#openstack-tc log

18:00:22 <noonedeadpunk> #startmeeting tc
18:00:22 <opendevmeet> Meeting started Tue Oct 15 18:00:22 2024 UTC and is due to finish in 60 minutes.  The chair is noonedeadpunk. Information about MeetBot at http://wiki.debian.org/MeetBot.
18:00:22 <opendevmeet> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
18:00:22 <opendevmeet> The meeting name has been set to 'tc'
18:00:32 <noonedeadpunk> Welcome to the weekly meeting of the OpenStack Technical Committee. A reminder that this meeting is held under the OpenInfra Code of Conduct available at https://openinfra.dev/legal/code-of-conduct.
18:00:36 <noonedeadpunk> #topic Roll Call
18:00:39 <noonedeadpunk> o/
18:00:54 <noonedeadpunk> #chair gouthamr
18:00:54 <opendevmeet> Current chairs: gouthamr noonedeadpunk
18:01:27 <bauzas> o/
18:01:38 <gmann> o/
18:01:52 <cardoe> \o
18:02:28 <noonedeadpunk> there're 3 absences that are on a record
18:03:25 <slaweq> hi, do we have meeting today?
18:03:48 <noonedeadpunk> we do if we get qourum and right now on a rollcall :)
18:04:01 <slaweq> ahh, ok, sorry for being late
18:04:13 <gmann> you are on right time :)
18:04:49 <noonedeadpunk> gtema seems to be not on the channel
18:05:12 <noonedeadpunk> but we have 5 ppl in there, so technically - it's a quorum
18:05:17 <bauzas> when will be the DST for the US ?
18:05:24 <bauzas> this weekend ?
18:05:36 <gmann> Nov 3rd
18:05:48 <noonedeadpunk> I was thinking about next one though
18:06:01 <noonedeadpunk> but yeah
18:06:03 <gtema> Hey, I am on PTO this unavailable
18:06:12 <noonedeadpunk> ack
18:06:36 <cardoe> So no quorum then?
18:06:46 <bauzas> gmann: ack
18:06:53 <noonedeadpunk> we have 5 ppl exactly
18:07:06 <gmann> yeah, we have quorum
18:07:10 <noonedeadpunk> given slaweq has checked in :)
18:07:20 <noonedeadpunk> #topic Last Week's AIs
18:07:56 <noonedeadpunk> first action point was on gmann regarding proposing changes to increase coverage for requirements
18:08:02 <noonedeadpunk> any updates on this one?
18:08:26 <gmann> I proposed it but there are soem failure regarding quota which I need to debug
18:08:28 <gmann> #link https://review.opendev.org/c/openstack/python-openstackclient/+/931858
18:08:55 <gmann> need to check if those are related to adding new jobs or something else
18:09:30 <gmann> this is for osc, I still need to add greande job for requirement though
18:09:45 <noonedeadpunk> it does not look intermitent to me right now
18:10:17 <noonedeadpunk> as failures are exactly same in 2 jobs
18:10:49 <gmann> yeah, maybe some race on quota tests from multiple jobs but need to debug it
18:11:27 <noonedeadpunk> yeah, ok, but patch is around, which is good.
18:11:55 <noonedeadpunk> going next
18:12:12 <noonedeadpunk> gouthamr needed to confirm PTG sessions for TC.
18:12:31 <noonedeadpunk> and this has been done and written down in etherpad
18:12:44 <noonedeadpunk> PTG is a topic on itself, so let's get the ball rolling
18:12:52 <noonedeadpunk> #topic TC PTG
18:13:12 <noonedeadpunk> there are 2 sessions which were booked
18:13:36 <noonedeadpunk> #link https://etherpad.opendev.org/p/oct2024-ptg-os-tc
18:14:10 <noonedeadpunk> So we do have a session on Monday, Oct 21 from 14UTC to 16 UTC
18:14:30 <noonedeadpunk> I believe this is designated for interaction with community and other projects
18:14:34 * bauzas notes
18:15:04 <noonedeadpunk> And then also Friday, Oct 18 from 15 to 16 UTC to sum-up passed PTG
18:15:18 <noonedeadpunk> ptg schedule is available as usual at
18:15:20 <noonedeadpunk> #link https://ptg.opendev.org/ptg.html
18:15:40 <gmann> Oct 18 15 to 17 UTC , 2 hrs right?
18:15:57 <gmann> got it. ++
18:15:58 <noonedeadpunk> Oh, yes, sorry
18:15:58 <bauzas> that's what I can see indeed
18:16:11 <noonedeadpunk> my bad, I was metioning slots :D
18:16:29 <noonedeadpunk> correcting myself
18:16:30 <noonedeadpunk> Monday, Oct 21 from 14UTC to 17 UTC
18:16:41 <noonedeadpunk> Friday, Oct 18 from 15 to 17 UTC
18:17:14 <noonedeadpunk> also correct timing was mentioned in etherpad linked above
18:17:25 <noonedeadpunk> thanks for correcting gmann
18:17:53 <noonedeadpunk> With that I think we should also cancel our regular IRC meeting on Tuesday next week
18:18:06 <slaweq> ++
18:18:11 <gmann> ++
18:18:19 <noonedeadpunk> should I create a poll for that or...
18:18:55 <gmann> I do not think we need poll, you can just ask if any objection
18:19:07 <bauzas> ++
18:20:06 <noonedeadpunk> ok, I assume no objections here then.
18:20:27 <noonedeadpunk> I will send an email with notification about IRC meeting being cancelled next week
18:21:43 <noonedeadpunk> #topic Leaderless projects
18:22:26 <noonedeadpunk> First - Watcher.
18:22:40 <noonedeadpunk> I see they have pushed a patch as was discussed in a ML
18:22:45 <noonedeadpunk> #link https://review.opendev.org/c/openstack/governance/+/932419
18:23:27 <bauzas> thanks gmann for the review
18:23:29 <noonedeadpunk> it's quite a new one - was pushed just today.
18:23:52 <noonedeadpunk> ++ thanks indeed!
18:24:00 <noonedeadpunk> a good catch
18:24:34 <gmann> I hope they are planning for PTG also and not blocked due to PTL appointment
18:24:47 <noonedeadpunk> And next project is Mistral, we still did not got any response in the patch
18:24:50 <noonedeadpunk> #link https://review.opendev.org/c/openstack/governance/+/927962
18:25:37 <noonedeadpunk> I think it was on me to write a ML to brng attention in case they've missed comments
18:25:42 <noonedeadpunk> but failed so far :(
18:26:10 <gmann> I think there was one email about it
18:26:11 <noonedeadpunk> #action noonedeadpunk to write email about Mistral PTL appointment patch needing attention
18:26:21 <bauzas> ack
18:26:37 <noonedeadpunk> yeah, but it was before appointment patch
18:26:43 <gmann> ohk, I see
18:26:44 <noonedeadpunk> I will bump the thread
18:26:49 <noonedeadpunk> iirc
18:26:49 <gmann> ++ thanks
18:27:15 <noonedeadpunk> #topic A check on gate health
18:27:25 <noonedeadpunk> Anything on that?:)
18:28:35 <gmann> for greande things, enabling global venv there and there are few project failing(catching at least for projects we have job in grenade gate)
18:28:37 <gmann> #link https://review.opendev.org/c/openstack/grenade/+/930507/12
18:28:49 <gmann> octavia is fixed but ironic, heat jobs failing
18:29:06 <cardoe> I believe JayF
18:29:20 <gmann> I am getting less time to debug it last and this week but I will continue on this
18:29:22 <cardoe> typing fail... I believe JayF had some patches pending for that for Ironic
18:29:31 <gmann> ohk, I will check
18:29:36 <JayF> Ironic has not supported global venv, ever
18:29:46 <JayF> I had a patch up to support that among a fix for other things
18:29:49 <gmann> #link https://review.opendev.org/c/openstack/ironic/+/932016
18:29:57 <gmann> this is change i have up but we need more change i think
18:30:02 <JayF> er, whatever the change is, the per-proj-venv
18:30:13 <gmann> k
18:30:52 <gmann> #link https://review.opendev.org/c/openstack/ironic/+/930776
18:30:54 <gmann> JayF: ^^ this one?
18:31:14 <JayF> yeah, I'm trying to do two things at once with that, one of them is the piece you care about :D
18:32:13 <gmann> yeah, can you split those so that we can proceed for the grenade things
18:32:41 <JayF> I'm more wondering how, in the future, this can be planned as a migration to let folks know so it's not an emergency for ironic
18:32:48 <JayF> it's only a coincidence I had this half-done
18:33:08 <JayF> Did I miss a post to the mailing list about the change in grenade?
18:33:45 <gmann> I have not posted yet as I wanted to see existing jobs passing first and let other project if they are impacted
18:33:59 <gmann> this is needed because greande current master setting were failing
18:34:01 <gmann> #link https://review.opendev.org/c/openstack/grenade/+/932017/1
18:34:21 <bauzas> yeah this is explained in the commit msg
18:34:29 <gmann> and moving to venv is the one we need as first
18:34:31 <bauzas> now devstack defaults to a global venv
18:34:40 <gmann> yes
18:34:54 <JayF> My question is simply how/when was that going to be communicated to other teams?
18:35:00 <JayF> Is this that communication?
18:35:34 <bauzas> I'd say projects need some liaison
18:35:41 <gmann> I will post on ML soon but I am waiting if octavia, ironic, heat can be fixed and we know how fixes looks like which can be used a ref to other projects
18:35:54 <cardoe> I think we should have at least had a ML announcement.
18:36:09 <JayF> That's basically ^ all I'm asking for, with a week or two heads up
18:36:10 <cardoe> What if the effort to change Ironic was large an invasive and took months to complete?
18:36:17 <gmann> it was in draft state and experimental to know how things working
18:36:49 <gmann> cardoe: is this that big change to ironic ?
18:37:05 <JayF> I'm happy to fix and understand this may not be the first domino in the chain of events, I just feel like the teacher is asking for us to turn in homework that was never assigned :D
18:37:21 <gmann> anyways I think I can post it on ML if that is blocking the ironic change to proceed
18:37:46 <cardoe> It's not blocking the change to proceed. But it's certainly not been on our radar to work on it or try to review these items.
18:37:47 <JayF> I'm saying I would prefer a post to the mailing list so it doesn't instantly fall to the one or two Ironic contributors who pay attention to the TC meeting :)
18:37:58 <gmann> that is easy and less time consuming than explaining about importance of change to merge
18:38:47 <gmann> well, I was not finished the change yet that is why did not ask for review #link https://review.opendev.org/c/openstack/ironic/+/932016
18:39:06 <gmann> anyways I will post it on ML
18:39:47 <cardoe> Just asking in the future post something so there's awareness. I'll try to prioritize it in the coming week.
18:39:52 <JayF> 016 is passing grenade, the failure is apparently unrelated
18:40:07 <JayF> I'll also split the global venv part of my ironic change; that should be easy enough
18:41:24 <cardoe> I added gmann's change to the weekly prio.
18:43:22 <noonedeadpunk> ok, I think we've done with the topic for now
18:43:30 <noonedeadpunk> moving next
18:43:34 <noonedeadpunk> #topic TC Tracker
18:44:50 <noonedeadpunk> we do have an etherpad with topics which I believe we also gonna raise during the ptg
18:44:53 <noonedeadpunk> #link https://review.opendev.org/c/openstack/neutron/+/931495
18:45:00 <noonedeadpunk> oops, wrong link :)
18:45:07 <noonedeadpunk> #link https://etherpad.opendev.org/p/tc-2025.1-tracker
18:45:08 <bauzas> heh
18:45:25 <bauzas> at least you sent it to the right channel :p
18:45:31 <noonedeadpunk> hehe
18:45:51 <gmann> :)
18:45:55 <noonedeadpunk> it was wrong buffer eventually
18:46:17 <noonedeadpunk> I don't have much input on TC tracker topic to be frank
18:46:49 <bauzas> given the outcome of the i18n session, I could lead a tracker for the translations
18:47:46 <noonedeadpunk> ++ that would be much appreciated
18:48:23 <noonedeadpunk> I am also quite interested in translations activity, though lacking time dramatically to catch up with it
18:49:08 <bauzas> ditto here, but if I can help, I'll do it :)
18:50:19 <noonedeadpunk> And I'm very lost where we are with tooling migration and if it's actually a blocker for onboarding new ppl or not
18:50:55 <cardoe> I'm not sure what's left to discuss on tracker?
18:50:56 <noonedeadpunk> #topic open discussion
18:51:20 <noonedeadpunk> we have around 10 minutes to raise smth that wasn't in agenda
18:51:32 <cardoe> I have two semi-related items if no one else has any open items.
18:51:51 <noonedeadpunk> go on I guess :)
18:51:58 <bauzas> shoot
18:52:33 <cardoe> So the first is around release blobs. clarkb will probably be better able to express this. At least I think it was clarkb was talking about it.
18:53:12 <cardoe> We've got two projects building container images and as such what's our support policy around those. Or even security posture.
18:53:29 <cardoe> If the underlying OS distro has a CVE for that what does that mean to rebuilding the container.
18:54:08 <noonedeadpunk> well, it's a good one, as eventually what I recall, projects officially produce only pip packages
18:54:11 <cardoe> It dovetails a little bit into releases being on PyPi because you could arguably "pip install nova" but that's not a recommended approach.
18:54:57 <noonedeadpunk> I personally do not also agree about ^ but I'm in minority here obviously
18:54:58 <cardoe> Well there's more than Python projects though. There's kolla which is building containers and loci.
18:55:10 <cardoe> You do not agree with which part?
18:55:25 <bauzas> not sure I understand the concern with release blobs
18:55:37 <noonedeadpunk> that "pip install nova" should not be recommended. as that's the only thing that nova officially delivers/produces
18:56:27 <noonedeadpunk> Well, again, I would assume, that kolla does build certain layers only?
18:57:13 <noonedeadpunk> as layering of container images is actually the way to distribute responsibility for CVE's, isn't it?
18:57:22 <cardoe> They build the layers atop an existing OS image and then publish those containers with Zuul to Docker Hub under the OpenStack name.
18:58:19 <noonedeadpunk> so when you're pulling image it should consist of plenty things, right?
18:58:25 <bauzas> https://docs.openstack.org/nova/latest/contributor/project-scope.html#deployment-and-packaging if that helps to understand the nova deliverables
18:58:53 <cardoe> My comments are around the fact that if there is no security promise or effort to maintain this, there's no such clear policy in the places it's published. So the OpenStack name / brand is out there and associated with insecure published containers.
18:58:59 <noonedeadpunk> bauzas: I think you still package Nova as python package?
18:59:16 <bauzas> well,
18:59:30 <bauzas> our deliverable is technically a git commit
18:59:49 <cardoe> So that's the case for the nova project, bauzas. But kolla is taking nova and publishing a nova container under the OpenStack banner.
18:59:52 <bauzas> then the release management team ships it into a python build that's sent to pypi fwiw
18:59:56 <cardoe> Similarly for loci.
18:59:56 <noonedeadpunk> so you don't care about setup.py or pyproject.toml?
19:00:15 <bauzas> noonedeadpunk: see the above link I sent
19:00:29 <bauzas> we care about the CI
19:00:47 <bauzas> how nova is productized out of the blue is not in our scope
19:00:59 <bauzas> (upstream for sure)
19:01:01 <cardoe> It's not the nova project's scope, which is fine.
19:01:14 <cardoe> But I'm talking about an official OpenStack project that then further packages it.
19:01:15 <noonedeadpunk> it's veeery vague border.... so like - for CI you can copy/paste content under /usr/lib/python3/site-packages technically///
19:01:16 <bauzas> okay, so we're talking of deployment services
19:01:30 <bauzas> not service projects
19:01:41 <bauzas> I just wanted to clarify the scope of that discussion
19:01:45 <noonedeadpunk> cardoe: yeah, that is a very good point. I somehow thought though ,that containers layers could be updated separately from each other
19:02:09 <noonedeadpunk> so if published container image is layered, kolla should be responsible only for their thing
19:02:24 <noonedeadpunk> not for underlying ones they depend on
19:02:33 <noonedeadpunk> oops, and we are overtime.
19:02:36 <cardoe> layers are like git commits. They depend on the layer under them.
19:02:59 <noonedeadpunk> I suggest to add that discussion to the PTG, as it is totally a valid one from my prespective
19:03:07 <noonedeadpunk> #endmeeting