#openstack-oslo log

15:00:15 <hberaud> #startmeeting oslo
15:00:15 <opendevmeet> Meeting started Mon Aug  2 15:00:15 2021 UTC and is due to finish in 60 minutes.  The chair is hberaud. Information about MeetBot at http://wiki.debian.org/MeetBot.
15:00:15 <opendevmeet> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
15:00:15 <opendevmeet> The meeting name has been set to 'oslo'
15:00:20 <hberaud> Courtesy ping for hberaud, bnemec, johnsom, redrobot, stephenfin, bcafarel, kgiusti, jungleboyj, gmann
15:00:23 <hberaud> #link https://wiki.openstack.org/wiki/Meetings/Oslo#Agenda_for_Next_Meeting
15:00:25 <hberaud> Will just wait a couple minutes for folks.
15:00:34 <jungleboyj> o/
15:00:38 <bcafarel> o/
15:01:03 <johnsom> o/
15:01:19 <gmann> o/
15:03:06 <hberaud> #topic Red flags for/from liaisons
15:04:01 <bcafarel> all quiet as if we were in August in Neutron
15:04:27 <hberaud> I was on PTO during the 2 previous weeks and just come back so I'm not aware of anything from an Oslo viewpoint
15:04:46 <jungleboyj> Nothing from Cinder that I am aware of.
15:06:03 <hberaud> #topic Releases liaison
15:06:07 <hberaud> Same thing here no updates from my side
15:06:27 <hberaud> #topic Security liaison
15:07:29 <hberaud> Ben don't seems to be there, and I didn't noticed security threads for oslo on the ML
15:07:40 <hberaud> So next topic
15:07:43 <hberaud> #topic TaCT SIG liaison
15:07:50 <hberaud> I noticed one point here
15:08:22 <hberaud> http://lists.openstack.org/pipermail/openstack-discuss/2021-July/023939.html
15:09:08 <hberaud> I think this thread falls more or less into this topic
15:11:12 <hberaud> I haven't enough bandwidth to manage this point, I'll bring it next week hopefully someone will have more spare time
15:11:35 <hberaud> #topic Action items from last meeting
15:12:14 <hberaud> No previous items are available
15:12:27 <hberaud> #topic Weekly Wayward Wallaby Review
15:13:24 <hberaud> https://review.opendev.org/c/openstack/oslo.limit/+/695527
15:14:42 <hberaud> I left a comment
15:14:52 <hberaud> #topic Open discussion
15:15:41 <hberaud> Anything else that you want to bring today?
15:15:45 <gmann> I have one topic on oslo.policy warning
15:15:53 <gmann> #link http://lists.openstack.org/pipermail/openstack-discuss/2021-July/023646.html
15:16:16 <gmann> oslo policy rule warnings are very verbose in logs for our CI as well as for operators
15:16:39 <gmann> and that is more while moving to new RBAC
15:17:02 <gmann> I have proposal to 'make it configurable and disable by default' #link https://review.opendev.org/c/openstack/oslo.policy/+/799539
15:17:32 <gmann> and if any operator want to check what all rules they need to update for moving to new RBAC they can enable it via config option
15:17:43 <gmann> what you all think about this?
15:18:29 <gmann> this is ML thread specific to this proposal #link http://lists.openstack.org/pipermail/openstack-discuss/2021-July/023484.html
15:18:29 <hberaud> I'm far from this topic but at first glance that seems to make sense and that seems to be a good idea
15:18:44 <bcafarel> so going back a bit from new RBAC as default?
15:18:50 <bcafarel> ah no disable warning only ok
15:18:57 <hberaud> yep
15:19:04 <gmann> bcafarel: yeah, new RBAC as default is way far :)
15:19:18 <bcafarel> good :)
15:19:19 <johnsom> It seems like disabling the warnings by default is counter to having the warning at all.
15:20:25 <gmann> johnsom: but that will be during migration to new RBAC, in previous PTG we discuss about 'warning not at all for new rbac' but I think making it configurable can be good trade off
15:21:09 <gmann> and  after the new rbac migration we can enable it by default for our regular policy change
15:21:43 <gmann> because for new RBAC, it is 100% warning for all the rules as we are changing all the rule default in new RBAC.
15:22:07 <johnsom> Personally I find them horribly annoying, so... Having them disabled is good in that sense.  I am just wondering the time frame on getting everyone to move to "secure RBAC", etc.
15:23:17 <gmann> yeah, that is good question, we are trying to make this as community wide goal in TC, i have proposed the goal and need to select for Yoga
15:23:32 <gmann> hopefully that might help to finish the things
15:24:56 <gmann> If I can get more feedback and vote on review that will help to proceed on the warnings things.
15:25:10 <johnsom> I haven't looked at the patch, is it granular enough to only catch the "secure RBAC" messages, or will it catch project level policy deprecation as well?
15:25:22 <johnsom> Ack, I will take a look and comment
15:25:52 <gmann> johnsom: both, project level also at this stage.
15:26:20 <gmann> thanks
15:26:25 <gmann> that is all from me on this.
15:27:57 <hberaud> +1 I'll try to have a look to this patch
15:28:00 <hberaud> thanks
15:28:03 <gmann> thanks
15:28:04 <hberaud> Anything else?
15:30:17 <hberaud> OK, thanks everyone. Let's wrap up.
15:30:18 <hberaud> #endmeeting