#openstack-keystone log

15:15:01 <d34dh0r53> #startmeeting keystone
15:15:01 <opendevmeet> Meeting started Tue Apr 25 15:15:01 2023 UTC and is due to finish in 60 minutes.  The chair is d34dh0r53. Information about MeetBot at http://wiki.debian.org/MeetBot.
15:15:01 <opendevmeet> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
15:15:01 <opendevmeet> The meeting name has been set to 'keystone'
15:15:11 <d34dh0r53> #topic roll call
15:15:19 <d34dh0r53> admiyo, bbobrov, crisloma, d34dh0r53, dpar, dstanek, hrybacki, knikolla[m], lbragstad, lwanderley, kmalloc, rodrigods, samueldmq, ruan_he, wxy, sonuk, vishakha, Ajay, rafaelwe, xek, gmann, zaitcev, arequate, dmendiza[m]
15:16:18 <d34dh0r53> #topic review past meeting work items
15:16:28 <d34dh0r53> #link https://meetings.opendev.org/meetings/keystone/2023/keystone.2023-04-18-15.07.html
15:16:39 <d34dh0r53> dmendiza[m], d34dh0r53 update the keystone groups to inherit from keystone-core
15:16:46 <d34dh0r53> We still need to do this
15:16:52 <d34dh0r53> #action dmendiza[m], d34dh0r53 update the keystone groups to inherit from keystone-core
15:17:07 <d34dh0r53> I didn't get to d34dh0r53 investigate https://bugs.launchpad.net/keystone/+bug/2009752 either
15:17:10 <d34dh0r53> #action d34dh0r53 investigate https://bugs.launchpad.net/keystone/+bug/2009752
15:17:25 <d34dh0r53> That does it for last weeks action items
15:17:37 <d34dh0r53> #topic liaison updates
15:17:44 <d34dh0r53> nothing from VMT
15:18:51 <d34dh0r53> I know Doug is out on PTO so moving on to specifications
15:19:07 <d34dh0r53> #topic specification OAuth 2.0 (hiromu)
15:19:20 <d34dh0r53> External OAuth 2.0 Specification
15:19:23 <d34dh0r53> #link https://review.opendev.org/c/openstack/keystone-specs/+/861554
15:19:25 <d34dh0r53> OAuth 2.0 Implementation
15:19:27 <d34dh0r53> #link https://review.opendev.org/q/topic:bp%252Fsupport-oauth2-mtls
15:19:29 <d34dh0r53> OAuth 2.0 Documentation
15:19:31 <d34dh0r53> #link https://review.opendev.org/c/openstack/keystone/+/838108
15:19:33 <d34dh0r53> #link https://review.opendev.org/c/openstack/keystoneauth/+/838104
15:19:45 <d34dh0r53> hiromu: there was a question added to the meeting agenda about a docs bug
15:19:48 <d34dh0r53> Ancient OAuth documentation bug.  Can we close it?  Ask @hiromu https://bugs.launchpad.net/keystone/+bug/1208280
15:20:54 <hiromu> let me check
15:21:16 <d34dh0r53> thank you hiromu
15:24:50 <hiromu> looks like the bug reports for auth methods documentation. is it something related to oauth2.0?
15:27:04 <d34dh0r53> I'm not sure it's a very old bug, do you think the documentation and the bug are still relevant?
15:29:39 <hiromu> i'm not sure too, but probably no beacuse the reporter of this bug just claimed that docs for auth methods is not enough
15:30:01 <hiromu> after reading it briefly
15:30:04 <d34dh0r53> ok, I'll take a look at it and try to see if it's still valid
15:30:26 <d34dh0r53> next specification is:
15:30:40 <d34dh0r53> #topic Secure RBAC (dmendiza[m])
15:30:56 <d34dh0r53> Doug is out today so I don't think there are any updates for this
15:31:05 <d34dh0r53> next up is
15:31:16 <d34dh0r53> #topic SQLAlchemy 2.0 (stephenfin)
15:31:31 <d34dh0r53> #link https://review.opendev.org/q/topic:sqlalchemy-20+is:open+project:openstack/keystone
15:31:33 <d34dh0r53> Can I get reviews on this, while I have context/time to close it out?
15:31:35 <d34dh0r53> What more do you need from me?
15:32:03 <d34dh0r53> please review these, especially the cores.
15:32:45 <zaitcev> I tried to look at stephenfin's stuff and it looked fine, but the migration one was tricky to understand unless you knew the library.
15:33:16 <d34dh0r53> yeah, db migrations are tricky
15:33:59 <d34dh0r53> I'm going to focus on Friday testing that and the LDAP issue that I have assigned
15:34:16 <d34dh0r53> moving on to open discussion
15:34:23 <d34dh0r53> #topic open discussion
15:34:36 <d34dh0r53> (drencrom) We need to merge these backports to fix pep8 tests
15:34:38 <d34dh0r53> ussuri #link https://review.opendev.org/c/openstack/keystonemiddleware/+/878028
15:34:40 <d34dh0r53> wallaby #link https://review.opendev.org/c/openstack/keystonemiddleware/+/878026
15:34:42 <d34dh0r53> xena #link https://review.opendev.org/c/openstack/keystonemiddleware/+/878025
15:34:44 <d34dh0r53> yoga #link https://review.opendev.org/c/openstack/keystonemiddleware/+/878024
15:34:46 <d34dh0r53> zed #link https://review.opendev.org/c/openstack/keystonemiddleware/+/878023
15:34:48 <d34dh0r53> Could not amend victoria patch, not sure why:
15:34:50 <d34dh0r53> ! [remote rejected] HEAD -> refs/for/master%topic=877808-stable/victoria (change https://review.opendev.org/c/openstack/keystonemiddleware/+/877808 closed)
15:34:52 <d34dh0r53> (drencrom) I also need WF +1 for this backport that depends on the previous ones
15:34:54 <d34dh0r53> #link https://review.opendev.org/c/openstack/keystonemiddleware/+/873921
15:35:03 <d34dh0r53> we looked at a couple of these last reviewathon I think, cores please vote on the backports.
15:35:09 <zaitcev> no, hold on. Master is not in yet. https://review.opendev.org/c/openstack/pycadf/+/868221
15:35:19 <d34dh0r53> these are keystonemiddleware
15:35:24 <zaitcev> sorry
15:35:36 <d34dh0r53> no problem, we also need to get the pycadf fix in
15:37:04 <d34dh0r53> dmendiza[m], or knikolla if you happen to drive by or read the transcript please give https://review.opendev.org/c/openstack/pycadf/+/868221 a push ;)
15:37:38 <d34dh0r53> we also need backports on the PooledLdapHandler
15:37:40 <d34dh0r53> (mustafakemalgilor) PooledLdapHandler message.clean() patch backports
15:37:43 <d34dh0r53> review request
15:37:45 <d34dh0r53> #link ussuri: https://review.opendev.org/c/openstack/keystone/+/874846
15:37:47 <d34dh0r53> #link victoria: https://review.opendev.org/c/openstack/keystone/+/874847
15:37:49 <d34dh0r53> #link wallaby: https://review.opendev.org/c/openstack/keystone/+/874844
15:37:51 <d34dh0r53> #link xena: https://review.opendev.org/c/openstack/keystone/+/874843
15:37:55 <d34dh0r53> err, reviews on the backports
15:38:15 <d34dh0r53> A couple of other items came up for open discussion
15:38:24 <d34dh0r53> EC2 bug, can Mauricio take a look? https://bugs.launchpad.net/keystone/+bug/1305566
15:38:43 <d34dh0r53> I believe so, I'll ping him internally
15:38:55 <d34dh0r53> Should we add a "Known Issues" section to the docs ?  We could close this: https://bugs.launchpad.net/keystone/+bug/1305950
15:39:21 <d34dh0r53> I think this is a great idea, I'm kind of surprised Keystone doesn't already have one
15:39:47 <d34dh0r53> #action d34dh0r53 Look into adding/restoring a known issues section to our documentation
15:40:09 <d34dh0r53> #action d34dh0r53 add https://bugs.launchpad.net/keystone/+bug/1305950 to the known issues section of our documentation
15:40:31 <d34dh0r53> #action d34dh0r53 to review LDAP bugs https://bugs.launchpad.net/keystone/+bugs?field.tag=ldap
15:40:42 <d34dh0r53> next up, bug review
15:40:49 <d34dh0r53> #topic bug review
15:41:17 <d34dh0r53> #link https://bugs.launchpad.net/keystone/?orderby=-id&start=0
15:41:21 <d34dh0r53> Keystone has a new bug
15:41:35 <d34dh0r53> #link https://bugs.launchpad.net/keystone/+bug/2017056
15:41:55 <d34dh0r53> I'm going to have dmendiza[m] look at this when he comes back unless anyone else would like it
15:42:45 <d34dh0r53> next up
15:42:56 <d34dh0r53> #link https://bugs.launchpad.net/python-keystoneclient/?orderby=-id&start=0
15:42:59 <d34dh0r53> no new bugs
15:43:06 <d34dh0r53> #link https://bugs.launchpad.net/keystoneauth/+bugs?orderby=-id&start=0
15:43:27 <d34dh0r53> no new bugs
15:43:38 <d34dh0r53> #link https://bugs.launchpad.net/keystonemiddleware/+bugs?orderby=-id&start=0
15:43:57 <d34dh0r53> nothing new
15:44:06 <d34dh0r53> #link https://bugs.launchpad.net/pycadf/+bugs?orderby=-id&start=0
15:44:24 <d34dh0r53> nothing new, but please vote on the PEP8 bug
15:44:37 <d34dh0r53> #link https://bugs.launchpad.net/ldappool/+bugs?orderby=-id&start=0
15:44:42 <d34dh0r53> nothing new for ldappool
15:44:48 <d34dh0r53> #topic conclusion
15:44:55 <d34dh0r53> anything else before we go?
15:45:27 <hiromu> i'd like to confirm one thing
15:46:05 <hiromu> it has been a little bit long time from PTG, but it is something related to Ext. Auth
15:46:22 <hiromu> s/Ext. Auth/Ext. OAuth2.0 server
15:46:53 <hiromu> as Ironic has been added to the reviewer of patch https://review.opendev.org/c/openstack/keystone-specs/+/861554
15:47:17 <zaitcev> I have some review-begging to do: https://review.opendev.org/c/openstack/keystone/+/833876 https://review.opendev.org/c/openstack/keystone/+/878187
15:47:53 <zaitcev> Oh and https://review.opendev.org/c/openstack/keystone/+/881255
15:48:01 <hiromu> I'd like to suggest to see Ironic's +1 as an agreement among keystone, barbican and ironic. is that okay?
15:48:13 <zaitcev> Which was my action item from reviewathon.
15:48:49 <d34dh0r53> hiromu: yes, that is okay and I agree
15:48:49 <zaitcev> Sorry, I'm interleaving with Hiromu here. I'm unrelated to Ironic thing.
15:48:50 <knikolla> I'm hoping to catch up on reviews at some point this week, sorry for the delay. Was busy with KubeCon last week.
15:49:03 <d34dh0r53> no worries knikolla, good to see you
15:49:53 <zaitcev> Oh, that reminds me. I was reading a spec that someone else posted, and was almost done... It was Yusuke-san IIRC. I'll find it
15:49:53 <hiromu> no problem :zaitcev
15:50:35 <hiromu> and thank you d34dh0r53, that's all from my
15:51:12 <hiromu> s/my/my side/
15:51:16 <d34dh0r53> thank you hiromu
15:52:07 <d34dh0r53> zaitcev: we can review it during the reviewathon to see how close it is
15:52:25 <d34dh0r53> Thanks everyone!
15:52:32 <d34dh0r53> #endmeeting