17:03:00 <sigmavirus> #startmeeting craton 17:03:02 <openstack> Meeting started Thu Jan 19 17:03:00 2017 UTC and is due to finish in 60 minutes. The chair is sigmavirus. Information about MeetBot at http://wiki.debian.org/MeetBot. 17:03:03 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 17:03:05 <sigmavirus> Oh wow 17:03:05 <openstack> The meeting name has been set to 'craton' 17:03:07 <sigmavirus> it will work 17:03:13 <sigmavirus> #chair sulo jimbaker 17:03:14 <openstack> Current chairs: jimbaker sigmavirus sulo 17:03:41 <sigmavirus> #link https://etherpad.openstack.org/p/craton-meetings 17:03:48 <sigmavirus> #info Today's agenda is available on https://etherpad.openstack.org/p/craton-meetings 17:04:00 <jimbaker> sigmavirus, nice, we have meetbot supprt here as well. didn't realize that 17:05:40 <jimbaker> sigmavirus, so i assume your WIP pagination is just that, a chance for us to get an early peek at your progress on that change 17:06:14 <sigmavirus> jimbaker: I'm thinking of breaking that change up into more discrete parts 17:06:19 <sigmavirus> And there's more after that 17:06:29 <sigmavirus> I need to completely change the format of the list responses per the spec 17:07:00 <jimbaker> sigmavirus, makes sense. i think the only here that would be nice if you want us to look at WIP is to just note in the summary what is done, what is still being worked on 17:07:38 <sigmavirus> I thought I had added that but perhaps not 17:08:01 <jimbaker> sigmavirus, there's a summary. is all the functionality noted there implemented? 17:08:19 <sigmavirus> Yes 17:08:29 <sigmavirus> I haven't given it a real test yet though 17:08:31 <jimbaker> fwiw, i do like the github approach which allows this stuff to be checked off 17:08:53 <sigmavirus> jimbaker: yeah, I think I'll create bugs for each item for the bp and link them together 17:08:57 <sigmavirus> that might satisfy that for you 17:09:15 <jimbaker> but github whining is not so relevant. unless storyboard really is a thing; and they're duplicating that functionality ;) 17:10:00 <jimbaker> sigmavirus, yeah sounds good, we do have that functionality in launchpad to support this aspect 17:10:55 <sigmavirus> Also, you don't want to hear me complain about all the things wrong with Github currently 17:10:56 <jimbaker> and however its gets reported up in gerrit. or something like that. hopefully. ;) 17:10:57 <sigmavirus> It's a long list 17:11:58 <jimbaker> sigmavirus, sure, github has its own issues. but perhaps someone built a usable api to github to help resolve at least some of these problems... 17:12:41 <sigmavirus> Don't look at me 17:12:58 <jimbaker> except for solutions 17:13:03 <jimbaker> :) 17:13:34 <jimbaker> so that was very much about process. anything you want to add here on pagination itself? 17:14:34 <jimbaker> let's move on then 17:15:21 <jimbaker> sigmavirus, any update on the global reqs stuff? i assume we are just working through that process now that it's been approved 17:15:51 <sigmavirus> jimbaker: so I need to catch up with Andreas to see if in fact that issue is now fixed 17:16:02 <sigmavirus> It should be with teh Flask-Restful merge 17:16:25 <jimbaker> sigmavirus, sounds good. yeah, looks like just some minor that can be easily resolved 17:16:46 <sigmavirus> jimbaker: also, warning that I'm in 3 IRC meetings at the same time 17:16:51 <sigmavirus> Attention might be slightly split =P 17:17:46 <jimbaker> sigmavirus, i like to joke about myself that i'm a poorly implemented select loop. but perhaps we all are? ;) 17:18:18 <sigmavirus> jimbaker: that's a twisted joke 17:18:24 <sigmavirus> ;) 17:18:51 <jimbaker> i'm not going to react about that 17:19:14 <jimbaker> ok, we children must quiet down 17:20:00 <jimbaker> sulo, so do you have your functional test work in with the set of changes for review? 17:21:26 <jimbaker> sulo might be out at this time. we will table functional testing and workflow support until end of this meeting (or later) 17:21:42 <sigmavirus> heh 17:22:25 <jimbaker> i have one more item on the agenda, which is auditing (and more generally governance) 17:22:51 <jimbaker> sigmavirus, you missed more interminable discussion by jimbaker on rbac on tues 17:23:19 <sigmavirus> jimbaker: speaking of ourselves in teh third person now? sigmavirus is confused 17:23:26 <sigmavirus> but yeah, I couldn't make that meeting, sorry 17:23:38 <jimbaker> suffice to say it's going slowly. we also discussed secrets (where we decided to investigate backend storage, say by hashicorp vault) 17:24:22 <jimbaker> sigmavirus, apparently i'm more prone to levity in an irc meeting than in vidyo. surely this argues for keeping this format? 17:24:53 <sigmavirus> I'm in favor of that 17:25:01 <sigmavirus> I think my levity is better received in this format too 17:25:15 <sigmavirus> But yeah, rbac was not something I expected to move quickly 17:25:57 <jimbaker> yeah, i think we got most of the pieces worked out at this time, but still need to assemble. first in spec, then in a series of changes 17:26:22 <jimbaker> i do think the discussion on secrets was extremely promising 17:27:38 <jimbaker> because sulo suggested a direction where we would write much less code. and therefore more likely to get it right. to be seen 17:28:06 <jimbaker> sigmavirus, one last thing from that meeting which is worthwhile catching up here because it gets in an more accessible format (text!) 17:28:18 <jimbaker> we discussed namespaces for variables 17:29:33 <jimbaker> i suggested we will need support for namespacing as we put more things in variables, such as secrets, or virtualized variables, or setting up plugins 17:30:49 <jimbaker> eg ssh/id_ecdsa or nova/blah-blah or plugin/nova, etc - to be distinguished from say ansible vars which either go in a default namespace; or possible in ansible/ 17:31:36 <jimbaker> this could just be convention - the keys don't care if they contain / or other chars. but we could also provide explicit support. anyway, heads up that i will propose such a spec 17:31:49 <jimbaker> for such explicit support 17:32:39 <jimbaker> ok, enough on that, unless sigmavirus or others here you have questions 17:33:01 <sigmavirus> I'm curious what that will look like 17:33:12 <sigmavirus> So I'll reserve thoughts until I have something a bit more concrete 17:33:12 <jimbaker> sigmavirus, ok, you asked :) 17:33:21 <sigmavirus> hah 17:33:25 <sigmavirus> Wasn't asking for more details now 17:34:50 <jimbaker> sure. let's just say then that i think it could be part of the variable query for REST; and that we could provide namespace manipulations similar to python (because they are reasonably comprehensive); and necessarily there would be client impact 17:34:54 <jimbaker> to use all of the goodness 17:35:01 <jimbaker> but sure, please reserve judgment for now 17:35:14 <jimbaker> convention will work for the time being at least 17:35:45 <jimbaker> maybe that suggests 2 specs? 1) convention; 2) specific support from craton 17:37:03 <jimbaker> anyway, i bring these things up because we have a mandate to support some requirements, and functionality like virtualized variables, secrets, and rbac help support these reqs 17:37:16 <jimbaker> auditing is something we have discussed, but not recently 17:38:02 <jimbaker> and it's an important requirement for us to address, especially because it enters into compliance reqs that customers have 17:38:20 <sigmavirus> yep 17:39:10 <jimbaker> so the relevant bug here is https://bugs.launchpad.net/craton/+bug/1606884, which needs to be expanded out into a blueprint and corresponding spec(s) 17:39:10 <openstack> Launchpad bug 1606884 in craton "Variables should support governance" [Undecided,New] - Assigned to Jim Baker (jimbaker) 17:39:34 <jimbaker> by expansion i mean there are other entities that need auditing 17:40:08 <jimbaker> it's possible that governance can mean just rbac + auditing. or it can mean integration with some workflow 17:40:37 <jimbaker> process workflow, not audit/remediate workflows. but wait, that's a double usage ;) 17:40:43 <jimbaker> also a double usage 17:40:50 <jimbaker> ahh, imprecision in language 17:41:40 <jimbaker> anyway, i like the idea of the linked repo, https://github.com/NerdWalletOSS/versionalchemy 17:42:31 * jimbaker always seem to go for a higher abstraction that might solve multiple problems, vs something just focused on say variables 17:42:57 <jimbaker> having said that, variables do seem special. and also much simpler than being able to track other changes 17:44:01 <jimbaker> consider showing history. that seems quite important - to know that this variable had this setting, it was changed by some principal on some time 17:45:22 <jimbaker> so i do think we should have specific support here for variables. then look at other types of auditing as a future next step 17:45:30 <jimbaker> sigmavirus, thoughts? 17:45:37 <jimbaker> sulo, are you around? 17:47:02 <jimbaker> i see that as thundering feedback for jimbaker to explore further; and report back 17:47:28 <jimbaker> we have reached the end of our agenda. anything else before i gavel this meeting to a close? 17:48:03 <jimbaker> seeing none 17:48:04 <jovon> no additions 17:48:07 <jimbaker> #endmeeting