#openstack-swift log

21:03:34 <timburke> #startmeeting swift
21:03:34 <opendevmeet> Meeting started Wed Jun 15 21:03:34 2022 UTC and is due to finish in 60 minutes.  The chair is timburke. Information about MeetBot at http://wiki.debian.org/MeetBot.
21:03:34 <opendevmeet> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
21:03:34 <opendevmeet> The meeting name has been set to 'swift'
21:03:43 <timburke> who's here for the swift meeting?
21:06:10 <mattoliver> o/
21:06:13 <kota> hi, i'm late
21:06:41 <mattoliver> acoles is on vacation
21:06:44 <timburke> heh -- i was just about to propose cancelling for lack of interest/new topics ;-)
21:07:21 <timburke> main thing i wanted to bring up was around the sha1 deprecation stuff
21:07:28 <timburke> #topic sha1 deprecation
21:07:38 <mattoliver> Well a short one is OK too :)
21:07:56 <timburke> i'd appreciate some reviews on https://review.opendev.org/c/openstack/python-swiftclient/+/845157 to add support for sha256/sha512 tempurls to the client
21:07:57 <kota> +1
21:09:09 <timburke> mattoliver, i pushed up some revisions to https://review.opendev.org/c/openstack/swift/+/838434 to add sha256/sha512 support server-side for formpost -- if it looks good to you, let's go ahead and merge it
21:09:53 <timburke> and i took acoles's idea to make the tempurl deprecation a little softer and wrote up https://review.opendev.org/c/openstack/swift/+/845862
21:10:36 <timburke> basically, the idea is to keep sha1 support by default for now, but warn about it when clients use it
21:10:58 <mattoliver> kk, thanks, I'll loop back to it todat
21:11:01 <mattoliver> *today
21:11:24 <timburke> thanks!
21:11:39 <mattoliver> I did take a quick look the other day and was a great refactor and change, so thanks!
21:11:40 <timburke> to make the tempurl warnings not *so* overwhelming, just log the first time a client uses it per-worker
21:12:13 <timburke> though that could still get to be a lot, depending on how often you reload your proxies
21:12:47 <mattoliver> sure, but better, and if people don't want the noise, stop using sha1 :)
21:13:26 <kota> true
21:13:40 <timburke> you can disable the warning on client usage by explicitly configuring sha1 -- but it'll go back to warning you during process start-up instead
21:15:49 <timburke> i'm still torn about whether it's a good path forward -- we (nvidia) have already had our firedrill about it, so it doesn't buy us anything -- and it puts the eventual dropping of sha1 support that much further off
21:17:15 <timburke> but if we want to slow down the deprecation, now's the time to do it -- and i'd like to tag a release sometime in the next month or so, so... what do we think? should i pursue it further and write up some tests around it?
21:17:28 <mattoliver> at least it is a path, and lack of support in the client probably means its a good idea
21:18:46 <timburke> true -- which reminds me that i ought to go review https://review.opendev.org/c/openstack/python-swiftclient/+/833954 to move formpost to the client ;-)
21:21:49 <timburke> all right, i'll get some tests together
21:21:57 <mattoliver> oh yeah, I should confirm I have base64 support there
21:22:51 <timburke> we could probably rebase it off the tempurl patch and share some code
21:23:05 <timburke> i figured i'd probably do that as part of my review ;-)
21:23:43 <mattoliver> true. whoever gets to it first ;)
21:25:08 <timburke> all right
21:25:14 <timburke> #topic backend ratelimiting
21:25:30 <timburke> mattoliver, did i see you reworked some patches around this?
21:26:27 <mattoliver> Well it was refactoring the error_limiting code, mostly rebasing it.
21:27:52 <mattoliver> seperating the error_limiting into a class where we can configure the count and period was something that has come up again, I think related
21:28:12 <mattoliver> and I already had a patch for that.
21:28:44 <timburke> nice
21:29:43 <timburke> all right -- i think that's all i've got
21:29:52 <timburke> #topic open discussion
21:30:02 <timburke> anything else we ought to bring up this week?
21:30:28 <mattoliver> nope
21:30:52 <timburke> all right -- i'll let you guys get breakfast then ;-)
21:31:00 <timburke> thank you for coming, and thank you for working on swift!
21:31:04 <timburke> #endmeeting