#openstack-barbican log

03:00:09 <alee> #startmeeting barbican
03:00:10 <openstack> Meeting started Tue Apr 10 03:00:09 2018 UTC and is due to finish in 60 minutes.  The chair is alee. Information about MeetBot at http://wiki.debian.org/MeetBot.
03:00:11 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
03:00:13 <openstack> The meeting name has been set to 'barbican'
03:00:20 <alee> #topic roll call
03:00:42 <liujiong> \o
03:00:50 <liujiong> hi alee
03:00:52 <alee> Hi Jeremy :)
03:01:16 <alee> namnh, joining?
03:01:32 <namnh> yes
03:01:40 <alee> hi namnh :)
03:02:08 <alee> anyone else joining today?
03:02:11 <liujiong> hi namnh
03:02:24 <namnh> hi alee, liujiong
03:02:35 <alee> #topic rocky
03:02:44 <alee> https://etherpad.openstack.org/p/barbican-tracker-rocky
03:03:00 <alee> so we have milestone 1 coming up next week
03:03:15 <alee> next week Monday to be precise
03:03:42 <alee> so I need to get together with dave this week and figure out what I'm supposed to do to cut the release
03:04:06 <liujiong> alee: what's exactly "Update policy in code wiki page if done" ?
03:04:50 <alee> we already implemented policy in code, there is a wiki page to track that for each of the projects
03:05:06 <alee> when dave and I looked, it had not been updated
03:05:15 <alee> so I need to verify and update it
03:05:33 <alee> I'm pretty sure there is not much more to do there.
03:05:55 <liujiong> ok, understand. That goal is "policy and docs in code", and we only have "policy in code"
03:06:30 <alee> ah, ok - then we will need to do more in milestone 2 to complete then
03:06:41 <liujiong> The description of each policy should be added into code as well. But that's pretty complicated for barbican.
03:06:56 <alee> yes
03:07:19 <alee> there is also some work that has been done to add read-only roles
03:07:20 <liujiong> cool!
03:07:53 <alee> I think we already have that - but we need to see if we can align with what the keystone folks are doing
03:08:24 <alee> ie. we already have an "observer" role, but I'm not sure thats what the read-only role is called
03:08:51 <alee> so describing the policy in code maybe something that we fold into that at the same time
03:09:11 <alee> let me add that to the milestone 2 list
03:09:22 <liujiong> sounds reasonable
03:10:02 <liujiong> I want to help but I'm not so sure about all policies :(
03:10:23 <alee> I think we'll be learning together :)
03:10:59 <liujiong> great!
03:11:04 <alee> liujiong, if you'd like to work on it, I can pair you with a keystone guy to iron out what needs to be done.
03:11:42 <alee> liujiong, or I can try work with you on it.
03:12:08 <liujiong> about "read-only role"?
03:12:23 <alee> liujiong, yup - and docing policy
03:12:28 <alee> doc'ing
03:12:46 <liujiong> ok
03:12:58 <alee> liujiong, just sign up on the etherpad if you can do it
03:13:11 <liujiong> I will
03:13:30 <alee> liujiong, thanks -- I need dave to look at your mutable patch.  I'll bug him about that tommorow
03:13:49 <liujiong> oh, that patch is already +w by dave
03:13:53 <alee> as well as check on his milestone 1 patches
03:13:59 <alee> even better :)
03:14:33 <alee> Not sure if I'll get the pycrypto change in this week -- may end up being early next week.
03:15:01 <alee> I have a change to make the keystone listener work which I'd like to get in instead ..
03:15:24 <alee> https://review.openstack.org/#/c/557067/
03:15:27 <liujiong> Nice, I'm keeping an eye on your patch
03:15:53 <alee> yeah -- the fix is easy -- testing it is tricky
03:16:57 <alee> right now trying to figure out how to query the db
03:17:10 <alee> to see if the relevant project is there.
03:17:38 <alee> if you happen to see what I'm doing wrong -- please let me know.
03:18:01 <liujiong> ok, will have a look at that patch
03:18:08 <alee> thanks.
03:18:14 <liujiong> np
03:18:42 <alee> the other thing I'm going to try and do is write a spec for the castellan/vault plugin
03:19:10 <liujiong> will that be made for Rocky?
03:19:22 <alee> I wrote a patch, but there were some design decisions that are probably best iterated over a spc
03:19:30 <alee> yes, I wasnt  to try and get that in
03:19:35 <alee> want
03:19:46 <alee> ideally for milestone 2
03:20:09 <liujiong> cool
03:20:18 <alee> I think folks really want to use vault.  and so having it behind barbican will be really helpful
03:20:31 <openstackgerrit> Merged openstack/barbican master: Enable mutable config in Barbican  https://review.openstack.org/556337
03:20:39 <alee> and if we can have a gate that does that - that will be super useful
03:20:45 <alee> yay!
03:21:15 <alee> namnh, how are the OVO patches?
03:21:29 <alee> are they all ready for review?
03:22:11 <openstackgerrit> Nam Nguyen Hoai proposed openstack/barbican master: [WIP] Implement OVO for Barbican [5]  https://review.openstack.org/500244
03:22:17 <alee> I see there are a bunch of them - so we probably need to start on them soon to get them all in by milestone 2
03:22:27 <namnh> yeah, i think those two patch sets: https://review.openstack.org/#/c/499004/ https://review.openstack.org/#/c/559014/
03:23:42 <alee> namnh, can you remove the WIP label ? its hard to know that these are "ready"
03:24:40 <namnh> yes, i will do it and i will push new patch on OVO [1] to get "Initial OVO" as parent.
03:25:08 <alee> namnh, OK cool - I'll review once I know which ones and in which order
03:25:14 <liujiong> cool
03:25:55 <alee> anything else about rocky and next weeks milestone?
03:26:01 <liujiong> namnh: ping me or leave a comment in your patch to let us know they are ready for review
03:26:07 <namnh> liujiong, alee. could you help me to review the above patch set: first: https://review.openstack.org/#/c/559014/ then https://review.openstack.org/#/c/499004/
03:26:27 <namnh> liujiong: thanks :)
03:26:54 <liujiong> ok, no problem
03:26:55 <alee> namnh, cool - looks like a good place to start
03:27:22 <namnh> i am trying to split small patch set to be easy for reviewing
03:27:34 <alee> namnh, much appreciated :)
03:27:42 <namnh> :)
03:28:44 <alee> I'll check with dave , but I think the process of cutting a release is pretty straightforward.  I'll plan on working on it either sunday or monday of next week
03:28:57 <alee> so lets try to get all in before then.
03:29:29 <alee> #topic launchpad migration
03:29:31 <namnh> alee: sure,
03:29:55 <alee> with no objections, I'll plan on doing this after milestone 1
03:30:16 <alee> launchpad -> storyboard
03:30:26 <liujiong> nice
03:30:58 <alee> hopefully it will all go smoothly -- in fact, I kinda hope kendall has done most of the work for us :)
03:31:12 <alee> will send email out when its done.
03:31:31 <alee> #topic anything else?
03:31:58 <liujiong> that's all for me
03:32:06 <namnh> me too
03:32:23 <alee> cool - thanks for joining , guys -- till next week
03:32:29 <alee> #endmeeting