#openstack-meeting log

21:00:25 <notmyname> #startmeeting swift
21:00:26 <openstack> Meeting started Wed Feb 17 21:00:25 2016 UTC and is due to finish in 60 minutes.  The chair is notmyname. Information about MeetBot at http://wiki.debian.org/MeetBot.
21:00:27 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
21:00:29 <openstack> The meeting name has been set to 'swift'
21:00:31 <notmyname> who's here for the swift meeting?
21:00:33 <mattoliverau> o/
21:00:35 * onovy 
21:00:36 <cutforth> hola!
21:00:38 <ho_away> o/
21:00:39 <sarafraj> o/
21:00:41 <Zyric> Hi :)
21:00:41 <cschwede> o/
21:00:41 <takashi> o/
21:00:42 <m_kazuhiro> o/
21:00:43 <joeljwright> hey
21:00:46 <jrichli> yo
21:00:50 <acoles> here
21:00:57 <sgundur> hi
21:01:01 <timburke> o/
21:01:03 <torgomatic> .
21:01:50 <notmyname> welcome, everyone
21:01:55 <kota_> hi
21:01:58 <notmyname> agenda for this week is
21:02:03 <notmyname> #link https://wiki.openstack.org/wiki/Meetings/Swift
21:02:50 <notmyname> as a general note, I was asked to make patchbot not lurk in here
21:03:20 <notmyname> I've moved patchbot in for this meeting, but we'll have to remember to add/remove it for each meeting. please help me remember :-)
21:03:30 <notmyname> let's get started, then
21:03:33 <notmyname> #topic hackathon
21:03:44 <notmyname> just two weeks until the hackathon (really, more like 1.5)
21:03:57 <notmyname> lots of good stuff collected so far on
21:04:04 <notmyname> #link https://etherpad.openstack.org/p/swift-hackathon-feb-2016
21:04:15 <notmyname> please add any topics you're interested in to that etherpad
21:04:34 <notmyname> and feel free to add your name on other topics and comment on stuff that looks interesting or terrible
21:04:55 <cschwede> acoles just send some logistical infos to hackathon attendes. big kudos Alistair!
21:04:59 <clayg> weee
21:05:08 <notmyname> it looks like we'll be in the same situation we were in last time. abotu 2x more topics that people in the room :-)
21:05:14 <notmyname> cschwede: yup, I got it too
21:05:26 <notmyname> so check your email for some logicstics info for the hackathon
21:05:46 <acoles> email appears as from "Logistical information" so look hard for it in your inboxes !
21:05:49 <clayg> whoa - it even says "Logistical information" how apt
21:05:53 <notmyname> cool, and acoles revealed the evening stuff
21:05:53 * acoles is eventbrite novice
21:06:04 <notmyname> a tour of roman baths. in bath.
21:06:09 <acoles> tada!
21:06:13 <notmyname> :-)
21:06:37 <jrichli> +1
21:06:43 <notmyname> acoles: thank you for continuing your work on setting all this up and getting it organized. it will be a great week :-)
21:06:47 <tdasilva> hello
21:06:52 * mattoliverau pretemds to not be listening to this part
21:06:55 <clayg> acoles: do I bring a bathing suit or is it more roman that that?
21:07:04 <jrichli> lol
21:07:46 <acoles> clayg: errrr...not in the museum but there is a modern spa next door
21:07:59 <notmyname> does anyone have any questions about the hackathon?
21:08:00 <acoles> should you desire
21:08:09 <acoles> mattoliverau: awww
21:09:20 <notmyname> ok, no questions
21:09:24 <notmyname> #topic release status
21:09:30 <clayg> another one!
21:09:43 <notmyname> late last week I released a new version of swift-bench
21:09:49 <onovy> thanks for it!
21:09:49 <notmyname> first one in 2 years!
21:10:22 <notmyname> for swiftclient, I'd like to have a release done this week
21:10:39 <notmyname> actually, I just want it done before I get on the plane from bristol, but I'd prefer this week over next
21:11:02 <notmyname> so i've got an authors/changelog update in progress locally now. I hope to finish that this afternoon
21:11:03 <joeljwright> the logging issue of tokens is still hanging around
21:11:07 <torgomatic> oh come on, type "git push", shut your laptop, and get on a plane for 12 hours. what's the worst that could happen?
21:11:21 <joeljwright> but no accepted solution yet I think
21:11:22 <notmyname> torgomatic: the bots will save us
21:11:40 <notmyname> joeljwright: what's the patch link on that? (or is it just still in LP?)
21:11:47 <acoles> joeljwright: is that waiting on truncating vs hashing the token?
21:12:00 <onovy> and what about liberty/kilo stable releases?
21:12:04 <joeljwright> one sec - need to gid in history
21:12:11 <joeljwright> s/gid/dig
21:12:12 <timburke> patch 194884 and patch 259273
21:12:12 <patchbot> timburke: https://review.openstack.org/#/c/194884/ - python-swiftclient - don't log sensitive request and response header va...
21:12:13 <patchbot> timburke: https://review.openstack.org/#/c/259273/ - python-swiftclient - ecnode auth token in swiftclient log message
21:12:28 <joeljwright> https://review.openstack.org/#/c/194884/
21:12:31 <patchbot> joeljwright: patch 194884 - python-swiftclient - don't log sensitive request and response header va...
21:12:44 <timburke> sorry joeljwright, beat you to it :)
21:12:46 <joeljwright> https://review.openstack.org/#/c/259273/
21:12:46 <patchbot> joeljwright: patch 259273 - python-swiftclient - ecnode auth token in swiftclient log message
21:12:51 <joeljwright> dammit!
21:12:57 <joeljwright> didn't look
21:13:01 <joeljwright> at least I got them both!
21:13:04 <joeljwright> :D
21:13:25 <notmyname> IMO it should be the same as swift itself. truncated instead of hashed. that would make it easier for any sort of log correlation.
21:13:32 * notmyname shoudl leave a comment to that effect
21:13:44 <acoles> +1
21:13:48 <onovy> +1 too
21:14:02 <notmyname> joeljwright: can you set the linked bug to "critical" status? that way we know that's blocking a release
21:14:04 <joeljwright> the battle between —debug for curl commands and security is ongoing though it seems
21:14:32 <joeljwright> notmyname: kk
21:14:35 <notmyname> thanks
21:14:53 <notmyname> also seems we need to resolve any differences between the two patches. they do something similar
21:15:00 <clayg> well if there is a battle there security normally wins; I think there was some hope you could have your cake and eat it too
21:15:20 <joeljwright> clayg: I agree with you, it seems like it should be possible
21:15:28 <joeljwright> and those curl commands are damned useful
21:15:35 <clayg> for sure
21:15:38 <acoles> yup
21:15:48 <clayg> joeljwright: i think it's important that the defaults be secure
21:16:00 <joeljwright> definitely
21:16:09 <clayg> joeljwright: acoles: if then the command line client can say "I'm the boss, I know where I'm logging, I want real tokens at debug level to the console"
21:16:20 <clayg> that'd be a) secure and b) useful
21:16:29 <joeljwright> where is the line drawn though?
21:16:37 <joeljwright> do we accept local logging of tokens?
21:16:43 <clayg> "local"?
21:16:56 <joeljwright> local files if they're configured?
21:17:00 <joeljwright> how to be safe?
21:17:06 <joeljwright> or just debug console output
21:17:08 <joeljwright> ?
21:17:52 <clayg> I'm not sure exactly how the implemenation would fall out - all that matters is no logger of full tokens at any level by default
21:18:18 <joeljwright> clayg: agreed
21:18:21 <notmyname> that seems reasonable
21:18:59 <clayg> where by default means "import swiftclient; configure_my_root_loggers(); swiftclient.do_stuff()"
21:19:04 <timburke> i like clayg's idea of leaving it to the application (in swiftclient's case shell.py) to muck about with the logger to allow logging of tokens
21:19:36 <acoles> ^^ this is how I imagined it might work out
21:19:37 <clayg> if someone (like our shell.py) does import swiftclient; configure_my_root_logger(); swiftclient.enable_my_insecure_logging(); swiftclient.do_stuff()" and that results in tokens to the console - so be it
21:20:04 <clayg> it's how library logging is supposed to work - it's the app job to configure logging - but the library must have sane defaults
21:20:12 <timburke> because really, there's nothing to stop an application from logging Connection.auth_token directly *anywau*
21:20:14 <clayg> where defaults == what happens if you configure a root loger
21:20:27 <clayg> timburke: good point!
21:20:42 <clayg> all over but the typing
21:20:49 <joeljwright> :)
21:21:04 <notmyname> well, except there's the resolution between zack's patch and bing hu's patch
21:21:21 <clayg> that's part of the typing - git review - it's all just typing
21:21:25 <notmyname> heh
21:21:44 <notmyname> ok. I've starred both. they need some typing in gerrit and a code editor :-)
21:21:58 <notmyname> let's move on for the meeting agenda
21:22:06 <clayg> notmyname: the bug is critical tho - it's holding the release right?
21:22:11 <clayg> notmyname: i think that's good/ok
21:22:13 <notmyname> clayg: absolutely
21:22:16 <clayg> notmyname: nice
21:22:25 <notmyname> #topic some community stats and starred patches
21:22:30 <timburke> real quick, though: patch 265417 would also be nice to get in; acoles has already +2ed
21:22:30 <patchbot> timburke: https://review.openstack.org/#/c/265417/ - python-swiftclient - _RetryBody doesn't need to take explicit etag/cont...
21:22:50 <onovy> notmyname: and what about liberty/kilo stable releases?
21:22:53 <joeljwright> timburke: will take a look
21:22:56 <timburke> thanks
21:23:09 <notmyname> onovy: ah, I meant to say something about swift releases
21:23:10 <notmyname> #undo
21:23:11 <openstack> Removing item from minutes: <ircmeeting.items.Topic object at 0x977c490>
21:23:18 <notmyname> hey, that worked
21:23:22 <acoles> joeljwright: IIRC its not a difficult review
21:23:23 <notmyname> (I think)
21:23:44 <joeljwright> acoles: :)
21:24:00 <mattoliverau> lol, not 0x977c490
21:24:04 <notmyname> for swift release (master or stable), there are no definite plans yet, other than it's generally good to release
21:24:04 <timburke> notmyname: yup! now go +1 patch 272727
21:24:05 <patchbot> timburke: https://review.openstack.org/#/c/272727/ - openstack-infra/meetbot - Add __str__ methods for items
21:24:43 <onovy> notmyname: ok, thanks :)
21:24:49 <notmyname> onovy: AFAIK there are no outstanding patches for backports to stable branches
21:25:00 <onovy> only CVE? :)
21:25:22 <notmyname> onovy: other than the personal request you've made for a backport to unsupported juno
21:25:27 <onovy> https://github.com/openstack/swift/commit/8c1976aa771f8c43c5dbe676bd9a5efc69f09eae
21:25:30 <onovy> liberty CVE
21:25:41 <onovy> https://github.com/openstack/swift/commit/a4c1825a026655b7ed21d779824ae7c25318fd52
21:25:43 <onovy> kilo CVE
21:25:45 <notmyname> onovy: is that not landed?
21:26:05 <onovy> don't see any 2.3.1 release
21:26:13 <onovy> so commited: yes. released? no
21:26:15 <notmyname> onovy: oh. wrt releases. we (the swift community) don't do the releases for stable branches
21:26:29 <notmyname> that's handled by the openstack stable maintenance team IIRC
21:26:36 <onovy> ah
21:26:38 <onovy> ok.
21:26:55 <notmyname> if you ping them on it and find new info for somethign that we need to do, please let us know :-)
21:27:06 <notmyname> ok, moving on now?
21:27:09 <onovy> yep, thanks
21:27:27 <notmyname> #topic some community stats and starred patches
21:27:47 <notmyname> some of you have noticed I've got some more scripts for tracking some stuff in the community
21:27:54 <notmyname> 2 things I wanted to highlight in the meeting
21:28:06 <notmyname> first is review times
21:28:20 <notmyname> good news! we're doing better :-)
21:28:26 <mattoliverau> \o/
21:28:30 <notmyname> Patch owner review stats:
21:28:30 <notmyname> mean: 6 days, 10:54:27.703903
21:28:30 <notmyname> median: 1 day, 18:14:26
21:28:36 <clayg> better than... what?
21:28:39 <notmyname> Patch reviewer stats:
21:28:39 <notmyname> mean: 5 days, 23:24:23.975351
21:28:40 <notmyname> median: 9:01:49.666667
21:28:49 <notmyname> better than we were
21:28:58 <notmyname> also "reviewers" are doing better than "owners" right now
21:29:11 <acoles> go reviewers!
21:29:12 <notmyname> ie reviewers are responding in gerrit faster than patch authors are
21:29:25 <tdasilva> hmm...interesting
21:29:28 <torgomatic> I've got some scripts for gaming the metrics tracked by your scripts :p
21:29:41 <tdasilva> lol
21:29:41 <torgomatic> (not really)
21:29:42 <notmyname> torgomatic: of course you do
21:29:50 <notmyname> however, there are currently 21 unreviewed patches: https://gist.github.com/notmyname/92edb4012f83e88612f1
21:29:57 <notmyname> ah 20
21:30:06 <mattoliverau> but notmyname's scripts game your gaming scripts torgomatic :P
21:30:31 <onovy> unreviewed by "anyone", right?
21:30:47 <notmyname> onovy: correct. either no comments or only comments from the author
21:31:08 <timburke> wait, so there are *no* unreviewed client patches? i'm skeptical :P
21:31:18 <mattoliverau> lol
21:31:18 <cschwede> notmyname: but only on their last patchset, there are patches that have been reviewed already (on older patchsets)
21:31:20 <notmyname> this is only for master branch of swift. sorry timburke
21:31:26 <onovy> timburke: https://review.openstack.org/#/c/280200/
21:31:26 <patchbot> onovy: patch 280200 - python-swiftclient - Add copy object method
21:31:28 <onovy> there are :)
21:32:15 <notmyname> the second community thing I wanted to share is the list of community-starred patches
21:32:21 <notmyname> https://gist.github.com/notmyname/d524486b45f2b9f4c322
21:32:28 <timburke> onovy: also, patch 184956 (from May!)
21:32:28 <patchbot> timburke: https://review.openstack.org/#/c/184956/ - python-swiftclient - Accept gzip-encoded API responses
21:32:33 <onovy> timburke: ;)
21:32:50 <notmyname> this is a list of the top patches that have been starred by everyone in the community
21:33:34 <cschwede> count is the number of users that starred a patch? looks quite high
21:33:36 <notmyname> (weighted by the starrer's level of activity in the community)
21:33:47 <cschwede> ahh, k
21:34:27 <notmyname> my goal is to take all this info and put it into some html format so that it's more easily sharable and findable
21:34:27 <tdasilva> notmyname: is there a list that is not weighted?
21:34:28 <mattoliverau> i really need to get that concurrent reads done then.. I know what I'm doing today :)
21:35:06 <tdasilva> sounds like we need a "community dashboard" :)
21:35:15 <notmyname> tdasilva: no. you want to see just the count of how many people have starred something?
21:35:21 <tdasilva> yeah
21:35:25 <notmyname> tdasilva: yeah. that's what I'm going for :-)
21:35:28 <mattoliverau> you can never have too many dashboards!
21:36:14 <acoles> notmyname: will you make list dynamic - I don't make a habit of starring patches, maybe others too, so the ranking could change in response to it being shared
21:36:56 <notmyname> acoles: right. it will likely be updated once a day. but yes, it's currently limited by people actually starring things
21:37:20 <notmyname> and I think you're right. that will change if it's more public
21:37:51 <notmyname> this is ongoing work, so let's move on for the meeting
21:38:07 <notmyname> #topic auditor bug 1183656
21:38:08 <acoles> notmyname: thanks for working on this stuff
21:38:09 <openstack> bug 1183656 in OpenStack Object Storage (swift) "object auditors don't finish" [High,In progress] https://launchpad.net/bugs/1183656 - Assigned to Christian Schwede (cschwede)
21:38:19 <notmyname> cschwede: what's up with your patch on this? what do we need
21:38:23 <notmyname> cschwede: and thanks for working on it!
21:38:29 <cschwede> notmyname: it’s there: patch 279440
21:38:29 <patchbot> cschwede: https://review.openstack.org/#/c/279440/ - swift - Skip already checked partitions when auditing obje...
21:38:30 <mattoliverau> thanks for sharing that and all the awesome work you've put into the review tracking notmyname
21:39:16 <notmyname> cschwede: looks likes some comments from mattoliverau just now
21:39:34 <mattoliverau> cschwede: you got a pre-coffee review.. I appologise :P
21:39:56 <notmyname> I've bumped up the bug priority to critical so it will block a release
21:40:06 <notmyname> please continue to review this patch
21:40:07 <cschwede> yep, and some from onovy and briancli1e  earlier - thx!
21:40:17 <onovy> np
21:40:41 <notmyname> #topic in-process fast-POST tests (DONE)
21:40:45 <notmyname> acoles: thanks for working on this
21:40:50 <notmyname> looks like it's all done
21:41:09 <notmyname> I thought I saw some failures earlier with this test. have you noticed anything?
21:41:17 <acoles> yes, in a while I will make the job voting, but done for time being
21:41:29 <acoles> ah, i have not seen any yet
21:41:38 <notmyname> ok. could have been spurious gate stuff, too
21:41:54 <notmyname> #topic ho's RBAC tests (done!)
21:41:56 <acoles> anyone know how to search for specific job stats in gerrit?
21:42:10 <notmyname> thanks for helping with this, everyone. cschwede thanks for pushing this across the line
21:42:17 <notmyname> acoles: no :-(
21:42:27 <cschwede> yw!
21:42:28 <notmyname> acoles: I think you maybe can but only on a specific jenkins job
21:42:34 <acoles> notmyname: ok. i'll keep an eye on it
21:42:41 <notmyname> acoles: oh, I'll bet you can find something with the kibana interface
21:43:09 <ho_away> acoles, cshwede, all: thanks for it :-)
21:43:14 <notmyname> #topic pyeclib migration
21:43:27 <notmyname> onovy: seems this is "done" except for the global requirements update
21:43:32 <notmyname> or maybe that landed too, earlier today
21:43:38 <notmyname> onovy: anything else to do here?
21:43:47 <onovy> i think it's done
21:43:50 <notmyname> yay
21:44:03 <onovy> glob is done, your review is failing
21:44:04 <onovy> on gating
21:44:09 <onovy> your/our
21:44:32 <notmyname> ok. I'll check it
21:44:38 <notmyname> #topic hash_path prefix and suffix. (or life with py3)
21:44:46 <notmyname> cschwede: you brough this up. want to introduce it?
21:44:54 <cschwede> yep
21:45:18 <clayg> cschwede: it merged already I think
21:45:40 <cschwede> so the problem might be that in py3 the hash_path_suffix is parsed differently, and therefore all your objects might become invalid - if we are not careful
21:45:41 <notmyname> patch 236998
21:45:41 <patchbot> notmyname: https://review.openstack.org/#/c/236998/ - swift - Port get_hmac() and hash_path() to Python 3
21:45:55 <cschwede> Sam raised that concern earlier, and i have a sample in the review
21:45:57 <notmyname> cschwede: yeah. that's bad. let's not do that :-)
21:46:18 <cschwede> switching to a Raw config parser helps, but pls have a look everyone
21:46:26 <notmyname> so my uderstanding is that a % in one of these values make py3 break?
21:46:41 <cschwede> at the end, if someone uses some arbitrary bytes in the value you end up with a different value
21:46:58 <cschwede> notmyname: yes, because py3 interprets the %. that is fixed with the raw parser
21:47:34 <cschwede> i think we also need a note that one should only use printable chars for the hash-values
21:47:40 <notmyname> and https://review.openstack.org/#/c/281492/ seems releated
21:47:40 <patchbot> notmyname: patch 281492 - swift - Add note on using printable chars for swift_hash_p...
21:47:41 <notmyname> yeah
21:48:07 <cschwede> exactly. it’s just a start, we could add a logger warning also, …
21:48:16 <notmyname> I had a similar thought as clayg about a validator of this
21:49:05 <cschwede> validator might be difficult if the parser changes - ie the value to compare against?
21:49:06 <notmyname> ok, so for now, with patch 236998, what's the status? what's the behavior change with the current patch set?
21:49:06 <patchbot> notmyname: https://review.openstack.org/#/c/236998/ - swift - Port get_hmac() and hash_path() to Python 3
21:49:25 <torgomatic> I'm not terribly worried; I think most conscientious admins are going to use some random hex digits, and most other admins are just gonna type "hunter2" in there and call it a day
21:49:26 <notmyname> what do we need to figure out in here today?
21:49:48 <cschwede> more eyes on the review ;)
21:50:06 <notmyname> ok
21:50:19 <notmyname> #topic fix chunked GET support in proxy-server
21:50:26 <notmyname> patch 256201
21:50:26 <patchbot> notmyname: https://review.openstack.org/#/c/256201/ - swift - Fix proxy-server's support for chunked transferrin...
21:50:28 <cschwede> for hexadecimal values there should be no problem
21:50:31 <notmyname> takashi: this one is yours
21:50:38 <takashi> notmyname: yes
21:50:46 <notmyname> am I reading this right? you're adding chunked transfer coding to reads from swift?
21:51:01 <takashi> notmyname: right
21:51:04 <notmyname> very cool :-)
21:51:25 <takashi> it is needed when we put some middleware on the top of object-server, which does streaming processing of object
21:51:34 <notmyname> and from review comments, it seems that the use case is 3rd party middleware that could change...right. what you said :-)
21:52:05 <notmyname> takashi: kota_: other than "moar reviews" is there anything needed here to specifically note?
21:52:15 <notmyname> is there a particular migration or upgrade issue?
21:52:23 <takashi> notmyename: no
21:52:25 <notmyname> or other question that needs to be figured out?
21:52:26 <notmyname> ok
21:52:35 <takashi> I just want to ask review for it
21:52:40 <kota_> enough if we get more reviews :)
21:52:50 <notmyname> kota_: you've already added one +2 ;-)
21:53:02 <notmyname> thansk for working on this. seems like it would offer some very interesting new functionality for 3rd party integration
21:53:04 <kota_> yeah, I like/want to land this :)
21:53:06 <torgomatic> I'd just like to wish good luck to anyone putting middleware in the object server, and don't call me when you encounter an erasure-coded object ;)
21:53:18 <notmyname> :-)
21:53:42 <kota_> torgomatic: :-)
21:54:15 <takashi> torgomatic: I hope so :-)
21:54:21 <notmyname> torgomatic: yeah, storlets do the object server middleware thing, but this seems to be proxy side. so maybe it's not an issue for this patch?
21:54:48 <takashi> notmyname: right
21:54:57 <kota_> oh, yeah. proxy for now has a problem with chunked transfer.
21:55:01 <notmyname> last topic on the agenda this week...
21:55:18 <notmyname> #topic add functional test for access control
21:55:30 <ho_away> second patch and also the one that is in unreviewed patches :-)
21:55:30 <notmyname> patch 213608
21:55:31 <patchbot> notmyname: https://review.openstack.org/#/c/213608/ - swift - Add functional test for access control (container ...
21:56:06 <notmyname> ho_away: it's only 1917 lines long. I'm *shocked* it's not reviewed yet ;-)
21:56:15 <mattoliverau> lol
21:56:25 <notmyname> ok, this is the followup to the basic RBAC testing structure that landed last week, right?
21:56:25 <ho_away> yeah, only :-)
21:56:39 <ho_away> notmyname: yep
21:57:09 <cschwede> i could add another patch with docstrings if you like. makes it easier to review
21:57:34 <ho_away> this patch adds test cases for container acl
21:57:50 <notmyname> cschwede: that sounds like a good idea to me :-)
21:58:14 <mattoliverau> cschwede: you are a scholar and a gentleman :)
21:58:37 <ho_away> cschwede: thanks for it :-)
21:59:00 <cschwede> yw :)
21:59:21 <notmyname> great :-)
21:59:25 <mattoliverau> 45 seconds left
21:59:26 <notmyname> and we're out of time for the meeting
21:59:31 <notmyname> perfect timing
21:59:46 <notmyname> thanks everyone for coming this week. thanks for working on swift
21:59:49 <notmyname> #endmeeting