18:01:45 #startmeeting storyboard 18:01:45 Meeting started Thu Oct 10 18:01:45 2019 UTC and is due to finish in 60 minutes. The chair is SotK. Information about MeetBot at http://wiki.debian.org/MeetBot. 18:01:46 Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 18:01:49 The meeting name has been set to 'storyboard' 18:02:34 #link https://wiki.openstack.org/wiki/Meetings/StoryBoard (rough) Agenda 18:03:04 I've failed to remember to update that, but I didn't have anything in particular to add to it anyway 18:03:09 #topic Announcements 18:03:24 I don't believe there's anything to announce this week 18:03:35 diablo_rojo? 18:03:49 nothing to my knowledge 18:04:02 there's a thing comnig up in shanghai 18:04:45 Nope nothing new 18:05:26 #topic Migration Updates 18:05:47 None here either. 18:06:18 Kind of in a holding pattern until the speed enhavcements and the attachment land 18:06:23 *attachements 18:06:37 i did see the migration docs change get reviewed 18:06:37 yep, that's what I thought 18:06:46 Yeah that was nice :) 18:06:49 Thanks again for that 18:06:58 #link https://review.opendev.org/#/c/680235/ 18:07:04 #link https://review.opendev.org/680235 Adds Migration Docs to Dashboard 18:07:16 oops 18:07:39 heh, your link is better 18:07:52 np 18:08:23 I'll try to get to actually doing some of the million other things I've said I'll do at some point 18:08:50 the fact I've found energy to do some reviews at last is a good sign :) 18:08:57 i did go through a couple weeks ago and start getting the projects which have migrated and are under openstack vmt oversight in better shape 18:09:23 now if someone opens a security-related private story for any of the covered deliverables, the openstack-security team is auto-added 18:09:45 which is what i renamed the generic old "vmt" team to for ease of discoverability 18:09:50 nice, its good to see that feature getting used 18:10:17 the team management in project-config stuff you're working on looks nice too 18:10:21 SotK also talked me through enough of the perms schema that i was able to insert myself into and audit all existing private stories 18:10:51 more than half were test stories, but for the ones which looked like legitimate defect reports i worked out who would be best to add to them and did that 18:11:12 #topic In Progress Work 18:11:20 (I think we've moved off migration updates) 18:11:50 yeah 18:12:03 is there anything more that we could do in storyboard to help with the private stories stuff? 18:12:23 now that the auto-permissions stuff is being used I mean 18:12:24 well, that was about lingering semi-blockers for projects who went ahead and migrated anyway 18:12:28 but yeah 18:12:55 i've drafted up a schema for managing teams and project associations in git: 18:13:10 #link https://review.opendev.org/685778 Record vulnerability management teams used in SB 18:13:56 started looking into whether the associated automation should be implemented the same way we currently perform project and project-group additions 18:14:07 quickly concluded that no, it's a horrible anti-pattern 18:14:47 for that we have a puppet exec which fires an overloaded storyboard-dbmanage subcommand to ingest the project and project-group info from the project-config projects.yaml file 18:15:35 yeah, not doing more of that kind of thing sounds like a good idea to me 18:15:47 for the new work (which i would also like to switch that stuff over to) i think i'm going with ansible interpreting the projects.yaml and using python module which creates/updates/removes resources by way of the rest api authenticated with a token 18:15:56 Yeah I think when I was talking to keystone about stuff a while back they were also opposed to that way 18:16:31 right, having configuration management almost directly interfacing with the backend db seems like dangertown 18:16:51 anyway, that's where i'm at now 18:17:30 but the upshot is that project maintainers ought to have a good self-service mechanism to take care of their team rosters and project association 18:17:53 backed by revision control and code review 18:18:34 which is really the last piece of the puzzle for vmt needs 18:19:30 nice, that approach seems good to me 18:20:29 Yeah that sounds good to me too 18:20:57 I don't really have anything to mention in-progress 18:20:59 anything else? 18:21:23 I got nothing atm 18:21:36 I will make it a point to poke mordred again about sql magic 18:22:12 i still need to perform the experiment i mentioned a few weeks ago about restarting rabbit and friends to see what happens to query times 18:22:24 wrt pressure on cache memory 18:23:43 oh, I feel like there's been a couple of instances of people having weird login trouble recently too, was that just intermittent issues with ubuntu one? 18:24:23 I havent had any of those issues, but I think I saw johnsom having the issue the other day? 18:24:28 fungi, talked to him? 18:24:41 SotK: oh, i have a story to open after doing a bit more research 18:24:50 fungi, oh? 18:24:50 but in short, i think the reproducer is this: 18:24:59 while logged in, create a private story 18:25:07 log out and attempt to go to the url of the story 18:25:28 use the login button to log in because you can't see the private story otherwise 18:25:58 the redirect url handed off to the openid provider is nonfunctional, which causes authentication to blow up in weird ways 18:26:31 Oh interesting 18:26:32 or at least it's nonfunctional for clients which try to hit it without authentication, which includes the openid provider 18:26:45 Huh 18:26:48 his case was basically this: 18:27:05 had been travelling away from computer for a few days so sb login session expired 18:27:14 received e-mail referring to the url of a private story 18:27:25 followed that url but couldn't see it because wasn't logged in 18:27:31 tried to log in, got cryptic error 18:28:19 huh, that's an annoying one 18:28:38 i encountered the same sort of scenario when i was auditing private stories too, which is why i'm pretty sure this is the problem, but i need to try to spend a few minutes recreating it to confirm 18:29:04 the workaround of course is to go to a working sb page anonymous clients can access and then log in from there 18:29:13 then go to the private story url once authenticated 18:31:31 Makes sense. 18:31:35 yeah, at least its easy enough to work around 18:31:47 Thankfully not crippiling, but something to clean up as soon as we can. 18:32:21 I guess we need to do some checking in the backend when generating the redirect URL 18:32:31 the bigger issue is that it's confusing users, luckily it won't be hit often 18:33:14 The other problem we are hitting is the duplicate names for people. I.e. which is the right one to give private access 18:33:43 Or assign stories to 18:33:55 i've found and deactivated a handful of duplicate accounts so far when they've come to my attention 18:34:03 Maybe we can gather a list of higher profile bugs to work on. I did have NDSU reach out to me about another round of mentoring/students working on OpenStack. 18:34:29 as far as accounts with similar names, we're hoping to display e-mail addresses alongside them like gerrit does 18:34:37 fungi there are two “Michael Johnson”s 18:35:45 Is there an ETA on the email addresses? 18:36:13 oh man I thought I'd already reviewed that patch 18:36:28 johnsom: i can confirm, looks like those are distinct people, one with a sas.com e-mail address and another with a gmail.com address 18:36:39 I will do so after this meeting, ETA next day or so hopefully :) 18:36:42 separate ubuntu one openids 18:36:49 Yeah, I was never at sas 18:37:48 Who knows how many stories I have assigned them... lol 18:38:00 SotK, whenever you get a sec to review it :) 18:38:02 johnsom: as far as adding to security-related stories, i hope my team management work will simplify that because a security team including the right user can just be granted access instead 18:38:20 johnsom: if they do the work, maybe it's a blessing in disguise ;) 18:38:27 LOL 18:38:34 I wish! 18:39:58 haha 18:40:08 anything else folk want to raise about in progress stuff? 18:40:37 i did switch a bunch of private opendev/storyboard stories public and then deleted them 18:40:57 SotK, I think you can +W the two changes of mine you have +2ed 18:40:58 because people were opening stories against the sb project thinking it was a testing sandbox 18:41:03 unless fungi wants to 18:41:16 which two? 18:41:42 https://review.opendev.org/#/c/645960/ and https://review.opendev.org/#/c/680235/ 18:42:17 ahh, right, those 18:42:48 and approved 18:42:55 thanks! 18:43:22 thank you! 18:43:50 Thanks! 18:44:02 it's a thank-you party 18:45:21 #topic PTG + Forum 18:45:38 do we have anything we need to do for this at the moment? 18:46:28 i may be cheering from the sidelines if the chinese embassy doesn't hurry up with my visa 18:46:41 but no, i think we're fairly prepared 18:46:57 or entirely unprepared but are just going to "wing it" anyway 18:48:02 sounds good (except the visa part) :) 18:48:11 #topic Open Discussion 18:48:43 I dont think our Forum session got selected. 18:48:50 But we do have space on the PTG schedule 18:49:01 But yeah, can just see who is around and wing it 18:49:15 which we were going to use for show-and-tell/onboarding/whatever 18:49:35 teach people about storyboard features 18:49:36 Yeah the forum session was going to be onboarding users 18:49:39 and the features 18:50:00 but if those people show up to the PTG session I am fine to teach them that there instead of teaching folks how to develop for storyboard 18:50:14 #undo 18:50:15 Removing item from minutes: #topic Open Discussion 18:50:41 yeah, just doing that at the PTG instead makes sense if folks are interested 18:51:21 Happy to do whatever people request 18:51:31 thanks :) 18:51:32 I got nothing else today :) 18:52:38 in that case, lets finish a little early 18:52:44 thanks for coming folks! 18:52:50 #endmeeting