15:03:26 <d34dh0r53> #startmeeting keystone 15:03:26 <opendevmeet> Meeting started Tue Feb 14 15:03:26 2023 UTC and is due to finish in 60 minutes. The chair is d34dh0r53. Information about MeetBot at http://wiki.debian.org/MeetBot. 15:03:26 <opendevmeet> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 15:03:26 <opendevmeet> The meeting name has been set to 'keystone' 15:03:36 <d34dh0r53> #topic roll call 15:03:52 <d34dh0r53> ping admiyo, bbobrov, crisloma, d34dh0r53, dpar, dstanek, hrybacki, knikolla[m], lbragstad, lwanderley, kmalloc, rodrigods, samueldmq, ruan_he, wxy, sonuk, vishakha, Ajay, rafaelwe, xek, gmann, zaitcev, arequate 15:05:13 <xek> o/ 15:05:19 <hiromu> o/ 15:05:27 <kpdev> o/ 15:05:45 <d34dh0r53> o/ 15:06:04 <d34dh0r53> #topic review past meeting work items 15:06:29 <d34dh0r53> #link https://meetings.opendev.org/meetings/keystone/2023/keystone.2023-01-31-15.01.html 15:06:45 <d34dh0r53> the only thing is this: d34dh0r53 look into the keystone-groups members as well https://review.opendev.org/admin/groups/d7203dc55fa9bdf98c578b16ac398e0c754a1a67,members not sure if it's used any more 15:06:58 <d34dh0r53> I started this but more work to be done so I'll carry it over 15:07:04 <d34dh0r53> #action d34dh0r53 look into the keystone-groups members as well https://review.opendev.org/admin/groups/d7203dc55fa9bdf98c578b16ac398e0c754a1a67,members not sure if it's used any more 15:07:19 <d34dh0r53> #topic liaison updates 15:07:23 <d34dh0r53> nothing from VMT 15:09:06 <d34dh0r53> release management is working on the release of Antelope, the deadline is Feb. 17 for the Antelope-3 milestone 15:09:30 <d34dh0r53> as always please let me know if you'd like to volunteer for a liaison position 15:09:46 <d34dh0r53> moving on 15:10:11 <d34dh0r53> #topic specification OAuth 2.0 (hiromu) 15:10:22 <d34dh0r53> #link https://review.opendev.org/q/topic:bp%252Foauth2-client-credentials-ext 15:10:25 <d34dh0r53> External OAuth 2.0 Specification 15:10:27 <d34dh0r53> #link https://review.opendev.org/c/openstack/keystone-specs/+/861554 15:10:29 <d34dh0r53> OAuth 2.0 Implementation 15:10:31 <d34dh0r53> #link https://review.opendev.org/q/topic:bp%252Fsupport-oauth2-mtls 15:10:33 <d34dh0r53> OAuth 2.0 Documentation 15:10:35 <d34dh0r53> #link https://review.opendev.org/c/openstack/keystone/+/838108 15:10:37 <d34dh0r53> #link https://review.opendev.org/c/openstack/keystoneauth/+/838104 15:10:43 <hiromu> It's not directly related to OAuth2.0, I submitted patch to keystonemiddleware https://review.opendev.org/c/openstack/keystonemiddleware/+/873382 15:11:02 <hiromu> The OAuth2.0 patch for keystone middleware depends on the above patch 15:11:25 <hiromu> Please kindly merge it, if you have time. 15:12:20 <hiromu> Also, the all comments for the OAuth2.0 patches are resolved. 15:13:02 <hiromu> I hope we can merge them within this feature freeze week. 15:14:00 <d34dh0r53> ack, hopefully we can do it during the reviewathon, dmendiza will be back :) 15:14:19 <d34dh0r53> anything else hiromu ? 15:14:43 <hiromu> good! nothing else 15:15:08 <d34dh0r53> ok, thank you! 15:15:13 <d34dh0r53> next up is: 15:15:35 <d34dh0r53> #topic specification Secure RBAC (dmendiza[m]) 15:15:46 <d34dh0r53> #link https://governance.openstack.org/tc/goals/selected/consistent-and-secure-rbac.html#z-release-timeline_ 15:15:49 <d34dh0r53> Service Role Implementation 15:15:51 <d34dh0r53> #link https://review.opendev.org/c/openstack/keystone/+/863420 15:15:53 <d34dh0r53> Manager Role Implementation 15:15:55 <d34dh0r53> #link https://review.opendev.org/c/openstack/keystone/+/822601 15:16:06 <d34dh0r53> anyone need any S-RBAC things? 15:17:46 <d34dh0r53> ok, moving on 15:17:59 <d34dh0r53> #topic open discussion 15:18:13 <d34dh0r53> first item is from last week but it still hasn't merged 15:18:24 <d34dh0r53> (drencrom) Need a workflow +1 for this cherry pick https://review.opendev.org/c/openstack/keystonemiddleware/+/871993 15:18:27 <d34dh0r53> I need to port it all the way to ussuri 15:18:37 <d34dh0r53> #link https://review.opendev.org/c/openstack/keystonemiddleware/+/871993 15:18:59 <d34dh0r53> please review if you have a minute 15:19:15 <d34dh0r53> next up we have: 15:19:24 <d34dh0r53> PooledLdapHandler MaxConnectionReachedError bug 15:19:27 <d34dh0r53> #link https://bugs.launchpad.net/keystone/+bug/1998789 15:19:29 <d34dh0r53> Review request 15:19:31 <d34dh0r53> #link https://review.opendev.org/c/openstack/keystone/+/866723 15:20:20 <d34dh0r53> need one more core review on that one ^ 15:21:03 <d34dh0r53> next up: 15:21:05 <d34dh0r53> (arequate) keycloakauth plugin for OAuth 2.0 Device Authorization Grant 15:21:08 <d34dh0r53> Review request 15:21:10 <d34dh0r53> #link https://review.opendev.org/c/openstack/keystoneauth/+/869876 15:23:13 <d34dh0r53> that will need some testing, and a better commit message 15:23:50 <d34dh0r53> that's all on the agenda for open discussion, anyone have anything else before we move to bug review? 15:24:19 <kpdev> hi 15:24:33 <d34dh0r53> hi kpdev 15:24:49 <kpdev> can we consider bug for discussion 15:24:56 <kpdev> https://bugs.launchpad.net/cinder/+bug/2006631 15:25:14 <kpdev> if anyone from keystone might have tried this configuration before and experienced similar issue 15:25:35 <d34dh0r53> I have not yet 15:26:56 <kpdev> d34dh0r53: ok, 15:27:16 <d34dh0r53> I started looking at it again yesterday and will try to reproduce this afternoon 15:27:42 <kpdev> thanks 15:27:51 <d34dh0r53> no problem, what timezone are you in BTW? 15:27:54 <kpdev> lets discuss on bug then 15:27:56 <kpdev> CEST 15:28:18 <d34dh0r53> kpdev: ack, thanks :) 15:29:03 <d34dh0r53> #topic bug review 15:29:10 <d34dh0r53> #link https://bugs.launchpad.net/keystone/?orderby=-id&start=0 15:29:46 <d34dh0r53> the only new keystone bug is #link https://bugs.launchpad.net/keystone/+bug/2006631 15:30:04 <d34dh0r53> that's the one we just discussed that I am going to look at this afternoon 15:30:18 <d34dh0r53> next up we have: 15:30:20 <d34dh0r53> #link https://bugs.launchpad.net/python-keystoneclient/?orderby=-id&start=0 15:30:32 <d34dh0r53> no new bugs there 15:30:48 <d34dh0r53> #link https://bugs.launchpad.net/keystoneauth/+bugs?orderby=-id&start=0 15:31:20 <d34dh0r53> no new bugs in keystoneauth 15:31:32 <d34dh0r53> #link https://bugs.launchpad.net/keystonemiddleware/+bugs?orderby=-id&start=0 15:31:47 <d34dh0r53> nothing new in keystonemiddleware 15:32:06 <d34dh0r53> #link https://bugs.launchpad.net/pycadf/+bugs?orderby=-id&start=0 15:32:09 <d34dh0r53> pycadf is clean 15:32:14 <d34dh0r53> and finally: 15:32:23 <d34dh0r53> #link https://bugs.launchpad.net/ldappool/+bugs?orderby=-id&start=0 15:32:36 <d34dh0r53> which is also clean 15:32:43 <d34dh0r53> that does it for bug review 15:32:50 <d34dh0r53> #topic conclusion 15:32:56 <d34dh0r53> anyone have anything else? 15:33:54 <d34dh0r53> Please try to make the reviewathon if you can on Friday. We're done with Antelope and it would be nice to see if we can get OAuth 2.0 patches merged. 15:34:50 <d34dh0r53> I'll send out a link to the meeting here on Friday (09:00 CDT, 15:00 UTC) 15:35:47 <d34dh0r53> or if you would like to be added to the calendar invite please let me know 15:35:53 <d34dh0r53> Thanks folks! 15:35:56 <d34dh0r53> #endmeeting