15:05:34 #startmeeting keystone 15:05:34 Meeting started Wed Oct 30 15:05:34 2024 UTC and is due to finish in 60 minutes. The chair is d34dh0r53. Information about MeetBot at http://wiki.debian.org/MeetBot. 15:05:34 Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 15:05:34 The meeting name has been set to 'keystone' 15:06:26 o/ 15:06:39 o/ 15:06:45 Reminder: This meeting takes place under the OpenInfra Foundation Code of Conduct 15:06:46 #link https://openinfra.dev/legal/code-of-conduct 15:07:01 v 15:07:09 #topic roll call 15:07:27 admiyo, bbobrov, crisloma, d34dh0r53, dpar, dstanek, hrybacki, lbragstad, lwanderley, kmalloc, rodrigods, samueldmq, ruan_he, wxy, sonuk, vishakha, Ajay, rafaelwe, xek, gmann, zaitcev, reqa, dmendiza[m], dmendiza, mharley, jph, gtema, cardoe 15:08:13 o/ 15:08:53 O/ but on travel 15:09:12 #topic review past meeting work items 15:09:52 no action items from our previous meeting, last week was PTG so we didn't have a weekly meeting 15:10:22 Thanks everyone who attended and participated in the PTG, I felt like we had some very good sessions 15:10:50 #topic liaison updates 15:11:05 nothing from release or VMT at the moment 15:13:06 #topic specification OAuth 2.0 (hiromu) 15:13:10 #link https://review.opendev.org/q/topic:bp%252Foauth2-client-credentials-ext 15:13:12 #link https://review.opendev.org/q/topic:bp%252Fenhance-oauth2-interoperability 15:13:15 External OAuth 2.0 Specification 15:13:18 #link https://review.opendev.org/c/openstack/keystone-specs/+/861554 (merged) 15:13:21 OAuth 2.0 Implementation 15:13:24 #link https://review.opendev.org/q/topic:bp%252Fsupport-oauth2-mtls 15:13:27 OAuth 2.0 Documentation 15:13:32 #link https://review.opendev.org/c/openstack/keystone/+/838108 (merged) 15:13:33 #link https://review.opendev.org/c/openstack/keystoneauth/+/838104 (merged) 15:14:12 no updates from me, I think I can allocate some time to rebase and resubmit the last remaining work for this one this week 15:14:19 'v 15:14:21 #topic specification Secure RBAC (dmendiza[m]) 15:14:25 #link https://governance.openstack.org/tc/goals/selected/consistent-and-secure-rbac.html#z-release-timeline_ 15:14:29 2024.1 Release Timeline 15:14:32 Update oslo.policy in keystone to enforce_new_defaults=True 15:14:35 Update oslo.policy in keystone to enforce_scope=True 15:14:48 we need to clean up this section of the etherpad dmendiza 15:17:18 ok, moving on 15:17:22 #topic specification OpenAPI support (gtema) 15:17:24 #link https://review.opendev.org/q/topic:%22openapi%22+project:openstack/keystone 15:17:28 https://review.opendev.org/c/openstack/keystone/+/925020 could now also land to ease api-ref work 15:17:30 gtema: api-ref work started 15:18:14 Not many updates, but we need to decide whether OpenAPI or ruff should land first 15:18:37 Because also I started wip work on pagination which conflicts lot with ruff reformat 15:20:13 hmm, openapi then ruff is my thinking, but that's not based on much 15:21:27 There are conflicts 15:22:52 OpenAPI itself is huge amount of changes and not all are ready 15:22:52 I would prefer landing ruff first 15:23:31 ok, if ruff is actually easier to land first I'm all for it, I thought that since openapi was already well in progress it would be easier to land 15:24:35 I can't check patches now, am walking to the train 15:25:29 ok, no problem 15:25:50 we can look at the ruff stuff during the reviewathon 15:26:10 moving on 15:26:17 #topic specification domain manager (mhen) 15:26:20 still unmerged are: 15:26:24 documentation: https://review.opendev.org/c/openstack/keystone/+/928135 15:26:26 tempest tests: https://review.opendev.org/c/openstack/keystone-tempest-plugin/+/924222 15:29:43 no update from mhen_ 15:29:46 next up 15:29:52 #topic specification Type annotations (stephenfin) 15:29:56 #link https://review.opendev.org/q/project:openstack/keystoneauth+topic:typing 15:29:57 This is just pending reviews now. I will push the remaining patches as soon as a sufficient quantity of the current ones land. 15:30:01 * d34dh0r53 needs to review these 15:31:07 I'll try to review remaining from the train 15:32:06 thank you gtema (Artem Goncharov) 15:32:10 next up 15:32:31 #topic specification Include bad password details in audit messages (stanislav-z) 15:32:33 #link https://review.opendev.org/c/openstack/keystone-specs/+/915482 15:32:36 #link https://review.opendev.org/c/openstack/keystone/+/932423 15:32:38 30-Oct update: significant spec update including feedback during PTG. WIP implementation test are WIP. 15:33:00 Thanks for the update Stanislav Zaprudskiy , I haven't yet had a chance to look it over but will 15:36:54 moving on 15:36:54 #topic open discussion 15:37:41 You've seen first wip for pagination. Do we want spec first or just do it? 15:38:07 Or not at all (but that would be rather bad ux) 15:38:34 I think we should just do it, it shouldn't need a spec 15:38:43 Not having it is really bad UX 15:39:27 Ok, there I fix failing tests (because of changed functionality 15:39:57 S/there/then 15:40:04 ack, thank you! 15:41:23 #topic bug review 15:41:26 #link https://bugs.launchpad.net/keystone/?orderby=-id&start=0 15:41:31 no new bugs for keystone 15:41:37 #link https://bugs.launchpad.net/python-keystoneclient/?orderby=-id&start=0 15:41:42 python-keystoneclient is good 15:41:47 #link https://bugs.launchpad.net/keystoneauth/+bugs?orderby=-id&start=0 15:42:02 nothing new in keystoneauth either 15:42:07 #link https://bugs.launchpad.net/keystonemiddleware/+bugs?orderby=-id&start=0 15:42:42 keystonemiddleware is good, there is some low-hanging-fruit in this repo if anyone would like to contribute 15:42:49 #link https://bugs.launchpad.net/pycadf/+bugs?orderby=-id&start=0 15:42:57 pycadf has no new bugs 15:43:01 #link https://bugs.launchpad.net/ldappool/+bugs?ordterby=-id&start=0 15:43:07 nor does ldappool 15:43:13 #topic conclusion 15:43:36 I don't have anything specific, thanks again for the PTG participation! 15:43:58 #endmeeting