#openstack-meeting-3 log

16:00:22 <krotscheck> #startmeeting Storyboard
16:00:25 <openstack> Meeting started Mon Jan 12 16:00:22 2015 UTC and is due to finish in 60 minutes.  The chair is krotscheck. Information about MeetBot at http://wiki.debian.org/MeetBot.
16:00:27 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
16:00:29 <openstack> The meeting name has been set to 'storyboard'
16:00:30 <yolanda> hi
16:00:33 <jedimike> o/
16:00:35 <krotscheck> Agenda: https://wiki.openstack.org/wiki/StoryBoard#Agenda
16:00:36 <krotscheck> ohai
16:00:47 <krotscheck> #topic Actions from Last Week
16:01:02 <krotscheck> #topic Actions From Last Week (storyboard-dev.openstack.org)
16:01:05 * fungi is lurking
16:01:38 <krotscheck> https://storyboard-dev.openstack.org/ appears to be up, with a bit of a gotcha on how we built it.
16:01:56 <krotscheck> (DNS may not be there yet, the IP is at 104.130.158.229
16:02:09 <fungi> yeah, i think the review to add it still needs approval. i thought i deleted the server though after we confirmed it worked
16:02:11 <rcarrillocruz> helo helo
16:02:19 * krotscheck may be lying.
16:02:21 <fungi> last i looked, i was the only +2 on the review still
16:02:23 <krotscheck> Yeah, it’s gone.
16:02:23 <NikitaKonovalov> o/
16:02:54 <fungi> now that we've tested that it's sufficient, once the review merges i'll launch another from the tip of master in that repo
16:03:01 <fungi> and add it to dns, et cetera
16:03:38 <krotscheck> The issue in question is that the SSL certificate for the server is the snakeoil cert, which requires manual approval. Unfortunately, when consuming the API from docs-draft.openstack.org (our client draft build) the user will not be presented with the browser’s approval dialog, and the API calls will silently fail.
16:03:58 <rcarrillocruz> huh
16:04:03 <fungi> what?
16:04:06 <krotscheck> Because all those calls are AJAX.
16:04:33 <yolanda> so we need to generate a valid cert?
16:04:37 <fungi> oh, so that's what you were trying to explain last week
16:04:39 <ttx> o/
16:04:43 <krotscheck> fungi: Yep.
16:04:43 <fungi> you skipped those words
16:04:49 <yolanda> or is there any option in the api to bypass cert validation?
16:04:57 <krotscheck> That’s a browser thing.
16:05:08 <krotscheck> fungi: I was drawing scrabble letters at the time :)
16:05:12 <fungi> k
16:05:26 <yolanda> ah, krotscheck, i remember that
16:05:35 <yolanda> and not tricky to make that trust, right?
16:05:40 <krotscheck> Yep.
16:06:03 <fungi> but yeah, that makes sense that serving the web front-end from one server and then doing ajax to a separate server without a trusted cert could pose an issue
16:06:05 <krotscheck> Now, we could ourselves just all add it to our operating system’s insert-keychain-implementation-here, and not hve to worry about it.
16:06:19 <krotscheck> But that’s a manual step that I’m not a huge fan of.
16:06:45 <yolanda> krotscheck, maybe documenting that would help
16:06:54 <yolanda> so end users know that this problem exists
16:07:10 <fungi> well, we could buy a cert for it if we really need to. just trying to think of alternatives
16:07:19 <krotscheck> Second option is we issue a cert from https://www.cacert.org/
16:07:28 <fungi> it'll be the same issue
16:07:35 <krotscheck> And have everyone install that root certificate.
16:07:41 <krotscheck> Third option is just do API calls via HTTP
16:07:48 <fungi> i was thinking about that
16:07:53 <krotscheck> Which I’m mostly ok with, because it’s dev.
16:08:03 <fungi> do we serve the current draft webui via https?
16:08:10 <yolanda> +1 for http
16:08:18 <NikitaKonovalov> there is some option to run chrome ignoring certificate issues
16:08:23 <krotscheck> Checking
16:08:26 <NikitaKonovalov> even for ajax
16:08:35 <rcarrillocruz> i think there are even extensions for that
16:08:39 <yolanda> if we grab a cert from a not general trusted CA, we'll have same problem
16:08:42 <fungi> if the front-end is http, then doing the ajax over https is sort of silly anyway
16:08:47 <krotscheck> fungi: Looks that way
16:08:53 <krotscheck> http://docs-draft.openstack.org/18/145918/1/check/gate-storyboard-webclient-js-draft/96dcd7c//dist/#!/
16:08:56 <rcarrillocruz> i remember using something similar on Firefox for this problem, MiTM was called or smth like that
16:09:51 <fungi> yeah, let's switch storyboard-dev to support api over http then
16:10:01 <krotscheck> That seems sane.
16:10:11 <fungi> we can leave it serving the https front-end too and just drop the redirect
16:10:12 <NikitaKonovalov> I'm ok with that
16:10:15 <rcarrillocruz> https://addons.mozilla.org/en-US/firefox/addon/mitm-me/
16:10:38 <krotscheck> Any disagreements?
16:10:42 <rcarrillocruz> niet
16:10:45 <rcarrillocruz> i'm cool with HTTP
16:10:49 <rcarrillocruz> it's dev after all
16:11:08 <krotscheck> #agreed Have storyboard-dev.openstack.org serve up http to avoid x-domain cert approval issues.
16:11:19 <fungi> since authentication for docs-draft is redirecting to https at launchpad.net it's not like it's exposing your credentials anyway
16:11:27 <rcarrillocruz> nod
16:11:40 <krotscheck> #topic Actions from Last Week: Streaming API
16:11:43 <krotscheck> rcarrillocruz: How’s it going?
16:12:04 <rcarrillocruz> so
16:12:14 <rcarrillocruz> i can now auth with a bearer token
16:12:22 <krotscheck> w00t
16:12:32 <rcarrillocruz> i modified websocket-client to accept request headers
16:12:37 <rcarrillocruz> and now the websocket opens
16:12:40 <rcarrillocruz> it checks for bearer
16:12:42 <rcarrillocruz> if ok, go on
16:12:46 <rcarrillocruz> if not, websocket is closed
16:12:49 <rcarrillocruz> action items for me:
16:13:00 <rcarrillocruz> 1. handle expired token
16:13:24 <rcarrillocruz> 2. subscription engine (krotscheck i've seen you worked on some event api this week, don't want to step into your work)
16:13:41 <krotscheck> rcarrillocruz: Yeah, I’ll talk about that later.
16:13:47 <rcarrillocruz> 3. handle the case where a connection is dropped and client requests to replay history ( just saw your update on the spec)
16:13:59 <krotscheck> rcarrillocruz: Thanks :D
16:14:08 <rcarrillocruz> 3 will be interesting :P
16:14:20 <rcarrillocruz> i assume we need a persistent queue or something
16:14:31 <rcarrillocruz> and have client queues to pull events from that one or something
16:14:35 <krotscheck> rcarrillocruz: yeah, I don’t know how I’d do that either.
16:14:37 <rcarrillocruz> that or put some caching
16:15:06 <rcarrillocruz> i'm leaving the ops stuff of handling tornado behind apache to pass thru websockets for later
16:15:21 <rcarrillocruz> when i have the whole thing i'll create a puppet change for that if that is ok
16:15:27 <krotscheck> Absolutely
16:15:32 <rcarrillocruz> cool
16:15:37 <NikitaKonovalov> rcarrillocruz: long time ago there was an idea to set up distributed caching for tokens, to reduce the db requests amount
16:16:05 <NikitaKonovalov> maybe it't time to have one for keeping some latest events
16:16:32 <rcarrillocruz> hmm, ok, i'll check later with you on #storyboard for that spec if it's around, it may help me to get ideas
16:16:39 <krotscheck> kk
16:17:15 <krotscheck> It might just be easiest to expose the rabbit sockets and let third party clients declare their queue parameters themsevels.
16:18:42 <krotscheck> #topic Actions from Last Week: Event API Documentation
16:18:48 <krotscheck> So, i went down a rabbit hole with that one.
16:19:04 <krotscheck> After writing 800 lines of tests, I realized that nobody in their right mind is ever going to review that.
16:19:09 <krotscheck> So I started breaking it up.
16:19:10 <rcarrillocruz> haha
16:19:30 <krotscheck> Mind you, the coverage is AMAZING
16:20:01 <krotscheck> So I started to pull the individual pieces of that patch into separate patches.
16:20:18 <yolanda> krotscheck, much easier to review now, yes
16:20:26 <krotscheck> Things start here: https://review.openstack.org/#/c/145874/
16:20:35 <rcarrillocruz> krotscheck: are you working on the data that is returned per event? right now we don't return the data expected per the pubsub spec, e.g. timestamp, resource parents, etc
16:21:05 <krotscheck> rcarrillocruz: Not yet, no. In fact I’m not even thinking of the pubsub spec.
16:21:25 <rcarrillocruz> ok, so can i work on that?
16:21:33 <rcarrillocruz> don't want to duplicate efforts if you will...
16:21:34 <krotscheck> What would that involve?
16:22:01 <rcarrillocruz> mainly the data returned. From what I see your change is about the interface exposed
16:22:23 <rcarrillocruz> before starting the subscription engine, i need events to print out actors, timestamps, parents, etc
16:22:32 <rcarrillocruz> so i can subscribe to interesting things
16:22:35 <krotscheck> rcarrillocruz: Right. The original patch assumed that the event would also contain any entity content _before_ it was modified, as well as what it looks like afterwards.
16:22:46 <rcarrillocruz> rather than just 'subscribe to tasks' or 'subscribe to stories' as is now...
16:22:57 <rcarrillocruz> ah, gotcha
16:23:36 <krotscheck> But I ran into a problem with that, because our db sessions are created/destroyed per query rather than per http request, and thus resolving the current resource would add yet another DB call.
16:23:55 <krotscheck> And I don’t really think that’s sustainable over the long run.
16:25:01 <krotscheck> Anyway, that’s the update on that.
16:25:18 <krotscheck> I’m actually going to suspend work on this until I get email out the door.
16:25:27 <krotscheck> Because that’s WAY overdue now and I feel super guilty about it.
16:26:13 <krotscheck> #topic Urgent Items
16:26:20 <krotscheck> Anyone have any major problems that need work?
16:26:55 <krotscheck> Oh yeah: Go vote for the Board. We need quorum. Vote for whoever you want, but we need quorum.
16:26:56 <rcarrillocruz> i found some issue this week in the token UI screen, i generate a token and it's shown, reload page and it's no longer there
16:27:09 <rcarrillocruz> i need to confirm that's a bug or something i'm missing
16:27:17 <krotscheck> rcarrillocruz: Do you have more than 10 tokens?
16:27:26 <krotscheck> (expired ones)
16:27:30 <rcarrillocruz> i see a bunch of them, yeah, expired
16:27:43 <krotscheck> In the past, issues like that have been because we don’t have paging yet.
16:27:45 <rcarrillocruz> but if i delete all expired
16:27:49 <rcarrillocruz> i don't see the valid ones
16:27:54 <krotscheck> huhn.
16:27:55 <NikitaKonovalov> rcarrillocruz: I'll check that
16:27:56 <rcarrillocruz> anyways, not really urgent
16:28:09 <krotscheck> Got it. Can you file a story?
16:28:10 <rcarrillocruz> i'll look into more detail, i just took the token from the accesstoken table and moved on
16:28:14 <rcarrillocruz> i will
16:28:51 <krotscheck> Cool.
16:28:51 <rcarrillocruz> also, i suspect we do some sort of truncate on token validation
16:28:53 <rcarrillocruz> i.e.
16:28:57 <rcarrillocruz> on my websocket tests
16:29:08 <rcarrillocruz> i passed an entire token string as request header
16:29:12 <rcarrillocruz> and got authenticated
16:29:23 <rcarrillocruz> i removed last char from token to force an auth fail
16:29:26 <rcarrillocruz> and i got authed!
16:29:30 <krotscheck> ....
16:29:34 <krotscheck> That’s not good.
16:29:36 <rcarrillocruz> so i suspect we look at the beginning of the token or something
16:29:40 <NikitaKonovalov> not good at all
16:29:47 <rcarrillocruz> i will also file a story on that
16:29:53 <krotscheck> Yeah, I think that’s an urgent item.
16:29:58 <NikitaKonovalov> the tokens are checked as full string
16:30:06 <NikitaKonovalov> at least should be
16:30:35 * NikitaKonovalov checking
16:31:44 <krotscheck> Ok, let’s move on to user feedback while he’s doing that.
16:31:49 <krotscheck> #topic User Feedback.
16:31:54 <krotscheck> Anyone get user feedback?
16:32:15 <rcarrillocruz> niet
16:32:27 <yolanda> no
16:32:50 <krotscheck> kk
16:33:06 <rcarrillocruz> krotscheck , NikitaKonovalov, yolanda: apart from websocket, is there any pending task that I could have a look at ?
16:34:10 <krotscheck> rcarrillocruz: Check the roadmap. Maybe task ordering?
16:34:18 <krotscheck> #link https://wiki.openstack.org/wiki/StoryBoard/Roadmap
16:34:32 <krotscheck> Also, we’ve got two specs almost ready for development.
16:34:37 <rcarrillocruz> so there's a roadmap!
16:34:40 * rcarrillocruz bookmarks
16:34:47 <krotscheck> rcarrillocruz: Yep :)
16:34:57 <krotscheck> #topic Discussion Topic
16:35:02 <ttx> rcarrillocruz: there is even a Vision!
16:35:13 <krotscheck> I’m going to bump ttx up on this, because of what rcarrillocruz just said.
16:35:14 <ttx> We just need a mission statement now.
16:35:15 <rcarrillocruz> heh
16:35:22 <krotscheck> ttx: And a statement of values.
16:35:27 <ttx> krotscheck: that too!
16:35:42 <krotscheck> #topic Discussion: Milestones
16:35:44 <krotscheck> #link https://review.openstack.org/#/c/139626
16:35:47 <krotscheck> LGTM
16:36:28 <krotscheck> My only question on it is whether a mileston’s branch_id is optional, but that’s really an implementation detail.
16:36:31 <yolanda> +1
16:36:51 * krotscheck read it this morning.
16:37:40 <krotscheck> Given all the +1’s on it I feel this spec’s ready. Any disagreements?
16:39:01 <rcarrillocruz> lgtm
16:39:12 <krotscheck> Coolio
16:39:22 <krotscheck> #agreed https://review.openstack.org/#/c/139626 is ready
16:39:27 <krotscheck> #topic Discussion: Paging
16:39:28 <ttx> yeepee
16:40:19 <krotscheck> jedimike: We’re getting a lot of UI bugs on the lack of paging controls in the UI. If I put a pager onto our search results, are you ok with your paging changes having additional UI scope?
16:40:34 <krotscheck> i.e. If I fix the short term pain point, do you mind updating things later?
16:40:46 <jedimike> krotscheck, fine with me!
16:40:52 <krotscheck> Coolio.
16:41:06 <krotscheck> jedimike: Back from being on call? :)
16:41:32 <jedimike> jedimike, nearly :) still dealing with some tickets from last week that I got into the middle of but couldn't resolve
16:42:21 <krotscheck> jedimike: Righto. Well, we should be expecting big things from you by the end of the week, right?
16:42:32 <krotscheck> jedimike: You’ll have storybaord ported to go by then I expect.
16:42:37 <jedimike> haha
16:42:42 <jedimike> go? no, rust!
16:43:23 <krotscheck> Rust it is!
16:43:28 <krotscheck> #topic Discussion: Story Types
16:43:42 <krotscheck> ttx: Now that we know what Milestones are, and what branches are, time to talk about types again!
16:44:28 <ttx> yay
16:45:06 <ttx> was waiting for more comments on my patchset3
16:45:49 <krotscheck> Anything you want to highlight?
16:46:48 <ttx> krotscheck: instead of hardcoding story types, the spec is now determining a set of attributes that story types may have
16:46:57 <ttx> which is way more flexible
16:47:06 <krotscheck> Just from that description I really like it.
16:47:56 <krotscheck> Alright, sounds like no real discussion to be had there, we’ll just keep it on gerrit.
16:48:08 <ttx> ack
16:48:22 <krotscheck> yolanda, rcarrillocruz, NikitaKonovalov, we’ll need to review https://review.openstack.org/#/c/129267/ soon.
16:48:23 <krotscheck> #link https://review.openstack.org/#/c/129267/
16:48:34 <rcarrillocruz> agreed, will do
16:48:45 <yolanda> actually i filed some comments
16:48:54 <krotscheck> #topic In progress work (email)
16:49:06 * NikitaKonovalov added reviewers
16:49:12 <krotscheck> We finally have all the data in events so I can build build all the things.
16:49:33 <krotscheck> So I think I finally have all the pieces I need. Yay spam!
16:49:44 <krotscheck> See more updates this week :)
16:49:50 <rcarrillocruz> awesome!
16:49:56 <yolanda> :=
16:49:59 <krotscheck> #topic In progress: User Auth Token
16:49:59 <yolanda> :)
16:50:05 <krotscheck> Done! Apprently bugg.
16:50:07 <krotscheck> *buggy
16:50:11 <krotscheck> Will look into that.
16:50:23 <krotscheck> #topic In Progress: Tags
16:50:28 <krotscheck> NikitaKonovalov: How’s that coming?
16:50:33 <rcarrillocruz> oh
16:50:43 <NikitaKonovalov> finalyy rebased that after all conflicts
16:50:45 <rcarrillocruz> is that putting stories 'low-hanging-fruit' and the likes?
16:50:54 <krotscheck> rcarrillocruz: Yep.
16:50:56 <NikitaKonovalov> testing coverage in progress as ruhe asked
16:50:57 <rcarrillocruz> nice
16:51:20 * krotscheck likes how we’re getting dilligent about tests.
16:51:46 <krotscheck> #topic In Progress: Python SDK
16:51:47 * NikitaKonovalov is trying not to forget tests in client
16:51:58 <NikitaKonovalov> teams with nested users on review
16:52:07 <krotscheck> NikitaKonovalov: Neat!
16:52:11 <NikitaKonovalov> base classes are also waiting for feedback
16:52:35 <krotscheck> ttx: Are you aware of python-storyboardclient
16:52:37 <krotscheck> ?
16:53:15 * NikitaKonovalov will try storyboad-core to reviewers all at onece. Hope that works
16:53:21 <krotscheck> #link https://review.openstack.org/#/c/138092/
16:53:28 <ttx> krotscheck: no...
16:53:36 <krotscheck> ttx: More code to review :D
16:53:43 <ttx> sounds like a project I should add to my watchlist :)
16:54:45 <krotscheck> ttx: Yep
16:55:10 <krotscheck> Also, yolanda’s +lots on core, so we’re just waiting on jeblair to get around to updating gerrit.
16:55:15 <krotscheck> So that should also speed things up.
16:55:25 <yolanda> krotscheck, willing to help
16:55:39 <krotscheck> #topic In Progress: Configurable Task Status
16:55:41 <krotscheck> yolanda: ?
16:55:49 <yolanda> on core tasks
16:56:28 <yolanda> this needs review
16:56:48 <yolanda> i was adding incremental changes to it, i got +2 from ttx today
16:57:14 <krotscheck> Neat!
16:57:16 <krotscheck> Lik?
16:57:18 <krotscheck> Link?
16:57:23 <yolanda> https://review.openstack.org/#/c/138389/
16:57:28 <yolanda> looks as i need to rebase it
16:57:59 <krotscheck> Cool.
16:58:24 <krotscheck> #topic In Progress: backend preferences
16:58:25 <krotscheck> Also yolanda :)
16:58:32 <yolanda> pending on review as well
16:58:43 <yolanda> https://review.openstack.org/137798
16:58:50 <yolanda> and needs rebase
16:59:07 <krotscheck> Neat.
16:59:20 <yolanda> krotscheck, actually we needed to talk about best way to manage prefs here
16:59:31 <krotscheck> We’re running out of time. Channel?
16:59:37 <yolanda> sure
16:59:52 <krotscheck> Cool
16:59:58 <krotscheck> That’s it, everyone, thanks!
17:00:01 <krotscheck> #endmeeting