Tuesday, 2023-03-21

opendevreview	David Wilde proposed openstack/keystone master: Add existing user flags https://review.opendev.org/c/openstack/keystone/+/878046	02:06
opendevreview	David Wilde proposed openstack/keystone-tempest-plugin master: Add existing user logic https://review.opendev.org/c/openstack/keystone-tempest-plugin/+/878047	02:08
thuvh	hi team, is there anyway to change domain of existing project	02:54
opendevreview	OpenStack Proposal Bot proposed openstack/keystone master: Imported Translations from Zanata https://review.opendev.org/c/openstack/keystone/+/857805	03:39
*** EugenMayer43 is now known as EugenMayer4		06:56
opendevreview	David Wilde proposed openstack/keystone-tempest-plugin master: Add existing user logic https://review.opendev.org/c/openstack/keystone-tempest-plugin/+/878047	13:37
d34dh0r53	meeting will start a bit late	15:01
d34dh0r53	#startmeeting keystone	15:05
opendevmeet	Meeting started Tue Mar 21 15:05:51 2023 UTC and is due to finish in 60 minutes. The chair is d34dh0r53. Information about MeetBot at http://wiki.debian.org/MeetBot.	15:05
opendevmeet	Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.	15:05
opendevmeet	The meeting name has been set to 'keystone'	15:05
d34dh0r53	#topic roll call	15:05
d34dh0r53	admiyo, bbobrov, crisloma, d34dh0r53, dpar, dstanek, hrybacki, knikolla[m], lbragstad, lwanderley, kmalloc, rodrigods, samueldmq, ruan_he, wxy, sonuk, vishakha, Ajay, rafaelwe, xek, gmann, zaitcev, arequate, dmendiza[m]	15:06
dmendiza[m]	🙋	15:06
knikolla[m]	o/	15:07
hiromu	o/	15:08
d34dh0r53	o/	15:08
d34dh0r53	#topic review past meeting work items	15:09
d34dh0r53	#link https://meetings.opendev.org/meetings/keystone/2023/keystone.2023-03-14-15.02.html	15:09
d34dh0r53	#action d34dh0r53 look into the keystone-groups members as well https://review.opendev.org/admin/groups/d7203dc55fa9bdf98c578b16ac398e0c754a1a67,members not sure if it's used any more	15:09
d34dh0r53	d34dh0r53 investigate https://bugs.launchpad.net/keystone/+bug/2009752	15:10
d34dh0r53	I'm still looking at this, my reproducer environment is unreachable ATM	15:10
d34dh0r53	#action d34dh0r53 investigate https://bugs.launchpad.net/keystone/+bug/2009752	15:10
d34dh0r53	that does it for the past meeting work items	15:11
d34dh0r53	next up we have	15:11
d34dh0r53	#topic liaison updates	15:11
d34dh0r53	nothing from VMT	15:11
d34dh0r53	moving on	15:12
d34dh0r53	#topic specification OAuth 2.0 (hiromu)	15:13
d34dh0r53	#link https://review.opendev.org/q/topic:bp%252Foauth2-client-credentials-ext	15:13
d34dh0r53	External OAuth 2.0 Specification	15:13
d34dh0r53	#link https://review.opendev.org/c/openstack/keystone-specs/+/861554	15:13
d34dh0r53	OAuth 2.0 Implementation	15:13
d34dh0r53	#link https://review.opendev.org/q/topic:bp%252Fsupport-oauth2-mtls	15:13
d34dh0r53	OAuth 2.0 Documentation	15:13
d34dh0r53	#link https://review.opendev.org/c/openstack/keystone/+/838108	15:13
d34dh0r53	#link https://review.opendev.org/c/openstack/keystoneauth/+/838104	15:13
hiromu	I sent ML to decide time slot for discussing ext OAuth2.0 server support on vPTG, and I got a reply from Ironic	15:14
hiromu	https://lists.openstack.org/pipermail/openstack-discuss/2023-March/032796.html	15:14
hiromu	I need one slot for this topic, so I'm going to suggest the Keystone's first slot on next Monday. Is this okay for Keystone?	15:16
d34dh0r53	Yes, this is fine for me	15:16
d34dh0r53	Does it work for you knikolla[m] and dmendiza[m] ?	15:16
* dmendiza[m] checks PTG calendar		15:17
dmendiza[m]	#link https://ptg.opendev.org/ptg.html	15:18
dmendiza[m]	Works for me. There's nothing else on MOnday that I need to attend	15:18
d34dh0r53	ack	15:18
hiromu	The date may vary depending on Ironic's reply, please check this thread.	15:18
d34dh0r53	hiromu: I'm watching that thread and will update accordingly	15:19
hiromu	thanks a lot	15:19
d34dh0r53	no problem, anything else?	15:19
hiromu	no, thanks :)	15:20
d34dh0r53	next up	15:20
d34dh0r53	#topic Secure RBAC (dmendiza[m])	15:20
d34dh0r53	#link https://governance.openstack.org/tc/goals/selected/consistent-and-secure-rbac.html#z-release-timeline_	15:20
d34dh0r53	Service Role Implementation	15:20
d34dh0r53	#link https://review.opendev.org/c/openstack/keystone/+/863420	15:20
d34dh0r53	Manager Role Implementation	15:20
d34dh0r53	#link https://review.opendev.org/c/openstack/keystone/+/822601	15:20
d34dh0r53	any updates dmendiza[m] ?	15:20
dmendiza[m]	No updates, sorry. I've been focused on downstream things 😅	15:21
d34dh0r53	no worries :)	15:21
d34dh0r53	next up	15:21
d34dh0r53	#topic specification SQLAlchemy 2.0 (stephenfin)	15:21
d34dh0r53	#link https://review.opendev.org/q/topic:sqlalchemy-20+is:open+project:openstack/keystone	15:21
d34dh0r53	Can I get reviews on this, while I have context/time to close it out?	15:21
d34dh0r53	What more do you need from me?	15:21
d34dh0r53	stephenfin: thanks for these, I'll start reviewing this week	15:22
stephenfin	no worries (y)	15:22
d34dh0r53	cool, moving to open discussion	15:22
d34dh0r53	#topic open discussion	15:23
d34dh0r53	(mustafakemalgilor) PooledLdapHandler message.clean() patch backports	15:23
* dmendiza[m] needs to catch up on reviews		15:23
dmendiza[m]	what's the next branch on those backports?	15:23
d34dh0r53	review request	15:24
d34dh0r53	#link ussuri: https://review.opendev.org/c/openstack/keystone/+/874846	15:24
d34dh0r53	#link victoria: https://review.opendev.org/c/openstack/keystone/+/874847	15:24
d34dh0r53	#link wallaby: https://review.opendev.org/c/openstack/keystone/+/874844	15:24
d34dh0r53	#link xena: https://review.opendev.org/c/openstack/keystone/+/874843	15:24
d34dh0r53	#link yoga: https://review.opendev.org/c/openstack/keystone/+/874842	15:24
d34dh0r53	#link zed: https://review.opendev.org/c/openstack/keystone/+/874841	15:24
d34dh0r53	#undo	15:24
opendevmeet	Removing item from minutes: #link https://review.opendev.org/c/openstack/keystone/+/874841	15:24
dmendiza[m]	No train?	15:24
d34dh0r53	I don't see one	15:24
dmendiza[m]	Yoga +2/+A	15:24
d34dh0r53	thanks dmendiza[m]	15:25
dmendiza[m]	I'll keep an eye out for this to merge and kick the next branch	15:25
dmendiza[m]	Going back to the Gerrit group AI	15:25
d34dh0r53	ack, TYS	15:25
dmendiza[m]	so we don't have to keep kicking it	15:25
d34dh0r53	next up	15:26
d34dh0r53	(drencrom) We need to merge and backport this patch https://review.opendev.org/c/openstack/keystonemiddleware/+/877808 to fix pep8 tests	15:26
d34dh0r53	dmendiza[m]: mind looking at ^ while you have gerrit open ;)	15:26
* dmendiza[m] looks		15:27
dmendiza[m]	d34dh0r53: +2/+A'd	15:27
d34dh0r53	thanks dmendiza[m]	15:28
d34dh0r53	any thing else for open discussion>	15:28
d34dh0r53	?	15:28
d34dh0r53	cool, moving on to	15:28
drencrom	Thanks, I'll do the cherry picks for backports later	15:28
opendevreview	Takashi Kajinami proposed openstack/keystone-tempest-plugin master: Replace deprecated tenant_id property https://review.opendev.org/c/openstack/keystone-tempest-plugin/+/878111	15:28
d34dh0r53	thanks drencrom	15:28
d34dh0r53	#topic bug review	15:28
d34dh0r53	#link ussuri: https://review.opendev.org/c/openstack/keystone/+/874846	15:29
dmendiza[m]	wait hold up	15:29
d34dh0r53	#undo	15:29
opendevmeet	Removing item from minutes: #link https://review.opendev.org/c/openstack/keystone/+/874846	15:29
d34dh0r53	#undo	15:29
opendevmeet	Removing item from minutes: #topic bug review	15:29
dmendiza[m]	I wanted to talk about the gerrit groups	15:29
dmendiza[m]	sorry, missed the last call there	15:29
d34dh0r53	ahh, no worries dmendiza[m]	15:29
* d34dh0r53 hands dmendiza[m] the mic		15:29
dmendiza[m]	#link https://paste.opendev.org/show/bnWClSh0CkCnc87qc8aG/	15:29
dmendiza[m]	this is currently what's in project-config	15:29
dmendiza[m]	I'm not sure exactly what group you were wanting to check	15:30
dmendiza[m]	?	15:30
dmendiza[m]	We could probably do some group linking so that keystone-core is the main group and the others include keystone-core	15:31
dmendiza[m]	so we don't have to go update every single group every time keystone-core changes	15:31
d34dh0r53	right, I think we should do that. Do you know if https://review.opendev.org/admin/groups/d7203dc55fa9bdf98c578b16ac398e0c754a1a67,members is used at all?	15:33
dmendiza[m]	It's used here:	15:34
dmendiza[m]	#link https://opendev.org/openstack/project-config/src/branch/master/gerrit/acls/openstack/keystone.config#L4-L5	15:34
dmendiza[m]	pushMerge for "refs/for/refs/*", which my gerrit-fu is not strong enough to decypher	15:34
dmendiza[m]	the ref spec looks weird	15:34
d34dh0r53	yeah	15:35
d34dh0r53	and where does keystonemiddleware inherit from?	15:35
dmendiza[m]	#link https://opendev.org/openstack/project-config/src/branch/master/gerrit/projects.yaml#L3626-L3630	15:37
d34dh0r53	ack	15:38
dmendiza[m]	looks like keystonemiddlware is configured to use keystoneauth	15:38
dmendiza[m]	#link https://opendev.org/openstack/project-config/src/branch/master/gerrit/acls/openstack/keystoneauth.config	15:38
dmendiza[m]	so it uses keystoneauth-core and keystone-stable-maint,	15:38
d34dh0r53	yep	15:39
d34dh0r53	dmendiza[m]: let's work to get this cleaned up, I think everything should inherit from keystone-core unless there are objections	15:39
dmendiza[m]	Sounds good to me. knikolla ?	15:40
d34dh0r53	I've added it as a quick PTG agenda item	15:41
d34dh0r53	thanks dmendiza[m]	15:42
d34dh0r53	anything else for open discussion?	15:42
knikolla[m]	sure	15:42
dmendiza[m]	nope, I'm good now, thanks	15:42
d34dh0r53	++	15:43
d34dh0r53	#topic bug review	15:43
d34dh0r53	#link https://bugs.launchpad.net/keystone/?orderby=-id&start=0	15:43
d34dh0r53	no new bugs for keystone	15:43
d34dh0r53	#link https://bugs.launchpad.net/python-keystoneclient/?orderby=-id&start=0	15:43
d34dh0r53	python-keystoneclient is clean	15:43
d34dh0r53	#link https://bugs.launchpad.net/keystoneauth/+bugs?orderby=-id&start=0	15:43
d34dh0r53	nothing new in keystoneauth	15:44
d34dh0r53	#link https://bugs.launchpad.net/keystonemiddleware/+bugs?orderby=-id&start=0	15:44
d34dh0r53	nor in keystonemiddleware	15:44
d34dh0r53	#link https://bugs.launchpad.net/pycadf/+bugs?orderby=-id&start=0	15:44
d34dh0r53	pycadf has nothing new	15:45
d34dh0r53	#link https://bugs.launchpad.net/ldappool/+bugs?orderby=-id&start=0	15:45
d34dh0r53	and no new bugs in ldappool	15:45
d34dh0r53	#topic conclusion	15:45
d34dh0r53	PTG is next week	15:45
d34dh0r53	#link https://etherpad.opendev.org/p/bobcat-ptg-keystone	15:46
d34dh0r53	dmendiza[m]: we have a topic on there from last cycle for deprecating python-keystoneclient. Are you still interested in helping/advising with that?	15:46
dmendiza[m]	Yeah, sure	15:47
d34dh0r53	tys!	15:48
d34dh0r53	please add agenda items	15:48
d34dh0r53	no weekly meeting next week. We'll talk about the reviewathon in one of our sessions	15:49
d34dh0r53	thanks all!	15:49
d34dh0r53	#endmeeting	15:49
opendevmeet	Meeting ended Tue Mar 21 15:49:32 2023 UTC. Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)	15:49
opendevmeet	Minutes: https://meetings.opendev.org/meetings/keystone/2023/keystone.2023-03-21-15.05.html	15:49
opendevmeet	Minutes (text): https://meetings.opendev.org/meetings/keystone/2023/keystone.2023-03-21-15.05.txt	15:49
opendevmeet	Log: https://meetings.opendev.org/meetings/keystone/2023/keystone.2023-03-21-15.05.log.html	15:49
dmendiza[m]	Thanks, d34dh0r53	15:49
opendevreview	Merged openstack/keystonemiddleware master: Add timeout for requests https://review.opendev.org/c/openstack/keystonemiddleware/+/877808	16:49
zaitcev	Goddamit guys	20:20
zaitcev	Hiromu, Greg, Dave	20:21
zaitcev	dmendiza[m]: Next time please wait merging stuff like https://review.opendev.org/c/openstack/keystonemiddleware/+/877808, I was just about to put -1 on it.	20:22
zaitcev	It was in review for less than a day!	20:22
zaitcev	You're fast-tracking it like it's some kind of security issue	20:23
dmendiza[m]	zaitcev this is probably the first time I've seen someone get upset for a fast turnaround on a pacth. 😬	20:24
dmendiza[m]	zaitcev what's the issue?	20:24
zaitcev	dmendiza[m]: keystonemiddleware is used by Swift, which does not have oslo_config.	20:25
zaitcev	dmendiza[m]: I'm going to propose a fix shortly.	20:25
opendevreview	Pete Zaitcev proposed openstack/keystonemiddleware master: Use conf paramter instead of a global for s3_token https://review.opendev.org/c/openstack/keystonemiddleware/+/878171	20:50
opendevreview	Pete Zaitcev proposed openstack/keystonemiddleware master: Use conf paramter instead of a global for s3_token https://review.opendev.org/c/openstack/keystonemiddleware/+/878171	20:52

Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!