#openstack-keystone log

15:02:21 <d34dh0r53> #startmeeting keystone
15:02:21 <opendevmeet> Meeting started Wed May 28 15:02:21 2025 UTC and is due to finish in 60 minutes.  The chair is d34dh0r53. Information about MeetBot at http://wiki.debian.org/MeetBot.
15:02:21 <opendevmeet> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
15:02:21 <opendevmeet> The meeting name has been set to 'keystone'
15:02:39 <d34dh0r53> Reminder: This meeting takes place under the OpenInfra Foundation Code of Conduct
15:02:42 <d34dh0r53> #link https://openinfra.dev/legal/code-of-conduct
15:02:45 <d34dh0r53> #topic roll call
15:02:58 <d34dh0r53> admiyo, bbobrov, crisloma, d34dh0r53, dpar, dstanek, hrybacki, lbragstad, lwanderley, kmalloc, rodrigods, samueldmq, ruan_he, wxy, sonuk, vishakha, Ajay, rafaelwe, xek, gmann, zaitcev, reqa, dmendiza[m], dmendiza, mharley, jph, gtema, cardoe, deydra
15:03:02 <d34dh0r53> dmendiza: o/
15:03:03 <gtema> o/
15:03:30 <dmendiza[m]> 🙋‍♂️
15:04:09 <d34dh0r53> #topic review past meeting work items
15:04:19 <d34dh0r53> #link https://meetings.opendev.org/meetings/keystone/2025/keystone.2025-05-21-15.00.html
15:04:25 <d34dh0r53> no action items from last week
15:04:28 <d34dh0r53> next up
15:04:36 <d34dh0r53> #topic liaison updates
15:05:19 <gtema> nothing from me
15:05:31 <d34dh0r53> nor me
15:05:36 <d34dh0r53> #topic specification OAuth 2.0 (hiromu)
15:05:38 <d34dh0r53> #link https://review.opendev.org/q/topic:bp%252Foauth2-client-credentials-ext
15:05:40 <d34dh0r53> #link https://review.opendev.org/q/topic:bp%252Fenhance-oauth2-interoperability
15:05:45 <d34dh0r53> External OAuth 2.0 Specification
15:05:47 <d34dh0r53> #link https://review.opendev.org/c/openstack/keystone-specs/+/861554 (merged)
15:05:49 <d34dh0r53> OAuth 2.0 Implementation
15:05:53 <d34dh0r53> #link https://review.opendev.org/q/topic:bp%252Fsupport-oauth2-mtls (merged)
15:05:56 <d34dh0r53> OAuth 2.0 Documentation
15:06:02 <d34dh0r53> #link https://review.opendev.org/c/openstack/keystone/+/838108 (merged)
15:06:05 <d34dh0r53> #link https://review.opendev.org/c/openstack/keystoneauth/+/838104 (merged)
15:06:10 <d34dh0r53> no updates on this one
15:06:17 <d34dh0r53> #topic specification Secure RBAC (dmendiza[m])
15:06:20 <d34dh0r53> #link https://governance.openstack.org/tc/goals/selected/consistent-and-secure-rbac.html#z-release-timeline_
15:06:24 <d34dh0r53> 2024.1 Release Timeline
15:06:28 <d34dh0r53> Update oslo.policy in keystone to enforce_new_defaults=True
15:06:31 <d34dh0r53> Update oslo.policy in keystone to enforce_scope=True
15:06:36 <d34dh0r53> dmendiza: any updates?
15:08:42 <dmendiza[m]> Negative
15:09:22 <d34dh0r53> 👍️
15:09:28 <d34dh0r53> #topic specification OpenAPI support (gtema)
15:09:30 <d34dh0r53> #link https://review.opendev.org/q/topic:%22openapi%22+project:openstack/keystone
15:10:16 <gtema> In my tests with mocked server (based on the spec) I noticed fun stuff when in response the same boolean is reused as in the query
15:10:35 <gtema> since on input we support true/false/0/1/t/f/on/off ...
15:10:47 <gtema> to address this https://review.opendev.org/c/openstack/keystone/+/950647
15:11:18 <gtema> at least that is the one for the user. From now we will keep an eye on that case globally
15:11:32 <gtema> other than that there is nothing on the openapi front
15:13:57 <d34dh0r53> ok, I'll take a look
15:14:01 <d34dh0r53> thanks gtema
15:14:06 <gtema> thks
15:14:13 <d34dh0r53> #topic open discussion
15:14:57 <gtema> nothing special from me
15:15:18 <gtema> rust federation work goes smoothly
15:17:18 <d34dh0r53> awesome
15:17:27 <d34dh0r53> I don't have anything either
15:17:40 <d34dh0r53> let's move on to bug review
15:17:44 <d34dh0r53> #topic bug review
15:17:47 <d34dh0r53> #link https://bugs.launchpad.net/keystone/?orderby=-id&start=0
15:18:19 <d34dh0r53> new bug in keystone
15:18:22 <d34dh0r53> #link https://bugs.launchpad.net/keystone/+bug/2111836
15:19:34 <gtema> I'll check
15:20:16 <d34dh0r53> ack
15:20:55 <d34dh0r53> that does it for keystone
15:20:56 <d34dh0r53> moving on
15:21:09 <d34dh0r53> #link https://bugs.launchpad.net/python-keystoneclient/?orderby=-id&start=0
15:21:18 <d34dh0r53> nothing new in python-keystoneclient
15:21:22 <d34dh0r53> #link https://bugs.launchpad.net/keystoneauth/+bugs?orderby=-id&start=0
15:21:35 <d34dh0r53> keystoneauth is good
15:21:46 <d34dh0r53> #link https://bugs.launchpad.net/keystonemiddleware/+bugs?orderby=-id&start=0
15:22:09 <d34dh0r53> keystonemiddleware looks clean
15:22:13 <d34dh0r53> #link https://bugs.launchpad.net/pycadf/+bugs?orderby=-id&start=0
15:22:19 <d34dh0r53> no new bugs in pycadf
15:22:23 <d34dh0r53> #link https://bugs.launchpad.net/ldappool/+bugs?orderby=-id&start=0
15:22:27 <d34dh0r53> nor ldappool
15:22:32 <d34dh0r53> #topic conclusion
15:22:49 <d34dh0r53> Thanks folks, short and sweet today
15:23:07 <gtema> yupp, thanks guys
15:23:37 <d34dh0r53> #endmeeting