Friday, 2016-09-09

« Thursday, 2016-09-08 Index Saturday, 2016-09-10 »
*** markvoelker has joined #openstack-security00:13
*** zul has quit IRC00:14
ccneilllooks like I'm getting slightly better performance testing locally..00:17
unrahulneat!00:21
unrahulI wish we had few more days for neutron..00:21
unrahulwhat say ccneill ?00:21
unrahulcan we.extend?00:21
ccneillyeah.. I think we may have to revisit our approach a little..00:22
ccneillespecially with this being a short week, and it taking a full day to get all the templates done00:22
unrahulyea.. I guess we had kept 1 or 2 days as `gap` days..00:22
unrahulit would be helpful if we could extend till tuesday ..00:22
ccneillhmm00:24
ccneillI've been thinking maybe we need to split up to test the remaining projects00:24
unrahulyeah, I agree.00:25
unrahulwill give us more time on the project too00:25
ccneillit's going significantly faster locally without burp than remote+burp00:29
*** browne has quit IRC00:56
unrahulawesome ccneill01:02
*** jass93 has joined #openstack-security01:19
openstackgerritchen.xing proposed openstack/security-doc: Set the picture width  https://review.openstack.org/36714301:37
*** knangia has quit IRC01:41
*** zhihui has joined #openstack-security01:50
*** yeison has joined #openstack-security02:02
*** yeison has left #openstack-security02:02
*** julian1 has quit IRC02:26
*** julian1 has joined #openstack-security02:27
*** browne has joined #openstack-security02:28
*** salv-orl_ has joined #openstack-security02:30
*** salv-orlando has quit IRC02:33
*** browne has quit IRC02:43
*** vinaypotluri has quit IRC03:02
*** dikonoor has joined #openstack-security03:41
*** woodster_ has quit IRC04:19
*** zul has joined #openstack-security04:27
*** jass93 has quit IRC04:30
*** jass93 has joined #openstack-security04:35
*** ccneill has quit IRC04:51
*** zul has quit IRC05:13
*** austin987 has quit IRC05:17
*** jass93 has quit IRC05:22
*** zul has joined #openstack-security05:23
*** jass93 has joined #openstack-security05:26
*** austin987 has joined #openstack-security05:37
*** zul has quit IRC05:38
*** pcaruana has joined #openstack-security06:23
*** jamielennox|away is now known as jamielennox07:03
*** tkelsey has joined #openstack-security07:04
*** tesseract- has joined #openstack-security07:07
*** cgross has quit IRC08:09
*** lmiccini_ has joined #openstack-security08:09
*** lmiccini has quit IRC08:10
*** cgross has joined #openstack-security08:12
*** lmiccini_ is now known as lmiccini08:23
*** salv-orlando has joined #openstack-security08:30
*** salv-orl_ has quit IRC08:32
*** sdake has joined #openstack-security09:02
*** lhinds|away is now known as lhinds09:05
*** sdake_ has joined #openstack-security09:16
*** sdake has quit IRC09:18
*** sdake has joined #openstack-security09:57
*** sdake_ has quit IRC10:00
*** shohel has joined #openstack-security10:02
*** sdake_ has joined #openstack-security10:31
*** sdake has quit IRC10:33
*** jass93 has quit IRC11:00
*** jass93 has joined #openstack-security11:05
*** tkelsey has quit IRC11:26
*** dikonoor has quit IRC11:30
*** tkelsey has joined #openstack-security11:31
*** dikonoor has joined #openstack-security11:34
*** zhihui has quit IRC12:39
*** salv-orlando has quit IRC12:46
*** salv-orlando has joined #openstack-security12:47
*** sdake_ is now known as sdake12:47
*** salv-orlando has quit IRC12:48
*** salv-orlando has joined #openstack-security12:48
*** salv-orlando has quit IRC12:52
*** salv-orlando has joined #openstack-security12:53
*** woodster_ has joined #openstack-security13:04
*** sdake has quit IRC13:05
*** _elmiko is now known as elmiko13:08
*** knangia has joined #openstack-security13:11
*** sdake has joined #openstack-security13:30
*** singlethink has joined #openstack-security13:38
*** shohel has quit IRC14:03
*** mvaldes has joined #openstack-security14:05
*** mvaldes1 has joined #openstack-security14:09
*** mvaldes has quit IRC14:12
*** edmondsw has joined #openstack-security14:15
*** zul has joined #openstack-security14:16
*** jmckind has joined #openstack-security14:17
*** jmckind_ has joined #openstack-security14:26
*** jmckind has quit IRC14:29
*** dikonoor has quit IRC14:29
*** zul has quit IRC14:51
*** pcaruana has quit IRC15:08
*** vinaypotluri has joined #openstack-security15:17
*** austin987 has quit IRC15:19
openstackgerritLuke Hinds proposed openstack/security-doc: Adding OSSN-0066  https://review.openstack.org/36807715:20
*** browne has joined #openstack-security15:27
openstackgerritLuke Hinds proposed openstack/security-doc: Adding OSSN-0066  https://review.openstack.org/36807715:28
openstackgerritLuke Hinds proposed openstack/security-doc: Adding OSSN-0066  https://review.openstack.org/36807715:35
openstackgerritLuke Hinds proposed openstack/security-doc: Adding OSSN-0066  https://review.openstack.org/36807715:36
hyakuheiwoot15:36
hyakuheilhinds ripping through stuff!15:37
lhindswanted to get that one knocked out15:37
lhindshey hyakuhei ...15:37
lhindsI have yet to put a rest-framework on top, but being playing around with the idea we chatted about:  http://lukehinds.pythonanywhere.com15:38
hyakuheiThat looks very exciting15:38
lhindsignore the front end, not suggesting we replace the wiki, I just tend to design on the front, and layer the rest-framework on top of the model, when I am happy with it15:38
lhindsReleases, is a many to many relation, so should be able to make queries on 'what is there for releases x,y,z'15:39
lhindsbut its a very rough WIP still15:40
hyakuheiThat's a great step forward lhinds !15:45
*** openstackgerrit has quit IRC15:49
*** tesseract- has quit IRC15:49
*** openstackgerrit has joined #openstack-security15:49
*** zul has joined #openstack-security15:52
*** mdong has joined #openstack-security16:13
*** ccneill has joined #openstack-security16:13
*** singlethink has quit IRC16:17
openstackgerritLuke Hinds proposed openstack/security-doc: Adding OSSN-0066  https://review.openstack.org/36807716:18
lhindsthanks hyakuhei16:18
*** singlethink has joined #openstack-security16:20
*** mvaldes1 has quit IRC16:20
*** lmiccini has quit IRC16:21
*** cgross has quit IRC16:22
*** singlethink has quit IRC16:24
*** sdake has quit IRC16:28
*** singlethink has joined #openstack-security16:36
*** tkelsey has quit IRC16:36
openstackgerritMerged openstack/security-doc: Set the picture width  https://review.openstack.org/36714316:43
*** cgross has joined #openstack-security16:44
*** lmiccini has joined #openstack-security16:47
*** sicarie has joined #openstack-security16:49
*** markd_ has quit IRC16:53
*** edaught has joined #openstack-security16:56
*** edaught has joined #openstack-security16:56
*** edaught has joined #openstack-security16:57
*** edaught has quit IRC16:57
*** edaught has joined #openstack-security16:57
*** markd_ has joined #openstack-security17:05
*** zul has quit IRC17:15
*** zul has joined #openstack-security17:16
openstackgerritMerged openstack/security-doc: Add a glossary link to 'Nginx's  https://review.openstack.org/36684917:21
*** ccneill_ has joined #openstack-security17:21
*** ccneill has quit IRC17:22
*** ccneill_ is now known as ccneill17:22
ccneilldid y'all see my message above? I started lagging, not sure if it went through17:22
ccneillunrahul, vinaypotluri, knangia, mdong : just realized something... if we only get an identity token once, it will live for 1 hour, but if our tests take longer to run, you'll just get 401s for all the remaining requests once the token expires... :X17:23
ccneillmaybe we have a TTL on our memoization? :\17:23
unrahulOh yeah.. We should! Crap actually ccneill it only lasts for 30 mins17:24
unrahulWe should do a Ttl option for memoize17:24
unrahul:|17:24
knangia:|17:25
ccneill{"token": {"issued_at": "2016-09-09T00:27:32.493474Z", "audit_ids": ["X4wxvdMiSqWoGg3u4LkbIA"], "methods": ["password"], "expires_at": "2016-09-09T01:27:32.493441Z", "user": {"domain": {"id": "default", "name": "Default"}, "id": "30bc695b28f7475a97f0f3ab0f6fe6a7", "name": "admin"}}}17:25
ccneilllooks like mine are set at an hour17:25
ccneillmdong: this might be where some of that discrepancy came in with the XSS tests?17:26
unrahulOhh.. I thought the default was 30   mins :/17:26
mdongahh...17:26
unrahulI have a memoize patch,  shall I modify and upload another patch?17:26
ccneillif you just ran XSS it would probably complete before expiry17:26
ccneillunrahul: sounds good17:27
unrahulYup.17:27
*** jass93 has quit IRC17:32
ccneillpretty cool post from Red Hat about some interesting ways to shoot yourself in the foot in python: https://access.redhat.com/blogs/766093/posts/259259117:32
sicariehaha, i just shot that over to tkelsey for inclusion in bandit17:32
sicarieor at least consideration17:33
ccneillyep17:33
ccneillgood stuff17:33
ccneillI know they check for asserts, subprocess, some tempfile stuff, and jinja templates17:34
ccneillsome of the other things are a little more esoteric, but might find some interesting edge cases that have gone unnoticed17:35
*** salv-orlando has quit IRC17:49
*** salv-orlando has joined #openstack-security17:49
*** mvaldes has joined #openstack-security17:53
openstackgerritLuke Hinds proposed openstack/security-doc: Adding OSSN-0066  https://review.openstack.org/36807718:04
openstackgerritLuke Hinds proposed openstack/security-doc: Adding OSSN-0066  https://review.openstack.org/36807718:07
*** sicarie has quit IRC18:12
lhindsping hyakuhei - OSSN-0066 has a Trove core +1, so when you're ok with whats there I can get it posted out.18:12
openstackgerritLuke Hinds proposed openstack/security-doc: Adding OSSN-0066  https://review.openstack.org/36807718:13
openstackgerritMerged openstack/anchor: Ignore bootstrap files  https://review.openstack.org/33031518:15
*** jass93 has joined #openstack-security18:15
*** sicarie has joined #openstack-security18:20
*** jmckind has joined #openstack-security18:32
*** tkelsey has joined #openstack-security18:34
*** jmckind_ has quit IRC18:35
*** tkelsey has quit IRC18:40
*** jmckind_ has joined #openstack-security18:41
*** jmckind has quit IRC18:44
*** zul has quit IRC18:44
*** zul has joined #openstack-security19:00
openstackgerritRahul U Nair proposed openstack/syntribos: Upgrading memoize to memoize functions with same kwargs as well  https://review.openstack.org/36748119:03
*** cgross has quit IRC19:22
*** lmiccini has quit IRC19:22
*** mvaldes has quit IRC19:36
*** sdake has joined #openstack-security19:38
*** sdake has quit IRC19:42
*** sdake has joined #openstack-security19:44
*** mvaldes has joined #openstack-security19:50
*** ccneill has quit IRC19:51
*** jmckind_ has quit IRC20:04
*** zul has quit IRC20:10
*** zul has joined #openstack-security20:10
*** ccneill has joined #openstack-security20:15
*** ju_ has joined #openstack-security20:19
*** ju_ has quit IRC20:20
*** jmckind has joined #openstack-security20:26
*** salv-orl_ has joined #openstack-security20:30
*** jass93 has quit IRC20:32
*** salv-orlando has quit IRC20:32
*** salv-orl_ has quit IRC20:33
*** salv-orlando has joined #openstack-security20:34
*** lmiccini has joined #openstack-security20:39
*** cgross has joined #openstack-security20:40
*** jmckind_ has joined #openstack-security20:41
*** jmckind has quit IRC20:44
mdongccneill, unrahul: I’m ready to +2 the memoize change, but I had a comment about the cache key20:50
mdongI think we could avoid importing hashlib and turning everything into a string if we instead do something like20:51
mdongfunc_id = (args, frozenset(kwargs.items())20:51
ccneillnot importing hashlib sounds good to me, but I'm not sure if that would work? I get an error in ipython when I try that20:52
ccneillis args a list or a tuple..20:52
mdongI wanna say list20:53
ccneillah, tuple20:53
mdongcompletely wrong as always20:53
ccneillIn [12]: def x(*args, **kwargs):                                                                                                                               │20:54
ccneill   ....:     print type(args)                                                                                                                                  │20:54
ccneill   ....:                                                                                                                                                       │20:54
ccneill                                                                                                                                                               │20:54
ccneillIn [13]: x(1)                                                                                                                                                  │20:54
ccneill<type 'tuple'>20:54
ccneillI wasn't sure myself20:54
ccneillbut trying to do the func_id as you suggested with a list failed20:54
ccneillbut with a tuple it works fine20:54
mdongI dunno if this would do anything to warrant the change, but I figured it at least cleans up the code a bit20:55
*** jass93 has joined #openstack-security20:58
ccneill+1 let's get rid of hashlib20:58
ccneillhmm.. I guess it kinda depends on what we'll be memoizing20:58
mdongwe should only ever be memoizing functions with nonmutable arguments21:03
*** jmckind_ has quit IRC21:05
ccneillright.. guess it doesn't matter then21:09
ccneillwas thinking about str() of an object vs. doing frozenset() on it but we shouldn't be doing that anyway21:10
unrahulYup sounds good mdong and ccneill.. I was also thinking of giving option to pass in Ttl as an argument...21:10
unrahulShould we merge this now and I submit another patch for it..?21:10
ccneillunrahul: let's just edit it now, should be simple changes21:10
ccneill+1 on ttl as config option21:10
ccneillwell.. hmm21:10
mdongmaybe make it a config option rather than an argument21:10
unrahulI have a docs appointment.. So will take some time to upload another patch21:10
ccneillconfig option or function param?21:10
unrahulDoctor's21:11
ccneillah, okay21:11
ccneillno worries21:11
unrahulFunction param is better... Ryt?21:11
ccneillwe can merge the one you've got and just edit it21:11
ccneillfunction param would give more flexibility, but only from the standpoint of a developer of syntribos21:11
unrahulLike.. We many use it for many things so.. Passing configuration options would be a bit too much?21:11
ccneillconfig option lets you configure it more easily as a user, but then you get one TTL across the board for all memoized functions, which might be okay..21:12
mdongif the end user ever needs to configure it, then it needs to be a config option21:12
unrahulYeah.. That's also true21:12
mdongand users may very well have different keystone token expiration21:12
unrahulYup..21:12
unrahul:/21:12
unrahulSo which way to go?21:12
mdongI say config option, because having the same TTL across the board is a smaller problem21:13
unrahulHmm.. Yeah... May be we shall go ahead with the config option..21:14
unrahulAnd once we migrate to 3.521:14
unrahulDevs may use d lru cache decorator from standard lib or something21:15
mdongwe’d have to roll our own cache anyway for the TTL21:16
ccneilllol yeah, once that inevitable transition to python 3 happens.. any day now.. :P21:16
ccneill+1 for config option, we'll try it out and see if we need the param later21:17
unrahulHehe.. Oh yeah.. Rewriting the lru cache decorator,  just because we can 😁😎21:26
*** mvaldes has quit IRC21:37
*** mdong has quit IRC21:37
*** mdong has joined #openstack-security21:38
*** elmiko is now known as _elmiko22:00
openstackgerritMerged openstack/syntribos: Upgrading memoize to memoize functions with same kwargs as well  https://review.openstack.org/36748122:32
*** sdake has quit IRC22:40
*** vinaypotluri has quit IRC22:42
openstackgerritOpenStack Proposal Bot proposed openstack/anchor: Updated from global requirements  https://review.openstack.org/31434722:45
*** singlethink has quit IRC22:49
*** sdake has joined #openstack-security23:22
sdaketmcpeak ping re tha for kolla23:24
*** zul has quit IRC23:33
unrahulhey ccneill I am back..23:42
unrahulgot a question on the memoize23:42
unrahulu thr?23:42
ccneillyep23:42
ccneillsup?23:42
unrahulshould we consider the module name + func name as well when creating the unique id.. as this will eliminate any possible wrong calls if two modules have similarly named func.. ?23:42
unrahulor should we keep it simple?23:43
unrahulmdong: ^23:44
*** sicarie has quit IRC23:44
mdongit shouldn’t matter, the decorator  makes it so that only that specific function is memoized23:46
mdongif we change to (args, frozenset(kwargs.items()) that is23:46
mdongunless I’m misunderstanding?23:46
ccneillunrahul: pretty sure mdong is right, I think I tested it out and it memoizes per-function23:47
ccneillso each func has its own cache23:47
unrahul+1 guys, will do that and push another patch..23:48
unrahulthanks..23:48
*** jass93 has quit IRC23:49
« Thursday, 2016-09-08 Index Saturday, 2016-09-10 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!