| gouthamr | tc-members: a gentle reminder that our weekly meeting will happen here in ~52 minutes; we have a loaded agenda today : https://wiki.openstack.org/wiki/Meetings/TechnicalCommittee | 16:07 |
|---|---|---|
| gouthamr | #startmeeting tc | 17:01 |
| opendevmeet | Meeting started Tue Nov 11 17:01:14 2025 UTC and is due to finish in 60 minutes. The chair is gouthamr. Information about MeetBot at http://wiki.debian.org/MeetBot. | 17:01 |
| opendevmeet | Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. | 17:01 |
| opendevmeet | The meeting name has been set to 'tc' | 17:01 |
| gouthamr | Welcome to the weekly meeting of the OpenStack Technical Committee. A reminder that this meeting is held under the OpenInfra Code of Conduct available at https://openinfra.dev/legal/code-of-conduct. | 17:01 |
| gouthamr | Today's meeting agenda can be found at https://wiki.openstack.org/wiki/Meetings/TechnicalCommittee | 17:01 |
| gouthamr | #topic Roll Call | 17:01 |
| noonedeadpunk | o/ | 17:01 |
| frickler | \o | 17:02 |
| gtema | o/ | 17:02 |
| gouthamr | courtesy-ping: spotz[m], cardoe, bauzas | 17:03 |
| gouthamr | noted absence: m n a si a d k a, t o n y b | 17:03 |
| gouthamr | alright, lets get started | 17:05 |
| fungi | it's a national holiday in the usa, not sure if that'll impact attendance | 17:05 |
| gouthamr | yeah, true.. | 17:06 |
| noonedeadpunk | well, we don't have a quorum, right? | 17:06 |
| gouthamr | #topic Last Week's AIs | 17:06 |
| gouthamr | yes, no quorum, but, we only need that if we run any polls | 17:06 |
| noonedeadpunk | ack | 17:06 |
| gouthamr | (so we'll be sure not to make any final decisions today, but still a good chance to discuss things) | 17:07 |
| gouthamr | we took an AI to summarize the PTG: | 17:07 |
| gouthamr | #link https://lists.openstack.org/archives/list/openstack-discuss@lists.openstack.org/message/RX3MZE33GEDV5JDHORZKRUKVDP47UMLJ/ (OS/PTG Summary) | 17:07 |
| gouthamr | we still need a volunteer to analyze user survey results | 17:07 |
| gouthamr | slaweq shared a script and some notes around his past analysis | 17:08 |
| gouthamr | thanks slaweq | 17:08 |
| * gouthamr hasn't mailed jimmymcarthur on asking if the CSV results can be made downloadable on www.openstack.org/analytics | 17:08 | |
| gouthamr | we had another AI that's pending, we'll check on it next week: | 17:09 |
| gouthamr | Update/document the procedure to preserve project appointment history | 17:09 |
| gouthamr | we spoke a little bit about sunsetting the stable/2024.1 branch | 17:09 |
| gouthamr | that was done last week, good job release team! | 17:09 |
| gouthamr | we took a note to discuss the opt-in state for older unmaintained branches | 17:10 |
| gouthamr | i think its a good topic for next week, for our APAC friendly time slot | 17:10 |
| gouthamr | i'll add it in the agenda, and leave it up to tony who took the item on the TC tracker | 17:10 |
| cardoe | Apologies. I was a bit late. | 17:10 |
| gouthamr | that's all the AIs i was tracking, was there anything else? | 17:11 |
| * gouthamr marks cardoe tardy | 17:11 | |
| cardoe | I had brought it up after the last meeting and a number of folks discussed it. But there was an interest in clarifying the AI / LLM policy. | 17:12 |
| gouthamr | ack, i noted it as an AI that needs a volunteer | 17:12 |
| gouthamr | would you be interested to take a shot, cardoe | 17:12 |
| cardoe | Sure | 17:12 |
| gouthamr | ty! lets add it to the tracker and check on it | 17:14 |
| gouthamr | #topic TC Tracker, PTG Follow up | 17:14 |
| gouthamr | #link https://etherpad.opendev.org/p/tc-2026.1-tracker (Technical Committee activity tracker - 2026.1) | 17:14 |
| gouthamr | ^ i updated some of the topics | 17:14 |
| gouthamr | and am yet to add all of the PTG AIs | 17:14 |
| gouthamr | will comb through and do that later today | 17:15 |
| gouthamr | #link https://lists.openstack.org/archives/list/openstack-discuss@lists.openstack.org/message/RX3MZE33GEDV5JDHORZKRUKVDP47UMLJ/ (OS/PTG Summary) | 17:15 |
| gouthamr | just some "needs volunteers" call outs here: | 17:15 |
| gouthamr | - (needs volunteers) The FIPS goal needs rework, especially around | 17:15 |
| gouthamr | testing, and any objective refinements. | 17:15 |
| gouthamr | - (needs volunteers) Clarifications and instructions pertaining to AI | 17:15 |
| gouthamr | Contributions in the Project Team Guide. | 17:15 |
| gouthamr | ^ oh wait, that second one is cardoe's now :) | 17:15 |
| gouthamr | do we need to discuss anything on the tracker today? | 17:16 |
| cardoe | I'll work on some summary and updates and get them to the ML this week and then we can discuss feedback next week if that sounds good. | 17:16 |
| gouthamr | yep, that works, although you're probably not going to be at next week's meeting | 17:17 |
| cardoe | I wanted to connect with gmaan on the Secure RBAC but -ETIME right now. | 17:17 |
| cardoe | I found things a bit muddied between projects at the PTG. | 17:18 |
| gouthamr | ah, you could discuss that here after the meeting, or chime in on the etherpad | 17:19 |
| cardoe | So my thought was to write up a couple of personas... "Cari the Cloud Operator", "Daniel the DC Operator", "Victor the VM user" | 17:19 |
| gouthamr | (the next SRBAC community meeting is on Dec 1st 2025) | 17:19 |
| cardoe | Anyway, that's all I had for the meeting. | 17:20 |
| gouthamr | nice, don't know if it was something like https://docs.openstack.org/doc-contrib-guide/ux-ui-guidelines/ux-personas.html | 17:20 |
| * gouthamr could swear we had something like that with RBAC roles | 17:21 | |
| gouthamr | alright, lets move to the next few topics | 17:22 |
| gouthamr | most of these are for awareness, and seeing if we can share any opinions: | 17:22 |
| gouthamr | #topic Situation with os-net-config | 17:23 |
| gouthamr | you maybe aware of this situation, but the thread clarifies some of our concens | 17:23 |
| gouthamr | #link https://lists.openstack.org/archives/list/openstack-discuss@lists.openstack.org/message/OOUOSYN3MVPJH7ARAAW6WW5F6ZXUF2GP/ (About os-net-config) | 17:23 |
| gouthamr | we got a response there, and they did the following: | 17:24 |
| gouthamr | removed OpenStack CI from the list of maintainers | 17:24 |
| gouthamr | fixed the Author to someone else | 17:24 |
| gouthamr | however, they are yet to make all of the doc changes on the github repository and the Pypi project as well | 17:24 |
| gouthamr | they're asking if there's anything more to do wrt retirement in the OpenStack community | 17:25 |
| fungi | while i didn't bring it up on the thread, it's worth noting that if we'd removed all non-system collaborators from the pypi project like we did with othwe deliverables, this wouldn't have occurred | 17:25 |
| fungi | s/othwe/other/ | 17:25 |
| gouthamr | yep! totally, you did bring this up when we were doing the cleanup earlier too | 17:25 |
| JayF | Do they intend to keep using the pypi? | 17:25 |
| gouthamr | and i for one dropped the ball on the follow up there - i just sent some messages into the ether, by the looks of it | 17:26 |
| gouthamr | JayF: yes | 17:26 |
| JayF | It sounded to me like the answer to that was yes, which IMO seems problematic especially if we don't have a handoff (e.g. a resolution) telling them they can | 17:26 |
| JayF | I'm not suggesting we say no, I'm suggesting we explicitly say yes so we don't implicitly give up our (moral?) authority to retire openstack projects | 17:26 |
| gouthamr | sounds reasonable | 17:26 |
| JayF | (I'm also OK if we wanna say no; but that's more of a logistical headache) | 17:27 |
| gouthamr | we did one for the quantum handover, this one is handed over - but, a retroactive resolution that we don't have a problem with this? | 17:27 |
| fungi | essentially, the risk i see is that people who installed it from pypi when it was an openstack project are continuing to get upgrades from a non-openstack development process now without being actively notified that it's changed (they have to go looking in the package contents or at the pypi page once those get updated, but nothing will probably prompt them to do so) | 17:27 |
| fungi | quantum, by comparison, didn't have that risk because we didn't publish actual working packages under the name | 17:28 |
| gouthamr | yeah.. it'd be tricky to word this, but i can take a shot | 17:29 |
| JayF | ++ The most correct answer is to say no, and for them to publish under a new name | 17:29 |
| JayF | but I suspect the value:effort ratio is massively off to pick this fight | 17:30 |
| sean-k-mooney | or unretire the project in opendev... | 17:30 |
| sean-k-mooney | but also that | 17:30 |
| sean-k-mooney | lots of effort for little reward | 17:30 |
| JayF | I am more concerned about us using this as motivation to close the long-tail of projects with remaining access to others | 17:30 |
| fungi | and they'd have to return control of the pypi project to our account for that to work | 17:30 |
| fungi | they essentially performed an uncoordinated and unannounced takeover of the pypi project, then informed us after | 17:31 |
| JayF | I am trying hard to consider the "they" in this case "A single rogue employee" and not "Red Hat" | 17:32 |
| fungi | but i agree with JayF, this one may be a lost cause and our effort is better spent locking down the remaining projects we control so that it doesn't happen again | 17:32 |
| gouthamr | haha, its not so hard JayF; some of the loudest voices that called this out are Red Hatters | 17:32 |
| gouthamr | +1 fungi | 17:32 |
| JayF | gouthamr: We know that as individuals working on the project. Someone externally observing all the facts of the situation may not have that context. | 17:33 |
| gouthamr | true, and that's one thing i see value in the resolution clarifying | 17:33 |
| JayF | gouthamr: and I'd also feel, if I were an employee of that company, a responsibility to do an internal RCA to discover what happened and prevent it in the future | 17:34 |
| gouthamr | +1 | 17:34 |
| noonedeadpunk | we totally need to finilize left projects access... | 17:34 |
| noonedeadpunk | this is smth we forgot to track and follow-up on for a while now | 17:35 |
| noonedeadpunk | pretty much up to block releasing of such projects | 17:35 |
| gouthamr | noonedeadpunk: do you mean other PyPi projects like this one where we have non-CI maintainers? | 17:35 |
| noonedeadpunk | yes | 17:37 |
| JayF | noonedeadpunk: the main issue with that proposal (although I agree with getting aggressive about it) is that in many of these cases, the individuals who retain access aren't active in OpenStack whatsoever | 17:37 |
| noonedeadpunk | and which are still under our governance | 17:37 |
| fungi | the only places that poses a challenge are when the openstack-ci account is not a project owner and some other unresponsive account is | 17:38 |
| sean-k-mooney | not form a pypi point of view right ^ | 17:38 |
| noonedeadpunk | not from pypi, but from our governance repo prespective | 17:39 |
| sean-k-mooney | the source repos my be under openstack governace but the pypi project is not alwasy owned by the bot | 17:39 |
| noonedeadpunk | I can recall we had a list of such projects somewhere in etherpad... | 17:39 |
| noonedeadpunk | and that is exactly the problem kinda | 17:39 |
| fungi | yes, really we just need to resume that effort from where we left off last time | 17:40 |
| noonedeadpunk | as then we really can't say that what is published is actually the code that is in repo | 17:40 |
| gouthamr | #link https://etherpad.opendev.org/p/openstack-pypi-maintainers-cleanup | 17:40 |
| noonedeadpunk | so either we need to be explicit in saying - "don' | 17:40 |
| noonedeadpunk | don't trust or install openstack from pypi | 17:40 |
| noonedeadpunk | or consider such projects running with basically a backdor | 17:41 |
| noonedeadpunk | so if they are unresponsive, we potentially should be considering re-naming the package in pypi | 17:42 |
| * gouthamr doesn't find os-net-config in that etherpad :( ugh, is there a better way to get this list besides crawling pypi? | 17:42 | |
| fungi | sadly, pypi's project management ui isn't backed by any kind of api | 17:42 |
| gouthamr | does the openstackci account page (after logging in) provide a list of packages? | 17:43 |
| fungi | yes, it's paginated and is very many pages long | 17:43 |
| gouthamr | ack, that might be one source for our re-audit if we do it | 17:44 |
| fungi | it might be possible to craft an html scraping and parsing script that iterates over all the pages, but last i looked it's just an unordered list of projects the account is a collaborator on, so would still need to have the script descend into each project page after that | 17:44 |
| gouthamr | in the past we looked at the governance repo, identified all the deliverables and used a script to hit the project pages on PyPi and parse the list of maintainers | 17:45 |
| fungi | oh, though yiou don't need to log in for that | 17:45 |
| gouthamr | yes we didn't | 17:45 |
| gouthamr | https://gist.github.com/knikolla/7303a65a5ddaa2be553fc6e54619a7a1 | 17:45 |
| fungi | #link https://pypi.org/user/openstackci/ | 17:45 |
| clarkb | but it doesn't differentiate between owner and uploader iirc | 17:45 |
| fungi | right, which is why i said you still have to descend into each project page | 17:46 |
| fungi | oh, actually even the project page doesn't differentiate, you're right | 17:46 |
| fungi | it just calls them all "maintainers" | 17:46 |
| clarkb | right I Think that extra info requires logging in | 17:47 |
| fungi | so you do need to be a logged in collaborator to see the assigned roles on each project | 17:47 |
| clarkb | its possible that one of those third party db scraper services pypi has exposes the info though | 17:47 |
| clarkb | though thoseseem to be geared around metrics instead | 17:47 |
| gouthamr | okay, feels like we need to do some more work here. first off is the AI regarding the os-net-config resolution | 17:50 |
| gouthamr | do we think there's anything left to do in the openstack retirement process for this project? i'll draft the TC resolution and we can edit it together | 17:50 |
| fungi | looks like it may have missed the docs redirect to readme | 17:51 |
| gouthamr | sounds like no; i don't know if we can delete https://docs.openstack.org/os-net-config/latest/ | 17:51 |
| fungi | we normally redirect | 17:52 |
| gouthamr | ah, to the git repo's README | 17:52 |
| fungi | #link https://docs.openstack.org/project-team-guide/repository.html#step-7-remove-docs-openstack-org-content | 17:52 |
| gouthamr | perfect, i can propose that change | 17:53 |
| gouthamr | and will seek the docs link removed from the pypi page and the github repo | 17:53 |
| fungi | they'll have to push a new release to pypi to make that happen | 17:54 |
| gouthamr | yes | 17:54 |
| fungi | one other related possibility this situation brings up is whether we want to start taking advantage of pypi's new "archived" project state | 17:54 |
| fungi | #link https://blog.pypi.org/posts/2025-01-30-archival/ | 17:55 |
| fungi | not urgent, just keep the option in mind | 17:55 |
| gouthamr | +1 we could add it to the list of retirement steps right away | 17:56 |
| gouthamr | we'll have a lot of button clicking to do on all the retired ones | 17:56 |
| fungi | i think it'll require a manual action by one of our admins who has access to the openstack-ci account credentials, yes | 17:56 |
| gouthamr | +1 | 17:56 |
| fungi | since, as previously mentioned, pypi has no real api for any of this | 17:57 |
| gouthamr | WHYNOAPI, PYPI | 17:57 |
| gouthamr | okay, we've three minutes left | 17:57 |
| gouthamr | anything else for $topic? | 17:58 |
| gouthamr | i'd like to get back to the concern that noonedeadpunk raised regarding existing projects perhaps once we've dealt with os-net-config | 17:58 |
| gouthamr | alright, we'll punt the next couple of topics as well to next week | 17:59 |
| gouthamr | we have a minute to note anything else for the minutes | 17:59 |
| gouthamr | #topic Open Discussion | 17:59 |
| frickler | trixie mirroring has completed, thx fungi, and a devstack job is now available | 18:00 |
| gouthamr | w00t | 18:00 |
| fungi | clarkb was the one who pushed the addition change, i just babysat it through the weekend | 18:00 |
| gouthamr | good stuff, ty both | 18:01 |
| gouthamr | please do share your thoughts on a couple of ongoing threads: | 18:01 |
| gouthamr | #link https://lists.openstack.org/archives/list/openstack-discuss@lists.openstack.org/thread/3V3CNPQLB77SKFVLZ6LXJ5NPNYWW4QFD/ (Request for guidance on improving Python PTI doc to include pytest for Horizon plugins testing) | 18:01 |
| gouthamr | #link https://lists.openstack.org/archives/list/openstack-discuss@lists.openstack.org/thread/IW2ZMYXGZQFPSLJRVT5OKFFX7XRGM2FF/ (Proposing oslo.wsgi) | 18:01 |
| gouthamr | a reminder that next week's meeting is at 0800 UTC | 18:01 |
| gouthamr | lets sync here in between now and then | 18:02 |
| gouthamr | thank you for attending! | 18:02 |
| gouthamr | #endmeeting | 18:02 |
| opendevmeet | Meeting ended Tue Nov 11 18:02:17 2025 UTC. Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4) | 18:02 |
| opendevmeet | Minutes: https://meetings.opendev.org/meetings/tc/2025/tc.2025-11-11-17.01.html | 18:02 |
| opendevmeet | Minutes (text): https://meetings.opendev.org/meetings/tc/2025/tc.2025-11-11-17.01.txt | 18:02 |
| opendevmeet | Log: https://meetings.opendev.org/meetings/tc/2025/tc.2025-11-11-17.01.log.html | 18:02 |
| opendevreview | Goutham Pacha Ravi proposed openstack/governance-sigs master: Retire governance-sigs https://review.opendev.org/c/openstack/governance-sigs/+/966647 | 18:43 |
| opendevreview | Goutham Pacha Ravi proposed openstack/governance master: Merge governance-sigs repository into governance https://review.opendev.org/c/openstack/governance/+/966644 | 18:56 |
| opendevreview | Goutham Pacha Ravi proposed openstack/governance master: [resolution] Retire governance-sigs repository https://review.opendev.org/c/openstack/governance/+/966645 | 18:59 |
| cardoe | clarkb: I think we previously talked about uWSGI vs other servers... oslo_service/wsgi.py:40: DeprecationWarning: The 'oslo_service.wsgi' module usage is deprecated and will be removed in version '2026.2', please use uwsgi instead: The 'oslo_service.wsgi' module is deprecated and will be removed in version 2026.2. We recommend transitioning to 'uwsgi' for serving WSGI applications. | 23:16 |
| cardoe | That's the kind of messaging I was talking about. | 23:17 |
| cardoe | We're recommending uwsgi actively when the upstream has said it's in barely maintained mode. | 23:17 |
Generated by irclog2html.py 4.0.0 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!