Wednesday, 2025-07-02

« Tuesday, 2025-07-01 Index Thursday, 2025-07-03 »
*** mhen_ is now known as mhen01:12
opendevreviewMerged openstack/keystonemiddleware master: Revert "Strip inet(6) prefix"  https://review.opendev.org/c/openstack/keystonemiddleware/+/95316813:57
gtema#startmeeting keystone15:01
opendevmeetMeeting started Wed Jul  2 15:01:41 2025 UTC and is due to finish in 60 minutes.  The chair is gtema. Information about MeetBot at http://wiki.debian.org/MeetBot.15:01
opendevmeetUseful Commands: #action #agreed #help #info #idea #link #topic #startvote.15:01
opendevmeetThe meeting name has been set to 'keystone'15:01
gtemaReminder: This meeting takes place under the OpenInfra Foundation Code of Conduct15:01
gtema#link https://openinfra.dev/legal/code-of-conduct15:02
gtema#topic roll call15:02
gtemaadmiyo, bbobrov, crisloma, d34dh0r53, dpar, dstanek, hrybacki, lbragstad, lwanderley, kmalloc, rodrigods, samueldmq, ruan_he, wxy, sonuk, vishakha, Ajay, rafaelwe, xek, gmann, zaitcev, reqa, dmendiza[m], dmendiza, mharley, jph, gtema, cardoe, deydra15:02
gtemao/15:02
mharley[m]o/15:03
gtemaa special ping for dmendiza 15:04
gtemaquite lonely today15:04
gtemawith nobody else from the cores it makes no sense to proceed with the meeting. 15:06
dmendiza[m]🙋‍♂️15:06
gtemaoh, you are here, great 15:06
gtemathan let's go on15:06
gtema#topic review past meeting work items15:06
gtema#link https://meetings.opendev.org/meetings/keystone/2025/keystone.2025-06-25-15.00.html15:07
gtemawe still have not done any decision on Forum and/or project update. Since lot of folks not traveling most likely we are not going to have anything15:08
gtema#topic liaison updates15:08
gtemathere is nothing from me15:08
gtemaok, next15:09
gtema#topic specification15:09
gtema#topic OAuth 2.015:09
gtemastill not sure why we keep this. There is nothing really open on that15:10
gtema#topic Secure RBAC (dmendiza)15:10
gtemaI spotted some changes in the area, am I right dmendiza ?15:11
dmendiza[m]Well, I still need to clean up the doc itself15:12
dmendiza[m]I did talk to Dave Wilde (d34dh0r53) a bit about this the other day15:12
dmendiza[m]I think what we want to do is ensure that we're running with SRBAC turned on in all our gate jobs15:12
gtemaisn't it already the case? The defaults are now as we expect in oslo.policy15:13
dmendiza[m]Maybe?  ...  I want to review the job definitions to double make sure. 😅15:13
gtemamy grep across repo hasn't revealed any overrides to the values 15:14
dmendiza[m]Cool cool.  We should probably consider removing the old policies at some point15:15
gtemadefinitely15:15
gtemaok, next15:15
gtema#topic OpenAPI support (gtema)15:16
gtemathere are few changes that I myself still need to review. Nothing blocking and nothing urgent this week15:16
gtema#topic open discussion15:17
gtemaI spent a little bit time last friday looking at the ldap job15:17
gtemaafter proposing a "workaround" to devstack I was able to bypass the slapd bug15:18
gtemabut now tests fail on jsonschema validation15:18
gtema"enabled" attribute is missing in the response for ldap users15:19
gtemaI was not able to find a potential problem quickly15:19
gtemaand this week have no time to look into that issue 15:20
gtemaif anybody with more ldap deployment experience could throw some hints I would be glad to take those15:20
gtema#link https://review.opendev.org/c/openstack/keystone/+/95357115:21
gtemathe change is passing because the job is non-voting, so do not be confused with that15:21
gtemaanything else for open discussion?15:22
mharley[m]Yes, how is it going the writing of Keystone to Rust?15:23
mharley[m]The "rewriting", I mean.15:23
gtemaGood. I started writing policies. Now we not only have "allowed", "rejected", but we also have explanations like "only admin can list identity providers from other domain ..." 15:25
gtemafederated login (oidc) works also. Next is to implement exchange of jwt to fernet15:26
mharley[m]Great.  Are you doing that all by yourself only (no other contributors)?15:26
gtemaSo far alone alone15:26
gtemaI hoped to have a talk on that during Summit, but it was not accepted 15:27
gtemato make an advertisement15:27
mharley[m]Are you organizing this on some public repository, including the planning?15:28
gtemayes, https://github.com/gtema/keystone15:29
gtemaI made some org issues, but as long as I work on that myself it is a time waste15:29
gtemaanything else folks?15:31
gtemaok, moving on15:32
gtema#topic bug review15:32
mharley[m]Understood.  Will have a look.  Thanks, gtema.15:33
gtemaI am not going to re-paste all the links, but there are no new bug reports for any of our projects, so we are good.15:33
gtema#topic conclusion15:33
gtemawith that, thanks guys15:33
gtemaand15:33
gtemahave a nice day15:33
gtema#endmeeting15:34
opendevmeetMeeting ended Wed Jul  2 15:34:10 2025 UTC.  Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)15:34
opendevmeetMinutes:        https://meetings.opendev.org/meetings/keystone/2025/keystone.2025-07-02-15.01.html15:34
opendevmeetMinutes (text): https://meetings.opendev.org/meetings/keystone/2025/keystone.2025-07-02-15.01.txt15:34
opendevmeetLog:            https://meetings.opendev.org/meetings/keystone/2025/keystone.2025-07-02-15.01.log.html15:34
opendevreviewMerged openstack/keystonemiddleware master: Revert "Switch from python-memcache to pymemcache"  https://review.opendev.org/c/openstack/keystonemiddleware/+/95316916:36
« Tuesday, 2025-07-01 Index Thursday, 2025-07-03 »

Generated by irclog2html.py 4.0.0 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!