#openstack-meeting log

18:01:04 <raildo> #startmeeting policy-popup
18:01:06 <openstack> Meeting started Thu May 28 18:01:04 2020 UTC and is due to finish in 60 minutes.  The chair is raildo. Information about MeetBot at http://wiki.debian.org/MeetBot.
18:01:07 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
18:01:09 <openstack> The meeting name has been set to 'policy_popup'
18:01:14 <gmann> o/
18:01:14 <raildo> #link https://wiki.openstack.org/wiki/Consistent_and_Secure_Default_Policies_Popup_Team#Agenda
18:01:15 <cmurphy> o/
18:01:24 <gmann> thanks for starting, just finished my lunch
18:01:33 <raildo> hey all, how things are going? :)
18:01:39 <gouthamr> o/
18:02:40 <raildo> #topic common/pre-work items to be finished for all projects
18:03:10 <raildo> gmann, this topic is on you?
18:03:25 <gmann> One things for sure we need to work on is policy file format usage
18:03:52 <gmann> policy.json and re-generated one is causing issue on adopting the new policy in backword compatible way
18:04:15 <raildo> #link for context http://eavesdrop.openstack.org/irclogs/%23openstack-nova/%23openstack-nova.2020-04-27.log.html#t2020-04-27T13:46:37
18:04:30 <gmann> we will be discussing it in nova-oslo cross project session in PTG Monday 15 UTC is schedule -  https://etherpad.opendev.org/p/nova-victoria-ptg
18:05:16 <gmann> if you have any early feedback idea, feel free to add on etherpad ^^
18:05:19 <raildo> gmann, cool, I suppose that what get defined that will be used for other services too?
18:05:37 <gmann> yeah.
18:05:45 <raildo> I mean, it's not only nova that will be affected by the policy file format when it's re-generated
18:06:29 <gmann> it will be all project start doing scope things. so re generation of file from oslo tool does not add deprecated rule in file so old deployment break
18:07:17 <gmann> removing/deprecating the json format is one idea and keeping yaml suported where operator can comment out the rules so that default-in-code take care of the thigns
18:07:49 <raildo> gmann, cool, we do have a policy topic on the oslo etherpad as well
18:07:51 <raildo> #link https://etherpad.opendev.org/p/oslo-victoria-topics
18:08:02 <raildo> would be nice to sync with oslo folks on this topic as well
18:08:14 <bnemec> Can we schedule that later than 1500? I would prefer to get the Oslo-specific bits of our PTG out of the way before we dive into the controversial stuff.
18:08:30 <gmann> bnemec: ohk, we need to talk to gibi for that.
18:08:50 <bnemec> I have a feeling this and the healthcheck discussion are likely to go a bit long. :-)
18:08:52 <raildo> bnemec, sounds great to me
18:09:09 <bnemec> And I only scheduled two hours for Oslo itself because we didn't have that much to talk about.
18:09:10 <gmann> bnemec: yeah that is right assumption :)
18:09:26 <raildo> I love the controversial topics, makes our work funnier hehe
18:09:32 <gmann> i am ok for later also, let's talk to gibi on nova channel
18:09:56 <bnemec> Sounds good. I was kind of planning to try to sit down and figure out how much time we'll need for Oslo topics today anyway.
18:10:04 <gmann> I will be done by 15 UTC for my QA PTG do after that on that day is all fine for me
18:10:29 <raildo> bnemec, thank you sir!
18:11:00 <raildo> gmann, anything else that you have in mind?
18:11:15 <bnemec> That was a whole lot of weasel words on my part, wasn't it? ;-)
18:11:20 <gmann> nothing else for today.
18:11:51 <raildo> cool
18:11:54 <raildo> #topic Progress from projects
18:12:22 <gmann> we know cyborg started the things in ussuri, spec was merged and code not.
18:12:55 <raildo> I'm planning to introduce this work on the barbican PTG as well
18:13:11 <gmann> #link https://review.opendev.org/#/c/699102/
18:13:11 <patchbot> patch 699102 - cyborg - Add new default policy - 6 patch sets
18:13:15 <gmann> cyborg work ^^
18:13:19 <gmann> raildo: great.
18:13:22 <raildo> I saw that we have neutron and cinder as candidates, do we have anything planned for those projects for the PTG?
18:13:51 <gmann> i have not checked but neutron was waiting for nova to finish the things as we talked in shangahi PTG
18:14:31 <gmann> and i will say waiting for the policy format stuff is something need to be fixed before neutron start.
18:14:38 <raildo> gmann, ack, I believe that we can spoke with them during this PTG, since nova is almost done with it... at least try to bring the attention for this topic again
18:14:45 <raildo> hum...
18:14:58 <gmann> they have very embedded policies with resource and attributes level
18:15:12 <gmann> or may be that is valid for all the projects ?
18:15:16 <raildo> gmann, ack..  any idea if the same applies for cinder?
18:15:29 <raildo> gmann, that would be my guess
18:15:44 <gmann> yeah, it will be same as many packaging things generate the policy file in same way for all services
18:16:15 <gmann> but during their PTG discussion if they are planning, we can add these things and other part keep going.
18:16:38 <gmann> and they can add policy file things as one of dependency.
18:17:27 <raildo> #topic Making sure that we have some policy topic discussion on each etherpad's related project for the PTG
18:17:56 <raildo> so I'm joining all the related etherpads that we need to have a topic for each service
18:18:14 <raildo> gmann, can you double check if everything is ok on that side as well?
18:18:57 <gmann> raildo: nova, oslo we are discussing but not checked on other PTG.
18:19:04 <gmann> gouthamr is here, we can get manila plan at least ofr something need help from our side
18:19:37 <gmann> i will check those etherpad after meeting
18:20:20 <raildo> cool
18:20:31 <raildo> #topic open discussion
18:20:37 <raildo> anything else for today?
18:21:16 <gouthamr> gmann: hi! yes, i was just reading passively here... we haven't started working on this, but are interested to start by auditing our hard dependency on an "admin" role in most cases... and then create a plan a la nova to do the granular scoped policies... we'll discuss this next week at our PTG a bit
18:22:09 <gmann> gouthamr: +1. that is good plan.
18:22:22 <raildo> gouthamr, that would be great :) I would love to join the discussion
18:24:17 <gouthamr> ack raildo - we're planning to talk about this 1450 - 1530 UTC  on Monday, June 1st
18:24:39 * raildo taking notes
18:24:57 <gouthamr> raildo: would you be available then?
18:24:58 <gouthamr> the draft schedule for manila PTG is here: https://etherpad.opendev.org/p/vancouver-ptg-manila-planning
18:25:28 <gouthamr> we'll be here: https://www.openstack.org/ptg/rooms/cactus for it :)
18:25:51 <raildo> gouthamr, I believe so.. I don't see any conflict at top of my head
18:26:02 <gouthamr> awesome, ty raildo
18:26:45 <raildo> awesome, any other topic?
18:26:58 <gmann> nothing else from me.
18:27:45 <raildo> cool, so have a good one folks!
18:27:53 <raildo> #endmeeting