#openstack-keystone log

15:00:45 <d34dh0r53> #startmeeting keystone
15:00:45 <opendevmeet> Meeting started Wed Nov 15 15:00:45 2023 UTC and is due to finish in 60 minutes.  The chair is d34dh0r53. Information about MeetBot at http://wiki.debian.org/MeetBot.
15:00:45 <opendevmeet> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
15:00:45 <opendevmeet> The meeting name has been set to 'keystone'
15:01:12 <d34dh0r53> #topic roll call
15:01:17 <d34dh0r53> admiyo, bbobrov, crisloma, d34dh0r53, dpar, dstanek, hrybacki, knikolla[m], lbragstad, lwanderley, kmalloc, rodrigods, samueldmq, ruan_he, wxy, sonuk, vishakha, Ajay, rafaelwe, xek, gmann, zaitcev, reqa, dmendiza[m]
15:03:11 <knikolla> o/ (have a meeting conflict but will lurk and try to follow)
15:03:25 <d34dh0r53> o/ knikolla no problem
15:03:32 <d34dh0r53> not much on the agenda today
15:03:48 <d34dh0r53> #topic review past meeting work items
15:04:11 <d34dh0r53> not much here, I don't have updates on either of my tasks as I was investigating a security bug in keystone last week
15:04:38 <d34dh0r53> #link https://meetings.opendev.org/meetings/keystone/2023/keystone.2023-11-08-15.00.html
15:04:47 <d34dh0r53> #action d34dh0r53 Look into adding/restoring a known issues section to our documentation
15:04:53 <d34dh0r53> #action d34dh0r53 add https://bugs.launchpad.net/keystone/+bug/1305950 to the known issues section of our documentation
15:05:04 <d34dh0r53> #topic liaison updates
15:05:12 <d34dh0r53> nothing from release or vmt
15:07:01 <d34dh0r53> #topic specification OAuth 2.0 (hiromu)
15:07:13 <d34dh0r53> #link https://review.opendev.org/q/topic:bp%252Foauth2-client-credentials-ext
15:07:16 <d34dh0r53> #link https://review.opendev.org/q/topic:bp%252Fenhance-oauth2-interoperability
15:07:18 <d34dh0r53> External OAuth 2.0 Specification
15:07:20 <d34dh0r53> #link https://review.opendev.org/c/openstack/keystone-specs/+/861554
15:07:22 <d34dh0r53> OAuth 2.0 Implementation
15:07:24 <d34dh0r53> #link https://review.opendev.org/q/topic:bp%252Fsupport-oauth2-mtls
15:07:26 <d34dh0r53> OAuth 2.0 Documentation
15:07:28 <d34dh0r53> #link https://review.opendev.org/c/openstack/keystone/+/838108
15:07:30 <d34dh0r53> #link https://review.opendev.org/c/openstack/keystoneauth/+/838104
15:07:51 <d34dh0r53> I don't see hiromu around so probably no update this week
15:10:25 <d34dh0r53> #topic Secure RBAC (dmendiza[m])
15:10:37 <d34dh0r53> 2024.1 Release Timeline
15:10:40 <d34dh0r53> Update oslo.policy in keystone to enforce_new_defaults=True
15:10:42 <d34dh0r53> Update oslo.policy in keystone to enforce_scope=True
15:11:08 <xek> o/
15:11:08 <dmendiza[m]> 🙋
15:11:08 <dmendiza[m]> No updates this week
15:11:17 <dmendiza[m]> been busy with downstream work
15:11:26 <d34dh0r53> ack, thanks dmendiza[m]
15:11:31 <d34dh0r53> next up
15:11:35 <d34dh0r53> #topic open discussion
15:11:46 <d34dh0r53> domain scoping for "GET /v3/domains" (mhen)
15:11:49 <d34dh0r53> bug: #link https://bugs.launchpad.net/keystone/+bug/2041611
15:11:51 <d34dh0r53> patch: #link https://review.opendev.org/c/openstack/keystone/+/900028
15:11:53 <d34dh0r53> looking for reviewers
15:11:55 <d34dh0r53> Zuul tests fail
15:11:57 <d34dh0r53> "keystone_tempest_plugin.tests.rbac" seems to be the culprit
15:11:59 <d34dh0r53> how can patches of the keystone_tempest_plugin be integrated in a way that the patchset above incorporates it in its testing? (i.e. interlinked patchsets between keystone and keystone_tempest_plugin that depend on each other)
15:12:14 <d34dh0r53> I did a recheck on this as the error message didn't make sense, we merged some gate fixes last week and hopefully that helped
15:14:52 <d34dh0r53> #topic bug review
15:16:20 <d34dh0r53> #link https://bugs.launchpad.net/keystone/?orderby=-id&start=0
15:16:31 <d34dh0r53> I think we need to look at this bug in keystone-manage
15:16:38 <d34dh0r53> #link https://bugs.launchpad.net/keystone/+bug/2042744
15:17:34 <d34dh0r53> I'll take a look
15:17:43 <d34dh0r53> next up, python-keystoneclient
15:17:45 <d34dh0r53> #link https://bugs.launchpad.net/python-keystoneclient/?orderby=-id&start=0
15:17:56 <d34dh0r53> no new bugs there
15:18:02 <d34dh0r53> keystoneauth...
15:18:06 <d34dh0r53> #link https://bugs.launchpad.net/keystoneauth/+bugs?orderby=-id&start=0
15:18:19 <d34dh0r53> also no new bugs
15:18:24 <d34dh0r53> moving on to keystonemiddleware
15:18:31 <d34dh0r53> #link https://bugs.launchpad.net/keystonemiddleware/+bugs?orderby=-id&start=0
15:18:39 <d34dh0r53> nothing new
15:18:48 <d34dh0r53> pycadf?
15:18:53 <d34dh0r53> #link https://bugs.launchpad.net/pycadf/+bugs?orderby=-id&start=0
15:19:04 <d34dh0r53> nope, and finally ldappool
15:19:10 <d34dh0r53> #link https://bugs.launchpad.net/ldappool/+bugs?orderby=-id&start=0
15:19:18 <d34dh0r53> also good
15:19:21 <d34dh0r53> #topic conclusion
15:19:30 <d34dh0r53> nothing from me, short and sweet today
15:19:42 <d34dh0r53> thanks folks!
15:19:46 <d34dh0r53> #endmeeting