15:01:49 <d34dh0r53> #startmeeting keystone 15:01:49 <opendevmeet> Meeting started Wed Oct 18 15:01:49 2023 UTC and is due to finish in 60 minutes. The chair is d34dh0r53. Information about MeetBot at http://wiki.debian.org/MeetBot. 15:01:49 <opendevmeet> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 15:01:49 <opendevmeet> The meeting name has been set to 'keystone' 15:02:08 <d34dh0r53> #topic roll call 15:02:11 <d34dh0r53> admiyo, bbobrov, crisloma, d34dh0r53, dpar, dstanek, hrybacki, knikolla[m], lbragstad, lwanderley, kmalloc, rodrigods, samueldmq, ruan_he, wxy, sonuk, vishakha, Ajay, rafaelwe, xek, gmann, zaitcev, reqa, dmendiza[m] 15:02:15 <hiromu> o/ 15:02:34 <d34dh0r53> o/ 15:05:00 <d34dh0r53> #topic review past meeting work items 15:05:17 <d34dh0r53> no updates from me, so pushing 15:05:26 <d34dh0r53> #action d34dh0r53 Look into adding/restoring a known issues section to our documentation 15:05:35 <d34dh0r53> #action d34dh0r53 add https://bugs.launchpad.net/keystone/+bug/1305950 to the known issues section of our documentation 15:05:43 <d34dh0r53> #topic liaison updates 15:05:50 <d34dh0r53> nothing from me, release/vmt 15:07:49 <d34dh0r53> moving on 15:08:00 <d34dh0r53> #topic specification OAuth 2.0 (hiromu) 15:08:08 <d34dh0r53> #link https://review.opendev.org/q/topic:bp%252Foauth2-client-credentials-ext 15:08:11 <d34dh0r53> #link https://review.opendev.org/q/topic:bp%252Fenhance-oauth2-interoperability 15:08:13 <d34dh0r53> External OAuth 2.0 Specification 15:08:15 <d34dh0r53> #link https://review.opendev.org/c/openstack/keystone-specs/+/861554 15:08:17 <d34dh0r53> OAuth 2.0 Implementation 15:08:19 <d34dh0r53> #link https://review.opendev.org/q/topic:bp%252Fsupport-oauth2-mtls 15:08:21 <d34dh0r53> OAuth 2.0 Documentation 15:08:23 <d34dh0r53> #link https://review.opendev.org/c/openstack/keystone/+/838108 15:08:25 <d34dh0r53> #link https://review.opendev.org/c/openstack/keystoneauth/+/838104 15:08:42 <hiromu> I've added implementation plan of Ext. OAuth2.0 server support tests on Etherpad: https://etherpad.opendev.org/p/keystone-weekly-meeting 15:09:11 <hiromu> Could you check if it's in line with your thoughts? 15:09:25 <d34dh0r53> I saw that, thank you hiromu, yes, I'll take a look 15:09:34 <hiromu> Thank you! 15:10:12 <hiromu> Please quckly check the repositories are correct if possible 15:10:48 <hiromu> Test codes will be added into keystone-tempest-plugin and Zuul jobs will be added to keystonemiddleware 15:11:16 <hiromu> Does this make sense? 15:12:12 <d34dh0r53> yes, will you add tacker and barbican clients to keystone-tempest-plugin? 15:12:25 <hiromu> Yes 15:12:56 <d34dh0r53> ok, that makes sense 15:13:25 <hiromu> awesome! thanks for the confirmation 15:14:05 <d34dh0r53> no problem, thank you for the outline 15:14:12 <hiromu> :) 15:14:34 <d34dh0r53> anything else for OAuth 2.0? 15:14:47 <hiromu> no. that's all 15:15:51 <d34dh0r53> ack, thanks 15:15:55 <d34dh0r53> moving on 15:16:08 <d34dh0r53> #topic specification Secure RBAC (dmendiza[m]) 15:16:17 <d34dh0r53> #link https://governance.openstack.org/tc/goals/selected/consistent-and-secure-rbac.html#z-release-timeline_ 15:16:20 <d34dh0r53> 2024.1 Release Timeline 15:16:22 <d34dh0r53> Update oslo.policy in keystone to enforce_new_defaults=True 15:16:24 <d34dh0r53> Update oslo.policy in keystone to enforce_scope=True 15:16:38 <d34dh0r53> dmendiza[m] is on PTO this week so probably no update from him 15:18:25 <d34dh0r53> #topic open discussion 15:18:40 <d34dh0r53> nothing else on the agenda other than OAuth 2.0 testing 15:19:54 <d34dh0r53> #topic bug review 15:20:00 <d34dh0r53> #link https://bugs.launchpad.net/keystone/?orderby=-id&start=0 15:20:57 <d34dh0r53> we have one new bug 15:21:05 <d34dh0r53> #link https://bugs.launchpad.net/keystone/+bug/2039269 15:21:29 <d34dh0r53> this looks like a feature request to me, but it may be a bug. I'll ping dmendiza[m] about this as he's our resident S-RBAC expert 15:22:24 <d34dh0r53> #link https://bugs.launchpad.net/python-keystoneclient/?orderby=-id&start=0 15:23:02 <d34dh0r53> no new bugs for python-keystoneclient 15:23:16 <d34dh0r53> #link https://bugs.launchpad.net/keystoneauth/+bugs?orderby=-id&start=0 15:24:36 <d34dh0r53> one new bug in keystoneauth 15:24:39 <d34dh0r53> https://bugs.launchpad.net/keystoneauth/+bug/2039255 15:24:42 <d34dh0r53> #link https://bugs.launchpad.net/keystoneauth/+bug/2039255 15:25:04 <d34dh0r53> We'll need to investigate this one, might be solved by quoting the password in the config file 15:25:07 <d34dh0r53> any takers? 15:26:46 <d34dh0r53> next up 15:26:48 <d34dh0r53> #link https://bugs.launchpad.net/keystonemiddleware/+bugs?orderby=-id&start=0 15:27:44 <d34dh0r53> no new bugs in keystonemiddleware 15:27:54 <d34dh0r53> #link https://bugs.launchpad.net/pycadf/+bugs?orderby=-id&start=0 15:28:02 <d34dh0r53> pycadf is clean 15:28:12 <d34dh0r53> #link https://bugs.launchpad.net/ldappool/+bugs?orderby=-id&start=0 15:28:15 <d34dh0r53> as is ldappool 15:28:19 <d34dh0r53> #topic conclusion 15:28:30 <d34dh0r53> vPTG is next week, hope to see y'all there 15:28:42 <d34dh0r53> Have a great rest of your week! 15:28:46 <d34dh0r53> #endmeeting