| *** dviroel|afk is now known as dviroel | 00:41 | |
| *** dviroel is now known as dviroel|out | 00:50 | |
| *** tkajinam is now known as Guest162 | 06:33 | |
| *** marlinc is now known as Guest167 | 08:04 | |
| *** dviroel|out is now known as dviroel | 11:36 | |
| *** dasm|off is now known as dasm | 13:21 | |
| dmendiza[m] | #startmeeting keystone | 15:02 |
|---|---|---|
| opendevmeet | Meeting started Tue Sep 13 15:02:50 2022 UTC and is due to finish in 60 minutes. The chair is dmendiza[m]. Information about MeetBot at http://wiki.debian.org/MeetBot. | 15:02 |
| opendevmeet | Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. | 15:02 |
| opendevmeet | The meeting name has been set to 'keystone' | 15:02 |
| dmendiza[m] | #topic Roll Call | 15:02 |
| dmendiza[m] | Courtesy ping for admiyo, bbobrov, crisloma, d34dh0r53, dpar, dstanek, hrybacki, knikolla, lbragstad, lwanderley, kmalloc, rodrigods, samueldmq, ruan_he, wxy, sonuk, vishakha, Ajay, rafaelwe, xek | 15:03 |
| knikolla | o/ | 15:03 |
| h_asahina | o/ | 15:03 |
| dmendiza[m] | As usual the agenda is over here: | 15:03 |
| dmendiza[m] | #link https://etherpad.opendev.org/p/keystone-weekly-meeting | 15:03 |
| dmendiza[m] | OK, let's get started | 15:08 |
| dmendiza[m] | #topic Review Past Meeting Action Items | 15:08 |
| dmendiza[m] | #link https://meetings.opendev.org/meetings/keystone/2022/keystone.2022-09-06-15.00.html | 15:08 |
| dmendiza[m] | > dmendiza[m] to look into making a new keystoneauth release | 15:09 |
| dmendiza[m] | I have not made a new release yet | 15:09 |
| dmendiza[m] | s/made/requested | 15:09 |
| dmendiza[m] | #action dmendiza[m] to request a new keystoneauth release | 15:09 |
| dmendiza[m] | which is a good segue into | 15:10 |
| dmendiza[m] | #topic Liaison Updates | 15:10 |
| dmendiza[m] | It's RC1 week | 15:11 |
| dmendiza[m] | #link https://review.opendev.org/c/openstack/releases/+/857116 | 15:11 |
| dmendiza[m] | That's the RC1 release patch for keystone | 15:11 |
| dmendiza[m] | at 1ea9f7557dc442c56805f70b3f0c9393b427a770 | 15:11 |
| dmendiza[m] | #link https://opendev.org/openstack/keystone/commit/1ea9f7557dc442c56805f70b3f0c9393b427a770 | 15:12 |
| dmendiza[m] | which is currently the master branch | 15:12 |
| dmendiza[m] | are there any patches we should try to merge before we approve the release? | 15:13 |
| h_asahina | OAuth2.0 documatations are remaining. is that okey to leave them? | 15:13 |
| knikolla | i haven't had the time to review them, but we can definitely backport docs patches | 15:14 |
| h_asahina | thanks. that a relief. | 15:15 |
| dmendiza[m] | Yeah, I would not hold back RC1 for docs | 15:16 |
| dmendiza[m] | Cool, sounds like we're good to +1 the release patch | 15:17 |
| dmendiza[m] | That's all I have for liaison updates | 15:19 |
| dmendiza[m] | #topic Antelope PTL | 15:19 |
| dmendiza[m] | We're technically "leaderless" for the Antelope cycle | 15:20 |
| dmendiza[m] | but d34dh0r53 did submit his candidacy | 15:21 |
| dmendiza[m] | #link https://review.opendev.org/c/openstack/election/+/856297 | 15:21 |
| knikolla | With my TC hat on: The TC will likely appoint d34dh0r53 as PTL given his candidacy. | 15:22 |
| dmendiza[m] | That's good to hear. | 15:25 |
| dmendiza[m] | Not sure I mentioned it in the channel before, but I'll be taking a lot of time off work during the Antelope cycle | 15:26 |
| dmendiza[m] | otherwise I'd be happy to keep helping out as PTL. | 15:26 |
| dmendiza[m] | So, thanks to d34dh0r53 for volunteering. | 15:27 |
| dmendiza[m] | OK, moving on ... | 15:27 |
| dmendiza[m] | #topic Core Team updats | 15:27 |
| dmendiza[m] | #undo | 15:27 |
| opendevmeet | Removing item from minutes: #topic Core Team updats | 15:27 |
| dmendiza[m] | #topic Core Team updates | 15:27 |
| dmendiza[m] | knikolla suggested we should consider growing the core team | 15:28 |
| dmendiza[m] | and nominate xek for core | 15:29 |
| dmendiza[m] | which I know he'll be very much interested in | 15:29 |
| dmendiza[m] | unfortunately he's out on vacation and won't be back for a couple of weeks. | 15:29 |
| dmendiza[m] | So we'll check with xek to make sure he's still on board and get that process started when he gets back | 15:30 |
| dmendiza[m] | Ok, moving on ... | 15:33 |
| dmendiza[m] | #topic OAuth 2.0 | 15:34 |
| dmendiza[m] | At this point we should go ahead and re-target this spec to antelope | 15:35 |
| dmendiza[m] | #link https://review.opendev.org/c/openstack/keystone-specs/+/843765 | 15:35 |
| h_asahina | agree | 15:35 |
| h_asahina | we've started the implementation, so we can show the codes immediately after the spec is merged. | 15:36 |
| dmendiza[m] | we should be on track to get mTLS merged early in the antelope cycle, which is awesome | 15:37 |
| dmendiza[m] | anything other updates on this topic h_asahina ? | 15:38 |
| h_asahina | I'd like to confirm that :knikolla do you think it better to show our codes to you or writing rest of parts after seeing your demo? | 15:38 |
| knikolla | h_asahina: is the code based on federation and mappings? | 15:39 |
| knikolla | i'm almost done with the demo, just having issues with Apache not passing the SSL environment variables to Keystone | 15:39 |
| h_asahina | yes. technically we are using mapping API of Federation API. | 15:40 |
| knikolla | Good :) | 15:40 |
| knikolla | It's okay to push code for review even if the spec hasn't merged yet. | 15:41 |
| knikolla | For early feedback. We just will make sure not to merge it until after the spec does. | 15:41 |
| h_asahina | ok, good. it depends on how to share your codes, but if you can show your draft codes, we'd like to see it. | 15:42 |
| h_asahina | maybe we can modify our codes based on your codes. | 15:42 |
| knikolla | My code is just some bash setting up keystone with tls, generating client certs, and making the route to the authentication endpoint for the mapped plugin protected by ssl client verify, and trying to fetch the environment variables from the succesful ssl verification in apache and use them in a mapping. :) | 15:44 |
| knikolla | I'm simply trying to demonstrate using client tls as an authentication mechanism using the mapped plugin | 15:45 |
| knikolla | does that make sense to you? | 15:46 |
| h_asahina | i see. so far, it looks similar with our understanding. | 15:46 |
| h_asahina | will push the codes as you said. after you demo becomes ready, we'll update our code based on both your comments and demo. | 15:47 |
| h_asahina | is that okey? | 15:48 |
| knikolla | yes | 15:49 |
| *** dviroel is now known as dviroel|lunch | 15:51 | |
| dmendiza[m] | sounds like we've got a plan | 15:52 |
| dmendiza[m] | OK, let's move on ... | 15:52 |
| dmendiza[m] | #topic Open Discussion | 15:53 |
| dmendiza[m] | Any last minute topics y'all want to discuss? | 15:53 |
| dmendiza[m] | Sounds like we're done for today. | 15:57 |
| h_asahina | it's not discussion, but as it's almost the end of Zed cycle, I'd like to sincerely appreciate all keystone cores support for OAuth2.0 patches. | 15:57 |
| dmendiza[m] | h_asahina: thank you guys for your contributions and patience. 👍️ | 15:58 |
| dmendiza[m] | See y'all online! | 15:58 |
| knikolla | yes, thank you for you contribution and patience over the numerous iterations. | 15:58 |
| dmendiza[m] | #endmeeting | 15:58 |
| opendevmeet | Meeting ended Tue Sep 13 15:58:46 2022 UTC. Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4) | 15:58 |
| opendevmeet | Minutes: https://meetings.opendev.org/meetings/keystone/2022/keystone.2022-09-13-15.02.html | 15:58 |
| opendevmeet | Minutes (text): https://meetings.opendev.org/meetings/keystone/2022/keystone.2022-09-13-15.02.txt | 15:58 |
| opendevmeet | Log: https://meetings.opendev.org/meetings/keystone/2022/keystone.2022-09-13-15.02.log.html | 15:58 |
| *** dviroel|lunch is now known as dviroel | 16:57 | |
| *** dviroel is now known as dviroel|brb | 20:10 | |
| *** dasm is now known as dasm|off | 22:28 | |
| *** dasm|off is now known as Guest305 | 23:03 | |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!