#openstack-barbican log

13:05:24 <redrobot> #startmeeting barbican
13:05:25 <openstack> Meeting started Tue Jan 28 13:05:24 2020 UTC and is due to finish in 60 minutes.  The chair is redrobot. Information about MeetBot at http://wiki.debian.org/MeetBot.
13:05:26 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
13:05:28 <openstack> The meeting name has been set to 'barbican'
13:05:32 <redrobot> #topic Roll Call
13:05:50 <moguimar> o/
13:07:58 <redrobot> Courtesy ping for ade_lee dave-mccowan hrybacki jamespage Luzi lxkong mhen moguimar raildo rm_work xek
13:08:04 <redrobot> as usual our agenda can be found here:
13:08:11 <redrobot> #link https://etherpad.openstack.org/p/barbican-weekly-meeting
13:08:32 <redrobot> #topic Liaison Updates
13:08:38 <redrobot> moguimar, anything form Osloland?
13:09:00 <moguimar> I missed the meeting yesterday
13:09:46 <moguimar> correction
13:09:51 <moguimar> there was no meeting yesterday
13:09:55 <moguimar> ben is afk this week
13:10:29 <redrobot> cool
13:10:53 <redrobot> ok, moving on
13:11:00 <redrobot> #topic Consider adding containers-undercloud to gate
13:11:09 <redrobot> I believe this was the TripleO job we broke
13:11:22 <redrobot> could be good to add to gate to make sure it doesn't happen again
13:11:44 <moguimar> +1
13:12:47 <redrobot> Well, that's unanimous.  Every single person here +1'd ;)
13:13:25 <redrobot> I think we can start with a non-voting job on the check gate
13:13:33 <redrobot> and go from there.
13:13:49 <moguimar> sounds good
13:14:26 <redrobot> #action redrobot to add containers-undercloud as a non-voting job
13:14:35 <redrobot> ok, that's all I had in the agenda
13:14:38 <tosky> other projects added a (initially non-voting) cross-project tripleo job, it's good for a quick check
13:14:56 <redrobot> tosky++
13:15:10 <redrobot> yeah, we would have definitely caught this bug before we broke y'all
13:15:59 <redrobot> (in addition to other things we need to do better)
13:16:12 <redrobot> ok, moving on
13:16:30 <redrobot> moguimar, did you want to talk about anything else today?
13:16:35 <moguimar> yep
13:16:37 <moguimar> FOSDEM
13:16:51 <redrobot> #topic FOSDEM
13:16:55 <moguimar> I have a talk this Saturday in the Security room
13:17:26 <moguimar> Protecting plaintext secrets in configuration files
13:17:42 <moguimar> and there will be a demo of oslo.config fetching secrets through castellan
13:18:02 <redrobot> Nice!
13:18:10 <redrobot> Good luck on the demo.
13:18:15 <moguimar> yup
13:19:18 <redrobot> cool beans
13:19:19 <moguimar> that's all on my end
13:19:26 <redrobot> Alrighty
13:19:30 <redrobot> I think we're done for the day
13:19:36 <gibi> I have a question
13:19:37 <redrobot> thanks for joining tosky and moguimar
13:19:42 <redrobot> #topic Open Discussion
13:19:44 <redrobot> gibi, shoot
13:19:59 <gibi> I've posted it on the ML http://lists.openstack.org/pipermail/openstack-discuss/2020-January/012091.html
13:20:19 <gibi> but it is basically about using a TPM 2.0 device as a secret store
13:20:27 <gibi> is it a valid idea?
13:20:32 * redrobot checks mail
13:20:35 <gibi> is it feasible?
13:21:14 <redrobot> gibi, yeah, there's at least one prior implementation using a TPM to secure barbican
13:21:25 <redrobot> I forgot which team worked on it?  HP maybe?
13:21:34 <redrobot> In any case, they did not contribute it to the main repo
13:21:51 <gibi> redrobot: I see. So the idea is valid but no upstream impl exists
13:21:59 <redrobot> gibi, right.
13:22:09 <gibi> that helps, this means If I find some extra devs then it can be implemented
13:22:26 <gibi> would barbican accept such contribution?
13:22:39 <redrobot> gibi, yes, of course. :)
13:22:46 <gibi> redrobot: thanks.
13:22:51 * gibi goes off finding devs :)
13:23:07 <gibi> that was all from my side
13:23:10 <tosky> talking about reviews... as I mentioned a few weeks (months!) ago, I have submitted a few fixes for older branches; I received some reviews
13:23:31 <redrobot> tosky, I still don't have perms to merge on stable branches :(
13:23:36 <tosky> but from the broader stable team; but if you manage to find the stable core for barbican...
13:23:37 <tosky> oh
13:23:39 <tosky> :/
13:23:40 <tosky> anyway: https://review.opendev.org/#/q/owner:%22Luigi+Toscano+%253Cltoscano%2540redhat.com%253E%22++project:%255Eopenstack/.*barbican.*
13:23:55 <redrobot> I think only dave-mccowan has perms on the barbican team, but he's not around very often
13:24:17 <redrobot> I'll bug the stable team to see if I can get +2 power or at lest bug them enough to get stuff merged
13:24:36 <redrobot> #action redrobot to bug stable team for pending stable backports
13:27:59 <redrobot> anything else y'all?
13:28:47 <tosky> nothing else for now
13:29:19 <redrobot> cool cool
13:29:24 <redrobot> thanks for stopping by, y'all!
13:29:27 <redrobot> see you next week!
13:29:30 <redrobot> #endmeeting