15:02:21 #startmeeting keystone 15:02:21 Meeting started Wed May 28 15:02:21 2025 UTC and is due to finish in 60 minutes. The chair is d34dh0r53. Information about MeetBot at http://wiki.debian.org/MeetBot. 15:02:21 Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 15:02:21 The meeting name has been set to 'keystone' 15:02:39 Reminder: This meeting takes place under the OpenInfra Foundation Code of Conduct 15:02:42 #link https://openinfra.dev/legal/code-of-conduct 15:02:45 #topic roll call 15:02:58 admiyo, bbobrov, crisloma, d34dh0r53, dpar, dstanek, hrybacki, lbragstad, lwanderley, kmalloc, rodrigods, samueldmq, ruan_he, wxy, sonuk, vishakha, Ajay, rafaelwe, xek, gmann, zaitcev, reqa, dmendiza[m], dmendiza, mharley, jph, gtema, cardoe, deydra 15:03:02 dmendiza: o/ 15:03:03 o/ 15:03:30 🙋‍♂️ 15:04:09 #topic review past meeting work items 15:04:19 #link https://meetings.opendev.org/meetings/keystone/2025/keystone.2025-05-21-15.00.html 15:04:25 no action items from last week 15:04:28 next up 15:04:36 #topic liaison updates 15:05:19 nothing from me 15:05:31 nor me 15:05:36 #topic specification OAuth 2.0 (hiromu) 15:05:38 #link https://review.opendev.org/q/topic:bp%252Foauth2-client-credentials-ext 15:05:40 #link https://review.opendev.org/q/topic:bp%252Fenhance-oauth2-interoperability 15:05:45 External OAuth 2.0 Specification 15:05:47 #link https://review.opendev.org/c/openstack/keystone-specs/+/861554 (merged) 15:05:49 OAuth 2.0 Implementation 15:05:53 #link https://review.opendev.org/q/topic:bp%252Fsupport-oauth2-mtls (merged) 15:05:56 OAuth 2.0 Documentation 15:06:02 #link https://review.opendev.org/c/openstack/keystone/+/838108 (merged) 15:06:05 #link https://review.opendev.org/c/openstack/keystoneauth/+/838104 (merged) 15:06:10 no updates on this one 15:06:17 #topic specification Secure RBAC (dmendiza[m]) 15:06:20 #link https://governance.openstack.org/tc/goals/selected/consistent-and-secure-rbac.html#z-release-timeline_ 15:06:24 2024.1 Release Timeline 15:06:28 Update oslo.policy in keystone to enforce_new_defaults=True 15:06:31 Update oslo.policy in keystone to enforce_scope=True 15:06:36 dmendiza: any updates? 15:08:42 Negative 15:09:22 👍️ 15:09:28 #topic specification OpenAPI support (gtema) 15:09:30 #link https://review.opendev.org/q/topic:%22openapi%22+project:openstack/keystone 15:10:16 In my tests with mocked server (based on the spec) I noticed fun stuff when in response the same boolean is reused as in the query 15:10:35 since on input we support true/false/0/1/t/f/on/off ... 15:10:47 to address this https://review.opendev.org/c/openstack/keystone/+/950647 15:11:18 at least that is the one for the user. From now we will keep an eye on that case globally 15:11:32 other than that there is nothing on the openapi front 15:13:57 ok, I'll take a look 15:14:01 thanks gtema 15:14:06 thks 15:14:13 #topic open discussion 15:14:57 nothing special from me 15:15:18 rust federation work goes smoothly 15:17:18 awesome 15:17:27 I don't have anything either 15:17:40 let's move on to bug review 15:17:44 #topic bug review 15:17:47 #link https://bugs.launchpad.net/keystone/?orderby=-id&start=0 15:18:19 new bug in keystone 15:18:22 #link https://bugs.launchpad.net/keystone/+bug/2111836 15:19:34 I'll check 15:20:16 ack 15:20:55 that does it for keystone 15:20:56 moving on 15:21:09 #link https://bugs.launchpad.net/python-keystoneclient/?orderby=-id&start=0 15:21:18 nothing new in python-keystoneclient 15:21:22 #link https://bugs.launchpad.net/keystoneauth/+bugs?orderby=-id&start=0 15:21:35 keystoneauth is good 15:21:46 #link https://bugs.launchpad.net/keystonemiddleware/+bugs?orderby=-id&start=0 15:22:09 keystonemiddleware looks clean 15:22:13 #link https://bugs.launchpad.net/pycadf/+bugs?orderby=-id&start=0 15:22:19 no new bugs in pycadf 15:22:23 #link https://bugs.launchpad.net/ldappool/+bugs?orderby=-id&start=0 15:22:27 nor ldappool 15:22:32 #topic conclusion 15:22:49 Thanks folks, short and sweet today 15:23:07 yupp, thanks guys 15:23:37 #endmeeting