Friday, 2019-02-01

« Thursday, 2019-01-31 Index Saturday, 2019-02-02 »
adriantam I wrong to assume that if I'm dealing with project and user ids, I'd never really need to do lookup as to domain? Domain is only needed for name based lookups? Like is there actually ever a chance that a project_id or user_id will not be unique across all domains?00:07
cmurphyadriant: they should always be unique across domains00:09
adriantcmurphy: ty! cool, thought so, just wanted someone who knew better to confirm00:10
adriantI had an action in Adjutant that acted on project and user id, and I realised that needing to supply a domain was pointless, and actually made no sense00:10
adriantcool, now ripped out and made a little simpler00:13
cmurphy\o/00:13
* adriant is trying to make adjutant work in a LDAP based context a bit better00:13
*** erus1 has quit IRC00:55
*** whoami-rajat has joined #openstack-keystone01:27
*** dklyle has quit IRC01:46
*** david-lyle has joined #openstack-keystone01:46
*** dklyle has joined #openstack-keystone01:48
*** david-lyle has quit IRC01:50
*** markvoelker has joined #openstack-keystone02:10
openstackgerritMerged openstack/keystone master: Update mapping policies for system reader  https://review.openstack.org/61961202:11
*** Dinesh_Bhor has joined #openstack-keystone02:14
*** markvoelker has quit IRC02:14
*** sapd1 has joined #openstack-keystone02:34
*** sapd1 has quit IRC02:50
*** shyamb has joined #openstack-keystone02:52
*** dims has quit IRC02:53
*** shyamb has quit IRC03:10
*** markvoelker has joined #openstack-keystone03:11
openstackgerritMerged openstack/keystone master: Add configuration options for JWS provider  https://review.openstack.org/62867603:27
*** lbragstad has quit IRC03:40
*** markvoelker has quit IRC03:44
*** Dinesh_Bhor has quit IRC03:58
*** Dinesh_Bhor has joined #openstack-keystone04:08
*** markvoelker has joined #openstack-keystone04:41
*** spsurya has joined #openstack-keystone04:45
*** tkajinam_ has joined #openstack-keystone04:47
*** tkajinam has quit IRC04:49
*** markvoelker has quit IRC05:14
*** shyamb has joined #openstack-keystone05:22
*** shyamb has quit IRC05:24
*** shyamb has joined #openstack-keystone05:24
*** lbragstad has joined #openstack-keystone05:43
*** ChanServ sets mode: +o lbragstad05:43
*** gyee has quit IRC05:54
*** markvoelker has joined #openstack-keystone06:12
*** shyamb has quit IRC06:24
*** dave-mccowan has quit IRC06:41
*** markvoelker has quit IRC06:44
*** lbragstad has quit IRC06:52
*** shyamb has joined #openstack-keystone06:57
openstackgerritVishakha Agarwal proposed openstack/keystone master: Replace 'tenant_id' with 'project_id'  https://review.openstack.org/63170607:07
*** pcaruana has joined #openstack-keystone07:19
*** markvoelker has joined #openstack-keystone07:41
*** markvoelker has quit IRC08:14
*** tkajinam_ has quit IRC08:17
*** shyamb has quit IRC08:47
*** shyamb has joined #openstack-keystone08:48
*** rcernin has joined #openstack-keystone08:57
openstackgerritMerged openstack/keystone master: Add keystone-manage create_jws_keypair functionality  https://review.openstack.org/61531509:04
openstackgerritMerged openstack/keystone master: Add test fixture for the JWS key repository  https://review.openstack.org/61454709:04
openstackgerritMerged openstack/keystone master: Add PyJWT as a requirement  https://review.openstack.org/61454809:04
*** shyamb has quit IRC09:10
*** shyamb has joined #openstack-keystone09:11
*** markvoelker has joined #openstack-keystone09:12
*** pcaruana has quit IRC09:30
*** shyamb has quit IRC09:31
*** pcaruana has joined #openstack-keystone09:42
*** shyamb has joined #openstack-keystone09:44
*** markvoelker has quit IRC09:44
*** Dinesh_Bhor has quit IRC10:01
*** Dinesh_Bhor has joined #openstack-keystone10:06
*** opetrenko has joined #openstack-keystone10:18
*** shyamb has quit IRC10:18
*** shyamb has joined #openstack-keystone10:19
opetrenkoHello guys. Is it possible to setup two keystones that use shibboleth as IDP that looks into LDAP, so that I can get unscoped token from first keystone, and scope it in second keystone?10:20
opetrenkoOr do keystone have a way to use "predictable" aka consistent uuid's so that with same user metadata we can get same uuid on different keystones?10:27
*** markvoelker has joined #openstack-keystone10:42
openstackgerritVishakha Agarwal proposed openstack/keystone master: Correcting tests with project_id  https://review.openstack.org/63439410:58
*** Dinesh_Bhor has quit IRC11:01
*** shyamb has quit IRC11:10
*** rcernin has quit IRC11:12
*** markvoelker has quit IRC11:15
*** shyamb has joined #openstack-keystone11:48
*** erus1 has joined #openstack-keystone12:00
*** pcaruana has quit IRC12:05
*** markvoelker has joined #openstack-keystone12:11
*** pcaruana has joined #openstack-keystone12:19
*** mvkr has joined #openstack-keystone12:24
*** pcaruana|afk| has joined #openstack-keystone12:25
*** pcaruana has quit IRC12:26
*** pcaruana|afk| is now known as pcaruana12:27
*** erus1 has quit IRC12:27
*** erus1 has joined #openstack-keystone12:27
*** yan0s has joined #openstack-keystone12:32
*** markvoelker has quit IRC12:45
*** pcaruana has quit IRC13:13
cmurphywe closed more bugs than we opened this week \o/13:14
cmurphyopetrenko: you can set up keystone-to-keystone federation to be able to authenticate with one keystone and use the authentication on another keystone https://docs.openstack.org/keystone/latest/admin/federation/configure_federation.html#keystone-as-an-identity-provider-idp13:16
opetrenkocmurphy: the thing is, that I want both keystones to look into shibboleth13:16
cmurphyopetrenko: we have work ongoing to ensure uuids are consistent for the same user but it's not complete13:16
opetrenkocmurphy:https://review.openstack.org/#/c/605169/9 this?13:17
cmurphyopetrenko: yes that's part of it13:17
opetrenkocan I help somehow? since I need this thing to be implemented :)13:18
*** pcaruana has joined #openstack-keystone13:20
cmurphyopetrenko: here is the main spec http://specs.openstack.org/openstack/keystone-specs/specs/keystone/stein/explicit-domains-ids.html you can talk to ayoung when he comes online and ask how you can help13:20
cmurphyand ping lbragstad when he comes online to see what can be done about his -1 on that review13:21
opetrenkocmurphy:thx13:21
*** yan0s has quit IRC13:23
*** yan0s has joined #openstack-keystone13:24
*** shyamb has quit IRC13:25
*** dave-mccowan has joined #openstack-keystone13:34
*** dims has joined #openstack-keystone13:41
*** markvoelker has joined #openstack-keystone13:42
*** markvoelker has quit IRC14:14
*** mchlumsky has joined #openstack-keystone14:31
*** dims has quit IRC14:38
*** lbragstad has joined #openstack-keystone14:39
*** ChanServ sets mode: +o lbragstad14:39
*** dims has joined #openstack-keystone14:44
*** dims has quit IRC15:01
*** markvoelker has joined #openstack-keystone15:11
*** dims has joined #openstack-keystone15:14
*** dims has quit IRC15:19
*** dims has joined #openstack-keystone15:20
*** markvoelker has quit IRC15:44
*** pcaruana has quit IRC15:59
opetrenkohttps://github.com/Enacero/docker-keystone-federation - docker-compose with two federated keystones, looking into one shibboleth with ldap. Fernet keys are moved to volume, so both keystones have almost the same configuration16:09
erus1o/16:10
lbragstadopetrenko nice!16:10
lbragstadlooks like e0ne has a version, too?16:10
*** yan0s has quit IRC16:10
opetrenkocurrently in his master is merged pull request from this repo16:11
opetrenkobut I fixed several errors and they were not merged into e0nes repo16:12
lbragstadcool16:12
knikollao/16:31
* knikolla caught the flu. 16:32
knikollai blame kmalloc from the other side of the continent.16:32
kmalloco/16:32
kmallocwait what.16:32
kmallocno. no blaming me for the crud.16:33
lbragstadlol16:33
knikollahaha16:33
*** markvoelker has joined #openstack-keystone16:41
*** awalende has joined #openstack-keystone16:47
*** awalende has quit IRC16:52
*** awalende has joined #openstack-keystone16:52
*** awalende has quit IRC16:57
*** markvoelker has quit IRC17:15
*** erus1 has quit IRC17:23
*** erus1 has joined #openstack-keystone17:23
*** awalende has joined #openstack-keystone17:52
*** jistr has quit IRC17:57
*** jistr has joined #openstack-keystone17:57
*** markvoelker has joined #openstack-keystone18:11
*** gyee has joined #openstack-keystone18:15
*** awalende has quit IRC18:16
*** bnemec has joined #openstack-keystone18:29
*** bnemec is now known as bnemec-pto18:29
*** markvoelker has quit IRC18:45
gagehugoo/19:39
*** markvoelker has joined #openstack-keystone19:42
erus1\o19:48
*** lbragstad has quit IRC20:02
*** whoami-rajat has quit IRC20:07
*** awalende has joined #openstack-keystone20:12
*** markvoelker has quit IRC20:15
*** lbragstad has joined #openstack-keystone20:36
*** ChanServ sets mode: +o lbragstad20:36
*** markvoelker has joined #openstack-keystone21:11
*** xek has quit IRC21:32
*** Nel1x has joined #openstack-keystone21:34
*** awalende has quit IRC21:44
*** markvoelker has quit IRC21:45
*** imus has quit IRC22:21
openstackgerritIslam Musleh proposed openstack/keystone master: Converting the API tests to use flask's test_client  https://review.openstack.org/63030122:26
*** erus1 has quit IRC22:38
*** erus1 has joined #openstack-keystone22:38
*** dave-mccowan has quit IRC22:40
*** markvoelker has joined #openstack-keystone22:42
*** awalende has joined #openstack-keystone22:51
*** markvoelker has quit IRC23:14
*** erus1 has quit IRC23:14
*** erus1 has joined #openstack-keystone23:15
*** takamatsu has quit IRC23:26
*** awalende has quit IRC23:39
« Thursday, 2019-01-31 Index Saturday, 2019-02-02 »

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!