#openstack-keystone log

15:00:15 <dmendiza[m]> #startmeeting keystone
15:00:15 <opendevmeet> Meeting started Tue Feb 15 15:00:15 2022 UTC and is due to finish in 60 minutes.  The chair is dmendiza[m]. Information about MeetBot at http://wiki.debian.org/MeetBot.
15:00:15 <opendevmeet> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
15:00:15 <opendevmeet> The meeting name has been set to 'keystone'
15:00:21 <dmendiza[m]> #topic Roll Call
15:00:29 <dmendiza[m]> Courtesy ping for ayoung, bbobrov, crisloma, d34dh0r53, dpar, dstanek, gagehugo, hrybacki, knikolla, lamt, lbragstad, lwanderley, kmalloc, rodrigods, samueldmq, spilla, ruan_he, wxy, sonuk, vishakha,Ajay, rafaelweingartner, xek
15:00:32 <d34dh0r53> o/
15:00:34 <gagehugo> o/
15:00:57 <dmendiza[m]> Hi y'all!
15:01:02 <dmendiza[m]> As usual the agenda is over here:
15:01:04 <dmendiza[m]> #link https://etherpad.opendev.org/p/keystone-weekly-meeting
15:01:30 <knikolla> o/
15:03:21 <dmendiza[m]> OK, let's get started
15:03:31 <dmendiza[m]> #topic Review Past Meeting Action Items
15:03:41 <dmendiza[m]> #link https://meetings.opendev.org/meetings/keystone/2022/keystone.2022-02-08-15.01.html
15:03:45 <dmendiza[m]> We didn't have any
15:04:00 <dmendiza[m]> #topic Liaison Updates
15:04:08 <dmendiza[m]> knikolla: any updates this week?
15:06:39 <knikolla> we're moving Keystone back to a PTL model since dmendiza[m] offered to be PTL
15:07:17 <knikolla> governance change is tracked here https://review.opendev.org/c/openstack/governance/+/829037
15:07:32 <knikolla> thank you dmendiza[m]
15:07:38 <d34dh0r53> ++
15:08:55 <dmendiza[m]> 😁👍️
15:09:23 <dmendiza[m]> Yeah, hopefully we're still on time?  I think nominations close today?
15:11:41 <gagehugo> yeah
15:12:27 <dmendiza[m]> Right on.  I'll keep an eye out on that patch
15:13:28 <dmendiza[m]> #link https://review.opendev.org/c/openstack/election/+/828927
15:13:33 <dmendiza[m]> ^^^ the PTL nomination patch
15:13:46 <dmendiza[m]> OK, moving on ...
15:14:02 <dmendiza[m]> #topic Specs
15:14:23 <dmendiza[m]> First up the OAuth 2.0 spec
15:14:24 <dmendiza[m]> #link https://review.opendev.org/c/openstack/keystone-specs/+/813152
15:14:34 <dmendiza[m]> Still just a +2 from knikolla
15:15:13 <dmendiza[m]> gagehugostill needs to take a look
15:16:16 <knikolla> gagehugo: can you please give that spec a review? it's basically allowing application credentials to serve as oauth 2.0 client secrets, and creates a REST API that implements the OAuth 2.0 client credentials part of the specification
15:16:40 <gagehugo> sure
15:19:08 <gagehugo> there is a comment chain that is about as long as the spec itself now though haha
15:21:21 <knikolla> haha, well, that comment chain caused the spec to become that short
15:22:19 <knikolla> early in Zed i'll be proposing more aspects of oauth/openid connect as specs
15:23:52 <dmendiza[m]> nice
15:24:02 * dmendiza[m] will also take a look at spec
15:24:41 <dmendiza[m]> Next, the "service" role spec has more discussion happening
15:24:56 <dmendiza[m]> please share thoughts/opinions if you can
15:24:58 <dmendiza[m]> #link https://review.opendev.org/c/openstack/keystone-specs/+/818616
15:25:07 <knikolla> i've allocated some time to go through it today
15:25:28 <dmendiza[m]> The "manager" role spec didn' tpass the gate
15:25:30 <dmendiza[m]> #link https://review.opendev.org/c/openstack/keystone-specs/+/818603
15:25:34 <dmendiza[m]> I'll take a look at that today
15:27:04 <dmendiza[m]> That's all for the active specs
15:27:15 <dmendiza[m]> Moving on ...
15:27:17 <dmendiza[m]> #topic PTG
15:27:23 <dmendiza[m]> The next PTG is coming up in April
15:27:39 <dmendiza[m]> We've tentatively picked a couple of time slots for Keystone discussions:
15:27:52 <dmendiza[m]> #link https://ethercalc.openstack.org/7yxdas7suqnd
15:28:10 <dmendiza[m]> Tuesday April 5 1500-1700 UTC
15:28:11 <dmendiza[m]> and
15:28:25 <dmendiza[m]> Thursday April 7 1500-1700 UTC
15:28:34 <dmendiza[m]> Please let me know if we need to adjust those for any reason
15:29:50 <gagehugo> Those work for me
15:30:13 <dmendiza[m]> I've also started an etherpad to collect topics to be covered during the PTG
15:30:15 <dmendiza[m]> #link https://etherpad.opendev.org/p/z-ptg-keystone
15:30:24 <dmendiza[m]> Please feel free to add any topics  you think would be good to discuss
15:31:49 <dmendiza[m]> #topic Open Discussion
15:32:05 <dmendiza[m]> Any other topics y'all want to talk about before we move on to Bug Review?
15:35:13 <dmendiza[m]> OK, moving on
15:35:18 <dmendiza[m]> #topic Bug Review
15:35:39 <dmendiza[m]> #link https://bugs.launchpad.net/keystone/?orderby=-id&start=0
15:35:44 <dmendiza[m]> No new Keystone bugs
15:36:01 <dmendiza[m]> #link https://bugs.launchpad.net/python-keystoneclient/?orderby=-id&start=0
15:36:09 <dmendiza[m]> No new python-keystoneclient bugs
15:36:28 <dmendiza[m]> #link https://bugs.launchpad.net/keystoneauth/+bugs?orderby=-id&start=0
15:36:49 <dmendiza[m]> No new keystoneauth bugs
15:36:53 <dmendiza[m]> #link https://bugs.launchpad.net/keystonemiddleware/+bugs?orderby=-id&start=0
15:36:57 <dmendiza[m]> No new keystonemiddleware bugs
15:37:15 <dmendiza[m]> #link https://bugs.launchpad.net/pycadf/+bugs?orderby=-id&start=0
15:37:20 <dmendiza[m]> No new pycadf bugs
15:37:30 <dmendiza[m]> https://bugs.launchpad.net/ldappool/+bugs?orderby=-id&start=0
15:37:48 <dmendiza[m]> And no new ldappool bugs
15:38:03 <dmendiza[m]> whew, that's a lot of launchpads. 😅
15:38:14 <dmendiza[m]> #topic Review Requests
15:38:20 <dmendiza[m]> Any reviews we should talk about now?
15:40:03 <d34dh0r53> https://review.opendev.org/c/openstack/keystone/+/828595 let me know what you think, I’m not sure how to fix this without making upgrades terrible
15:42:58 <d34dh0r53> This fix addresses the core of the bug in that it’s no longer silent but it’s not really a fix
15:44:51 <knikolla> Maybe an addition to the keystone-manage doctor CLI to check for this would provide a better user experience
15:45:07 <knikolla> Since this seem to be the case of a mismatch between desired max length, and supported max length by the algorithm
15:45:10 <knikolla> seems*
15:45:30 <d34dh0r53> ahh, that’s a good idea
15:45:46 <knikolla> This way we can push out a warning to operators "hey you want to support 200 char passwords, switch to this other algo"
15:45:58 <d34dh0r53> knikolla: right
15:47:02 <d34dh0r53> is that in python-keystoneclient?
15:47:50 <knikolla> no, it's part of keystone https://github.com/openstack/keystone/tree/master/keystone/cmd
15:48:25 <d34dh0r53> awesome, thank you
15:48:58 <knikolla> np :)
15:51:34 <dmendiza[m]> Cool
15:51:41 <dmendiza[m]> We've got just a few minutes left.
15:54:18 <dmendiza[m]> OK, let's call it a day.
15:54:23 <dmendiza[m]> Thanks for joining, everyone!
15:54:26 <dmendiza[m]> #endmeeting