15:02:30 <hogepodge> #startmeeting loci 15:02:31 <openstack> Meeting started Fri Mar 1 15:02:30 2019 UTC and is due to finish in 60 minutes. The chair is hogepodge. Information about MeetBot at http://wiki.debian.org/MeetBot. 15:02:32 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 15:02:34 <openstack> The meeting name has been set to 'loci' 15:02:59 <evrardjp> o/ 15:03:59 <hogepodge> #topic self-signed certs 15:04:10 <evrardjp> I guess that one is for me 15:04:57 <evrardjp> when browsing the fetch_wheels code, I realised the protocol_detection is quite brittle 15:05:24 <evrardjp> Would you be okay if I just remove it, and replace it with a variable? 15:05:50 <hogepodge> that should be fine 15:06:16 <evrardjp> That could default to http, the current behaviour, and be updated by the user to https if required. The rest is unchanged. 15:06:23 <hogepodge> I don’t know if anyone is depending on using local files 15:06:33 <evrardjp> that's for registries 15:06:41 <hogepodge> ah, ok 15:07:03 <evrardjp> local files fetching is not impacted 15:07:24 <evrardjp> and registries like dockerhub provide http redirection to valid certificates, so that doesn't matter to them too 15:07:36 <evrardjp> http redirection to https + valid certificates* 15:08:02 <evrardjp> so basically the detection is... quite broken, because it spits http everywhere even if http doesn't work 15:08:04 <hogepodge> ok 15:08:25 <evrardjp> what would be the name of said variable we expose? 15:08:30 <evrardjp> REGISTRY_USE_SSL ? 15:08:37 <evrardjp> REGISTRY_PROTOCOL ? 15:08:50 <evrardjp> REGISTRY_PROTOCOL http by default seems clear to me 15:08:56 <hogepodge> I would probaly say the latter 15:09:02 <hogepodge> yup 15:09:04 <evrardjp> ok 15:09:35 <evrardjp> I will also add another key, REGISTRY_SSL_NOVERIFY, for those pesky self-signed certs :p 15:09:48 <evrardjp> if everyone agrees :) 15:09:59 <hogepodge> I just learned yesterday that starlingx is adopting loci, so since we have adoption across two large projects now we should publish these changes to the mailing list to give everyone a fair heads up 15:10:14 <evrardjp> oh really? 15:10:15 <evrardjp> cool 15:10:17 <evrardjp> yeah will do 15:10:18 <hogepodge> I might just use INSECURE to match the rest of the community 15:10:30 <hogepodge> but I have not strong opinion on that either way 15:10:31 <evrardjp> right 15:10:33 <evrardjp> yeah 15:10:35 <evrardjp> that's fine for me 15:10:50 <evrardjp> it's clearer 15:10:51 <hogepodge> or REGISTRY_INSECURE 15:10:59 <evrardjp> yeah 15:11:05 <evrardjp> +1 on REGISTRY_INSECURE 15:11:29 <evrardjp> will do the cleanup of the function in a different patch. 15:12:18 <hogepodge> that sounds great, thanks 15:12:19 <evrardjp> so that people have time to react on the ML 15:12:32 <evrardjp> thanks for your time and opinions hogepodge :) 15:13:04 <hogepodge> Of course: :-) 15:13:13 <hogepodge> #topic testing 15:13:24 * evrardjp giggles 15:13:46 <hogepodge> testing is still an issue in my mind. I have to remove some tests, and figure out a solution for making sure our packages actually work 15:14:19 <hogepodge> We’ve moved to a sprint model of working, so I’m. going to make this one of my items to address to make sure I carve out time for it 15:14:30 <evrardjp> ok 15:15:19 <hogepodge> I’m trying to decide if the best route is to do something like project individual testing, like running keystone tests against keystone, or be more ambitious and test against an AIO deployment (which i have, but right now it only supports centos) 15:16:05 <hogepodge> you have any opinions on that? 15:16:18 <evrardjp> hogepodge: I think we should not have another deployment tool, but we lack testing, so what you have, even if it _only_ supports centos, is better than nothing 15:16:26 <evrardjp> and I would not go further in fact :p 15:17:09 <evrardjp> the alternative is smoke tests per image, which is fine -- but how will you test nova? 15:17:16 <evrardjp> that's harder to test. 15:17:32 <hogepodge> It’s what I use to deploy in my home lab, so it’s maintained, and I do want to add leap and ubuntu support, but it’s been very low priority (getting it to work at all has taken most of my time) 15:17:49 <hogepodge> yeah 15:18:09 <hogepodge> just run nova unit tests for example 15:18:25 <hogepodge> but integrated would simplify things a lot 15:18:50 <hogepodge> I would need to pull my tooling into infra, which should be easy enough. I’m just calling it locistack 15:20:16 <evrardjp> I am not sure if I can invest time into maintaining it though -- do you want it to be voting, nv, experimental or a periodic? 15:23:10 <hogepodge> maybe start non-voting 15:23:49 <hogepodge> I can start by running tempest against a local installation and see if it even works 15:23:58 <evrardjp> : ) 15:24:07 <hogepodge> Thanks 15:24:12 <hogepodge> #topic open discussion 15:24:15 <hogepodge> anything else? 15:24:41 <evrardjp> nothing for me -- portdirect? 15:24:54 <hogepodge> hehe I was wondering if I should out out portdirect 15:24:58 <evrardjp> hogepodge: I learned from the best :p 15:26:08 <hogepodge> hearing nothing, thanks, and have a great weekend! 15:26:17 <hogepodge> #endmeeting