| opendevreview | Boris Bobrov proposed openstack/keystone master: Add FederatedSystemScopedPayload for federated system-scoped tokens https://review.opendev.org/c/openstack/keystone/+/979789 | 07:31 |
|---|---|---|
| opendevreview | Boris Bobrov proposed openstack/keystone master: Add FederatedSystemScopedPayload for federated system-scoped tokens https://review.opendev.org/c/openstack/keystone/+/979789 | 09:40 |
| bbobrov | cardoe: ^ | 10:38 |
| opendevreview | Merged openstack/keystone master: Keystone identity mapping to support project definition as a JSON https://review.opendev.org/c/openstack/keystone/+/742235 | 10:44 |
| opendevreview | Grzegorz Grasza proposed openstack/keystone master: Readd the protection test tox based job https://review.opendev.org/c/openstack/keystone/+/886434 | 12:11 |
| cardoe | bbobrov: awesome. My only comment would be to change the bottom elif to else that way the whole function is covered to always return what its documented to return | 15:32 |
| cardoe | Can we backport that as well? | 15:32 |
| bbobrov | cardoe: if it would return regardless of what it found, we would have a much harder time debugging the issue. | 15:42 |
| bbobrov | what we should do is add "else:" and then raise assertion error with text "this is a programming error, report this as a bug" | 15:43 |
| cardoe | That'd be good with me else and raise | 16:22 |
| lajoskatona | Hi Keystone team! I opened a bug for LDAP pw expiration, see : https://bugs.launchpad.net/keystone/+bug/2138725 | 16:27 |
| lajoskatona | I pushed a wip patch also for it few weeks back: https://review.opendev.org/c/openstack/keystone/+/976618 | 16:27 |
| lajoskatona | my basic aproach was to add cfg option for the user to add select from some predefined methods which can be used for his/her ldap backend to convert the returned pw expiration value to something that Keystone can understand | 16:29 |
| lajoskatona | Please check if this direction is something to work on or there should be some better way to handle different ldap backends tricks for pw expiration | 16:30 |
| opendevreview | Merged openstack/keystoneauth master: Run mypy from tox https://review.opendev.org/c/openstack/keystoneauth/+/970461 | 16:53 |
| bbobrov | lajoskatona: if you would like to get a feedback on the direction, you should start with a spec in keystone-specs repo. There you need to describe what you want to implement and why, and what alternatives you considered. | 17:56 |
| lajoskatona | bbobrov: ack, so a spec is needed it is not enough to handle as a bug ? that is already a help | 18:02 |
| bbobrov | lajoskatona: i would say yes. I am not a core reviewer though. | 18:07 |
| bbobrov | lajoskatona: i have left some comments on gerrit | 18:07 |
| lajoskatona | bbobrov: thanks, I will check it | 18:19 |
| opendevreview | Harry Kominos proposed openstack/keystone master: [doc] Amend IDP list-idp example https://review.opendev.org/c/openstack/keystone/+/979910 | 20:48 |
Generated by irclog2html.py 4.1.0 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!