15:01:21 <JayF> #startmeeting Ironic 15:01:21 <opendevmeet> Meeting started Mon Mar 20 15:01:21 2023 UTC and is due to finish in 60 minutes. The chair is JayF. Information about MeetBot at http://wiki.debian.org/MeetBot. 15:01:21 <opendevmeet> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 15:01:21 <opendevmeet> The meeting name has been set to 'ironic' 15:01:38 <TheJulia> o/ 15:01:38 <iurygregory> o/ 15:01:39 <matfechner> o/ 15:01:40 <JayF> Who all is here this morning? 15:01:46 <vanou> o/ 15:01:48 <hjensas> o/ 15:01:59 <janders> o/ 15:02:30 <JayF> #topic Announcements/Reminder 15:03:06 <JayF> Please hashtag your ready-for-review stuff with #ironic-week-prio; and prioritize reviews in the priority dashboard in the Ironic Whiteboard @ http://bit.ly/ironic-whiteboard 15:03:31 <JayF> We have 2023.1 branches cut of everything; master commits now go to 2023.2. Coordinated release is Wednesday. 15:03:37 <dtantsur> o/ 15:03:44 <JayF> Congratulations on yet-another-successful integrated release including Ironic \o/ 15:04:51 <vanou> \o/ 15:05:01 <JayF> There were no action items from previous meeting; skipping the related agenda item. 15:05:10 <JayF> #topic Ironic CI status 15:05:21 <JayF> Do we have any observations about CI? 15:05:49 <TheJulia> I didn't see any issues last week 15:05:57 <JayF> From me, I'm pretty sure we have a flakey test in py310 CI; I might try to find time to look in depth after PTG (literally time-wise after the PTG meetings on those days) 15:06:37 <JayF> I'll also note, metal3 CI is in master now 15:06:57 <JayF> and I think it's almost to the point of running out of the (shared) metal3-dev-env repo; once that change hits I will propose we backport that CI job to 2023.1 15:07:06 <JayF> to ensure we keep things working for our metal3 friends + sqlite users 15:07:53 <JayF> If no other comments moving on 15:08:02 <JayF> #topic VirtualPDU 15:08:26 <JayF> Reminder: repo move scheduled for Apr 7, then it'll be under openstack/ and we'll have full mangement of it (not just paper-governance lol) 15:08:32 <JayF> #topic Ironic Bobcat vPTG 15:08:47 <JayF> Please stick around after the meeting; we'll be doing a sync to schedule PTG items. 15:09:06 <JayF> Please join in either the zoom room I will link post-meeting, or just async by being in the ehterpad ( https://etherpad.opendev.org/p/ironic-bobcat-ptg ) making comments. 15:09:40 <JayF> If there are any requirements you have for PTG scheduling: requested times for certain topics, topics not listed in the the etherpad, etc 15:09:50 <JayF> right now is more or less your last chance to make noise about that :) so please do 15:10:19 <TheJulia> hopefully that will start promptly, I have another meeting starting at the top of the hour 15:10:27 <JayF> yep I'll hurry on then :D 15:10:32 <JayF> #topic Ironic VMT 15:10:51 <JayF> Going to give a quick update here; essentially the only piece we're missing is giving VMT group exclusive access to Ironic security bugs 15:11:01 <JayF> but because we're sorta in storyboard/LP limbo, I'm unsure where to go next 15:11:21 <JayF> we should probably just configure in storyboard and get VMT managed, and ensure LP is configured correctly when that migration happens? I just haven' 15:11:28 <JayF> **haven't prioritized making time for that migration 15:12:00 <JayF> I'll probably go that route unless there are objections 15:12:01 <TheJulia> JayF: They can already see them in storyboard AFAIK 15:12:07 <TheJulia> and interact with them 15:12:10 <JayF> They have to have exclusive access 15:12:15 <JayF> e.g. VMT sees them but Ironic cores can't 15:12:16 <TheJulia> Yeah, they have that afaik 15:12:27 <TheJulia> the reporter otherwise has to explicitly grant in storyboard 15:12:40 <JayF> well that makes this easier; I'll move on VMT this week 15:12:46 <JayF> moving on so we can get to PTG planning 15:12:52 <JayF> #topic Hosting full IPA images 15:12:55 <JayF> dtantsur: this is your item 15:13:09 <dtantsur> That's a past one, sorry, should have removed 15:13:13 <JayF> ack; no problem 15:13:16 <JayF> what was the decision outta that? 15:13:21 <JayF> we going to add extra-hardware? 15:13:28 <JayF> 20M didn't seem like much in context of a huge modern image? 15:13:33 <dtantsur> I want to investigate getting rid of the dependency on extra-hardware in baremetal-operator 15:13:36 <JayF> nice 15:13:40 <JayF> #topic Open Discussion 15:13:43 <dtantsur> It may involve adding something to the IPA inventory 15:13:52 <JayF> Anything for open discussion? Speak quickly or else I'm going to close the meeting so we can shift to PTG planning 15:14:00 <vanou> I have 15:14:03 <JayF> dtantsur: neat; I'll be interested to see what comes out of that 15:14:08 <JayF> vanou: awesome; go ahead 15:14:18 <vanou> I +2 to moving VMT process regarding Ironic vul 15:14:25 <vanou> However, regarding vulnerability which affects both Ironic and vendor library, I think we need to add vul handling note into ironic doc. 15:14:30 <vanou> Just put 2 things in doc is enough I think: If Ironic community is asked by owner of unofficial library, 15:14:35 <vanou> 1)Ironic community is open and willing to collaborate to solve such rare vul 15:14:40 <vanou> 2)Ironic community is willing to collaborate in resonable manner, which means follwing good manner to handle vul (e.g. craft vul patch in private till fix is published), to resolve vul. 15:15:07 <JayF> I think we're willing in general to do those things; but like I suggested when this was brought up outside a meeting in IRC; I think there's value in getting that added to Openstack-wide VMT documentation 15:15:19 <JayF> because Ironic is not the only project that has vendor drivers which may require coordinated disclosure 15:15:51 <JayF> and I suspect the reality would look like what you lay out; but if you're concerned about getting that in writing, it's probably best to put that in OpenStack-level docs since Ironic is going to hook into the OpenStack-level VMT 15:15:52 <vanou> I see. 15:16:35 <vanou> you mean, it is better to consult this on OpenStack ML 15:16:47 <vanou> like you, on openstack-discussion? 15:16:51 <JayF> Or with the security SIG in #openstack-security; or both 15:17:01 <JayF> It's an openstack-wide problem so I prefer not solve it at a project level 15:17:31 <vanou> OK. I'll contact through that channel 15:17:42 <JayF> Is there anything else fro Open Discussion? 15:19:06 <JayF> Alright, thank you everyone. Stay tuned for PTG planning. 15:19:08 <JayF> #endmeeting