| *** whoami-rajat has joined #openstack-barbican | 02:09 | |
| *** dave-mccowan has quit IRC | 04:23 | |
| *** Luzi has joined #openstack-barbican | 05:53 | |
| *** pcaruana has joined #openstack-barbican | 06:55 | |
| *** dayou has quit IRC | 07:23 | |
| *** dayou has joined #openstack-barbican | 07:37 | |
| openstackgerrit | Merged openstack/castellan master: List requests as explicit dependency https://review.opendev.org/655668 | 07:46 |
|---|---|---|
| openstackgerrit | Vladislav Kuzmin proposed openstack/castellan master: Reuse existing token from RequestContext https://review.opendev.org/662830 | 08:08 |
| *** dayou has quit IRC | 08:28 | |
| *** dayou has joined #openstack-barbican | 08:41 | |
| *** dayou has quit IRC | 09:18 | |
| *** dayou has joined #openstack-barbican | 09:32 | |
| *** pcaruana has quit IRC | 10:19 | |
| *** pcaruana has joined #openstack-barbican | 11:09 | |
| *** dave-mccowan has joined #openstack-barbican | 11:23 | |
| openstackgerrit | Vladislav Kuzmin proposed openstack/castellan master: Reuse existing token from RequestContext https://review.opendev.org/662830 | 11:33 |
| *** dave-mccowan has quit IRC | 12:05 | |
| *** raildo has joined #openstack-barbican | 12:06 | |
| redrobot | #startmeeting barbican | 13:00 |
| openstack | Meeting started Tue Jun 11 13:00:05 2019 UTC and is due to finish in 60 minutes. The chair is redrobot. Information about MeetBot at http://wiki.debian.org/MeetBot. | 13:00 |
| openstack | Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. | 13:00 |
| *** openstack changes topic to " (Meeting topic: barbican)" | 13:00 | |
| openstack | The meeting name has been set to 'barbican' | 13:00 |
| redrobot | #topic Roll Call | 13:00 |
| *** openstack changes topic to "Roll Call (Meeting topic: barbican)" | 13:00 | |
| redrobot | Courtesy ping for ade_lee hrybacki jamespage Luzi lxkong moguimar raildo rm_work xek | 13:00 |
| Luzi | o/ | 13:00 |
| raildo | o/ | 13:00 |
| redrobot | As usual our agenda can be found here: | 13:01 |
| redrobot | #link https://etherpad.openstack.org/p/barbican-weekly-meeting | 13:01 |
| redrobot | #topic Review Past Meeting Action Items | 13:01 |
| *** openstack changes topic to "Review Past Meeting Action Items (Meeting topic: barbican)" | 13:01 | |
| ade_lee_ | o/ (briefly) | 13:01 |
| redrobot | #link http://eavesdrop.openstack.org/meetings/barbican/2019/barbican.2019-06-04-13.01.html | 13:01 |
| redrobot | ade_lee_, 👋 | 13:01 |
| redrobot | We didn't have any action items last week, so yay! | 13:02 |
| redrobot | #topic Liaison Updates | 13:02 |
| *** openstack changes topic to "Liaison Updates (Meeting topic: barbican)" | 13:02 | |
| redrobot | moguimar, is not around, but I don't think anything happened in the Oslo meeting this week. | 13:02 |
| redrobot | Ok, moving on to today's topics: | 13:03 |
| redrobot | #topic castellan-ui officially retired | 13:03 |
| *** openstack changes topic to "castellan-ui officially retired (Meeting topic: barbican)" | 13:03 | |
| redrobot | The governance patch finally merged | 13:03 |
| redrobot | #link https://review.opendev.org/#/c/662077/ | 13:03 |
| redrobot | which means that castellan-ui is officially dead | 13:03 |
| * redrobot dances on castellan-ui's grave | 13:03 | |
| * ade_lee_ dances a jig | 13:04 | |
| ade_lee_ | that said -- it would be nice to resurrect it as barbican-ui | 13:04 |
| redrobot | I was thinking about starting a barbican-ui project, just for fun | 13:04 |
| redrobot | ade_lee_, jinx! | 13:04 |
| ade_lee_ | and we've had some requests for that | 13:05 |
| moguimar | redrobot: o/ | 13:05 |
| redrobot | Yep, I've seen folks on #openstack-lbass asking about a UI to provision TLS-enabled load balancers | 13:05 |
| redrobot | so for sure the demand is there for a barbican-ui, I think. | 13:05 |
| ade_lee_ | I've heard it in the context of folks managing secrets ( certs, keys) for octavia from the ui | 13:06 |
| ade_lee_ | (jinx again) | 13:07 |
| redrobot | glad to know we're on the same page, ade_lee_ 😁 | 13:07 |
| redrobot | That's all I had to say about castellan-ui | 13:08 |
| jamespage | o/ | 13:08 |
| redrobot | Did y'all have any other topics to talk about? | 13:08 |
| redrobot | hi jamespage 👋 | 13:08 |
| jamespage | sorry I'm late | 13:08 |
| redrobot | jamespage, no worries, you just missed me and ade_lee_ dancing on castellan-ui's grave 😂 | 13:09 |
| jamespage | q - when do I need to have the hvac switch done by? | 13:09 |
| jamespage | juggling a few bits of work at the moment and want to make sure I plan some time to work on that | 13:09 |
| redrobot | jamespage, great question... | 13:09 |
| redrobot | #topic castellan + hvac | 13:09 |
| *** openstack changes topic to "castellan + hvac (Meeting topic: barbican)" | 13:09 | |
| redrobot | moguimar, when is Feature Freeze for Oslo? | 13:09 |
| redrobot | moguimar, M3? | 13:10 |
| moguimar | 🤷🏻♂️ | 13:10 |
| moguimar | blame harry for having me multitasking | 13:10 |
| redrobot | Haha, no worries | 13:11 |
| raildo | redrobot, Aug 26 - Aug 30 | 13:11 |
| redrobot | raildo, thanks! | 13:11 |
| raildo | #link https://releases.openstack.org/train/schedule.html | 13:11 |
| jamespage | OK | 13:11 |
| redrobot | jamespage, 👆👆👆 That's the date we need to shoot for | 13:11 |
| jamespage | I'll plan to get something up well in advance of that for review | 13:12 |
| redrobot | jamespage, appreciate you volunteering to rewrite the Vault stuff. I know it's quite a bit of work | 13:12 |
| jamespage | np - I'm quite looking forward to it | 13:12 |
| redrobot | jamespage, add me and moguimar for reviews when you get something up | 13:12 |
| jamespage | will do | 13:13 |
| redrobot | ok, moving on to next topic | 13:13 |
| redrobot | #topic Secret Consumers | 13:14 |
| *** openstack changes topic to "Secret Consumers (Meeting topic: barbican)" | 13:14 | |
| redrobot | Thanks to ade_lee_ and moguimar for the reviews on this Spec | 13:14 |
| redrobot | I think we're pretty close to working out the details | 13:14 |
| redrobot | #link https://review.opendev.org/#/c/662013/ | 13:14 |
| Luzi | i have read it and have a question | 13:15 |
| redrobot | Luzi, what's up? | 13:15 |
| Luzi | do we assume resource_ids are unique - or don't we? | 13:16 |
| Luzi | i mean - if we want to use them as unique, when deleting a consumer, we have to prevent adding multiple different consumers with the same id, right? | 13:17 |
| redrobot | Luzi, yeah, ade_lee_ and I were talking about that on the spec | 13:18 |
| redrobot | at the PTG we were thinking that pretty much all projects use UUIDs to identify resources | 13:18 |
| Luzi | redrobot, yes | 13:18 |
| redrobot | and per definition the likelyhood of those being the same would be very very small | 13:18 |
| redrobot | and IIRC we agreed that assuming UUIDs would be unique in a cloud would be OK | 13:19 |
| redrobot | I think we got ade_lee_ on-board with that assumption | 13:19 |
| redrobot | so I'm going to update the spec so that we do consider a resource_id unique | 13:19 |
| redrobot | on the server API, we'll return 409 - Conflict if someone wants to add a new consumer with the same resource ID as an existing one | 13:20 |
| redrobot | Luzi, does that answer your question? | 13:22 |
| Luzi | redrobot, okay then i'm still up to date :D | 13:22 |
| Luzi | yes | 13:22 |
| redrobot | I'll try to get the updated patch up today. | 13:22 |
| redrobot | Great! 😁 | 13:22 |
| redrobot | Ok, moving on | 13:23 |
| redrobot | #topic Open Discussion | 13:23 |
| *** openstack changes topic to "Open Discussion (Meeting topic: barbican)" | 13:23 | |
| redrobot | Any other topics we should talk about while we're here? | 13:23 |
| Luzi | 3 weeks until cfp fur the summit in shanghai closes | 13:24 |
| Luzi | just as a reminder :D | 13:24 |
| redrobot | Luzi, ah yes, thanks for the reminder! | 13:24 |
| redrobot | I think ade_lee_ davemccowan and I are going to submit the Barbican Workshop again | 13:25 |
| ade_lee_ | yeah - we've been talking about adding something about airship as its the new hot thing if we can get it working | 13:26 |
| ade_lee_ | there is a security track and a workshop track - so more opportunities to get things in if interested | 13:27 |
| redrobot | Luzi, any plans to talk about Image Encryption? | 13:30 |
| Luzi | not right now, i am updating the specs | 13:30 |
| redrobot | Cool beans. | 13:30 |
| redrobot | Alrighty, anything else we should talk about? | 13:32 |
| redrobot | Ok, let's call it a day, then. | 13:36 |
| redrobot | Thanks for coming, everyone! | 13:36 |
| redrobot | #endmeeting | 13:36 |
| *** openstack changes topic to "OpenStack PTG Denver - https://etherpad.openstack.org/p/barbican-train-ptg" | 13:36 | |
| openstack | Meeting ended Tue Jun 11 13:36:08 2019 UTC. Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4) | 13:36 |
| openstack | Minutes: http://eavesdrop.openstack.org/meetings/barbican/2019/barbican.2019-06-11-13.00.html | 13:36 |
| openstack | Minutes (text): http://eavesdrop.openstack.org/meetings/barbican/2019/barbican.2019-06-11-13.00.txt | 13:36 |
| openstack | Log: http://eavesdrop.openstack.org/meetings/barbican/2019/barbican.2019-06-11-13.00.log.html | 13:36 |
| openstackgerrit | Vladislav Kuzmin proposed openstack/castellan master: Reuse existing token from RequestContext https://review.opendev.org/662830 | 13:46 |
| *** pcaruana has quit IRC | 14:04 | |
| *** dave-mccowan has joined #openstack-barbican | 14:28 | |
| *** pcaruana has joined #openstack-barbican | 14:30 | |
| *** pcaruana has quit IRC | 14:31 | |
| *** pcaruana has joined #openstack-barbican | 14:31 | |
| *** kklimonda has quit IRC | 14:47 | |
| *** pcaruana has quit IRC | 15:17 | |
| *** Luzi has quit IRC | 15:18 | |
| *** pcaruana has joined #openstack-barbican | 15:43 | |
| *** pcaruana has quit IRC | 15:55 | |
| *** arunkant has joined #openstack-barbican | 16:06 | |
| *** kklimonda has joined #openstack-barbican | 16:32 | |
| *** whoami-rajat has quit IRC | 16:38 | |
| *** pcaruana has joined #openstack-barbican | 16:49 | |
| rm_work | redrobot: FYI currently with consumers, resource IDs are unique by definition because adding them is IDEMPOTENT | 17:03 |
| rm_work | so very different from causing a conflict error | 17:03 |
| rm_work | Specifically because a service might make multiple requests for a single resource | 17:04 |
| rm_work | And it seems fine to allow that, so I'd urge you to conform to the existing implementation | 17:04 |
| rm_work | Sorry I missed the meeting :( | 17:05 |
| rm_work | ade_lee_: ^^ | 17:05 |
| *** whoami-rajat has joined #openstack-barbican | 17:05 | |
| ade_lee_ | rm_work, redrobot ^^ I'm ok with returning OK if the consumer has already been added | 18:26 |
| redrobot | ade_lee_, rm_work sounds OK to me. | 18:29 |
| rm_work | :) | 18:36 |
| rm_work | Yeah, I'm hoping it can follow somewhat from the consumer for containers? would hate for them to be super different | 18:37 |
| rm_work | what were the main changes you were asking? it seemed like the container thing basically did everything you wanted now too | 18:37 |
| rm_work | the idea was the service type (IE, load-balancer, would be the same as the Keystone service name) and the resource-id, would be enough to look up whatever it was for | 18:38 |
| *** pcaruana has quit IRC | 18:39 | |
| rm_work | then: {'service-type': 'load-balancer', 'resource-type': 'loadbalancer', 'resource-id': '<UUID of Load Balancer>'} | 18:39 |
| rm_work | err, this message got lost: rm_work:it's possible an additional field, like "resource type" would be good, and could be added to containers too as an enhancement | 18:40 |
| rm_work | I forget the exact naming of stuff now | 18:40 |
| rm_work | ah, crap, it's name/url | 18:41 |
| rm_work | i thought i did it via service-type, guess i was wrong | 18:41 |
| rm_work | probably was following the HATEOAS style of the rest T_T | 18:42 |
| *** raildo has quit IRC | 19:39 | |
| *** whoami-rajat has quit IRC | 22:55 | |
Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!