you come in contact with him prior to the summit it would be good to give him a heads up15:09
lbragstadayoung: or, if you PM his email, i can shoot him a note15:09
lbragstadhim and Krzysztof i should say15:10
ayounglbragstad, he's usually pretty responsive, but with RH Summit this week, people have been quite (except on Twitter)15:10
lbragstadsure - that makes sense15:11
*** rpittau has quit IRC15:14
*** jmlowe has quit IRC15:17
*** jmlowe has joined #openstack-keystone15:22
*** links has quit IRC15:24
ayoungWrong Krystof15:32
ayoung12 sec15:32
*** Guest6945 is now known as zeus15:38
*** zeus has joined #openstack-keystone15:38
*** gyee has joined #openstack-keystone15:41
*** jmlowe has quit IRC15:44
*** dklyle has quit IRC15:46
*** r-daneel has joined #openstack-keystone15:54
*** germs has joined #openstack-keystone16:16
*** germs has quit IRC16:16
*** germs has joined #openstack-keystone16:16
*** germs has quit IRC16:16
*** germs has joined #openstack-keystone16:17
*** openstackgerrit has joined #openstack-keystone16:21
openstackgerritHarry Rybacki proposed openstack/keystone-specs master: Define a set of basic default roles
hrybackilbragstad: felipemonteiro__ raised a good point. We are opting to used implied roles for ensuring that member->auditor, admin->member, and therefore admin->member-> auditor. However, this will not be obvious if one looks at our policy-in-code ( bc we are doing it during the bootstrap process. Obviously it'll be in the logs but that's16:23
hrybackinot where folks would look16:23
hrybackiHow do we make this more obvious?16:23
*** s10 has quit IRC16:24
kmallocthat is a good question16:25
kmalloci think we'll need to do something to make that clear, but that is hard to do. perhaps we document defaults in the "policy-in-code" bit?16:25
kmallocor expected defaults?16:25
hrybackiaye, MVP is adding comments to that file noting as much16:26
hrybackiObviously noting as much in 'added documentation' as well16:26
hrybacki'noting as much' is apparently my preferred phrase for this morning16:26
kmallocyeah, document our expected defaults16:26
kmallocwe should ensure that whatever "defaults we document" we attempt to check those are as expected.16:27
kmallocnot sure how we'd do that, but ... we should see if we can16:27
hrybackiwhich makes me wonder, should there be a way to actually enable role implication within policy-in-code ?16:27
hrybackikmalloc: what do you mean?16:27
kmallocor enable role implication.16:27
kmalloci was thinking a "expected_role_default_expansion=[role1, role2]" and we turn that into something we test on16:28
kmallocand that gets translated into some reasonable documentation16:28
kmallocbut a mechanism to explicitly show the implied roles in policy-in-code would work too16:29
hrybackiyeah, I think ^^ would be congruent to our end goals wrt policy-in-code16:29
kmallocomg... garlic butter toast with eggs and tomato...16:30
kmallocso good.16:30
* kmalloc left the puppy home and camping at a coffee shop for 2-3 hours16:30
hrybackikmalloc: I haven't eaten today but now I'm craving some of that hard16:30
* kmalloc is taking a real stab at "flask-i-fying" keystone.16:31
felipemonteiro__kmalloc: ++ it seems like the intention is to simultaneously simplify the policy.json while still documenting everything in code16:31
hrybackibtw, current fave. breakfast sandwich: toast w/ a lil siracha, 1 strip of bacon crumbled over a fried egg with thinly sliced cheddar to top it off16:31
kmallocor at least dropping paste in lieu of flask as the wrapper so we can start moving 100% to the flask framework16:31
felipemonteiro__i'm not sure how operators will respond to implied roles while drafting policy.json changes, only time will tell16:32
kmallochrybacki: man, siracha is so good. i'm aiming for less meat and more veggies, so bacon is mostly out atm16:32
hrybackifelipemonteiro__: there is no perfect solution :(16:32
kmallocotherwise... NICE.16:32
hrybackikmalloc: same. hence my emphasis on a single stip :(16:32
kmallocfelipemonteiro__: yeah we just can't know, we have to do our best16:32
hrybackitwo years ago it would have been at least three16:32
hrybackibut frying the egg /in/ the bacon grease is kind of key16:33
kmalloci olive oil fry my eggs16:33
hrybackimmm but that bacon infused goodness tho16:33
hrybackiaaand now all I can think about is food -_-16:33
kmallocalso this coffee shop is a bakery, so they make their own bread - salt water yeast and flour16:34
kmallocthats all that goes into it all, and super fresh.16:35
* kmalloc is on the "tired of 'enriched' flour and processed breads". 16:35
kmallocit is either find good stuff or bake my own16:35
kmallocalso all unbleached flour + a good sourdough starter16:35
* kmalloc is "helping" hrybacki 16:36
hrybackisomeone is making toast in my co-op rn.16:36
kmallocmordred: could you imagine keystone with flask-restplus? ;)16:36
hrybacki24 minutes, I can make it that long16:36
kmallochrybacki: tough decision time, X1Carbon [6th gen], X1 Yoga [3rd Gen] (and if either of those, HDR screen 500 nit or just hidpi ips 270 nit), or XPS 1316:40
kmallochrybacki: i need a new laptop =/16:41
kmallocmy old X1C is giving up the ghost and warranty is up16:41
hrybackithat's tough, I'm not up-to-date on those lines. I've got about another ~10 months before my research begins16:42
* hrybacki is sad to admit he still likes macbook pros more than any of the last 3 thinkpads he's owned 16:42
kmallocthe new MBP [keyboard and touchbar] make it a nogo16:43
kmalloci don't want to have to do everything in a vm16:43
kmalloccontainer for isolated runtimes is quite sufficient16:43
hrybackiI'm a huge fan of the new keyboard/touchpad - I was hesitant at first but have grown quite fond16:44
hrybackiplus screen/battery life/portability16:45
kmallocthe new keyboard is ... nope... no, i want an old-school x67 keyboard in my laptop, but that said...16:45
hrybackiI'm genuinely curious about the machines huawei has been putting out16:45
kmallocwhat i really want is somewhere between the surface book2, xps13, x1 carbon, and Purism (librem) 1316:46
kmallocbut somehow i don't think i can commission what i really want.16:46
kmalloci am somewhat tempted to see if i can work with some folks to make something awesome happen.16:47
kmalloci *really* want a coreboot enabled machine :)16:47
*** spilla has joined #openstack-keystone16:51
lbragstadi've heard good things about the xps 1316:54
lbragstadi think smcginnis runs one16:54
*** tesseract has quit IRC16:59
*** openstackstatus has quit IRC17:00
*** openstack has joined #openstack-keystone17:01
*** ChanServ sets mode: +o openstack17:01
*** openstackstatus has joined #openstack-keystone17:02
*** ChanServ sets mode: +v openstackstatus17:02
openstackgerritHarry Rybacki proposed openstack/keystone-specs master: Define a set of basic default roles
hrybackifelipemonteiro__: I added a little note about where we will document the implied roles chain ^^17:03
felipemonteiro__Nice, will check after lunch... #latelunch for me too17:04
* hrybacki is off to lunch as well17:05
*** bigjools has quit IRC17:22
*** bigjools has joined #openstack-keystone17:23
*** bigjools has joined #openstack-keystone17:23
*** germs has quit IRC17:32
*** germs has joined #openstack-keystone17:41
*** germs has quit IRC17:41
*** germs has joined #openstack-keystone17:41
*** germs has quit IRC17:43
*** germs has joined #openstack-keystone17:43
*** germs has quit IRC17:43
*** germs has joined #openstack-keystone17:43
*** fiddletwix has quit IRC17:48
*** mvenesio has joined #openstack-keystone18:28
openstackgerritMerged openstack/keystone master: Allow cleaning up non-existant group assignments
openstackgerritMerged openstack/keystone master: Consolidate health-check-middleware.rst
*** pcichy has quit IRC18:40
*** s10 has joined #openstack-keystone18:42
lbragstadcmurphy: lol i was literally just about to start working on the bug report for the news letter :)19:04
lbragstadcmurphy: thanks for sending it!19:04
cmurphylbragstad: oh haha :) if you want to add to it feel free to send a response :)19:05
lbragstadparsing your report now, but i was just about to grab the link to etherpad from a previous report when boom... i saw it rolling in19:05
*** mvenesio has quit IRC19:18
*** mvenesio has joined #openstack-keystone19:18
*** mvenesio has quit IRC19:23
*** felipemonteiro__ has quit IRC19:34
*** felipemonteiro_ has joined #openstack-keystone19:34
*** felipemonteiro__ has joined #openstack-keystone19:39
*** felipemonteiro_ has quit IRC19:42
*** dklyle has joined #openstack-keystone19:59
openstackgerritGage Hugo proposed openstack/keystone master: Consolidate oauth1.rst
*** s10_ has joined #openstack-keystone20:12
*** s10 has quit IRC20:14
*** rmascena has quit IRC20:51
*** felipemonteiro__ has quit IRC20:51
*** felipemonteiro__ has joined #openstack-keystone20:52
lbragstadcmurphy: kmalloc do either of you have an objection to releaseing ldappool?20:57
lbragstadi'm reading sean's email and libraries without a release this cycle and ldappool is one of them20:57
*** pcichy has joined #openstack-keystone20:58
*** s10__ has joined #openstack-keystone21:00
cmurphylbragstad: we've only had three commits on it since the last tag, all just updating requirements21:00
lbragstadyeah - that's what i noticed21:00
lbragstadfigured nothing really changed, but wanted to check since you two are more familiar with it than i am21:01
*** s10_ has quit IRC21:02
kmalloclbragstad: nah releasing it is 100% good to me21:03
kmallocbut as cmurphy said21:03
lbragstadcool - done21:03
kmallocit just doesn't move far/fast21:03
cmurphylbragstad: hmm it wasn't even updates to requirements.txt, just to test-requirements.txt and to lower-constraints.txt21:03
cmurphyso this is really a noop release21:03
lbragstadi wonder if test requirements still justifies a minor release?21:03
lbragstadi think changes to requirements justify it, iirc21:03
kmalloclbragstad: i just +1'd the change21:04
kmallocit might need upper-constraints love21:04
kmallocin general21:04
kmallocyeah, update to requirements justifies a release21:04
kmallocman, cup of coffee #3, still feeling wiped out21:05
*** martinus__ has quit IRC21:05
cmurphycommented on the patch21:05
kmalloclbragstad: well crap on the ksa thing, reading it21:05
lbragstadwe made the same comment lol21:05
kmalloclbragstad: we might need to do some reworking.21:05
lbragstadjust in two different places21:05
kmalloclbragstad: make it a minor release not bugfix21:06
cmurphyminor was what he had before21:08
lbragstadnow it's modifying patch i think21:08
lbragstadmajor.minor.patch ?21:08
lbragstadso - 2.2.0 -> 2.2.1 instead of 2.2.0 -> 2.3.021:09
kmallocyeah that is good21:10
kmallocoh wait21:10
kmallochold on21:10
kmalloccrossing things here.21:10
kmalloci don't know if req changes warrant patch or minor honestly21:11
kmalloclbragstad: responded to the ML thread about KSA21:11
cmurphyit's only test-requirements and lower-constraints, not reqs21:11
kmalloclbragstad: if we did break something, we'll need to restore previous behavior(s)21:11
kmalloccmurphy: then patch is fine imo21:12
kmallocok we're in the right place with this release now :)21:12
kmalloccmurphy: thanks!21:12
cmurphylol ok :)21:12
kmalloclbragstad: fixed your commit message too21:13
*** mvenesio has joined #openstack-keystone21:13
kmalloccmurphy: i think i'm going to take my lawn chair and the puppy outside ;)21:14
kmalloccmurphy: [she's been sleeping all morning]21:14
kmallocso, code hacking from the grass in front of the houses :)21:14
* kmalloc waits for laptop to charge21:14
lbragstadi want to be one of my dogs for *a* day21:14
kmalloccmurphy: running this by you as well, since i ran this by lbragstad21:15
*** mvenesio has quit IRC21:15
kmalloccmurphy: going to spin up a change to make flask a core part of keystone, but basically just take the current middleware[s]/routes and run them as WSGI middleware before the main flask app21:15
kmalloccmurphy: and in the process going to ditch paste [dead project] and just wire everything up in the flask factory21:15
kmalloccmurphy: so we'll run "keystone_wsgi" and then can start converting from the old routes __call__/dispatching to flask dispatching for each subsystem21:16
kmalloccmurphy: see any major issues in that before i dive in (high level gut feelings is wht i'm going for)21:16
cmurphykmalloc: i'm not super familiar with how our middleware works but ++ to ditching paste21:18
kmalloccmurphy: mostly everything just runs through __Call__ and dispatches/handles request passes down from there21:19
kmallocso i'll just wire it all up to do just that (including our service_v3 one) before the flask app core, where we'll move everything as we convert from routes to flask-routes21:20
* kmalloc is going to need to look into the JSON Home bits as well, but should be pretty straight forward.21:20
kmallocin essence, nothing should change except we have flask at the very end of the stack handling the "i dunno what the heck you asked for"21:21
cmurphylbragstad: haha never mind i guess: "Initial releases in a series must increment at least the minor version or be beta versions. '2.2.1'"21:21
kmallocwell then.21:21
kmalloc2.3 it is21:21
kmallochonestly... do we need to release ?21:22
* kmalloc shrugs21:22
kmalloci'm happy with a no-op release if we need it21:22
cmurphykmalloc: what about the paste.ini file? do we need to handle a migration path off of using it?21:22
cmurphyre: release yeah i'm not sure i understand the need to release just for the sake of releasing21:23
kmalloccmurphy: nah we shouldn't if we supply a workable (the entry-point generated wsgi file) wsgi file21:24
kmallocso, paste.ini will just disappear21:24
kmallocbut you'll run keystone in the same way as before, uwsgi <path to keystone.wsgi-file>21:24
cmurphywhat about people that have customized it with other middlewares?21:25
kmallocwell, they'd be sol :P21:25
*** pcichy has quit IRC21:25
kmallocbut honestly, afaik the only thing being done is removing ec2/s321:25
kmallocor having things way out in front (proxy/etc)(21:26
kmalloci'll spin up the change and if we need a way of hooking in other middlewares, i'll figure a way to load in the external deps into the wired up form21:27
kmallocbut tl;dr, paste has been on the long list of things we need to remove, so i'll do the paste-ectomy and get the ball rolling, even if we don't land it right off the bat.21:27
kmallocwhile we figure out things such as "i have a custom wsgi middleware i wedged in"21:28
openstackgerritGage Hugo proposed openstack/keystone master: Add LDAP user-backed functional testing gate
*** sonuk has joined #openstack-keystone21:30
*** spilla has quit IRC21:33
lbragstadwxy: jgwentworth johnthetubaguy kmalloc i created an etherpad for the unified limits discussion at the forum if you're interested in adding to it, or commenting on it -
jgwentworthack, thanks21:39
*** sonuk has quit IRC21:39
lbragstadyankcrime: you might be interested in that as well ^21:41
* lbragstad steps away for a bit21:47
*** dklyle has quit IRC21:47
*** dklyle has joined #openstack-keystone21:47
*** felipemonteiro__ has quit IRC21:49
*** s10__ has quit IRC21:56
*** edmondsw has quit IRC21:58
*** edmondsw has joined #openstack-keystone22:02
*** s10 has joined #openstack-keystone22:03
*** edmondsw has quit IRC22:06
*** mvenesio has joined #openstack-keystone22:18
*** s10_ has joined #openstack-keystone22:25
*** jmlowe has joined #openstack-keystone22:27
*** s10 has quit IRC22:28
*** edmondsw has joined #openstack-keystone22:29
*** mchlumsky has quit IRC22:44
*** spilla has joined #openstack-keystone22:52
*** spilla has quit IRC22:53
*** r-daneel has quit IRC23:00
*** mtreinish_ has joined #openstack-keystone23:19
*** mtreinish has quit IRC23:19
*** mtreinish_ is now known as mtreinish23:20
*** felipemonteiro__ has joined #openstack-keystone23:49

Generated by 2.15.3 by Marius Gedminas - find it at!