13:00:21 <redrobot> #startmeeting barbican
13:00:21 <openstack> Meeting started Tue Nov  3 13:00:21 2020 UTC and is due to finish in 60 minutes.  The chair is redrobot. Information about MeetBot at http://wiki.debian.org/MeetBot.
13:00:22 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
13:00:24 <openstack> The meeting name has been set to 'barbican'
13:00:42 <redrobot> #topic Roll Call
13:00:49 <redrobot> Courtesy ping for ade_lee dave-mccowan hrybacki jamespage Luzi lxkong mhen moguimar raildo rm_work xek nearyo
13:00:49 <noonedeadpunk> o/
13:00:59 <redrobot> hi noonedeadpunk!
13:01:04 <moguimar> o/
13:01:08 <raildo> o/
13:02:10 <redrobot> As usual our agenda can be found here:
13:02:18 <redrobot> #link https://etherpad.opendev.org/p/barbican-weekly-meeting
13:02:25 <redrobot> OK, let's get started
13:02:37 <redrobot> #topic Previous Meeting Action Items
13:02:59 <redrobot> #link http://eavesdrop.openstack.org/meetings/barbican/2020/barbican.2020-10-20-13.00.html
13:03:31 <redrobot> There was only one action item for me to check the stable branch health
13:03:41 <redrobot> And I did do it! :D
13:03:48 <redrobot> Actually a few brances are still failing
13:04:05 <redrobot> but at least T, U, V, are all green now
13:04:15 <redrobot> unfortunately dave-mccowna has not been around
13:04:32 <redrobot> and he's the only one on our team with merge privileges on stable/*
13:04:49 <redrobot> I've been poking at the folks in #openstack-stable to get myself added
13:05:03 <redrobot> or get them to +2 the dozen or so patches that I've put up
13:05:13 <redrobot> but haven't really gotten any traction with them -___-
13:05:25 <redrobot> I think maybe they were busy with PTG stuff last week
13:05:30 <redrobot> so I'll try again this week
13:06:03 <Luzi> o/
13:06:22 <redrobot> hi Luzi!
13:06:47 <redrobot> #action redrobot to keep pestering the stable team to get backports merged or get added to the stable team
13:06:58 <redrobot> OK, moving on
13:07:11 <redrobot> #topic Liaison Updates
13:07:16 <redrobot> moguimar, any Oslo news?
13:07:23 <moguimar> kinda
13:07:29 <moguimar> we didn't have a meeting yesterday
13:07:37 <moguimar> I haven't poked people around about that yet
13:07:52 <moguimar> meeting time was suposed to overlap our ninja meeting
13:08:00 <moguimar> due to DST changes
13:08:19 <redrobot> Ah, gotcha
13:08:35 <moguimar> but we have the oslo.utils out already
13:08:41 <redrobot> That's awesome
13:08:44 <moguimar> the new one with md5
13:09:30 <redrobot> pretty cool, thanks moguimar
13:09:37 <redrobot> tosky, around?
13:09:46 <tosky> hi!
13:10:00 <tosky> oh, no more summer time
13:10:06 <redrobot> hi tosky!
13:10:14 <redrobot> yeah, back to the sad winter hours :(
13:10:19 * redrobot does not like early sunsets
13:10:26 <tosky> no updates; we discussed a bit about the remaining testing issues during the PTG (grenade), and that's it for now
13:10:37 <redrobot> tosky, awesome, thank you!
13:11:06 <redrobot> #topic Kanban Review https://tree.taiga.io/project/dmend-openstack-barbican/kanban
13:11:10 <redrobot> #link https://tree.taiga.io/project/dmend-openstack-barbican/kanban
13:11:35 <redrobot> Looks like someone added all our PTG tasks to the board :-O
13:11:45 <redrobot> I'm going to guess that was moguimar :D
13:11:58 <moguimar> nope
13:12:08 <redrobot> or maybe that's just the leftovers from last last PTG?
13:12:17 * redrobot is still waiting for coffee to kick in
13:12:18 <moguimar> haven't opened that board in more than a month
13:12:23 <redrobot> Hmmm...
13:12:29 <redrobot> I must be just losing my mind then
13:12:31 * moguimar feels ashamed in the shadows
13:12:32 <noonedeadpunk> I'm wondering if https://tree.taiga.io/project/dmend-openstack-barbican/us/3?kanban-status=2092516 is the same thing I'm struggling with
13:13:28 <redrobot> looks like they didn't get the memo that we use storyboard instead of launchpad
13:13:31 <redrobot> it's a client bug
13:13:33 <redrobot> #link https://bugs.launchpad.net/ubuntu/+source/python-barbicanclient/+bug/1840162
13:13:34 <openstack> Launchpad bug 1840162 in python-barbicanclient (Ubuntu) "Unicode compate for payload_content_type" [Undecided,New] - Assigned to XueFeng Liu (jonnary-liu)
13:13:55 <noonedeadpunk> Ah, yeah...
13:14:29 <noonedeadpunk> But still, it might be that cinder puts non base64 encoded content....
13:14:38 <noonedeadpunk> As I was just looking from the other side
13:15:14 <redrobot> I'll add a topic to the agenda for your issue noonedeadpunk
13:16:16 <redrobot> moguimar, any HVAC updates?
13:16:29 <moguimar> none
13:16:42 <redrobot> raildo, any policy updates?
13:17:07 <raildo> redrobot, nothing besides what we discussed during the PTG
13:17:22 <redrobot> cool
13:17:29 <raildo> redrobot, maybe, would be nice to push some of those topics for the kanban?
13:17:49 <redrobot> raildo, yeah, I still need to see what we're missing from PTG on the Kanban board
13:17:51 <raildo> like, the json format deprecation, remove any hard coded admin check...
13:17:52 <moguimar> that sounds like a good idea
13:17:57 <redrobot> #action redrobot to update the kanban board
13:18:14 <redrobot> raildo, feel free to add tasks
13:18:21 <raildo> ack
13:19:07 <redrobot> #topic PTG recap
13:19:28 <redrobot> #link https://etherpad.opendev.org/p/wallaby-ptg-barbican
13:19:52 <redrobot> ^^ is the etherpad from the PTG
13:19:58 <redrobot> there was not much new in the way of features
13:20:46 <redrobot> many thanks to everyone who joined
13:21:19 <redrobot> I'll give y'all a couple of minutes to scan the PTG etherpad for anything we need to discuss further today ...
13:23:24 <redrobot> Any questions/comments on PTG topics?
13:24:12 <redrobot> Seems like a no ... let's move on
13:24:22 <redrobot> #topic Unicode Errors in Vault
13:24:24 <redrobot> #link https://review.opendev.org/#/c/759067/
13:24:30 <redrobot> noonedeadpunk, your topic :)
13:25:02 <noonedeadpunk> yeah, I know this is damn bad fix but I really not sure about better way.
13:25:31 <noonedeadpunk> it seems that oslo does right thing as we're passing non encoded strig to get decoded
13:26:08 <noonedeadpunk> but from other side I really dunno why it's not encoded, as when I create a secret with barbican api it's ok
13:26:17 <noonedeadpunk> but when cinder does it - it's not
13:27:04 <redrobot> How are you storing things in barbican?  Is it Cinder->Castellan->barbicanclient->Barbican->Vault?
13:27:10 <noonedeadpunk> and what's interesting store_secret doesn't get executed https://opendev.org/openstack/barbican/src/branch/master/barbican/plugin/resources.py#L67
13:27:46 <noonedeadpunk> I think it is
13:28:01 <noonedeadpunk> except between barbican and vault is castellan again?
13:28:14 <redrobot> Ugh that's right
13:28:24 * redrobot is not a fan of that castellan+vault rube goldberg machine
13:28:54 <redrobot> What does the secret look like coming from cinder?  Byte string?  Base64 encoded?
13:29:45 <redrobot> or I guess, can you point me to the cinder side code?
13:29:54 <redrobot> I can maybe trace through that after the meeting
13:31:44 <noonedeadpunk> I think in my case it's https://opendev.org/openstack/cinder/src/branch/master/cinder/volume/drivers/rbd.py#L898
13:31:48 <tosky> is this issue visible from some (high-level) test?
13:33:03 <redrobot> cool, I'll ping you when I have more questions noonedeadpunk
13:33:09 <redrobot> hopefully we can get y'all sorted out
13:34:03 <noonedeadpunk> tosky: I guess not at the moment. I saw it only when I linked cinder to barbican, so it should be some integration test only
13:34:23 <redrobot> tosky, may be something we can add to our tempest tests
13:34:43 <redrobot> we may need a different gate that configures Hashicorp Vault though
13:34:47 <tosky> is it a matter of setting it up a specific barbican backend?
13:34:49 <noonedeadpunk> oh, well, and barbican to vault...
13:34:50 <tosky> I see, that
13:34:59 <tosky> specific environment
13:35:31 <noonedeadpunk> because cinder-barbican is working nicely until vault key store is configured
13:35:45 <redrobot> #action redrobot to work with noonedeadpunk to fix the Cinder+Vault issue
13:36:22 <noonedeadpunk> redrobot: yeah, thanks a lot. I'm not sure if we will be using that in prod at the end of the day but feels that worth fixing anyway
13:36:25 <moguimar> I'm not sure how that helps, but in my demos of castellan I can use docker compose to bring vault up
13:36:36 <moguimar> and I think castellan CI uses pifpaf
13:37:34 <noonedeadpunk> well, if I use CInder - Castellan - vault  (without barbican in the middle) it works perfectly as well
13:38:15 <redrobot> gotcha
13:38:22 <redrobot> so it's something in barbican->Vault
13:39:38 <noonedeadpunk> and what I do not understand, is how this method got omited when key is created by cinder https://opendev.org/openstack/barbican/src/branch/master/barbican/plugin/resources.py#L67
13:39:52 <noonedeadpunk> but it executes when I create secret manually in barbican
13:41:53 <redrobot> Yeah, that's really weird
13:44:19 <redrobot> OK, let's move on
13:44:29 <redrobot> #topic Bug Review
13:44:40 <redrobot> #link https://storyboard.openstack.org/#!/project_group/barbican
13:45:28 <redrobot> Looks like we have one new bug
13:45:34 <redrobot> #link https://storyboard.openstack.org/#!/story/2008259
13:45:58 <redrobot> But it looks like it'snot valid
13:46:07 <redrobot> as we do not have a working Train Barbican-UI
13:47:20 <redrobot> #link https://bugs.launchpad.net/castellan/+bugs?orderby=-id&start=0
13:47:24 <redrobot> and no new bugs in Castellan
13:47:52 <redrobot> Moving on ...
13:47:57 <redrobot> #topic Wayward Reviews
13:48:00 <redrobot> #link https://tinyurl.com/y3ydwmkl
13:48:59 <redrobot> Looks like the no-feedback top 3 are all failing the gates
13:50:47 <moguimar> redrobot++ and ade_lee++ for cleaning the review dashboard a lot during the PTG
13:50:59 <redrobot> :D
13:52:07 <redrobot> I think that's all for today, folks!
13:52:12 <redrobot> see y'all online!
13:52:16 <redrobot> #endmeeting