#openstack-keystone log

15:01:04 <d34dh0r53> #startmeeting keystone
15:01:04 <opendevmeet> Meeting started Wed May 22 15:01:04 2024 UTC and is due to finish in 60 minutes.  The chair is d34dh0r53. Information about MeetBot at http://wiki.debian.org/MeetBot.
15:01:04 <opendevmeet> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
15:01:04 <opendevmeet> The meeting name has been set to 'keystone'
15:01:10 <d34dh0r53> #topic roll call
15:01:22 <d34dh0r53> admiyo, bbobrov, crisloma, d34dh0r53, dpar, dstanek, hrybacki, knikolla[m], lbragstad, lwanderley, kmalloc, rodrigods, samueldmq, ruan_he, wxy, sonuk, vishakha, Ajay, rafaelwe, xek, gmann, zaitcev, reqa, dmendiza[m], mharley, jph, gtema
15:01:44 <gtema> o/
15:01:49 <mhen> o/
15:03:40 <d34dh0r53> #topic review past meeting work items
15:03:49 <d34dh0r53> #link https://meetings.opendev.org/meetings/keystone/2024/keystone.2024-05-15-15.01.html
15:03:54 <d34dh0r53> no updates
15:04:06 <d34dh0r53> #action d34dh0r53 Look into adding/restoring a known issues section to our documentation
15:04:17 <d34dh0r53> #topic liaison updates
15:04:32 <d34dh0r53> no updates from VMT or Releases
15:05:48 <d34dh0r53> #topic specification OAuth 2.0 (hiromu)
15:06:04 <d34dh0r53> #link https://review.opendev.org/q/topic:bp%252Foauth2-client-credentials-ext... (full message at <https://matrix.org/_matrix/media/v3/download/matrix.org/dPpQVdkHVMzBYnSFqSDdmuNk>)
15:07:40 <d34dh0r53> I started rebasing some of the keystone-tempest-plugins patches for this spec, I think that was about all that was left.  I haven't seen anyone respond to this spec in a few months so I'd like to get it to some point of completion.
15:08:10 <gtema> 👍️
15:08:26 <d34dh0r53> next up
15:08:43 <d34dh0r53> #topic specification Secure RBAC (dmendiza[m])
15:09:00 <d34dh0r53> #link https://governance.openstack.org/tc/goals/selected/consistent-and-secure-rbac.html#z-release-timeline_... (full message at <https://matrix.org/_matrix/media/v3/download/matrix.org/muwOzpdSIHvSHhuLwMqmoOZI>)
15:10:11 <mharley[m]> o/
15:10:14 <d34dh0r53> o/ mharley
15:10:25 <mharley[m]> Hey, Dave Wilde (d34dh0r53) !
15:11:00 <d34dh0r53> dmendiza: you around?
15:11:28 <dmendiza[m]> 🙋‍♂️
15:11:41 <d34dh0r53> 👋
15:12:09 <dmendiza[m]> Hmm... let's see ... I think the only update this week is that we want to make a new keystone-tempest-plugin release
15:12:26 <dmendiza[m]> to include the changes to policy to allow domain scope to a couple of APIs
15:13:05 <dmendiza[m]> #link https://review.opendev.org/c/openstack/releases/+/920147
15:14:44 <d34dh0r53> Yeah, hopefully that merges today
15:14:55 <dmendiza[m]> 🤞
15:16:53 <d34dh0r53> next up
15:17:10 <d34dh0r53> #topic specification Improve federated users management (gtema) (on-hold until 05/29)
15:17:31 <d34dh0r53> this is on hold for another week
15:17:50 <d34dh0r53> #link https://review.opendev.org/c/openstack/keystone-specs/+/748748
15:17:50 <d34dh0r53> gtema: clearly against of introducing bad API precedent, desperately waiting for other opinions
15:17:59 <gtema> right, still on hold
15:18:16 <d34dh0r53> 👍️
15:18:40 <d34dh0r53> #topic specification OpenAPI support (gtema)
15:18:40 <d34dh0r53> #link https://review.opendev.org/c/openstack/keystone-specs/+/910584
15:18:40 <d34dh0r53> gtema: waiting for reviews
15:19:39 <gtema> status haven't changed. I am waiting for spec to land
15:20:36 <d34dh0r53> maybe dmendiza or Grzegorz Grasza can look at this one, it should be a quick review.
15:21:58 <d34dh0r53> #topic open discussion
15:22:10 <d34dh0r53> passlib update... (full message at <https://matrix.org/_matrix/media/v3/download/matrix.org/DOaKsoxFcVWWOYndQcKkUROG>)
15:22:49 <d34dh0r53> no update on this unfortunately, I'm going to propose an upper-constraint next week if there's no update.
15:23:06 <d34dh0r53> then we'll need to start looking at alternatives and mitigation
15:23:23 <gtema> just go for it right now. This is really going crazy
15:24:25 <d34dh0r53> ack, I'll try to get to it today
15:24:34 <d34dh0r53> next up
15:24:45 <d34dh0r53> domain manager (mhen)... (full message at <https://matrix.org/_matrix/media/v3/download/matrix.org/AYMCftjnpFjRyoNueEkOACYL>)
15:25:53 <d34dh0r53> there are some new comments on this
15:26:39 <mhen> will get to it in the coming days
15:26:51 <gtema> I was honestly not really able to get what Sean meant
15:27:16 <d34dh0r53> thanks mhen
15:29:54 <d34dh0r53> let's start a conversation in the spec to get clarification on your questions gtema (Artem Goncharov)
15:29:59 <d34dh0r53> next up
15:30:02 <d34dh0r53> domain list scoping fix (mhen)... (full message at <https://matrix.org/_matrix/media/v3/download/matrix.org/GSbOVbGIswQOEemkWRoXUuXP>)
15:30:30 <d34dh0r53> I believe this was on hold for after Berlin
15:31:44 <mhen> I think there was some talk about wanting to revert the original change or something?
15:33:22 <mhen> bbobrov wanted to file a new bug according to the last meeting
15:33:29 <d34dh0r53> ack
15:33:59 <mhen> will look at it, once they do
15:34:08 <d34dh0r53> sounds good
15:34:23 <d34dh0r53> finally we have Enforcing scope in keystone breaks heat (and probably magnum) (tkajinam)... (full message at <https://matrix.org/_matrix/media/v3/download/matrix.org/SMwxCTmhXseWrYdqfcsiAWQm>)
15:34:38 <d34dh0r53> I think everything but the protection job voting patch has merged and been backported
15:35:10 <d34dh0r53> so we'll just need the final +2 on 919405
15:36:20 <d34dh0r53> moving on to bugs
15:36:32 <d34dh0r53> #topic bug review
15:36:59 <d34dh0r53> #link https://bugs.launchpad.net/keystone/?orderby=-id&start=0
15:37:24 <d34dh0r53> no new bugs for keystone
15:37:35 <d34dh0r53> #link https://bugs.launchpad.net/python-keystoneclient/?orderby=-id&start=0
15:37:52 <d34dh0r53> no python-keystoneclient
15:38:19 <d34dh0r53> #link https://bugs.launchpad.net/keystoneauth/+bugs?orderby=-id&start=0
15:38:34 <d34dh0r53> no new bugs for keystoneauth
15:38:44 <d34dh0r53> #link https://bugs.launchpad.net/keystonemiddleware/+bugs?orderby=-id&start=0
15:39:00 <d34dh0r53> keystonemiddleware is good
15:39:10 <d34dh0r53> #link https://bugs.launchpad.net/pycadf/+bugs?orderby=-id&start=0
15:39:33 <d34dh0r53> nothing new for pycadf
15:39:44 <d34dh0r53> #link https://bugs.launchpad.net/ldappool/+bugs?orderby=-id&start=0
15:39:45 <d34dh0r53> ldappool is also clean
15:39:50 <d34dh0r53> #topic conclusion
15:40:08 <d34dh0r53> Nothing from me.
15:40:36 <gtema> nothing from me either
15:41:19 <d34dh0r53> Thanks folks! See y'all next week.
15:41:23 <d34dh0r53> Oh, one thing
15:41:54 <d34dh0r53> No reviewathon this week, it's a day off for Red Hat
15:42:02 <d34dh0r53> Thanks again!
15:42:05 <d34dh0r53> #endmeeting