Friday, 2015-05-15

« Thursday, 2015-05-14 Index Saturday, 2015-05-16 »
*** salv-orlando has quit IRC00:03
*** tkelsey has joined #openstack-security00:10
*** tkelsey has quit IRC00:14
*** bpokorny_ has joined #openstack-security00:15
*** bpokorny has quit IRC00:17
*** bpokorny has joined #openstack-security00:22
*** bpokorny_ has quit IRC00:22
*** markvoelker has quit IRC00:32
*** elo1 has joined #openstack-security00:35
*** elo2 has joined #openstack-security00:37
*** elo1 has quit IRC00:40
*** elo2 has quit IRC00:44
*** elo1 has joined #openstack-security00:45
*** markvoelker has joined #openstack-security00:56
*** sdake has quit IRC01:03
*** sdake has joined #openstack-security01:05
*** markvoelker has quit IRC01:06
*** browne has quit IRC01:06
*** asrangne__ has quit IRC01:07
*** bpokorny has quit IRC01:15
*** bpokorny has joined #openstack-security01:16
*** bpokorny has quit IRC01:21
*** nkinder has quit IRC01:23
*** elo1 has quit IRC01:27
*** sdake_ has joined #openstack-security01:51
*** sdake has quit IRC01:55
*** bpokorny has joined #openstack-security02:12
*** dave-mccowan has quit IRC02:37
*** dave-mccowan has joined #openstack-security02:44
*** tmcpeak has quit IRC02:44
*** mitz has quit IRC02:52
*** browne has joined #openstack-security03:04
*** sdake has joined #openstack-security03:33
*** sdake_ has quit IRC03:36
*** sdake_ has joined #openstack-security03:38
*** sdake has quit IRC03:41
*** bpokorny has quit IRC04:01
*** elo1 has joined #openstack-security04:05
*** tkelsey has joined #openstack-security04:12
*** tkelsey has quit IRC04:16
*** sdake_ has quit IRC04:35
*** markvoelker has joined #openstack-security05:11
*** markvoelker has quit IRC05:47
*** sdake has joined #openstack-security05:52
*** sdake has quit IRC05:53
*** sdake has joined #openstack-security05:54
*** sdake has quit IRC05:58
*** tkelsey has joined #openstack-security06:13
*** sdake has joined #openstack-security06:16
*** tkelsey has quit IRC06:17
*** tkelsey has joined #openstack-security06:47
*** tkelsey has quit IRC07:01
*** sdake_ has joined #openstack-security07:05
*** sdake has quit IRC07:08
*** Guest19895 has quit IRC07:21
*** hyakuhei has quit IRC07:47
*** hyakuhei1 has joined #openstack-security07:47
*** browne has quit IRC08:15
*** browne has joined #openstack-security08:15
*** chair6 has quit IRC12:30
*** elo1 has quit IRC12:36
*** tmcpeak has joined #openstack-security12:45
*** sdake has joined #openstack-security13:00
*** sdake_ has quit IRC13:02
*** sdake_ has joined #openstack-security13:04
*** sdake_ has quit IRC13:07
*** sdake has quit IRC13:07
*** sdake has joined #openstack-security13:11
dstuffttmcpeak: btw, https://status.python.org/incidents/v6cj56fc4r67 was the casue of those 503's you were getting13:21
*** bknudson has joined #openstack-security13:23
*** sdake has quit IRC13:23
openstackgerritOpenStack Proposal Bot proposed openstack/security-doc: Updated from openstack-manuals  https://review.openstack.org/18351813:33
*** sdake has joined #openstack-security13:35
*** sdake has quit IRC13:42
*** sdake has joined #openstack-security14:08
*** salv-orlando has joined #openstack-security14:08
*** sdake has quit IRC14:16
tmcpeakdstufft: ahh, cool14:16
dstuffttmcpeak: turns out calling S3 a few times per file in the JSON response is pretty slow (oops, didn't notice that was in a loop)14:17
tmcpeakdstufft: live and learn :)14:19
tmcpeakdstufft: got a minute?14:22
dstuffttmcpeak: sure14:23
tmcpeakso I'd like to provide the capability to download signatures with pip install --download14:23
tmcpeakI think that's the right place for it to live14:23
tmcpeakbefore I start doing that, do you agree?14:23
tmcpeakdstufft: ^ ?14:23
dstuffttmcpeak: the GPG signatures?14:24
tmcpeakdstufft: yep14:24
dstuffttmcpeak: hmm, I'm not sure it makes sense for pip to download those files since pip won't ever use them. I'm not strictly against it but I'm not sure. You might want to post to pypa-dev about it?14:25
tmcpeakdstufft: sure, yeah, so my reasoning is that I actually want that capability to be available for the OpenStack PyPI mirror tool.. which is using pip.  But yeah, as you said… pip won't use them14:26
tmcpeakthe other option is to develop a parallel tool that retrieves signatures, but that feels messier14:26
*** sdake has joined #openstack-security14:28
dstuffttmcpeak: yea I'm not sure14:32
dstuffttmcpeak: pip wouldn't have a way of knowing that there _is_ a signature without relying on the JSON API14:33
dstufftwhich is something we don't do currently, so starting to probe the JSON api would be a pretty big change14:33
*** dave-mccowan has quit IRC14:34
tmcpeakdstufft: oh, you guys aren't using JSON at all?14:34
dstuffttmcpeak: no, we use /simple/<foo>/14:34
dstufftit's a HTML page14:35
tmcpeakdstufft: (I guess you can tell I haven't dove into the pip code yet)14:35
tmcpeakahh14:35
dstufft(There's some history there, how we came to use HTML as a API heh)14:35
tmcpeakdstufft: I imagine so :) , but the JSON is there… it's so NICE! :D14:36
tmcpeakwell if nothing else, maybe I'll just create a wrapper around pip to do what I want ;)14:36
tmcpeakI posted on pypa-dev though, so we'll see what the folks think14:37
dstufftit's basically, originally there was no package managers at all and PyPI didn't host files at all it was just an index for people to be able to locate projects and find out where they were hosted. Then (and I'm not sure the order here) PyPI eventually added hosting, and easy_install came along and started scraping the /pypi/<foo>/ pages looking for links to files it could download (also looking for links that it could go look for14:38
dstufft more files to download), that was OK but it turns out it was causing a lot of bandwidth, so /simple/ was made which mirrored /pypi/ except it was jsut a list of links so it reduced b/w usage14:38
dstufftsince then we've removed a lot of the "lol let's just go grab random links/urls it'll be fiiine"14:38
dstufftit does have the next effect that you can setup something that pip can understand with nothing more than any web server that can generate an auto index of links14:39
tmcpeakdstufft: ahh, that makes sense.. I've been wondering about that format of repos I've seen14:40
dstuffttmcpeak: there are two basic repo formats, one is for --index-url / --extra-index-url, and it's basically $BASEURL (which has links to all of the indivdidual project pages) and $BASEURL + "packagename" + "/" (which has links to all of th efiles)14:41
dstufftthe other one is --find-links, which is just $BASEURL which has links to all of the files14:42
tmcpeakdstufft: ahhh14:43
tmcpeakdstufft: so PyPI itself implements both of those?14:43
dstufftwell PyPI just has /simple/<foo>/14:43
dstufft--find-links is more for "I have some files and I want to shove them in a dir and point nginx at it"14:44
tmcpeakI've seen that somewhere, can't think of where :P14:44
*** salv-orlando has quit IRC14:46
*** dave-mccowan has joined #openstack-security14:48
*** sdake_ has joined #openstack-security15:03
*** sdake has quit IRC15:08
*** bpokorny has joined #openstack-security15:16
*** elo1 has joined #openstack-security15:34
*** browne has quit IRC15:49
*** shakamunyi has quit IRC16:00
*** barra204 has quit IRC16:00
*** sdake_ has quit IRC16:00
*** browne has joined #openstack-security16:37
*** bpokorny_ has joined #openstack-security16:44
*** bpokorny has quit IRC16:47
*** subscope has joined #openstack-security16:47
openstackgerritNathaniel Dillon proposed openstack/security-doc: Updating Case Studies - Alice's Instance Security Management section  https://review.openstack.org/18360716:55
*** bpokorny has joined #openstack-security17:00
*** bpokorny_ has quit IRC17:01
openstackgerritNathaniel Dillon proposed openstack/security-doc: Updating Case Studies - Alice's Instance Security Management section  https://review.openstack.org/18360717:04
*** Pwdrkeg has joined #openstack-security17:15
*** Guest77307 has joined #openstack-security17:17
*** Guest77307 is now known as redrobot17:20
*** bpokorny_ has joined #openstack-security17:22
*** bpokorny has quit IRC17:25
*** redrobot has left #openstack-security17:26
*** redrobot has joined #openstack-security17:26
*** redrobot has quit IRC17:29
*** redrobot has joined #openstack-security17:36
*** redrobot is now known as Guest6319317:36
*** Guest63193 is now known as redrobot17:39
*** subscope has quit IRC17:44
*** subscope has joined #openstack-security17:49
*** browne has quit IRC17:59
*** browne has joined #openstack-security18:01
*** Pwdrkeg has quit IRC18:05
*** elo1 has quit IRC18:18
*** openstackgerrit has quit IRC18:22
*** openstackgerrit has joined #openstack-security18:22
*** shakamunyi has joined #openstack-security18:36
*** barra204 has joined #openstack-security18:36
*** markvoelker has joined #openstack-security18:53
*** barra204 has quit IRC19:48
*** shakamunyi has quit IRC19:48
*** subscope has quit IRC19:54
*** nkinder has joined #openstack-security20:06
*** nkinder has quit IRC20:23
*** nkinder has joined #openstack-security21:28
*** dave-mccowan has quit IRC21:39
*** bpokorny_ has quit IRC21:53
*** bpokorny has joined #openstack-security21:54
*** bknudson has quit IRC22:10
*** nkinder has quit IRC22:22
*** bpokorny has quit IRC22:27
*** bpokorny has joined #openstack-security22:33
*** jamielennox|away is now known as jamielennox22:48
*** bpokorny_ has joined #openstack-security22:55
*** elmiko is now known as _elmiko22:57
*** tmcpeak has quit IRC22:58
*** bpokorny has quit IRC22:59
*** dave-mccowan has joined #openstack-security23:19
« Thursday, 2015-05-14 Index Saturday, 2015-05-16 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!