#openstack-meeting log

18:01:45 <SotK> #startmeeting storyboard
18:01:45 <openstack> Meeting started Thu Oct 10 18:01:45 2019 UTC and is due to finish in 60 minutes.  The chair is SotK. Information about MeetBot at http://wiki.debian.org/MeetBot.
18:01:46 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
18:01:49 <openstack> The meeting name has been set to 'storyboard'
18:02:34 <SotK> #link https://wiki.openstack.org/wiki/Meetings/StoryBoard (rough) Agenda
18:03:04 <SotK> I've failed to remember to update that, but I didn't have anything in particular to add to it anyway
18:03:09 <SotK> #topic Announcements
18:03:24 <SotK> I don't believe there's anything to announce this week
18:03:35 <SotK> diablo_rojo?
18:03:49 <fungi> nothing to my knowledge
18:04:02 <fungi> there's a thing comnig up in shanghai
18:04:45 <diablo_rojo> Nope nothing new
18:05:26 <SotK> #topic Migration Updates
18:05:47 <diablo_rojo> None here either.
18:06:18 <diablo_rojo> Kind of in a holding pattern until the speed enhavcements and the attachment land
18:06:23 <diablo_rojo> *attachements
18:06:37 <fungi> i did see the migration docs change get reviewed
18:06:37 <SotK> yep, that's what I thought
18:06:46 <diablo_rojo> Yeah that was nice :)
18:06:49 <diablo_rojo> Thanks again for that
18:06:58 <SotK> #link https://review.opendev.org/#/c/680235/
18:07:04 <fungi> #link https://review.opendev.org/680235 Adds Migration Docs to Dashboard
18:07:16 <fungi> oops
18:07:39 <SotK> heh, your link is better
18:07:52 <SotK> np
18:08:23 <SotK> I'll try to get to actually doing some of the million other things I've said I'll do at some point
18:08:50 <SotK> the fact I've found energy to do some reviews at last is a good sign :)
18:08:57 <fungi> i did go through a couple weeks ago and start getting the projects which have migrated and are under openstack vmt oversight in better shape
18:09:23 <fungi> now if someone opens a security-related private story for any of the covered deliverables, the openstack-security team is auto-added
18:09:45 <fungi> which is what i renamed the generic old "vmt" team to for ease of discoverability
18:09:50 <SotK> nice, its good to see that feature getting used
18:10:17 <SotK> the team management in project-config stuff you're working on looks nice too
18:10:21 <fungi> SotK also talked me through enough of the perms schema that i was able to insert myself into and audit all existing private stories
18:10:51 <fungi> more than half were test stories, but for the ones which looked like legitimate defect reports i worked out who would be best to add to them and did that
18:11:12 <SotK> #topic In Progress Work
18:11:20 <SotK> (I think we've moved off migration updates)
18:11:50 <fungi> yeah
18:12:03 <SotK> is there anything more that we could do in storyboard to help with the private stories stuff?
18:12:23 <SotK> now that the auto-permissions stuff is being used I mean
18:12:24 <fungi> well, that was about lingering semi-blockers for projects who went ahead and migrated anyway
18:12:28 <fungi> but yeah
18:12:55 <fungi> i've drafted up a schema for managing teams and project associations in git:
18:13:10 <fungi> #link https://review.opendev.org/685778 Record vulnerability management teams used in SB
18:13:56 <fungi> started looking into whether the associated automation should be implemented the same way we currently perform project and project-group additions
18:14:07 <fungi> quickly concluded that no, it's a horrible anti-pattern
18:14:47 <fungi> for that we have a puppet exec which fires an overloaded storyboard-dbmanage subcommand to ingest the project and project-group info from the project-config projects.yaml file
18:15:35 <SotK> yeah, not doing more of that kind of thing sounds like a good idea to me
18:15:47 <fungi> for the new work (which i would also like to switch that stuff over to) i think i'm going with ansible interpreting the projects.yaml and using python module which creates/updates/removes resources by way of the rest api authenticated with a token
18:15:56 <diablo_rojo> Yeah I think when I was talking to keystone about stuff a while back they were also opposed to that way
18:16:31 <fungi> right, having configuration management almost directly interfacing with the backend db seems like dangertown
18:16:51 <fungi> anyway, that's where i'm at now
18:17:30 <fungi> but the upshot is that project maintainers ought to have a good self-service mechanism to take care of their team rosters and project association
18:17:53 <fungi> backed by revision control and code review
18:18:34 <fungi> which is really the last piece of the puzzle for vmt needs
18:19:30 <SotK> nice, that approach seems good to me
18:20:29 <diablo_rojo> Yeah that sounds good to me too
18:20:57 <SotK> I don't really have anything to mention in-progress
18:20:59 <SotK> anything else?
18:21:23 <diablo_rojo> I got nothing atm
18:21:36 <diablo_rojo> I will make it a point to poke mordred again about sql magic
18:22:12 <fungi> i still need to perform the experiment i mentioned a few weeks ago about restarting rabbit and friends to see what happens to query times
18:22:24 <fungi> wrt pressure on cache memory
18:23:43 <SotK> oh, I feel like there's been a couple of instances of people having weird login trouble recently too, was that just intermittent issues with ubuntu one?
18:24:23 <diablo_rojo> I havent had any of those issues, but I think I saw johnsom having the issue the other day?
18:24:28 <diablo_rojo> fungi, talked to him?
18:24:41 <fungi> SotK: oh, i have a story to open after doing a bit more research
18:24:50 <diablo_rojo> fungi, oh?
18:24:50 <fungi> but in short, i think the reproducer is this:
18:24:59 <fungi> while logged in, create a private story
18:25:07 <fungi> log out and attempt to go to the url of the story
18:25:28 <fungi> use the login button to log in because you can't see the private story otherwise
18:25:58 <fungi> the redirect url handed off to the openid provider is nonfunctional, which causes authentication to blow up in weird ways
18:26:31 <diablo_rojo> Oh interesting
18:26:32 <fungi> or at least it's nonfunctional for clients which try to hit it without authentication, which includes the openid provider
18:26:45 <diablo_rojo> Huh
18:26:48 <fungi> his case was basically this:
18:27:05 <fungi> had been travelling away from computer for a few days so sb login session expired
18:27:14 <fungi> received e-mail referring to the url of a private story
18:27:25 <fungi> followed that url but couldn't see it because wasn't logged in
18:27:31 <fungi> tried to log in, got cryptic error
18:28:19 <SotK> huh, that's an annoying one
18:28:38 <fungi> i encountered the same sort of scenario when i was auditing private stories too, which is why i'm pretty sure this is the problem, but i need to try to spend a few minutes recreating it to confirm
18:29:04 <fungi> the workaround of course is to go to a working sb page anonymous clients can access and then log in from there
18:29:13 <fungi> then go to the private story url once authenticated
18:31:31 <diablo_rojo> Makes sense.
18:31:35 <SotK> yeah, at least its easy enough to work around
18:31:47 <diablo_rojo> Thankfully not crippiling, but something to clean up as soon as we can.
18:32:21 <SotK> I guess we need to do some checking in the backend when generating the redirect URL
18:32:31 <fungi> the bigger issue is that it's confusing users, luckily it won't be hit often
18:33:14 <johnsom> The other problem we are hitting is the duplicate names for people. I.e. which is the right one to give private access
18:33:43 <johnsom> Or assign stories to
18:33:55 <fungi> i've found and deactivated a handful of duplicate accounts so far when they've come to my attention
18:34:03 <diablo_rojo> Maybe we can gather a list of higher profile bugs to work on. I did have NDSU reach out to me about another round of mentoring/students working on OpenStack.
18:34:29 <fungi> as far as accounts with similar names, we're hoping to display e-mail addresses alongside them like gerrit does
18:34:37 <johnsom> fungi there are two “Michael Johnson”s
18:35:45 <johnsom> Is there an ETA on the email addresses?
18:36:13 <SotK> oh man I thought I'd already reviewed that patch
18:36:28 <fungi> johnsom: i can confirm, looks like those are distinct people, one with a sas.com e-mail address and another with a gmail.com address
18:36:39 <SotK> I will do so after this meeting, ETA next day or so hopefully :)
18:36:42 <fungi> separate ubuntu one openids
18:36:49 <johnsom> Yeah, I was never at sas
18:37:48 <johnsom> Who knows how many stories I have assigned them... lol
18:38:00 <diablo_rojo> SotK, whenever you get a sec to review it :)
18:38:02 <fungi> johnsom: as far as adding to security-related stories, i hope my team management work will simplify that because a security team including the right user can just be granted access instead
18:38:20 <fungi> johnsom: if they do the work, maybe it's a blessing in disguise ;)
18:38:27 <diablo_rojo> LOL
18:38:34 <johnsom> I wish!
18:39:58 <SotK> haha
18:40:08 <SotK> anything else folk want to raise about in progress stuff?
18:40:37 <fungi> i did switch a bunch of private opendev/storyboard stories public and then deleted them
18:40:57 <diablo_rojo> SotK, I think you can +W the two changes of mine you have +2ed
18:40:58 <fungi> because people were opening stories against the sb project thinking it was a testing sandbox
18:41:03 <diablo_rojo> unless fungi wants to
18:41:16 <fungi> which two?
18:41:42 <SotK> https://review.opendev.org/#/c/645960/ and https://review.opendev.org/#/c/680235/
18:42:17 <fungi> ahh, right, those
18:42:48 <fungi> and approved
18:42:55 <SotK> thanks!
18:43:22 <fungi> thank you!
18:43:50 <diablo_rojo> Thanks!
18:44:02 <fungi> it's a thank-you party
18:45:21 <SotK> #topic PTG + Forum
18:45:38 <SotK> do we have anything we need to do for this at the moment?
18:46:28 <fungi> i may be cheering from the sidelines if the chinese embassy doesn't hurry up with my visa
18:46:41 <fungi> but no, i think we're fairly prepared
18:46:57 <fungi> or entirely unprepared but are just going to "wing it" anyway
18:48:02 <SotK> sounds good (except the visa part) :)
18:48:11 <SotK> #topic Open Discussion
18:48:43 <diablo_rojo> I dont think our Forum session got selected.
18:48:50 <diablo_rojo> But we do have space on the PTG schedule
18:49:01 <diablo_rojo> But yeah, can just see who is around and wing it
18:49:15 <fungi> which we were going to use for show-and-tell/onboarding/whatever
18:49:35 <fungi> teach people about storyboard features
18:49:36 <diablo_rojo> Yeah the forum session was going to be onboarding users
18:49:39 <diablo_rojo> and the features
18:50:00 <diablo_rojo> but if those people show up to the PTG session I am fine to teach them that there instead of teaching folks how to develop for storyboard
18:50:14 <SotK> #undo
18:50:15 <openstack> Removing item from minutes: #topic Open Discussion
18:50:41 <SotK> yeah, just doing that at the PTG instead makes sense if folks are interested
18:51:21 <diablo_rojo> Happy to do whatever people request
18:51:31 <SotK> thanks :)
18:51:32 <diablo_rojo> I got nothing else today :)
18:52:38 <SotK> in that case, lets finish a little early
18:52:44 <SotK> thanks for coming folks!
18:52:50 <SotK> #endmeeting