#cloudkitty log

14:01:07 <rafaelweingartner> #startmeeting cloudkitty
14:01:07 <opendevmeet> Meeting started Mon Sep  2 14:01:07 2024 UTC and is due to finish in 60 minutes.  The chair is rafaelweingartner. Information about MeetBot at http://wiki.debian.org/MeetBot.
14:01:07 <opendevmeet> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
14:01:07 <opendevmeet> The meeting name has been set to 'cloudkitty'
14:01:10 <rafaelweingartner> Hello guys!
14:01:12 <rafaelweingartner> Roll count
14:01:15 <rafaelweingartner> \o
14:01:23 <mattcrees> o/
14:02:20 <priteau_> o/
14:03:11 <rafaelweingartner> #topic Impact of oslo.policy bump
14:03:25 <rafaelweingartner> I see that you added this topic in the meeting. Would you like to expand on this one?
14:04:25 <priteau_> Hello
14:04:34 <priteau_> This is only something I discovered today
14:05:02 <priteau_> gmann has sent the following email to the mailing list: https://lists.openstack.org/archives/list/openstack-discuss@lists.openstack.org/thread/MPHSVG222OFHJL2AQD2A7CJGTH57SRCJ/
14:05:36 <priteau_> TL;DR: oslo.policy 4.4.0 enables the RBAC new defaults by default, which means those will be enabled for all the OpenStack services unless they have disabled them by overriding the default value
14:05:58 <priteau_> However, we have not received any patches related to this, unlike many other projects
14:06:17 <rafaelweingartner> I saw the email as weill, but I did not fully understand it.
14:06:21 <rafaelweingartner> What is it about?
14:06:49 <priteau_> It is about this general RBAC change in OpenStack: https://governance.openstack.org/tc/goals/selected/consistent-and-secure-rbac.html
14:07:50 <priteau_> So it is possible that as soon as https://review.opendev.org/c/openstack/requirements/+/925464 merges we will break, which would affect the project for Dalmatian
14:08:11 <priteau_> I think for this release we can disable the new defaults (this was done in some other projects)
14:08:40 <priteau_> But we will have to catch up in the next release (Epoxy) with a backlog of changes we haven't made
14:09:09 <priteau_> It is more a heads-up than a call for action. I think mattcrees and I can handle it.
14:10:25 <rafaelweingartner> I still did not think. You mean, the default is going to be scoped tokens?
14:12:15 <priteau_> Not really. I think we are supposed to make some admin calls system-scope only
14:12:26 <priteau_> I need to review this RBAC policy change in full
14:12:58 <rafaelweingartner> I thought that would not affect much, as these policies are defined in that policy.json file, right?
14:13:18 <rafaelweingartner> that maps an API call security path to a set of attributes that describe the user in the token
14:14:57 <priteau_> The policy file (yaml now, json is deprecated) is only for the admin overrides
14:15:02 <priteau_> Policy is defined in code now
14:16:15 <priteau_> Anyway, I will pursue the conversation with gmann to understand the impact and push some changes if needed (probably with help from mattcrees)
14:16:20 <rafaelweingartner> ok
14:16:22 <rafaelweingartner> thanks
14:18:49 <rafaelweingartner> Besides this topic, we do not have any new topics
14:18:57 <rafaelweingartner> I mean, nothing that we see from our side
14:19:02 <rafaelweingartner> do you guys have something else to add?
14:19:23 <rafaelweingartner> ah, there is something
14:19:24 <rafaelweingartner> #link https://github.com/gnocchixyz/gnocchi/pull/1396
14:19:40 <rafaelweingartner> this patch in Gnocchi, it will require some changes on CloudKitty side to now overload Gnocchi
14:19:54 <rafaelweingartner> as soon as a new release of Gnocchi is made, we will propose this patch in CloudKitty
14:22:01 <priteau_> thanks
14:22:35 <priteau_> This reminds me that a colleague of mine had issues with cloudkitty/gnocchi/ceilometer recently
14:22:42 <priteau_> He has posted a bug on storyboard: https://storyboard.openstack.org/#!/story/2011217
14:24:03 <priteau_> I haven't looked at the issue with him yet. Any input is welcome.
14:29:04 <rafaelweingartner> I saw it
14:29:09 <rafaelweingartner> but we would need more details
14:30:11 <rafaelweingartner> I will ask for some details there
14:32:46 <rafaelweingartner> is there something else from your side guys?
14:33:16 <mattcrees> nothing new from me this time
14:33:54 <priteau_> There was the Elasticsearch topic?
14:34:37 <rafaelweingartner> we decided to "remove any deprecation message in both logs and code"
14:34:45 <rafaelweingartner> do we need to go back on this decision?
14:37:36 <priteau_> No, I think we should undeprecate
14:37:43 <priteau_> But we should do it now, before Dalmatian release
14:39:04 <priteau_> Do we have a patch up? I don't remember
14:39:31 <rafaelweingartner> not yet
14:39:35 <rafaelweingartner> I will create a patch for it then
14:41:17 <priteau_> Thanks
14:51:33 <rafaelweingartner> Thank you guys for participating. Have a nice week.
14:51:41 <rafaelweingartner> #endmeeting