#openstack-meeting-alt log

19:00:07 <catherineD> #startmeeting refstack
19:00:13 <openstack> Meeting started Tue Jul 12 19:00:07 2016 UTC and is due to finish in 60 minutes.  The chair is catherineD. Information about MeetBot at http://wiki.debian.org/MeetBot.
19:00:14 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
19:00:17 <openstack> The meeting name has been set to 'refstack'
19:00:29 <pvaneck> o/
19:01:31 <catherineD> #link meeting agenda and notes, please feel free to add items https://etherpad.openstack.org/p/refstack-meeting-16-07-12
19:02:55 <sslypushenko> o/
19:03:40 <catherineD> let's wait for a couple mins for others to join ..
19:03:56 <Rockyg> o/
19:04:33 <catherineD> Meeting agenda https://etherpad.openstack.org/p/refstack-meeting-16-07-12
19:04:34 <hogepodge> o/
19:05:06 <catherineD> alright let's start
19:05:22 <catherineD> #topic Mascot for RefStack
19:05:49 <catherineD> Deadline for submission: Jul 27
19:07:14 <catherineD> please think aboutthe mascot ... we will spend more time on this next week
19:07:42 <Rockyg> k
19:07:54 <catherineD> #topic Using refstacl-client to update product table product_ref_id
19:08:12 <catherineD> 2 reviews by Andrey
19:08:36 <catherineD> #link     Authenticate user for update product with public key and signature  (  https://review.openstack.org/#/c/335877/  )
19:08:58 <catherineD> #link Add register cloud command ( https://review.openstack.org/#/c/335883/ )
19:09:35 <catherineD> I do not have any issues with the 2 patches ... everyone please review
19:09:50 <sslypushenko> catherineD:  ok, will do
19:10:20 <catherineD> we can come back to this if Andrey shows up.... meanwhile I would like to move on the the next topic
19:10:32 <catherineD> #topic Test results ownership
19:11:52 <catherineD> sslypushenko: from the last meeting , I feel like we need to define what is ownership?   Here we are talking about ownership of the data ...
19:12:30 <catherineD> whoever own the data can delete/share/assciating data to guideline ..
19:13:24 <sslypushenko> catherineD:  actually, I don't care about terms and definitions ...
19:14:04 <catherineD> currently for the data that vendors use for certification some were uploaded anonymously,  others were uploaded by a signed user.
19:14:51 <sslypushenko> I just don't like and idea that Foundation can delete results used for certification... but I can live with it
19:15:44 <sslypushenko> Unfortunately, Alex does care about terms and definitions(
19:16:25 <catherineD> I understand Alex's position ... I would like to know other team members' position
19:16:41 <hogepodge> sslypushenko: I'm not sure we would ever use it, but I understand your worry
19:16:47 <Rockyg> Maybe we should do something like original owner and foundation?  So foundation is an extra field and if it's filld, it can delete, but with notification?
19:17:23 <Rockyg> And notification whn it becomes the second owner?
19:18:13 <sslypushenko> hogepodge:  I fully understand you) It is just to underline that ownership control usually are not low hanging fruit
19:18:57 <catherineD> At some point the project need to move on with majority's consensus
19:19:39 <catherineD> sslypushenko: I don't mind if we decide that cerfication result should never be deleted ..
19:20:16 <sslypushenko> catherineD: majority's consensus not an option in our case... we need full consensus
19:20:38 <catherineD> sslypushenko: I don't believe in full consensus
19:20:44 <hogepodge> sslypushenko: why not?
19:20:50 <catherineD> because we will never reach that
19:21:02 <catherineD> and the project need to proceed
19:21:28 <hogepodge> sslypushenko: allowing filibusters would end this project, and others
19:21:28 <catherineD> Rockyg: we will come back to your comments later
19:22:42 <sslypushenko> without active development this project will end to
19:24:09 <catherineD> sslypushenko: agreed ... I want to remind everyone that we do not have many developers ... but we can not just rely any individuals either
19:24:21 <sslypushenko> Vendors guidelines - is a feature which can make RefStack interesting not only for DefCore certification
19:25:03 <sslypushenko> We definitely need it if we are planning to move forward
19:25:09 <hogepodge> sslypushenko: I've been pretty clear that until defcore features are addressed, it out of scope
19:25:28 <catherineD> sslypushenko: I agreed ..and I am all for that ...
19:25:49 <hogepodge> sslypushenko: I've also tried to make it clear that once defcore is where it needs to be, additional guidelines are useful, especially in relation to projects
19:25:53 <sslypushenko> hogepodge:  yeap, it is totally clear
19:26:16 <sslypushenko> actually we don't need this feature in refstack.org
19:26:59 <sslypushenko> but I see real use cases, where people can use it locally
19:27:14 <hogepodge> sslypushenko: but vendor specific guidelines make loads of people queasy, including myself, some TC members, and infra members. This project isn't a general *aaS, it's meant to help with OpenStack interoperability
19:28:17 <sslypushenko> hogepodge:  that is also true
19:28:25 <hogepodge> but I'd love to see Heat, and EC2, and Ceilometer, and ... have guidelines about what they define interoperability for their projects. I think it's really important, and that means adding support for additional guidelines
19:29:14 <hogepodge> That means the support being there, and vendors can and will find a way to take advantage of it, either as a private deployment or through projects or maybe vendor support
19:29:25 <catherineD> I believe we all have the same goal for OpenStack Interop ... but we need to set priority and for Newton the priority is to fulfil DefCore requirements l
19:29:48 <sslypushenko> without community guidelines, it is not possible to handle all openstack project.
19:29:57 <hogepodge> I feel like we're hung up on getting short term work done because we're arguing about things much further down the line
19:30:20 <Rockyg> hogepodge, the reason we are pushing so hard on this is EC2.  mor than 30% of respondnts to th survys use it, so having that guideline available is extremely valuable
19:30:43 <hogepodge> Rockyg: I understand, but there are features for defcore that are needed now that we don't have
19:31:13 <catherineD> Can we be focus on what current topic -- which is mark test results as certify ...
19:31:14 <hogepodge> Rockyg: so I don't want to spend my time on EC2 when the mission statement and needs require otherwise. I'm not saying I want to ignore it long term, rhough
19:31:23 <Rockyg> We just need to ensure that current work doesn't preclude future.
19:31:24 <sslypushenko> Rockyg:  I'd say EC2 and S3
19:31:55 <hogepodge> Rockyg: it doesn't, except for the arguing about it for the last few months
19:31:57 <catherineD> if I may ... could we focus on discussing certify test results
19:32:07 <hogepodge> catherineD: yes, sorry
19:32:28 <catherineD> sorry everyone ... I just need us to be focus
19:32:30 <sslypushenko> Right now Defcore criteria for Object Storage are very far from real customers exprectation
19:33:13 <sslypushenko> It is just an example
19:33:15 <catherineD> sslypushenko: could we discuss certification of test results?
19:33:26 <Rockyg> ++ catherineD
19:33:30 <sslypushenko> catherineD:  we can)
19:33:58 <sslypushenko> But I don't have disagreements here)
19:34:06 <catherineD> so the spec https://review.openstack.org/#/c/332260/  suggest to identify the test results by adding a column to the test record ...
19:34:12 <catherineD> do we agree on that?
19:34:18 <Rockyg> me, either  :)
19:34:42 <pvaneck> +1
19:35:06 <sslypushenko> suggested solution works for me)
19:35:32 <sslypushenko> from technical point of view...
19:36:03 <catherineD> sslypushenko: great ... then could everyone look at line 58  to 66  https://review.openstack.org/#/c/332260/4/specs/newton/approved/associate-test-result-to-product.rst
19:36:35 <sslypushenko> Also, I see possible future issues, at the same I don't have a plan how we will overcame it)
19:37:28 <catherineD> 1) Only interop admins can make update to the "certification" field.  any opinion here?  please +1, -1
19:37:50 <sslypushenko> +1
19:38:33 <pvaneck> +1
19:38:52 <hogepodge> +1
19:39:14 <Rockyg> +1
19:39:51 <catherineD> Thanks ! 2) Only a test record which has been associated to a guideline and target program can be marked as certified
19:40:28 <sslypushenko> it is obvious thing, I guess)
19:40:39 <catherineD> This just means that if the test is certififed it needed to be certified against a specific guideline
19:40:54 <hogepodge> sslypushenko: I have anonymous test results that I'm using for certification
19:41:13 <hogepodge> sslypushenko: right now I'm pairing products/guidelines externally from refstack
19:41:25 <Rockyg> What about version of SW, also?
19:41:39 <sslypushenko> hogepodge:  we have to change it)
19:41:56 <hogepodge> change what?
19:42:01 <catherineD> hogepodge: that just means that you may need to do guideline association before marking that record as certified in RefStack
19:42:36 <catherineD> Rockyg: You mean version of OpenStack release?
19:42:45 <sslypushenko> anonymous test results will be owned by Foundation
19:42:45 <Rockyg> yes
19:43:13 <hogepodge> sslypushenko: I don't want all anonymous test results
19:43:45 <catherineD> we do not  have version identifier at the moment ... that maybe something to think about later ..
19:43:45 <hogepodge> sslypushenko: it would amount to spamming me every time someone sends something up to see how refstack works, or trying to figure out how to make their tests pass
19:43:52 <Rockyg> hogepodge, you only need to keep the ones that are certification results
19:43:52 <sslypushenko> hogepodge:  At least you can manage only that you interested in)
19:43:58 <hogepodge> sslypushenko: I'm only interested in the anonymous test results that I'm interested in
19:44:17 <hogepodge> sslypushenko: no, I don't want to be responsible for deleting all anonymous results I don't want
19:44:29 <hogepodge> sslypushenko: it's a ddos attack on my productivity
19:44:48 <sslypushenko> hogepodge:  Also, I guess it will be good idea to forbid sending anonymous test results on certification
19:45:31 <sslypushenko> do you agree with that?
19:45:33 <hogepodge> Rockyg: sslypushenko: I want to claim the results I want, not reject the ones I don't
19:45:52 <hogepodge> sslypushenko: I don't
19:45:58 <catherineD> sslypushenko: ++ once we have all of this in place .. and hogepodge: has marked all the data that he is interesting in .... we will stop anonymous data upload ... and think about data archiving
19:46:25 <Rockyg> So, do you see continuing to get anonymous tests, or is this just  because we don't have some needd code in place
19:46:29 <hogepodge> sslypushenko: the workflow for setting up an account is not clear to me. I haven't successfully done it
19:47:02 <hogepodge> sslypushenko: the generation and upload of the keys and secrets is really nonintuitive, and not entirely in line with other key upload processes I've done in the past
19:47:25 <hogepodge> sslypushenko: so forcing users to create an account is a barrier, and I want lower barriers rather than higher ones for now
19:47:44 <sslypushenko> hogepodge:  we have a manual how to do that, it should not be a problem
19:48:49 <Rockyg> time to get Piet involved!
19:49:13 <hogepodge> The signature is problematic. I've never needed it before
19:49:19 <sslypushenko> hogepodge:  btw we can remove signature
19:49:34 <sslypushenko> if you think that is a problem
19:49:44 <hogepodge> I don't know what it's even used for, and if I need to keep it around for anything else
19:50:09 <piet> Feel free to pull me in when you have a specific need
19:50:53 <catherineD> hogepodge: Let's work on that ... My hope is at some point we will stop anonymous data upload ... so that the user can manage their own data
19:51:23 <sslypushenko> it is a protection from pubkey spoofing... pubkey should you unique... because we use it for association between users and test results
19:52:04 <catherineD> let's go back to question #2  we required that certified data to have guideline associated to it .... +1, -1
19:52:07 <catherineD> pls
19:52:34 <hogepodge> catherineD: I'm neutron on that point
19:52:39 <hogepodge> 0 for me
19:52:58 <catherineD> sslypushenko: Rockyg: pvaneck: ?
19:53:03 <catherineD> hogepodge: thx
19:53:05 <sslypushenko> hogepodge:  so, if for example I know  your pubkey, I can upload it as mine... And then you will not be able to upload it as yours
19:53:06 <Rockyg> Whereas I'm proton ;)  +1
19:53:15 <sslypushenko> catherineD:  +1
19:53:24 <pvaneck> yea, let's go +1 on that
19:53:27 <catherineD> Rockyg: :-)
19:53:35 <catherineD> ok last one
19:54:12 <sslypushenko> hogepodge:  signature it is just a way how to prevent such cases
19:54:20 <catherineD> 3) Once a test record is marked as certified, only interop admins can remove/delete the test record  pls +1 -1
19:55:22 <catherineD> sslypushenko: for item 3... I can update saying that once the test results is used as certification ... it can never be deleted
19:55:42 <catherineD> so 3.1 is never delete ...
19:55:51 <Rockyg> +1  Please add with notification of product admin, or add a 4. that has that so we can move on the code.....
19:55:56 <sslypushenko> -1 for ability to deletion.  test record is marked as certified should be unchanged)
19:56:20 <Rockyg> sslypushenko, that's 3.1
19:56:31 <catherineD> sslypushenko: 3.1 OK with you?
19:56:33 <sslypushenko> interop admin can remove certification mark, if it is required
19:56:41 <sslypushenko> yeap 3.1 +1)
19:57:01 <hogepodge> no opinion on that for me
19:57:07 <catherineD> sslypushenko: ok so 3.1 and add that interop admin can remove the certification mark
19:57:22 <sslypushenko> catherineD: great
19:57:22 <pvaneck> that sounds fine
19:57:42 <catherineD> ok thanks everyone ... I will split out the spec to a new one just focus on the certification part ...
19:57:55 <catherineD> and you all will +1 on the new spec right? :-)
19:58:11 <sslypushenko> sure)
19:58:48 <catherineD> now we are getting somewhere .... thanks so much!!! You make my day :-)
19:59:25 <catherineD> 2 mins left ... next week we will discuss mascot and cloudid vs productid
19:59:37 <catherineD> any last minute thoughts?
19:59:48 <Rockyg> yup.  +1 spec
19:59:58 <catherineD> Rockyg: thx
20:00:07 <catherineD> ok thank you all again!
20:00:13 <catherineD> #endmeeting