#openstack-keystone log

15:06:44 <d34dh0r53> #startmeeting keystone
15:06:44 <opendevmeet> Meeting started Wed Aug 14 15:06:44 2024 UTC and is due to finish in 60 minutes.  The chair is d34dh0r53. Information about MeetBot at http://wiki.debian.org/MeetBot.
15:06:44 <opendevmeet> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
15:06:44 <opendevmeet> The meeting name has been set to 'keystone'
15:07:11 <d34dh0r53> #topic roll call
15:07:18 <d34dh0r53> admiyo, bbobrov, crisloma, d34dh0r53, dpar, dstanek, hrybacki, knikolla[m], lbragstad, lwanderley, kmalloc, rodrigods, samueldmq, ruan_he, wxy, sonuk, vishakha, Ajay, rafaelwe, xek, gmann, zaitcev, reqa, dmendiza[m], mharley, jph, gtema
15:07:19 <d34dh0r53> o/
15:07:24 <gtema> o/
15:07:25 <jph> o/
15:08:34 <mhen> o/
15:08:41 <d34dh0r53> #topic review past meeting work items
15:09:09 <d34dh0r53> #link https://meetings.opendev.org/meetings/keystone/2024/keystone.2024-08-07-15.03.html
15:09:12 <d34dh0r53> reviewathon look at https://review.opendev.org/c/openstack/keystone/+/924132
15:09:46 <d34dh0r53> looks like this was reviewed and updated based on those reviews
15:10:08 <d34dh0r53> dmendiza is on PTO this week, but he should see it when he's back
15:10:23 <gtema> oh, that's good to know
15:10:23 <d34dh0r53> setting an action item for next week
15:10:39 <d34dh0r53> #action reviewathon look at updated https://review.opendev.org/c/openstack/keystone/+/924132
15:10:46 <d34dh0r53> I'll take a look this week as well
15:10:51 <d34dh0r53> next up
15:11:01 <d34dh0r53> reviewathon https://review.opendev.org/c/openstack/keystone/+/924085
15:11:24 <gtema> was not looked actually
15:11:52 <d34dh0r53> dmendiza reviewed this and it's on my radar to review this week
15:12:02 <gtema> good
15:13:22 <d34dh0r53> #action d34dh0r53 review https://review.opendev.org/c/openstack/keystone/+/924085
15:13:33 <d34dh0r53> that does it for the last meetings items
15:13:38 <d34dh0r53> moving on to...
15:13:49 <d34dh0r53> #topic liaison updates
15:13:58 <d34dh0r53> nothing from VMT or releases
15:15:12 <d34dh0r53> #topic specification OAuth 2.0 (hiromu)
15:15:26 <d34dh0r53> hopefully I can spend some time this week working on the last few patches
15:15:48 <d34dh0r53> next up
15:15:54 <d34dh0r53> #topic specification Secure RBAC (dmendiza[m])
15:16:04 <d34dh0r53> #link https://governance.openstack.org/tc/goals/selected/consistent-and-secure-rbac.html#z-release-timeline_... (full message at <https://matrix.org/_matrix/media/v3/download/matrix.org/sQagmjhyhspdwGyqRoZVrVtr>)
15:16:21 <d34dh0r53> dmendiza is on PTO, so no updates here
15:16:37 <d34dh0r53> #topic specification OpenAPI support (gtema)
15:16:50 <d34dh0r53> #link https://review.opendev.org/c/openstack/keystone-specs/+/910584 (merged)
15:16:50 <d34dh0r53> #link https://review.opendev.org/q/topic:%22openapi%22+project:openstack/keystone
15:16:50 <d34dh0r53> gtema: changes awaiting review
15:17:11 <gtema> all still unchanged - waiting for reviews
15:18:05 <d34dh0r53> ack, I'll take a look this week
15:18:09 <d34dh0r53> #topic specification domain manager (mhen)
15:18:20 <d34dh0r53> #link https://review.opendev.org/q/topic:%22domain-manager%22... (full message at <https://matrix.org/_matrix/media/v3/download/matrix.org/hViMWKcJBMeNoXtmawPxcfaQ>)
15:19:00 <d34dh0r53> this spec has been updated (thanks mhen!) and will need re-reviews
15:20:16 <mhen> I added project manager (as kind of negative tests to domain manager) to all Tempest RBAC tests and added release notes as discussed in the last reviewathon.
15:20:44 <d34dh0r53> oh cool
15:21:33 <d34dh0r53> I did not mean to insert spec into my statement above, oops
15:21:59 <mhen> s/spec/patchset :)
15:23:49 <d34dh0r53> :)
15:23:52 <d34dh0r53> indeed
15:24:09 <d34dh0r53> #topic open discussion
15:24:19 <d34dh0r53> codebase renovation (gtema)... (full message at <https://matrix.org/_matrix/media/v3/download/matrix.org/thmTPnAolIzKeJgMhprwqTDr>)
15:24:27 <gtema> https://review.opendev.org/c/openstack/keystone/+/925008 needs last review
15:24:38 <gtema> and we mark py312 as supported
15:24:58 <d34dh0r53> sweet, I can look at that today
15:25:39 <d34dh0r53> next up
15:25:49 <d34dh0r53> SAML issue with Google Chrome due to SAMESITE cookies (jph)
15:25:49 <d34dh0r53> Will open bug report with findings
15:27:14 <jph> I have open the bug report. Haven't had the opportunity to explore for a fix yet. Maybe next week.
15:27:38 <d34dh0r53> ack, thanks, I was just reading the bug report
15:29:28 <d34dh0r53> moving on
15:29:34 <d34dh0r53> #topic bug review
15:29:44 <d34dh0r53> #link https://bugs.launchpad.net/keystone/?orderby=-id&start=0
15:30:08 <d34dh0r53> four bugs for keystone this week
15:30:12 <d34dh0r53> first up
15:30:21 <d34dh0r53> #link https://bugs.launchpad.net/keystone/+bug/2076259
15:30:31 <d34dh0r53> this is the SAMESITE issue we just talked about
15:31:24 <d34dh0r53> next up
15:31:33 <d34dh0r53> #link https://bugs.launchpad.net/keystone/+bug/2076409
15:34:08 <d34dh0r53> I'm not sure about this one, if you use TLS and don't have a CA file you're not going to get very far.  Maybe a release note for the upgrade process is in order.
15:34:52 <d34dh0r53> moving on
15:35:09 <d34dh0r53> #link https://bugs.launchpad.net/keystone/+bug/2076670
15:36:07 <gtema> yeah, looks valid
15:36:10 <d34dh0r53> that one is confirmed and should be fixed
15:36:26 <d34dh0r53> last bug for keystone this week
15:36:40 <d34dh0r53> #link https://bugs.launchpad.net/keystone/+bug/2076992
15:37:42 <d34dh0r53> hmm
15:38:16 <d34dh0r53> probably worth taking a look at
15:39:15 <opendevreview> Artem Goncharov proposed openstack/keystone master: Fix role statement in admin doc  https://review.opendev.org/c/openstack/keystone/+/926291
15:40:14 <d34dh0r53> boom!
15:40:19 <gtema> I think the py312 stuff might fix that
15:40:33 <gtema> not sure but there is definitely some datetime changes
15:40:51 <d34dh0r53> yeah, hopefully
15:41:08 <d34dh0r53> #link https://bugs.launchpad.net/python-keystoneclient/?orderby=-id&start=0
15:41:17 <d34dh0r53> no new bugs for python-keystoneclient
15:41:26 <d34dh0r53> #link https://bugs.launchpad.net/keystoneauth/+bugs?orderby=-id&start=0
15:41:42 <d34dh0r53> keystoneauth is good
15:41:45 <gtema> and the trace for the bug clearly states it runs with py312
15:41:59 <d34dh0r53> #link https://bugs.launchpad.net/keystonemiddleware/+bugs?orderby=-id&start=0
15:42:14 <d34dh0r53> nothing new for keystonemiddleware
15:42:25 <d34dh0r53> #link https://bugs.launchpad.net/pycadf/+bugs?orderby=-id&start=0
15:42:53 <d34dh0r53> pycadf is good as well
15:43:01 <d34dh0r53> #link https://bugs.launchpad.net/ldappool/+bugs?orderby=-id&start=0
15:43:16 <d34dh0r53> and ldappool is good
15:43:21 <d34dh0r53> #topic conclusion
15:44:09 <d34dh0r53> Thanks everyone, virtual PTG is coming up in October, I'll be registering Keystone this week
15:44:24 <gtema> cool
15:44:59 <d34dh0r53> That's it from me!
15:45:03 <d34dh0r53> Thank you all!
15:45:13 <gtema> thanks Dave Wilde (d34dh0r53)
15:45:16 <d34dh0r53> #endmeeting