#openstack-keystone log

15:00:10 <d34dh0r53> #startmeeting keystone
15:00:10 <opendevmeet> Meeting started Tue Dec 20 15:00:10 2022 UTC and is due to finish in 60 minutes.  The chair is d34dh0r53. Information about MeetBot at http://wiki.debian.org/MeetBot.
15:00:10 <opendevmeet> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
15:00:10 <opendevmeet> The meeting name has been set to 'keystone'
15:00:52 <knikolla[m]> o/
15:00:53 <xek> o/
15:00:58 <d34dh0r53> #topic roll call
15:01:00 <d34dh0r53> admiyo, bbobrov, crisloma, d34dh0r53, dpar, dstanek, hrybacki, knikolla, lbragstad, lwanderley, kmalloc, rodrigods, samueldmq, ruan_he, wxy, sonuk, vishakha, Ajay, rafaelwe, xek, gmann, zaitcev
15:01:06 <d34dh0r53> o/
15:01:15 <zaitcev> o/
15:01:20 <hiromu> o/
15:01:49 <d34dh0r53> wow, great turnout for the end of the year, thanks for joining :)
15:02:40 <d34dh0r53> #topic review past meeting work items
15:02:49 <d34dh0r53> #link https://meetings.opendev.org/meetings/keystone/2022/keystone.2022-12-13-15.00.html
15:02:52 <d34dh0r53> first up
15:02:59 * d34dh0r53 reviewathon https://review.opendev.org/c/openstack/keystoneauth/+/838104 (d34dh0r53, 15:03:52)
15:04:42 <d34dh0r53> we looked a bit at the documentation for the OAuth 2.0 stuff in the reviewathon, now that the m-tls spec has merged we can focus on the outstanding reviews, pushing this again
15:05:02 <d34dh0r53> #action reviewathon https://review.opendev.org/c/openstack/keystoneauth/+/838104
15:05:34 <d34dh0r53> same with the next one
15:05:41 <d34dh0r53> #action reviewathon https://review.opendev.org/c/openstack/keystone/+/838108
15:06:49 <d34dh0r53> #action reviewathon https://review.opendev.org/c/openstack/keystone/+/860928
15:07:05 <d34dh0r53> another docs patch for oauth 2.0
15:07:37 <d34dh0r53> #action reviewathon https://review.opendev.org/c/openstack/keystoneauth/+/860923
15:08:16 <d34dh0r53> next up we have d34dh0r53 look into user-defined attribute access control
15:09:22 <d34dh0r53> as far as I can tell user-defined attribute access control is not a thing that we support, hiromu I think you asked about this
15:10:48 <d34dh0r53> that would need a spec for implementation so maybe after antelope we can look at that if it's still needed
15:11:05 <d34dh0r53> next up we have another rewviewathon that we didn't get to https://review.opendev.org/c/openstack/keystone/+/863420
15:11:12 <d34dh0r53> we'll look at this one this week
15:11:18 <d34dh0r53> #action reviewathon https://review.opendev.org/c/openstack/keystone/+/863420
15:11:45 <d34dh0r53> next up we had
15:11:52 <d34dh0r53> knikolla[m] please review https://review.opendev.org/c/openstack/pycadf/+/863702
15:12:48 <d34dh0r53> knikolla[m]: thanks for looking at that, I'll see if I can figure out what failed in the gate for that one
15:13:02 <d34dh0r53> finally we had
15:13:04 <d34dh0r53> knikolla[m] please review https://review.opendev.org/c/openstack/keystonemiddleware/+/866805
15:13:31 <d34dh0r53> that patch merged and unblocked
15:13:40 <hiromu> sorry took time to remember. regarding the user attributes, i understand it's not supported by Keystone, and for now we don't need to support it as we're trying alternative way.
15:13:48 <d34dh0r53> thanks for pushing it through knikolla[m]
15:13:54 <d34dh0r53> hiromu: ack, thanks for the update
15:14:19 <d34dh0r53> that does it for the past meeting work items
15:14:35 <d34dh0r53> #topic liaison updates
15:14:42 <d34dh0r53> nothing new from VMT
15:14:51 <d34dh0r53> knikolla[m]: anything from release management?
15:17:19 <knikolla[m]> d34dh0r53: to be fair, i haven't had that much time to look into any release work. so perhaps it's best i don't have my name on it anymore.
15:17:30 <d34dh0r53> knikolla[m]: ack, thanks
15:17:50 <d34dh0r53> knikolla[m]: is that in a governance repo or just on our list?
15:18:04 <knikolla[m]> i think it's a wiki
15:18:27 <knikolla[m]> https://wiki.openstack.org/wiki/CrossProjectLiaisons#Release_management
15:18:47 <knikolla[m]> ah, and in fact my name is not there.
15:20:40 <d34dh0r53> oh, I didn't know about that wiki
15:20:44 * d34dh0r53 needs to update it
15:20:53 <xek> btw I think we also have to sort out this list: https://review.opendev.org/admin/groups/d7203dc55fa9bdf98c578b16ac398e0c754a1a67,members
15:21:51 <d34dh0r53> #action d34dh0r53 update the CrossProjectLiaisons wiki https://wiki.openstack.org/wiki/CrossProjectLiaisons
15:22:22 <knikolla[m]> i don't think that list is used anywhere :/
15:22:42 <xek> oh, ok, i never did a keystone release so I wasn't sure
15:23:00 <d34dh0r53> #action d34dh0r53 look into the keystone-groups members as well https://review.opendev.org/admin/groups/d7203dc55fa9bdf98c578b16ac398e0c754a1a67,members not sure if it's used any more
15:23:43 <d34dh0r53> cool, thanks knikolla[m] and xek
15:24:04 <xek> there is a similar keystoneauth-release which includes keystone-release group https://review.opendev.org/admin/groups/defa38d1e363d439a0458380efb0824d639d5ffd,members
15:24:56 <knikolla[m]> i don't think those groups are still relevant, but if they are, we can just have all of them include -core and not have extra users
15:25:42 <xek> ok, if there are any issues I'll ask lbragstad to do that
15:28:29 <d34dh0r53> thanks xek
15:29:21 <d34dh0r53> #topic specification OAuth 2.0 (hiromu)
15:29:27 <d34dh0r53> The spec merged!
15:29:40 <hiromu> thanks a lot!
15:29:41 <d34dh0r53> Thanks knikolla[m] and xek for the final reviews on that
15:30:11 <d34dh0r53> I've added a link to the etherpad for the implementation topic
15:30:23 <d34dh0r53> #link https://review.opendev.org/q/topic:bp%252Fsupport-oauth2-mtls
15:31:10 <hiromu> I hope the code review will also go well.
15:31:14 <d34dh0r53> we can get started reviewing and testing those during the reviewathon
15:31:42 <d34dh0r53> There are also a couple of documentation reviews
15:32:01 <d34dh0r53> #link https://review.opendev.org/c/openstack/keystone/+/838108
15:32:09 <d34dh0r53> #link https://review.opendev.org/c/openstack/keystoneauth/+/838104
15:33:22 <d34dh0r53> next spec is
15:33:38 <d34dh0r53> #topic specification Secure RBAC
15:33:50 <d34dh0r53> #link https://governance.openstack.org/tc/goals/selected/consistent-and-secure-rbac.html#z-release-timeline_
15:34:15 <d34dh0r53> the specs have merged and the implementation links are here
15:34:23 <d34dh0r53> Service Role Implementation
15:34:30 <d34dh0r53> #link https://review.opendev.org/c/openstack/keystone/+/863420
15:34:38 <d34dh0r53> Manager Role Implementation
15:34:45 <d34dh0r53> #link https://review.opendev.org/c/openstack/keystone/+/822601
15:36:26 <d34dh0r53> hopefully we get some feedback/updates from Abhishek on the -1's on the manager implementation patch
15:37:07 <d34dh0r53> but probably not this year
15:37:31 <d34dh0r53> that does it for spec review, next up is
15:37:37 <d34dh0r53> #topic open discussion
15:37:53 <d34dh0r53> we don't have anything on the agenda, does anyone have anything?
15:40:03 <zaitcev> not me
15:40:10 <d34dh0r53> ok, moving on to bug review
15:40:15 <d34dh0r53> #topic bug review
15:40:32 <d34dh0r53> before we get into the projects, I've started cleaning up some old bugs
15:40:38 <d34dh0r53> starting with keystone
15:41:00 <d34dh0r53> you may get some strange emails from bugs that are ~3, 4 even 5 years old
15:41:33 <d34dh0r53> I don't have a ton of context on some of them so if I mistakenly close something that is still valid please don't hesitate to re-open
15:41:48 <d34dh0r53> we just have a ton of cruft in there and it would be nice to clean house a bit
15:42:11 <d34dh0r53> this is just spare time work, but I plan to do some during the holidays
15:42:33 <d34dh0r53> first up for bug-review is:
15:42:42 <d34dh0r53> #link https://bugs.launchpad.net/keystone/?orderby=-id&start=0
15:43:56 <d34dh0r53> next up is python-keystoneclient
15:44:00 <d34dh0r53> link https://bugs.launchpad.net/python-keystoneclient/?orderby=-id&start=0
15:44:14 <d34dh0r53> all good there
15:44:26 <d34dh0r53> keystoneauth is next
15:44:27 <d34dh0r53> #link https://bugs.launchpad.net/keystoneauth/+bugs?orderby=-id&start=0
15:45:16 <d34dh0r53> thanks for your patch on https://bugs.launchpad.net/keystoneauth/+bug/1999431 zaitcev
15:45:48 <d34dh0r53> #action reviewathon https://review.opendev.org/c/openstack/keystoneauth/+/867603
15:46:02 <zaitcev> Much easier than client TLS certs :-)
15:46:16 <d34dh0r53> or if knikolla[m] or xek can look at ^^ before then that would be great
15:46:20 <d34dh0r53> zaitcev: indeed :)
15:46:45 <d34dh0r53> next up we have keystonemiddleware
15:46:47 <d34dh0r53> #link https://bugs.launchpad.net/keystonemiddleware/+bugs?orderby=-id&start=0
15:47:04 <d34dh0r53> which has no new bugs
15:47:20 <d34dh0r53> moving on to pycadf
15:47:22 <d34dh0r53> #link https://bugs.launchpad.net/pycadf/+bugs?orderby=-id&start=0
15:47:31 <d34dh0r53> also nothing new
15:47:37 <d34dh0r53> and finally ldappool
15:47:46 <d34dh0r53> #link https://bugs.launchpad.net/ldappool/+bugs?orderby=-id&start=0
15:47:59 <d34dh0r53> also clean
15:48:13 <d34dh0r53> that does it for bug review
15:48:15 <d34dh0r53> #topic conclusion
15:48:32 <d34dh0r53> this is the last keystone weekly meeting of 2022
15:49:14 <d34dh0r53> A personal thanks from me for the work in getting the specs merged and the help in trying to get keystone back into shape
15:49:51 <d34dh0r53> the reviewathons have been a big help
15:50:25 <d34dh0r53> we'll keep those going into next year and continue to work to reduce the backlog of reviews and bugs
15:51:22 <d34dh0r53> I hope everyone has a wonderful new year, safe travels and enjoy any time off you may take :)
15:53:23 <d34dh0r53> Thanks all!
15:53:27 <d34dh0r53> #endmeeting