#openstack-meeting-alt log

20:00:03 <redrobot> #startmeeting barbican
20:00:04 <openstack> Meeting started Mon Jun  8 20:00:03 2015 UTC and is due to finish in 60 minutes.  The chair is redrobot. Information about MeetBot at http://wiki.debian.org/MeetBot.
20:00:06 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
20:00:08 <openstack> The meeting name has been set to 'barbican'
20:00:21 <redrobot> #topic Roll Call
20:00:27 <dave-mcc_> o/
20:00:27 <hockeynut> o/
20:00:31 <elmiko> o/
20:00:38 <jaosorior> o/
20:00:44 <silos> o/
20:00:46 <woodster_> o/
20:00:54 <Asha> o/
20:00:59 <jkf> Greetings
20:01:10 <alee> o/
20:01:11 <redrobot> woo!  lots of barbicaneers here today!
20:01:12 <igueths> o/
20:01:23 <redrobot> As usual, the agenda can be found here:
20:01:25 <rellerreller> o/
20:01:30 <redrobot> #link https://wiki.openstack.org/wiki/Meetings/Barbican
20:01:46 <redrobot> #topic Action Items from Previous Meeting
20:01:49 <jaosorior> :t face
20:01:55 <arunkant> o/
20:01:56 <redrobot> #link http://eavesdrop.openstack.org/meetings/barbican/2015/barbican.2015-06-01-20.00.html
20:01:56 <jaosorior> sorry haha
20:02:30 <redrobot> elmiko you had an action item to file a bug to move management scripts from bin/ to entry_points
20:02:32 <redrobot> elmiko any progress on that?
20:02:49 <elmiko> yes
20:03:00 <elmiko> i've got a couple things going on that front
20:03:17 <elmiko> i think there are, minimum, two solutions; the hacky one, and the proper one.
20:03:23 <redrobot> #link https://bugs.launchpad.net/barbican/+bug/1454587
20:03:24 <openstack> Launchpad bug 1454587 in Barbican "Install scripts in /usr/bin with extensions" [Undecided,Confirmed]
20:03:37 <elmiko> on the hacky front, i have a small poc script that will run the same uswgi flow we have now
20:03:39 <redrobot> oops, I think that's the wrong bug
20:04:19 <elmiko> on the proper front, i think we might want to follow the lead of other projects and create a true wsgi app that runs from the script
20:04:30 <elmiko> i've started to gather ideas about that here, https://etherpad.openstack.org/p/liberty-barbican-all-ideas
20:04:46 <redrobot> #link https://etherpad.openstack.org/p/liberty-barbican-all-ideas
20:04:46 <elmiko> but i have some questions about if this is something that the project wants, and also a few details
20:04:54 <elmiko> redrobot: thanks
20:05:22 <elmiko> so, basically, is it worth the effort to create an actual app that could run from barbican-all??
20:05:43 <elmiko> like, instantiate a wsgi server running the pecan stuff, and then hook into all the oslo.config goodness, etc...
20:06:01 <redrobot> elmiko so currently we have a few scripts in bin/.  There's one called barbican-api that just runs the WSGI app in paste.httpserver
20:06:05 <redrobot> #link http://git.openstack.org/cgit/openstack/barbican/tree/bin/barbican-api
20:06:11 <elmiko> yea
20:06:16 <redrobot> I would prefer that we drop uwsgi from our management scripts
20:06:17 <elmiko> i looked to those for inspiration
20:06:44 <elmiko> ok, cool
20:06:52 <redrobot> I think that ideally we'll want a WSGI setup that can run under apache
20:07:01 <redrobot> similar to what Keystone is doing in the httpd/ directory in their repo
20:07:10 <elmiko> do we want to keep the paste.deploy related configs in separate files still, or can we incorporate them into an app?
20:07:18 <chellygel> (in channel doesn't raise hand .____./)
20:07:23 <elmiko> redrobot: awesome, i was using keystone for some reference
20:08:15 <elmiko> i think a big piece of work will be creating a singular class to contain the wsgi app, then we could instantiate that either from an outside source (apache) or from a script through eventleft
20:08:20 <elmiko> *eventlet
20:08:30 <redrobot> not sure about the paste.deploy pipeline stuff...  I think I would prefer Barbican to be a stand-alone app, then allow people to stitch their pipeline however they want.
20:08:41 <elmiko> i think this might be big enough that we would want a spec or something though.
20:09:00 <elmiko> redrobot: ok, so that would be like rolling the stuff in *-paste.ini into the app config?
20:09:29 <woodster_> yeah, it seems big enough to justify a blueprint to me
20:09:42 <alee> elmiko, I think a spec is a good idea - will allow us to see what needs to be done
20:10:07 <woodster_> maybe note how things are done now and how they would change?
20:10:17 <elmiko> ok, i can create a bp/spec for it. i will be out of town from 6/11-18, so just a heads up.
20:10:23 <elmiko> woodster_: yea, definitely
20:10:26 <woodster_> elmiko: so is paste getting phased out?
20:10:34 <elmiko> woodster_: not at all,
20:10:53 <elmiko> i was just concerned about if we should keep the external configurations for it, or roll those configs into the app structure.
20:10:56 <arunkant> Looks like eventlet usage was deprecated in keystone in Kilo..https://review.openstack.org/#/c/157495
20:11:13 <dstanek> arunkant: yes! finally
20:11:22 <elmiko> arunkant: ah, interesting...
20:11:29 <elmiko> it looked like it was still in the code
20:11:41 <jaosorior> elmiko: it still works, but it's marked as deprecated
20:11:52 <dstanek> elmiko: we still support running keystone-all for now, but it will be removed
20:12:21 <elmiko> dstanek: ok,
20:12:29 <elmiko> i obviously need to read a little deeper
20:12:39 <woodster_> dstanek: thanks for the update
20:12:39 <elmiko> dstanek: so, keystone-all will be removed entirely?
20:14:00 <redrobot> sounds like you still have a ton of work left, elmiko
20:14:06 <elmiko> redrobot: agreed
20:14:07 <dstanek> elmiko: i'm thinking that it will
20:14:08 <redrobot> elmiko did you get a chance to file a launchpad bug?
20:14:15 <elmiko> i did, 1sec
20:14:37 <dstanek> elmiko: i'm working on implementing keystone on top of flask and i plan to have a devserver that's clearly marked as a devserver
20:14:38 <elmiko> #link https://bugs.launchpad.net/barbican/+bug/1462458
20:14:39 <openstack> Launchpad bug 1462458 in Barbican "Barbican should expose a runner script through setuptools entry_points" [Undecided,New] - Assigned to Michael McCune (mimccune)
20:14:54 <elmiko> dstanek: hehe, cool. i'm used to flask from the sahara side of things.
20:15:10 <redrobot> elmiko awesome, thanks
20:15:25 <elmiko> redrobot: i'll start gathering all the details for a spec
20:15:31 <redrobot> elmiko sounds good
20:16:00 <redrobot> next action item was for me to backport the DogTag SecretStore fix into stable/kilo
20:16:11 <redrobot> which has already merged
20:16:12 <redrobot> #link https://review.openstack.org/#/c/187721/
20:16:36 <redrobot> and that's it for last week's action items.
20:16:41 <redrobot> moving on...
20:16:45 <redrobot> #topic Mid-Cycle RSVP
20:17:06 <redrobot> I added a wiki page with the details for the Mid-Cycle Sprint
20:17:07 <redrobot> #link https://wiki.openstack.org/wiki/Sprints/BarbicanLibertySprint
20:17:40 <redrobot> It'll be happening at the Johns Hopkins University Applied Physics Laboratory
20:17:47 <redrobot> in Laurel, Maryland
20:17:52 <redrobot> August 5-7
20:18:08 <redrobot> I also added an Eventbrite event so interested folks can RSVP
20:18:15 <redrobot> #link https://eventbrite.com/event/17310650622/
20:18:38 <redrobot> any questions/comments regarding the mid-cycle sprint?
20:19:21 <jaosorior> Noup
20:19:31 <dave-mcc_> have we nailed down start time for first day, and end time for last day?  (just thinking about booking air travel).
20:19:53 <redrobot> I have it down for 9:00am Wednesday start and 5:00pm Friday end
20:20:26 <alee> any suggestions/ preferred hotels etc.?
20:20:47 <redrobot> rellerreller would probably be the best one to ask about hotels
20:21:07 <rellerreller> Leave an action item for me to look into that.
20:21:10 <alee> redrobot, right - maybe add to the eventbrite
20:21:26 <redrobot> #action rellerreller to look into preferred Hotels for Mid-Cycle
20:21:30 <redrobot> alee will do.
20:21:38 <alee> rellerreller, is there a JPL rate ? :)
20:22:02 <rellerreller> alee I'm not sure. I'll see how much influence I have :)
20:22:17 <hockeynut> hot tubs included, pleez :-)
20:22:17 <elmiko> lol
20:22:48 <alee> hockeynut, they have a tokamak there they can use to heat things up ..
20:23:09 <hockeynut> I was assuming it would be the fires from rioters
20:23:18 <redrobot> hockeynut lmao
20:23:30 <hockeynut> ps I had to google tokamak
20:23:37 <kfarr_> There's a list of hotels here: http://www.jhuapl.edu/aboutapl/visitor/lodging.asp
20:24:06 <hockeynut> thanks kfarr_ !
20:24:13 <rellerreller> kfarr_ Thanks!
20:24:35 <kfarr_> "make sure to advise the hotel front desk at check-in that your stay is related to your APL visit so that the hotel will honor the special rate."
20:24:40 <redrobot> woot! gotta love those immediate-action-items :)
20:25:26 <redrobot> #link http://www.jhuapl.edu/aboutapl/visitor/lodging.asp
20:25:42 <redrobot> anything else on this topic?
20:26:15 <redrobot> okay, moving on...
20:26:24 <redrobot> #topic High Priority Reviews
20:26:52 <redrobot> The last CR for the ACL API revamp just needs a workflow
20:26:53 <redrobot> #link https://review.openstack.org/#/c/188208/
20:27:35 <alee> redrobot, ok - I'll take a look at that
20:27:45 <redrobot> and also the barbican-specs reviews, so we can get them landed before liberty-1
20:27:47 <redrobot> #link https://review.openstack.org/#/q/status:open+project:openstack/barbican-specs,n,z
20:28:03 <redrobot> there's quite a few of them out there
20:28:15 <redrobot> any other reviews I may have missed?
20:28:18 <dave-mcc_> here's mine for the Quota support blueprint: https://review.openstack.org/#/c/186562/
20:28:36 <redrobot> thanks dave-mcc_
20:28:53 <dave-mcc_> i've made good progress on the code, but i'm off for vacation tomorrow for 10 days.  i'll be back to finish the work, but i'll be offline for a while.
20:28:56 <jaosorior> Well, this is not high prio. But would sure love some reviews here, it's been out there for a while https://review.openstack.org/#/c/178601/
20:29:07 <jaosorior> would make life easier on the client side
20:29:12 <rellerreller> I had a review, https://review.openstack.org/#/c/182461/ . It was approved but then had merge conflict.
20:29:33 <rellerreller> Only one line changed so all those +2's should be easy again :)
20:29:35 <redrobot> jaosorior I think we also want to mention reviews that have been outstanding for a long time, so you're good
20:30:33 <woodster_> I'm paid by the blueprint now, so please review any of them with my name :) jk
20:30:50 <redrobot> alrighty... that's all I had on the agenda for today.
20:30:54 <redrobot> #topic Open Discussion
20:31:18 <redrobot> anything else we want to talk about today?  If not we all get 30 min back. :)
20:31:18 <woodster_> FYI, there is a Keystone thread going about adding group-ID to header info from keystone middleware...
20:31:26 <woodster_> This would support group-based ACLs
20:31:39 <elmiko> could i ask a couple more questions about the barbican-all topic?
20:31:46 <Asha> yes ...
20:32:00 <Asha> we will be Unable to retrieve the secret in text/plain format  generated from Barbican order resource
20:32:14 <redrobot> ok, one at a time, guys :)
20:32:22 <alee> redrobot, lets please prioritize spec reviews -- only two weeks to liberty-1
20:32:29 <woodster_> Asha: that's the generated AES key correct?
20:32:31 <redrobot> woodster_ do you have a link to the mailing list thread?
20:32:39 <Asha> yes
20:32:51 <redrobot> asha I was going to write back to that thread....   text/plain is probably not what you need
20:33:07 <Asha> ok ...
20:33:32 <woodster_> redrobot: the subject has this text: [openstack-dev] [keystone][barbican] Regarding exposing X-Group-xxxx
20:34:07 <Asha> then how would I pass the 32 bytes key generated to the standard python libraries like pycrytp
20:34:14 <redrobot> #link http://lists.openstack.org/pipermail/openstack-dev/2015-June/065757.html
20:34:30 <woodster_> dstanek: FYI David regarding group-based ACLs
20:35:19 <redrobot> Asha so, in Python 2 bytes are represented by the type str, but in Python 3 bytes have their own type of bytes.
20:35:46 <redrobot> Asha if you're using Python 3, then bytes and strings are the same thing... (note that unicode strings in Python 2 are a different type)
20:36:06 <redrobot> errr Python2 bytes and strings are the same type (str)
20:36:23 <Asha> @redrobot..Thanks  I am using ython 2
20:36:33 <redrobot> Asha you should be using python-barbicanclient.  It will take care of these low-level implementation details
20:37:11 <redrobot> Asha such as the conversion from the barbican response into a usable string (or bytes) depending on which python version you're using.
20:37:29 <Asha> oh k ..Thanks ..I was using the request object
20:38:08 <elmiko> my turn?
20:38:16 <redrobot> Asha I'll send a reply to the mailing list summarizing this, just in case other people are interested.
20:38:18 <redrobot> elmiko go ahead
20:38:31 * redrobot feels like a juggler
20:38:35 <Asha> @ redrobot ..Thanks redrobot I would use python barbican client ..dlmiko ..u can go ahead
20:38:49 <elmiko> hehe, np, i was trying to be respectful =)
20:38:52 <Asha> elmiko *
20:39:22 <elmiko> just to be clear about any sort of upgrade wsgi/script stuff, one of the goals is to have a singular wsgi container that can be consumed by apache or another pipeline?
20:39:48 <Asha> thanks a lot redrobot ...
20:39:49 <redrobot> elmiko yes, I would think so...  there's nothing in Barbican that should prevent it from running in any web server
20:40:20 <redrobot> elmiko ideally we should be able to run in uwsgi, apache, gunicorn, nginx, or whatever people want to toss barbican into
20:40:37 <elmiko> redrobot: ok, cool. totally down with it =)
20:41:03 <elmiko> and then, we can make a simple helper for dev work or convenience in a single install that can just run that container.
20:41:36 <elmiko> just want to make sure i've got the target in sight for the spec. thanks!
20:42:35 <alee> anyone else having trouble running tox on master?
20:43:37 <hockeynut> alee getting an error?
20:44:25 <alee> (sorry not sure if we're ready to transition to next topic yet)
20:44:32 <redrobot> alee go ahead
20:44:35 <redrobot> I think elmiko  was done ?
20:44:41 <elmiko> redrobot: yup, all done.
20:45:12 <woodster_> alee, yeah I was getting an error over the weekend
20:45:33 <elmiko> i got the same error, but it was when i was running the server and db-migration scripts. not from tox.
20:46:50 <arunkant> redrobot: is there a plan/ need  to add caching support in barbican?
20:46:56 <woodster_> https://www.irccloud.com/pastebin/i9EbcZnd/
20:47:17 <woodster_> alee: look familiar?
20:47:45 <alee> anyone else still out there?
20:47:50 <woodster_> sorry, probably better for the project channel...
20:48:00 <elmiko> alee: yo/
20:48:07 <woodster_> o/
20:48:14 <woodster_> roll call again? :)
20:48:20 <elmiko> hehe
20:48:32 <elmiko> i actually reran the tox tests after alee mentioned it, but they passed for me
20:48:42 <elmiko> i used a fresh env though
20:48:46 <redrobot> alee have you tried nuking your db file?
20:48:58 <woodster_> yeah I tried to blow way .tox and start from scratch...no luck getting rid of my error
20:49:21 <redrobot> heh... guess he was having connection issues?'
20:49:23 <jaosorior> redrobot: Now I'm getting the same error, and deleting the file didn't help
20:49:31 <jaosorior> alee: ping
20:49:37 <woodster_> jaosorior: which error?
20:49:39 <alee> pong
20:49:40 <redrobot> jaosorior weird
20:49:52 <alee> sorry - I think I dropped out
20:49:54 <redrobot> seems like there's definitely something fishy going on
20:50:12 <alee> was seeing nothing for awhile
20:50:38 <jaosorior> Basically everything was working. I was using latest master and everything. Then since I was reading others were having errors, I thought I might be able to reproduce it by updating my box (since I was away I hadn't updated it in some weeks)
20:50:46 <jaosorior> and yeah, I get a buuuunch of errors now
20:51:01 <jaosorior> possibly a tox update and... dunno what other problems
20:51:05 <alee> jaosorior, are you getting "SecretStorePluginNotConfigured" ?
20:51:16 <woodster_> I only see ''NoneType' object has no attribute 'conf''  but it is on every test :)
20:52:09 <alee> jaosorior, redrobot -interestingly when I try an older tree, it runs just fine.
20:52:21 <jaosorior> here's the tox output: http://pastebin.com/GERZNtNb
20:52:42 <alee> jaosorior, redrobot so some combination of the latest code + updated packages seems to cause this
20:54:10 <redrobot> alee weird indeed... I don't think we'll figure out in the meeting though.  Want to take the discussion back to our channel?
20:54:11 <woodster_> tox is like a box of chocolates...I'd like to put my error back half-eaten, but that would be uncool :)
20:54:21 <elmiko> lol!
20:54:29 <woodster_> redrobot: that works for me
20:54:38 <alee> redrobot, ok
20:55:00 <redrobot> alrighty guys, thanks for coming!
20:55:07 <redrobot> #endmeeting