Friday, 2013-08-16

« Thursday, 2013-08-15 Index Saturday, 2013-08-17 »
morganfainbergjamielennox: in theory it should be safe (just looking at the change to HTTPClient init) the way it is changed.  even with tests referencing it.00:01
*** adjohn has quit IRC00:02
*** adjohn has joined #openstack-dev00:02
*** danwent has joined #openstack-dev00:02
jamielennoxmorganfainberg: so my thought is more I think we should change it, looking at things like the if statement around like 286 - that sort of thing should be pushed up to the overriding cilent00:03
bknudsonhow do we tell users what's API and what's internal?00:03
morganfainbergjamielennox: beat me to my next question ;)00:03
jamielennoxand that there is no reason for anyone (other than our few tests) to make use of the signature of the HTTPClient directly00:03
jamielennoxbknudson: the crux of the question - and my main bugbear with python00:03
jamielennoxmaybe top 500:03
bknudsonshould something in the docstring say it?00:04
jamielennoxafaik there is no standard way00:04
morganfainbergbknudson: thats a good idea actually.00:04
roaetJust out of curiosity, how long does it take for the jenkins auto-review to hit a change?00:05
morganfainbergthis might be a good ML topic too.00:05
jamielennoxbut i know i'm doing a refactoring i'll push up later today that is going to remove a function or two that is public but there is no reason anyone *should* ever use it00:05
jamielennoxi wsa going to use it as the base for discussion - but this works as well00:05
morganfainbergroaet:  you mean after you upload your patchset how long does it take jenkins to +1/-1 it?  you can see the status of everything in the queue at http://status.openstack.org/zuul/  it really depends on how many things are pending and where you are in the queue00:06
bknudsonone option is to version and spec the keystoneclient like we version and spec the REST API00:06
roaetmorganfainberg: thanks, I wasn't aware of that link00:06
morganfainbergroaet: happy to help00:06
morganfainbergbknudson: i would be in favor of that, actually00:06
jamielennoxso in a way we do that because we have the V2 and V3 client - unfortuantely this is base00:06
morganfainbergbknudson: it would add a good deal of overhead both on the review/code submission side though00:07
bknudsonthen we'd leave the current keystoneclient alone and have a keystoneclient/v200:07
jamielennoxbut i do think we should aim for a keystoneclient 1.0 one of these days and this should be figured out before that00:07
morganfainbergjamielennox: the more i'm thinking about that, the more i think base should be just that, very very very basic structures00:07
jamielennoxso one of the things that he is doing with this whole apiclient thing is moving us back to the more original idea that the base HTTPClient shouldn't be inheritted by v2 and v3 client instead it should just be the class you communicate through00:09
morganfainbergjamielennox: but by that token, a lot of what is there probably needs to be pulled upwards.00:09
jamielennoxthis is how nova, quantum etc work and i think how keystone was originally supposed to work00:09
morganfainbergits a big refactor, but i think it is a much cleaner approach.00:09
jamielennoxit makes the use of HTTPClient in keystone tests make sense00:09
morganfainberg(i admit i haven't looked at the rest of the code in the changeset)00:10
morganfainbergyet.00:10
jamielennoxand it makes it much easier to share an auth token around a number of clients00:10
jamielennoxso it is the right thing i think00:10
jamielennoxso in general we can't break compatibility for people that use v2_0.Client etc00:10
*** zul has joined #openstack-dev00:10
morganfainbergright00:10
*** hailiang has joined #openstack-dev00:11
jamielennoxbut i'd really like a way to know what is considered public - because none of our documentation ever suggests just using HTTPClient and i think it would break in most cases00:11
*** zul has quit IRC00:11
*** lexinator has quit IRC00:11
jamielennoxbut that doesn't mean someone isn't doing it00:11
roaetmorganfainberg: Erm. I've noticed that my tox test, and jenkins, fails with pure upstream code. Is that normal?00:11
*** lexinator has joined #openstack-dev00:12
jamielennoxroaet: it shouldn't but jenkins is temperamental at the moment00:12
morganfainbergjamielennox: i think this is a ML topic, but I do like the suggestion of the docstring (if there isn't another mechanism), bknudson - any other thoughts?00:12
roaetjamielennox: but my local env is failing too. 2.7 is ok, but 2.6 fails.00:12
*** zul has joined #openstack-dev00:13
jamielennoxroaet: from upstream code? no it shouldn't fail - but you might be configured slightly differently00:13
*** vipul is now known as vipul-away00:13
morganfainbergjamielennox: wow, jenkins is being tempermental (watching gate queue atm)00:14
jamielennoxroaet: my first step is generally to recreate the virtualenv00:14
*** sushils has quit IRC00:14
jamielennoxroaet: then figure out if there is actually something that is unsupported by py2.600:14
jamielennoxmorganfainberg: i've hit this one on about 4 reviews now: https://bugs.launchpad.net/tempest/+bug/121240500:14
uvirtbotLaunchpad bug 1212405 in horizon "test_basic_scenario fails in the gate with a 500 error" [Critical,Fix committed]00:14
roaetjamielennox: ok. is there a doc somewhere with recommended py26 settings?00:14
bknudsonmorganfainberg: seems like it's too late too do anything sane.00:15
bknudsonthe code is out there without docstrings... so we assume everything is public API?00:15
jamielennoxroaet: not that i'm aware of, but figure out what test is failing - generally if it works in 2.7 then there is a function being used that isn't available in python2.6 and you have to work around it00:16
*** lexinator has quit IRC00:16
morganfainbergbknudson: and it would be a bear of a task to get it documented and validated… short of some crazy introspection code ot know how things got called00:16
morganfainbergthat it is public/private.  might be worth the effort, but ugh. it is a bit late.00:16
roaetjamielennox: I'm not sure if my change could possibly have caused 2.6 to begin failing, it was a single line. It appears it was failing on clone.00:17
jamielennoxmorganfainberg, bknudson: maybe we take these new patches as the start of a 1.0 effort where we docstring public methods00:17
jamielennoxroaet: review?00:17
roaethttps://review.openstack.org/#/c/42242/00:17
bknudsonthere are some docs... which are totally out of date, of course.00:18
jamielennoxroaet: ok, so definetly not a 2.6 issue00:18
bknudsonhttps://github.com/openstack/python-keystoneclient/blob/master/doc/source/using-api.rst00:18
roaetjamielennox: Is it possible something upgraded from a dependency and broke the build?00:19
bknudsonjamielennox: morganfainberg: maybe we can say that what's in the doc is the public API.00:20
*** jasdeepH has quit IRC00:20
jamielennoxbknudson: so everything in there is suggesting using the v2 client00:20
bknudsonit could use some updating.00:21
jamielennoxroaet: always possible but for a minimal change like that it should work00:21
morganfainbergbknudson: it also means we need to force updates to the doc when changes are up for review.00:22
*** jayg is now known as jayg|g0n300:22
*** colinmcnamara has quit IRC00:23
jamielennoxmorganfainberg: not really, if we have a doc tag we can autogenerate a public-api list00:23
morganfainbergjamielennox, bknudson: i do like using docstrings so regardless of what people read in that doc, i think the public stuff should explicitly say "this is public", and if that is i 1.0 effort so be it, but i def. support that.00:23
morganfainbergjamielennox: i mean in the interim.00:24
bknudsonanother option is _prefix for private00:24
bknudsonso like _HttpClient00:24
*** vaml has quit IRC00:24
morganfainbergthat might be more pythonic, is there an accepted "convention" for classes in python?  i know methods and functions are the _prefix00:25
roaetjamielennox: How sad. Jenkins failed it with the same error. I've rebuilt my test env. I guess there is something more hapening00:26
jamielennoxroaet: I'm not familiar with running novaclient and i don't have a python2.6 handy to help you there unfortunately00:27
bknudsonhttp://manpages.ubuntu.com/manpages/dapper/man1/epydoc2.4.1.html mentions public / private doc generation... wonder what it uses to know?00:27
bknudsonjamielennox: morganfainberg: maybe should use pep8... http://www.python.org/dev/peps/pep-0008/#public-and-internal-interfaces00:28
morganfainbergoh use the __all__ mechanism?00:29
*** SumitNaiksatam has joined #openstack-dev00:29
bknudsonand docstrings.00:29
jamielennoxbknudson: without reading it pep8 wins all arguments00:29
morganfainbergyeah.00:29
morganfainbergok, that makes sense. so _prefix, docstrings (and proper use of __all__ if warranted) looks like00:30
roaetjamielennox: thanks for the help. I'll take it to os-neutron00:30
bknudsonI've never used __all__ so not really sure how it works.00:30
morganfainbergbknudson: it is for the from blah import *00:30
morganfainbergit specifies what you get.00:30
*** dims has quit IRC00:30
morganfainbergor so i understand.00:31
morganfainbergtheoretically, from <blah> import * should only ever import publically consumable stuff.00:31
bknudsonso for import keystonclient ...00:31
jamielennoxright, it generally says when you import a library what people should have access to - so i guess httpclient.py should never have been importable00:31
bknudsonit would exclude httpclient, base, shell, utils00:32
bknudsongoing off https://github.com/openstack/python-keystoneclient/tree/master/keystoneclient00:32
jamielennoxactually thinking about that - if this is a problem then my change to move client.py -> httpclient.py is also a compatibility problem00:32
*** vipul-away is now known as vipul00:32
morganfainbergyep.00:32
bknudsonjamielennox: someone commented on that after it merged.00:33
jamielennoxi only thought about that in the context of the clients that depended on it00:33
*** herndon has joined #openstack-dev00:33
*** Ryan_Lane has joined #openstack-dev00:33
morganfainbergjamielennox: based upon that merge, i am guessing that we can assume httpclient is private… unless we offer client.py providing HTTPClient imported into its namespace00:34
jamielennoxhowever as pointed out by lin-hua-cheng they apparently have code referencing client.py00:34
jamielennoxin the event that i can get the discovery patch in before the next keystoneclient version we can patch that back up for them though00:35
jamielennoxbut yea, based on that it was assumed private00:35
*** sarob_ has joined #openstack-dev00:35
*** lbragstad has joined #openstack-dev00:36
*** lexinator has joined #openstack-dev00:36
morganfainbergjamielennox: if you provide a transparent HTTPClient object in client.py that logs and says it's deprecated/private and shouldn't be used… might be a good idea.00:37
jamielennoxwell i can pull the object into the other file and not have circular dependencies, i just can't have them in the same file00:37
*** danwent has quit IRC00:37
morganfainbergright.00:38
jamielennoxbut yes, for longer term we should mark deprecated00:39
morganfainbergbut if we expect it to be private, we could provide an object that says as much.00:39
morganfainbergwithout breaking compat00:39
*** sarob has quit IRC00:39
*** sarob_ has quit IRC00:40
*** alunch has joined #openstack-dev00:41
*** bswartz has quit IRC00:43
*** salv-orlando has quit IRC00:44
*** rwsu is now known as rwsu-away00:44
*** welldannit has quit IRC00:44
*** salv-orlando has joined #openstack-dev00:44
*** colinmcnamara has joined #openstack-dev00:44
*** bswartz has joined #openstack-dev00:45
*** dims has joined #openstack-dev00:45
*** SumitNaiksatam has quit IRC00:45
*** zaitcev has quit IRC00:48
*** gyee has quit IRC00:50
*** bknudson has quit IRC00:51
*** adjohn has quit IRC00:51
*** alunch has quit IRC00:52
*** sarob has joined #openstack-dev00:56
*** bdpayne has quit IRC00:57
*** alexb_ has quit IRC00:58
*** alop has quit IRC00:58
*** adjohn has joined #openstack-dev01:03
morganfainbergjamielennox: https://review.openstack.org/#/c/39899/6/keystoneclient/httpclient.py similar concerns about the init on HTTPClient01:05
morganfainbergjamielennox: i think we're going to need to make an official call on this and enforce it in the not too distant future.01:05
jamielennoxmorganfainberg: that one's ok because it's adding an optional parameter01:05
morganfainbergright01:05
*** dvarga has joined #openstack-dev01:06
morganfainbergbut generally speaking, it's a similar concern01:06
jamielennoxbut it's being used as a place to aggregate param handling between v2 and v3 and it shouldn't be01:06
*** mjfork has quit IRC01:06
morganfainbergyep01:06
jamielennoxyes, i'm not sure if i have a personal limit on the number of parameters a function should have - but i'd suggest that one is pushing it01:07
*** sarob has quit IRC01:09
*** sarob has joined #openstack-dev01:09
jamielennoxmorganfainberg: so i just posted https://review.openstack.org/42254 which is an obvious function removal - but i don't think it should be considered an api break01:09
*** ljjjustin has joined #openstack-dev01:09
jamielennoxbecause that function should never be considered for public consumption01:11
*** adjohn has quit IRC01:11
*** alunch has joined #openstack-dev01:11
*** Ryan_Lane has quit IRC01:12
morganfainbergjamielennox: you know… someone is using it.  i'm sure </cynical>01:13
*** sarob has quit IRC01:14
stevemarjamielennox, ping01:14
jamielennoxmorganfainberg: god i hope not01:14
jamielennoxyes stevemar?01:14
stevemarreviewing: https://review.openstack.org/#/c/38414/12/keystoneclient/client.py01:14
stevemarjamielennoxi have a silly question01:14
stevemarline 246, why the [1] at the end?01:14
jamielennoxso versoins is a dictionary, so we convert it to a list of tuples when we do iteritems() and max will return eg ('2.0', v2_0.client.Client)01:16
*** alunch has quit IRC01:16
jamielennoxso it's just getting the client class and dropping the version integer01:16
jamielennox /float01:16
stevemarjamielennox ah okay, so it's grabbing the class, cool01:16
jamielennoxalso i have been thinking about that since - the blueprint i was working off specified using floats for version number01:17
*** sarob has joined #openstack-dev01:17
jamielennoxhowever in a float 3.15 < 3.201:17
jamielennoxi'm not sure if we'll ever hit an api revision >= 10 but others must have01:18
morganfainbergjamielennox: that should be fine.  3.1.5 would be < 3.201:18
morganfainbergbut 3.15 should be > 3.201:18
stevemarah, 1501:18
morganfainbergoh blah01:18
morganfainberguhm.  you might need to do some splitting01:18
jamielennoxmorganfainberg: :)01:18
jamielennoxi don't think you can01:18
stevemarcross that bridge when it comes?01:18
*** radez is now known as radez_g0n301:18
morganfainbergstr().split('.')01:19
morganfainberg:P01:19
jamielennoxif you store it as a float then 2.1 == 2.1000001:19
*** alunch has joined #openstack-dev01:19
jamielennoxmorganfainberg: the spec specifically says pass version as a float so that you can do integer comparison01:19
morganfainbergmorganfainberg: oh. i see.01:19
morganfainbergwow that was the wrong target :P01:19
morganfainbergjamielennox: oh i see01:19
jamielennoxlol01:19
jamielennoxmorganfainberg: do you get notified if you ping yourself?01:20
morganfainbergyes i do01:20
morganfainbergbut i'm using adium atm, haven't moved to textual01:20
jamielennoxso python versions are typically done as a tuple of major, minor01:20
jamielennoxbecause you can do tuple < >01:21
jamielennoxso (3, 0) < (3,5) < (3,25)01:21
morganfainbergthe spec might warrant a change01:21
jamielennox< (4, 0)01:21
stevemarsounds like tuple is the way to go.01:21
jamielennoxi don't remember how but the rules change slightly if you change the tuple length01:21
*** jhesketh has quit IRC01:22
jamielennoxso (3, 0, 1) ~ (3, 0)01:22
morganfainberg>>> (3,0,1) < (3,0)01:22
morganfainbergFalse01:22
morganfainberg>>> (3,0,1) > (3,0)01:22
morganfainbergTrue01:22
*** jhesketh has joined #openstack-dev01:23
jamielennoxseems to hold01:23
morganfainbergpassing as a float doesn't preclude splitting it into a tuple for your gt/lt comparison01:23
jamielennoxSequence types also support comparisons. In particular, tuples and lists are compared lexicographically by comparing corresponding elements. This means that to compare equal, every element must compare equal and the two sequences must be of the same type and have the same length.01:24
morganfainbergwhich is really the only place that concern exists at that point01:24
jamielennoxso (3, 0) != (3, 0, 0)01:24
morganfainbergyep.01:24
jamielennoxbut that user is just being a pain anyway01:24
*** grepory has quit IRC01:25
jamielennoxmorganfainberg: true01:25
morganfainbergjamielennox: after this convo, i've had to add that into that review :P sorry01:26
morganfainbergmight as well make it behave as expected rather than need to patch it in the future.01:27
stevemarmorganfainberg: i'm sure it's appreciated01:27
jamielennoxmorganfainberg: damnit, i should never give away known flaws in reviews01:27
morganfainbergjamielennox: hehe, stevemar already −1'd it :P01:27
jamielennoxstevemar: :O how could you01:28
stevemar:D that was before the convo anyway01:28
morganfainbergjamielennox: but that is good food for thought, i'll be looking at version comparisons differently here on forward.01:28
stevemarjaimelennox, i've been too nice in my reviews, gotta be a bit meaner :O01:28
stevemarmorganfainberg: good point01:29
jamielennoxso i'll patch it up so that it works with floats but i should put that up to the main blueprint01:29
jamielennoxso just accept both01:29
*** gordc has joined #openstack-dev01:29
morganfainbergjamielennox: that makes the most sense… i don't see it happening, but what if we wanted M.x.p revision?01:29
morganfainbergwith a float… we can't do that01:30
morganfainbergwith the tuple acceptance, we can do that in the future...01:30
morganfainbergagain, this might be a ML worthy topic (across all projects)01:30
morganfainbergproper handling of version comparisons/version numbers01:30
stevemarmorganfainberg: at ibm, some products had V.R.M.F for versioning, ran into a few version problems there :P01:33
morganfainberggod01:33
jamielennoxmorganfainberg: so i'll have to at least put it onto the previous discovery conversation in the ML01:33
morganfainbergjamielennox: yeah.01:33
jamielennoxstevemar: ouch01:33
stevemarwas never fun :P01:33
jamielennoxstevemar: i bet it was java01:33
morganfainbergstevemar: AIX? :P01:33
stevemarmorganfainberg: nah, WebSphere01:34
morganfainbergstevemar: oh. no no no… stop bringing up bad memories01:34
morganfainbergstevemar: (I had to support websphere in a previous life)01:34
stevemarmorganfainberg: whats wrong with it?!? hehehe01:35
stevemarbetter quit talking about it, while i still have a job01:35
jamielennoxi have a friend about to go into an ibm internship i think around websphere and such - i'm being encouraging01:35
morganfainbergstevemar: at least when i dealt with it… it was a loooooooooooong time ago01:35
morganfainbergso, lets just say, any reasons i have to dislike it might be/not be relevant anymore01:35
stevemarjamielennox, it'll be interesting at least01:36
jamielennoxstevemar: i think it must teach you a lot01:36
stevemarjamielennox, yup, especially if you're a student, most interns/student don't have a clue about enterprise software, or how their servers are set up01:38
stevemaranywho01:38
jamielennoxyea, work...01:39
*** lexinator has quit IRC01:41
*** lexinator has joined #openstack-dev01:41
*** briancurtin has joined #openstack-dev01:42
*** erkules_ has joined #openstack-dev01:46
*** erkules has quit IRC01:46
*** Mandell has quit IRC01:48
morganfainbergjamielennox: so.. if you needed to do a recheck with a bug id, will a reverify with a similar bug id likely be needed?01:49
jamielennoxnot necessarily01:49
morganfainbergok01:49
morganfainbergi guess we shall see.01:49
jamielennoxthey are the same call but to different systems01:49
morganfainbergahh01:49
morganfainbergright01:49
jamielennoxyou recheck to redo the jenkins check, you reverify if the merge failed01:49
morganfainbergwell i was approving a changeset01:50
*** Samos123 has quit IRC01:50
morganfainbergwhich had a failure on jenkins check (solved with a recheck)01:50
morganfainbergso i was wondering if it would have the same issue in gate.01:50
*** SumitNaiksatam has joined #openstack-dev01:51
jamielennoxso possibly, but it's not related to it having failed previously01:51
morganfainbergtrying to get the stuff that has been lingering around either feedback or (if appropriate) pushed through before the h3 crunch on the horizon.01:51
*** anteaya has quit IRC01:51
morganfainbergbecause it's gonna get icky like all milestones01:51
jamielennoxyea, i've been trying to look at reviews at the bottom of the list and there are a few that have been multi +1 that never got merged01:52
jamielennoxworse i'd suggest01:52
morganfainbergthere are ones with +2s that didn't go anywhere01:52
morganfainbergbut at least now with keystoneclient the oldest update was 5 days ago01:53
morganfainbergthats a plus01:53
*** dolphm has joined #openstack-dev01:54
jamielennoxmorganfainberg: there is a lot happening in keystoneclient at the moment, it's good but it was nice and quiet a few weeks ago - didn't have to keep rebasing01:54
morganfainbergjamielennox: yeah. thats tough when you have a lot of dependant changes01:55
*** lexinator has quit IRC01:55
morganfainberglike your code.01:55
*** Samos123 has joined #openstack-dev01:55
jamielennoxi stripped most back and i'll resubmit when they get through01:55
jamielennoxi had a dependency chain of 8 there for a bit01:55
morganfainbergi need to rebase my 2 keystone changes now because of the test movement01:56
jamielennoxthat happened?01:56
morganfainbergyep, that change got in.01:56
stevemarmorganfainberg: blame the guy who did it :P01:56
morganfainbergtests for keystone are now keystone/tests01:57
dolphmstevemar: o/01:57
morganfainberg^^01:57
uvirtbotmorganfainberg: Error: "^" is not a valid command.01:57
jamielennoxmorazi: nice, about time01:57
dolphmstevemar: "add steps to api spec that note the required body when sending oauth request to /auth/tokens" which steps01:57
jamielennoxdamn01:57
morganfainbergLOL @ the bot.01:57
stevemarlol good job bot01:57
jamielennoxmorganfainberg: nice, about time01:57
stevemardolphm: ahoy01:57
stevemardolphm: the bit about how body has to have methods [oauth]01:58
dolphmstevemar: ah01:58
dolphmstevemar: that's it?01:58
*** tjones has quit IRC01:58
stevemarfor that, yes01:58
dolphmstevemar: does it otherwise implement the spec to the best of your knowledge?01:58
stevemardolphm: yeppers01:58
dolphmstevemar: +201:58
stevemardolphm: i kept the consumer_id in the issued tokens... that too :O01:59
dolphmstevemar: i saw01:59
stevemari can remove it, but when I call delete, i'd have to keep calling get consumer_id for every access token01:59
dolphmstevemar: that's not broken by any means, it's just a bit redundant02:00
stevemardolphm: yep02:00
stevemardolphm: cool!02:00
*** erkules_ is now known as erkules02:00
dolphmstevemar: the methods: ["oauth"], "oauth": {} was just poor planning on my part02:00
dolphmor poor memory02:00
stevemardolphm: meh, that's a 1 liner02:01
dolphmstevemar: want to propose an identity-api fix for that, or shall i?02:01
stevemardolphm: i'll do it now quickly, was just trying to review some changes tonight02:02
dolphmstevemar: cool02:02
*** gongysh has joined #openstack-dev02:02
stevemardolphm: tonight was the first night all week that I haven't stayed up late trying to get oauth done, so i'm taking it easy02:02
stevemardolphm: beer in hand and doing reviews, what could go wrong?!?02:02
morganfainbergdolphm: i'm on a rebase spree, i'll rebase your drop diablo/essex migration support.02:02
*** spzala has quit IRC02:03
stevemargood guy morganfainberg: free rebases for everyone02:03
dolphmmorganfainberg: thanks!02:03
*** sarob has quit IRC02:03
*** spzala has joined #openstack-dev02:03
dolphmmorganfainberg: i started writing a tool to detect merge conflicts before they happen... i should finish that02:03
morganfainbergdolphm: i want to get that one in before one of the others that is mucking around with the legacy.py stuff.02:03
*** sarob has joined #openstack-dev02:03
morganfainbergdolphm: useful tool, will it support jgit's odd… sense of what can be merged?02:04
morganfainberg:P02:04
dolphmmorganfainberg: do we use jgit somewhere?02:05
morganfainberggerrit02:05
dolphmmorganfainberg: i was just doing plain old cherry picks with git for now (i'm not sure what the actual merge process looked like)02:05
morganfainbergmost of the merge conflicts i've been dealing with today/yesterday have been because gerrit gets confused (tests moving)02:05
dolphmactually i might be doing rebases02:06
morganfainbergdolphm: ah yeah i've been doing cherry-picks mostly02:06
dolphme.g. rebase fetch head onto master02:06
morganfainbergright, i should start doing that, i think it's more reliable02:06
*** yaguang has joined #openstack-dev02:06
*** sarob has quit IRC02:08
*** ljjjustin has quit IRC02:09
*** ljjjustin has joined #openstack-dev02:10
*** dvarga has quit IRC02:10
morganfainberghrm02:13
morganfainbergany idea how to derive jenkins failure in gate from a patchset?02:13
clarkbmorganfainberg: yes, in the console log will be the zuul ref that was fetched02:15
clarkbmorganfainberg: you should be able to fetch that yourself and run the tests02:15
*** sarob has joined #openstack-dev02:16
*** ljjjustin has quit IRC02:16
morganfainbergclarkb: i don't see the console log atm, i am guessing i need to hunt through jenkin's past runs to see what happened?02:16
*** ljjjustin has joined #openstack-dev02:17
clarkbmorganfainberg: a link to the logs is left in the gerrit commetn02:17
morganfainberghttps://review.openstack.org/#/c/40121/02:17
*** nati_ueno has quit IRC02:18
clarkbthe merge failure? that is actually done by zuul before jenkins runs any tests02:18
morganfainbergah ok02:18
morganfainbergi see now02:18
morganfainbergi get it02:18
clarkbso change 39845 was ahead of 40121 and that caused a conflict02:18
morganfainberghm.02:18
morganfainbergoh crud, i thought i grabbed that one02:19
*** novas0x2a|laptop has quit IRC02:19
morganfainbergclarkb: thanks for the help, i was very confused02:19
morganfainbergi missed pulling 39845 first before this one onto my local tree02:19
morganfainbergwhen checking02:19
morganfainbergclarkb: and i now see the conflict wheee.02:21
morganfainbergthanks again02:21
clarkbnp02:21
*** pmathews has joined #openstack-dev02:21
*** shang has joined #openstack-dev02:23
*** colinmcnamara has quit IRC02:24
*** colinmcnamara has joined #openstack-dev02:25
*** ljjjustin has quit IRC02:27
*** dims has quit IRC02:28
*** fabio has joined #openstack-dev02:28
*** ljjjustin has joined #openstack-dev02:32
morganfainbergstevemar: i'll do the full pass on your latest patchset when i get home02:33
stevemarmorganfainberg: cool - should be good (i hope)02:33
morganfainbergstevemar: i'm looking forward to seeing OAuth go in (though probably not as much as you are by now)02:34
stevemarmorganfainberg: it'll be huge weight off my shoulders thats for sure02:34
*** jasondotstar has quit IRC02:38
*** melwitt has quit IRC02:39
*** yaguang has quit IRC02:40
*** aeperezt has quit IRC02:44
*** dguitarbite has joined #openstack-dev02:53
*** macjack has joined #openstack-dev02:53
*** grepory has joined #openstack-dev02:53
*** xchu has joined #openstack-dev02:54
*** redbeard2 has joined #openstack-dev02:54
morganfainbergstevemar: i have a nit...02:54
morganfainbergstevemar: i wont −1 for it… but it's a nit...02:54
stevemarmorganfainberg :O oh no02:54
morganfainbergCopyrights are wrong.02:54
stevemarnoooooooo02:54
morganfainbergShould be: Copyright 2013 Openstack Foundation02:54
morganfainbergLLC assets were moved over recently02:55
*** jfriedly has quit IRC02:55
*** aeperezt has joined #openstack-dev02:55
morganfainberg(or so i was told by a few people in my H102 keystoneclient patch)02:55
stevemarall the new files?02:55
dolphmmorganfainberg: ++02:55
morganfainbergyeah. in the new files.02:55
dolphm"All references to "OpenStack LLC" can be changed to "OpenStack Foundation" because the copyright was transferred when the new entity was created."02:55
dolphmhttps://wiki.openstack.org/wiki/Documentation/Copyright02:56
morganfainbergso, uhm.   you should fix that.02:56
stevemarhere I was using LLC like a sucker02:56
stevemarcool02:56
stevemari'll do it quickly since both of you are online02:56
dolphm:)02:56
morganfainbergsounds good.02:56
morganfainbergi'll keep reading the current patchset.02:56
*** danwent has joined #openstack-dev02:56
*** yaguang has joined #openstack-dev02:58
morganfainbergstevemar: thank you for using the named string substitutions.  seriously, so much easier to read.03:00
stevemarmorganfainberg: what was that now?03:00
morganfainbergi was saying thanks for doing "%(name)s %(someotherthing)s" % { "name": "blah" ....03:01
morganfainbergfor the string substitutions03:01
stevemarmorganfainberg: also, i added the copyrights to the init.py files03:01
stevemaroh, that, sometimes I do, sometimes I don't03:01
morganfainbergstevemar: i think __init__.py doesn't need the copyrights. but it doesn't hurt :)03:02
stevemari noticed that it changes from person to person, I noticed that ayoung likes to just use %s03:02
morganfainberga single %s it doesn't matter03:02
morganfainbergit's when you have mulitples or like 4 or 503:02
morganfainbergits makes it much easier.03:02
morganfainberg'%s/%s/%s/%s/%s%s%s/%s/%s'03:03
dolphmstevemar: morganfainberg: fwiw, with more than one substitution in a localized string, you *must* you named parameters03:03
morganfainbergstevemar:  then i have a couple of comments for you to fix.03:03
stevemarmorganfainberg: go ahead03:04
stevemardolphm: good to know03:04
*** prekarat has joined #openstack-dev03:04
morganfainbergactually just as dolph said that i saw one.03:04
stevemarha, i knew I had a few somewhere...03:05
*** prekarat has quit IRC03:05
*** prekarat has joined #openstack-dev03:05
*** lexinator has joined #openstack-dev03:05
*** jhesketh has quit IRC03:10
*** martine has joined #openstack-dev03:11
*** martine is now known as Guest4438303:11
*** kushal has joined #openstack-dev03:12
*** bdpayne has joined #openstack-dev03:12
*** jhesketh has joined #openstack-dev03:12
*** lexinator has quit IRC03:13
stevemarmorganfainberg: it's been too long, that many nits? :O03:21
morganfainbergstevemar:  uhm...03:21
morganfainbergnot just nits.03:21
*** herndon has quit IRC03:22
morganfainbergstevemar: you missed some function signature updates, and a couple of methods03:22
stevemarmorganfainberg: as i was writing that, i was thinking 'nits' might not be the right choice of word03:22
morganfainbergstevemar: i probably should have seen it last time around :( I feel bad for missing them when i pointed out the token revocations for the other drivers.03:22
stevemarmorganfainberg: meh03:22
morganfainbergstevemar: so… i'm trying to make sure i don't miss anything this time around03:22
morganfainberg:)03:22
morganfainbergit is also a lot of code. i am so happy someone (i think it was dolphm) stumbled onto "f" in gerrit, and asked about it.  super super useful.03:23
morganfainbergi never would have known that hotkey and how much awesome it is otherwise.03:23
*** kenperkins has joined #openstack-dev03:23
*** jbresnah has quit IRC03:24
*** kenperkins has quit IRC03:24
*** jbresnah has joined #openstack-dev03:24
stevemarahh cool, it brings up the other files, not bad03:25
morganfainbergyep03:25
*** fabio has quit IRC03:26
*** noslzzp has quit IRC03:29
morganfainbergstevemar: comments posted03:29
stevemarmorganfainberg: cool03:29
morganfainbergi didn't tag all the copyrights, just one of them.03:29
morganfainbergsince i know you already got that03:29
stevemarcool cool03:30
*** colinmcnamara has quit IRC03:31
stevemarmorganfainberg: i lol'ed at https://review.openstack.org/#/c/29130/60/keystone/common/sql/core.py03:31
morganfainbergi only caught that one because that was a nit i posted in a previous review ;)03:31
*** SergeyLukjanov has joined #openstack-dev03:32
*** colinmcnamara has joined #openstack-dev03:32
stevemarmorganfainberg: can I store None in an sql db?03:36
*** adalbas has quit IRC03:36
morganfainbergwell, it gets translated to a NULL iirc03:37
*** adalbas has joined #openstack-dev03:37
morganfainbergif those fields _must_ be populated, i.e. without the field being filled it'll cause strange behavior03:37
morganfainbergthey shouldn't be allowed to be null03:37
morganfainbergmy concern is that all the fields allow null, not sure if you intend that03:38
*** kspear has quit IRC03:38
morganfainbergstevemar: example on how that works03:39
morganfainberghttps://github.com/openstack/keystone/blob/master/keystone/common/sql/migrate_repo/versions/001_add_initial_tables.py#L5403:39
morganfainbergnot sure how much is used elsewhere in keystone03:39
morganfainbergbut it stood out that it might be worth a sanity check03:39
stevemarso setting nullable=False, means you can save a None to the backend03:40
stevemarthat sounds counter-intuitive03:40
morganfainbergno it means you can't03:41
*** pmathews has quit IRC03:41
morganfainbergi wanted to make sure you can handle any of those fields being none03:42
morganfainbergnothing inherently wrong there, just a sanity check :)03:42
morganfainbergit's a lot of code, sometimes that is warranted03:42
dolphmexpires_at looks like the only one that should be nullable=True03:43
dolphmand actually authorizing_user_id should be indexed, no?03:43
dolphmah it is03:44
dolphmstevemar: i think you can just specify indexed=True (or index=True) on the column definition03:44
*** xchu has quit IRC03:44
*** ljjjustin has quit IRC03:44
morganfainbergdolphm: i think that is backend specific03:44
morganfainbergdolphm: the way he's doing it with the index object is how i've seen it everywhere else03:45
morganfainbergdolphm: but, there is a non-trival chance i am wrong03:45
dolphmmorganfainberg: i swear there's an easy way to have sqlalchemy define the index column name automatically, etc03:46
morganfainbergdolphm: also, up late huh?03:46
morganfainbergdolphm: i shall go hunting now.  i am curious!03:46
dolphmmorganfainberg: http://docs.sqlalchemy.org/en/latest/core/schema.html#indexes03:47
morganfainbergdolphm: aha, so i am wrong! i was about 30 seconds behind you03:47
morganfainberggood to know03:48
dolphmmorganfainberg: the way stevemar wrote it is definitely how we do it for belatedly added indexes03:48
stevemari'm a few minutes behind03:48
*** comay has quit IRC03:48
dolphmstevemar: save a couple lines of code with Column(..., index=True),03:48
morganfainbergwoohoo. my talk proposal is up for voting!03:49
morganfainbergi know what i am doing tomorrow.. voting for talks! :)03:49
dolphmmorganfainberg: not for the design track, right?03:49
morganfainbergdolphm: no03:50
morganfainbergdolphm: a strategy one03:50
morganfainbergi haven't seen design track submissions page yet03:50
dolphmmorganfainberg: whats the title?03:50
dolphmmorganfainberg: yeah, i didn't think that was open yet03:50
dolphmmorganfainberg: at least another month+ to go for design03:51
morganfainbergdolphm: yeah, i have a few i want to see happen03:51
*** macjack has quit IRC03:52
morganfainbergdolphm: i'm going to rebase my cleanup commits and see if i can figure out why dogpiles invalitates seem to fail when i cache the get_token (if i can get caching on some token stuff, id, and assignment, i'll be happy as a first pass)03:56
morganfainbergerm, meant to say rebase my cleanup ones tonight03:56
*** xchu has joined #openstack-dev04:01
*** Guest44383 has quit IRC04:03
*** armax has quit IRC04:04
*** troytoman-away is now known as troytoman04:05
*** edmund has joined #openstack-dev04:06
*** martine has joined #openstack-dev04:08
*** martine is now known as Guest959904:09
jerryzcould anyone tell me why keystone on stable/grizzly does not have requirements.txt04:15
jerryzi have to install the deps manually04:15
morganfainbergjerryz: in grizzly the requirements are in tools/pip-requires04:16
dolphmjerryz: it's just in a different location ... ^04:16
*** spzala has quit IRC04:16
jerryzbut when i ran tox -epy2704:16
jerryzi got module not found error04:16
dolphmjerryz: did you install tools/test-requires as well?04:16
*** mdomsch has quit IRC04:17
stevemarmorganfainberg: dolphm: what was the decision about index/sql/nullable-ness? was busy adding named variabled substitutions everywhere04:17
*** gordc has quit IRC04:17
jerryzi just took a look at the two files, they dont have netaddr04:18
morganfainbergstevemar: you can do indexes inline, index=true, but don't have to (you could do it like you're doing now)04:18
jerryzbefore i did .tox/py27/bin/pip install netaddr, i got ImportError: No module named netaddr04:19
morganfainbergand i think dolphm said expires_at is likely the only column that should be nullable (i could go re look at it if you need some direction)04:19
stevemarmorganfainberg: dolphm: yes, just add index=True, to replace the 'index' calls, but what about setting the expires field to nullabel=true?04:19
stevemarwhen we initially create the request token, the 'authorizing_user_id' is set to None also04:20
dolphmstevemar: then that should be nullable=True04:20
morganfainbergdolphm: isn't nullable=True the default?04:20
dolphmstevemar: personally, i can never remember what the default value of nullable is, so i always explicitly set it on every column04:20
stevemarand the verifier too, since it's not authorized yet04:20
morganfainbergstevemar: do what dolphm said, be explicit per column, that way no surprises04:21
stevemarhehe, alright04:21
dolphmmorganfainberg: you're probably right04:21
dolphmmorganfainberg: if it was nullable=False by default i'd probably be less paranoid about it04:21
* stevemar nods04:22
jerryzdolphm: i looked at my error log, pip installed the pip-requires and test-requires04:22
jerryzbut those two files don't have netaddr04:23
*** jhesketh_ has quit IRC04:23
morganfainbergjerryz if there is a requirement for netaddr, and it's not there, probably should be filed as a bug.  looking now.04:23
*** afazekas_zz is now known as afazekas04:23
*** jhesketh has quit IRC04:23
*** jhesketh has joined #openstack-dev04:24
morganfainbergjerryz: i'm not seeing any import of netaddr in stable/grizzly.04:24
dolphmjerryz: can you paste the backtrace you're seeing?04:25
morganfainbergjerryz: ^04:25
jerryzTraceback (most recent call last):04:25
jerryz  File "/home/jenkins/workspace/periodic-keystone-python27-stable-grizzly/tests/test_keystoneclient.py", line 360, in test_change_password_invalidates_token04:25
jerryz    from keystoneclient import exceptions as client_exceptions04:25
jerryz  File "/home/jenkins/workspace/periodic-keystone-python27-stable-grizzly/vendor/python-keystoneclient-master/keystoneclient/exceptions.py", line 7, in <module>04:25
jerryz    from keystoneclient.openstack.common import jsonutils04:25
jerryz  File "/home/jenkins/workspace/periodic-keystone-python27-stable-grizzly/vendor/python-keystoneclient-master/keystoneclient/openstack/common/jsonutils.py", line 44, in <module>04:25
jerryz    import netaddr04:25
jerryzImportError: No module named netaddr04:25
morganfainbergooh keystoneclient.04:26
dolphmwhy is there a stable/grizzly keystoneclient?!04:26
dolphmwhat does that even MEAN?!04:26
morganfainbergdolphm: i don't see one.04:26
*** neelashah has joined #openstack-dev04:26
morganfainbergjerryz: i am guessing you have some kind of mixed dependency / bad dep resolution04:27
dolphmthat has to be testing keystoneclient master against stable/grizzly?04:27
*** rcrit has quit IRC04:27
morganfainbergexcept master keystoneclient has netaddr in it's requirements.txt04:28
*** jhesketh_ has joined #openstack-dev04:28
dolphmmorganfainberg: jerryz: netaddr is an explicit requirement https://github.com/openstack/python-keystoneclient/blob/master/requirements.txt04:28
morganfainbergunless it's a venv thing?04:28
dolphmjerryz: are you install keystone's requirements and trying to run keystoneclient?04:28
dolphms/install/installing/04:28
*** alunduil has joined #openstack-dev04:29
*** jhesketh has quit IRC04:29
dolphmnvm... test_keystoneclient.py so: yes04:29
jerryzi will take a look at what was going on04:29
*** dguitarbite has quit IRC04:29
dolphmhrm, test_keystoneclient.py is one of the integration tests in keystone04:30
dolphmi was thinking it was a base test class in keystoneclient04:30
dolphms/class/module/04:30
stevemarmorganfainberg: 2 comments left to fix... 1) add test case for list_tokens with consumer (that is a good one, nice catch), and 2) update list token and add consumer04:33
*** colinmcnamara has quit IRC04:33
morganfainbergstevemar: nice.04:33
*** Guest9599 has quit IRC04:34
*** briancurtin has quit IRC04:36
jerryzdolphm: should we add that requirement in test-requires?04:37
*** ljjjustin has joined #openstack-dev04:37
dolphmjerryz: that keystone test is dependent on keystoneclient, which has it's own requirements that should be installed... however, i'm not sure how/when those requirements should be installed04:39
dolphmjerryz: it wouldn't make sense to track the requirements in two places though (especially in a stable branch), because they could change as keystoneclient evolves04:39
stevemarmorganfainberg: ideas on how to impl list tokens for consumer_id? ... i can't abuse a query, theres no consumer_id in the token model04:40
morganfainbergstevemar: hm. how does the trust one work?04:40
morganfainbergstevemar:  let me look at it.04:40
stevemarqueries the model04:40
*** nayward has joined #openstack-dev04:41
morganfainbergoh, it's a top-level item in the token model04:41
morganfainbergstevemar: well, you could just do the same thing delete tokens is doing04:42
stevemaryeah, but even then at least in delete... i can query the user_id04:42
*** bdpayne has quit IRC04:42
morganfainberglist tokens requires a user_id04:42
morganfainbergyou can still query it.04:43
morganfainbergdef list_tokens(self, user_id, tenant_id=None, trust_id=None):04:43
stevemargotta change up the comment in the driver!04:43
morganfainbergobviously not your branch because i don't have consumer_id.04:44
jerryzdolphm: i wonder how the jenkins slaves of openstack have all the deps, pre-installed? but my jenkins slave also has netaddr in the system, but tox does not regnoize it04:44
morganfainbergjerryz: i'm trying a stable grizzly tox right now on my local vm04:44
morganfainbergseeing if i can figure out what is going on.04:44
dolphmjerryz: the tox environment is probably ignoring your existing site packages?04:45
stevemarwait, user_id is required... ugh, it's late04:45
clarkbdolphm: jerryz: the deps are not preinstalled for the unittests in the jenkins slaves. And the only project htat should allow site packages is nova (for libvirt)04:46
*** colinmcnamara has joined #openstack-dev04:46
morganfainbergstevemar: it happens ;)04:47
jerryzclarkb: then how pip installed those deps required by different versions of keystoneclient04:47
clarkbjerryz: when you pip install keystoneclient they should be installed04:48
clarkbs/pip//04:48
*** alunduil has quit IRC04:48
*** loteriety has left #openstack-dev04:50
morganfainbergyep just duplicated the problem with stable grizzly04:50
jerryzclarkb: python-keystone is installed in my tox but netaddr wasn't04:51
stevemarmorganfainberg: there's no endpoint to query to list tokens right? just have to use the token_api if i want to test out that it works?04:51
*** bdpayne has joined #openstack-dev04:52
morganfainbergstevemar: correct.04:52
morganfainbergstevemar: as far as i can tell that is04:53
jerryzclarkb: python-keystone should declare it has this deps , netaddr . is this how pip works?04:53
*** sarob has quit IRC04:53
morganfainbergstevemar: in fact, it looks like it's only ever used in delete tokens :P04:53
*** prekarat has quit IRC04:53
clarkbhttp://logs.openstack.org/periodic/periodic-keystone-python27-stable-grizzly/precise5/5/console.html.gz its failing on our daily periodic job as well04:53
dolphmmorganfainberg: stevemar: correct04:53
*** sarob has joined #openstack-dev04:54
stevemardolphm: i just figured out why04:54
stevemardolphm: because doing so would be crazy-pants04:54
morganfainbergstevemar: and it would be a security issue to expose that data.. a list of _all_ active tokens for a user? or trust? or04:55
stevemarthat's what i meant by crazy-pants04:55
morganfainbergyeah04:55
*** prekarat has joined #openstack-dev04:56
stevemartokens have uuid's as their ids right?04:56
dolphmstevemar: or sha1 hashes for pki04:57
stevemarbut it looks like the uuids are returned in list?04:57
morganfainbergstevemar: the unique_id is.04:57
morganfainbergwhich is the uuid or the sha104:57
stevemaris there anyway to translate that to pki to match what I got back from /auth/tokens earlier?04:57
morganfainberg(the primary key)04:57
*** sdake_ has joined #openstack-dev04:57
*** afazekas_ has joined #openstack-dev04:58
morganfainbergyou could use the ._unique_id() function on the PKI id04:58
stevemari will try that04:58
morganfainbergthat is on.. uhm.. token.core.Token i think04:58
*** sarob has quit IRC04:58
*** lexinator has joined #openstack-dev04:58
stevemari sheee04:58
stevemarlooks like all that does is: cms.cms_hash_token(token_id)04:59
morganfainbergstevemar: correct04:59
*** colinmcnamara has quit IRC05:00
jerryzdolphm: morganfainberg: should i file a bug?05:00
morganfainbergclarkb: in my tox environment i'm seeing /vendor/python-keystoneclient-master, which is the only thing that could be referencing netaddr05:01
morganfainbergthough the pip freeze says i have python-keystoneclient==0.2.5 (activated venv)05:01
clarkbmorganfainberg: is this one of those silly tests that downloads a specific version of a thing and does functional testing?05:02
morganfainbergclarkb: i, i don't think so, i'm looking at stable/grizzly to see.05:03
dolphmclarkb: yes!05:03
morganfainberggive me a moment.05:03
morganfainbergtrust dolphm, he's i'm sure right05:03
stevemarmorganfainberg: just a quick flake8 test, and a change to run my tests again, and i'll submit new patch05:03
morganfainbergstevemar: cool.05:03
morganfainbergdolphm , clarkb: wait, we do grizzly stable against master for obvious reasons.  it's just not doing the proper dep thing then?05:04
morganfainbergor am i taking crazy pills (lack of understanding)05:04
*** alunduil has joined #openstack-dev05:04
stevemarjust a quick rebase ....05:05
clarkbmorganfainberg: I think testing that particular combo is fine (mordred is workign on making it generalized) but the implementation is fragiel05:05
*** SergeyLukjanov has quit IRC05:05
morganfainbergclarkb: got it.05:05
clarkbmorganfainberg: looks like it simply clones keystoneclient and does not install it05:06
morganfainbergclarkb: so, in this case should jerryz file a bug? and if so, is this infra?05:06
clarkbsee keystone/test.py:checkout_vendor05:06
morganfainbergoh so it's us.05:06
morganfainbergok.05:06
clarkbyes, no. This is a keystone stable/grizzly unittest bug05:06
morganfainbergyep yep got it05:06
*** lexinator has quit IRC05:07
stevemarmorganfainberg: dolphm: new patch05:07
morganfainbergjerryz: yes you should file a bug: https://launchpad.net/keystone for stable/grizzly. if you need help, i can help file the bug.05:08
*** jbresnah has quit IRC05:08
morganfainbergstevemar: cool.  i'll look at it in a few i need to get out of the office now that i've finished my rebase-a-polooza05:08
stevemaryou are one dedicated employee05:09
dolphmstevemar: you set nullable=True (probably the default anyway?) but not nullable=False on the other fields05:09
*** lexinator has joined #openstack-dev05:09
*** Mandell has joined #openstack-dev05:09
dolphmstevemar: and drop the __table_args__ in favor of index=True05:10
stevemardolphm: does that matter? they won't ever be null05:10
morganfainbergstevemar: we should enforce it with the SQL schema, it prevents someone from writing code and doing somethng dumb.05:10
dolphmstevemar: it matters because you're allowing them to be null, so inevitably you'll get null values in there and have to deal with it :P05:10
stevemardolphm: you have trust issues with users :P05:11
dolphmstevemar: with developers, mostly05:11
* stevemar grumble grumble05:11
morganfainbergstevemar: and is it paranoia if they really will do it?05:11
stevemari'll add them in05:11
stevemarso you want it added to ALL the columns?05:12
dolphmstevemar: "it says nullable=True, so I set consumer_id to NULL because it's obviously optional and now oauth done broke *files bug*"05:12
stevemar(except the ones with nullable=True)05:12
dolphmstevemar: yeah, specify nullable=[True|False] on every column... no harm05:13
*** lexinator has quit IRC05:14
stevemardolphm: yesterday ayoung mentioned how much more extreme keystones coding standard has been recently05:14
*** Shaan7 has quit IRC05:14
jerryzmorganfainberg: is there a way to specify branch ?05:14
stevemari feel that05:15
stevemardolphm: id too?05:15
dolphmstevemar: lol there's definitely more and more eyes on the code -- that means higher and higher standards for sure05:15
morganfainbergdolph: any issue with me re-approving https://review.openstack.org/#/c/40121/ since i did the rebase?  it was because hte signatures changed and docstrings used that to do the patchset05:15
morganfainbergstevemar: it is safest to specify if unsure, i am not sure how all the sql backends handle a PK if you try and set it to null05:16
morganfainbergjerryz: you might need to just say it's stable/grizzly in the description05:17
morganfainbergjerryz: i'm 2x checking now.05:17
*** ljjjustin has quit IRC05:18
dolphmmorganfainberg: +2'd. re-approval is cool as long as you're not making changes that should also be reviewed (anything more than a trivial rebase, for example)05:18
*** nshaikh has joined #openstack-dev05:18
morganfainbergdolphm: yeah no changes besides a bit more than the trival rebase script could determine (due to other changes inherited from merged commits i think)05:19
*** neelashah has quit IRC05:19
*** xchu has quit IRC05:19
morganfainbergjerryz: yeah i don't see anyway in the bug (besides in the description) that you can specify branch.05:20
stevemardolphm: morganfainberg: https://etherpad.openstack.org/oauth05:22
morganfainbergstevemar: it isn't that i'm just a dedicated employee, its that i want to see the keystone review queue not get backed up.  that means initially tossing some more time in :)  esp. since i have a little spare time between releases at my dayjob (couple days)05:22
morganfainbergstevemar: consumer_id in RequestToken can be none?05:24
*** edmund has quit IRC05:25
morganfainbergoh wait05:25
morganfainbergmisread i think05:25
stevemaryou had me so confused05:25
morganfainbergsorry. totally misread05:25
stevemarso, I can drop the sql.Index(...) stuff? and just toss in index=True in the column that I want?05:25
morganfainbergstevemar: according to the SQLAlchemy docs, yes.05:26
stevemarfunky05:26
*** jerryz has quit IRC05:26
morganfainbergthough if you're adding indexes after the fact, the way you had it before is the "right" way since it isn't the 1st migration of the table.05:26
stevemari'm going to start up keystone and make sure it actually loads...05:27
morganfainbergstevemar: those make sense to me, nullable vs non-nullable.05:27
jamielennoxstevemar and others, my review for discovery you think don't make the VersionNotAvailable exception inherit DiscoveryFailure?  https://review.openstack.org/#/c/38414/12/keystoneclient/exceptions.py05:28
jamielennoxi had kind of looked at it as a version not available was a discovery failure, just one that you might want to handle seperately05:28
*** xchu has joined #openstack-dev05:28
*** ljjjustin has joined #openstack-dev05:28
morganfainbergjamielennox: i think that is a fair assumption.  it is a type of discoveryfailure05:29
stevemarjamie, yes, you are right05:29
stevemarmy mistake05:29
dolphmmorganfainberg: concerning the review queue not getting backed up... https://pypi.python.org/pypi/next-review/05:29
jamielennoxno worries, just fixing things up and people are still around to ask questions of05:29
morganfainbergdolphm: oh hotness05:29
morganfainbergdolphm: thanks! :)05:29
*** jprovazn has joined #openstack-dev05:30
*** ljjjustin has quit IRC05:31
*** ljjjustin has joined #openstack-dev05:32
*** bdpayne has quit IRC05:34
jamielennoxdolphm: i really need to give that another try, unfortunately it seems that panemero (or whatever the ssh library was) doesn't work with ssh keys with passwords - even though i have an ssh-agent05:34
dolphmjamielennox: i think that was a bug on my side ... someone contributed a fix05:35
*** kspear has joined #openstack-dev05:35
jamielennoxdolphm: within the version that's on pip?05:35
dolphmjamielennox: yes05:35
jamielennoxdolphm: cool, will try again05:36
*** dolphm has quit IRC05:38
*** boris-42 has joined #openstack-dev05:40
*** adjohn has joined #openstack-dev05:42
*** jhesketh_ has quit IRC05:45
stevemardolphm: morganfainberg: new (and last?) patch!!!05:46
*** jhesketh has joined #openstack-dev05:46
*** macjack has joined #openstack-dev05:46
*** ljjjustin has quit IRC05:46
*** bashok has joined #openstack-dev05:46
morganfainbergstevemar: i'll probably look at it tomorrow morning at this point.05:47
stevemarthats cool05:47
*** mohits has joined #openstack-dev05:47
*** matiu has quit IRC05:50
*** jbresnah has joined #openstack-dev05:50
*** eharney has quit IRC05:52
*** freedomhui has joined #openstack-dev05:53
*** hailiang has quit IRC05:55
*** alexb_ has joined #openstack-dev06:00
*** lexinator has joined #openstack-dev06:00
*** hashfail_ has joined #openstack-dev06:00
*** sballe has quit IRC06:05
*** xBsd has joined #openstack-dev06:06
*** fifieldt_ has joined #openstack-dev06:06
*** hailiang has joined #openstack-dev06:08
*** lexinator has quit IRC06:09
*** tmmt has quit IRC06:13
*** bashok has quit IRC06:14
*** bashok has joined #openstack-dev06:14
*** kirankv has joined #openstack-dev06:15
*** tmmt has joined #openstack-dev06:17
*** ljjjustin has joined #openstack-dev06:20
*** vartom117 has joined #openstack-dev06:23
*** grepory has quit IRC06:24
*** adjohn has quit IRC06:24
*** prekarat has quit IRC06:27
*** jbresnah has quit IRC06:28
*** jhesketh has quit IRC06:29
*** prekarat has joined #openstack-dev06:30
*** sballe has joined #openstack-dev06:31
*** nshaikh has left #openstack-dev06:31
*** jhesketh has joined #openstack-dev06:32
*** sballe_ has joined #openstack-dev06:33
*** sballe has quit IRC06:36
*** nshaikh has joined #openstack-dev06:38
*** pschaef has joined #openstack-dev06:42
*** odyssey4me has joined #openstack-dev06:42
*** jerryz has joined #openstack-dev06:46
*** yaguang has quit IRC06:48
*** ljjjustin has quit IRC06:50
*** mmagr has joined #openstack-dev06:54
*** ljjjustin has joined #openstack-dev06:54
*** ifarkas has joined #openstack-dev06:56
*** jerryz has quit IRC06:57
*** jerryz has joined #openstack-dev06:58
*** yaguang has joined #openstack-dev07:00
*** reidrac has joined #openstack-dev07:04
*** mrunge has joined #openstack-dev07:04
*** afazekas has quit IRC07:06
*** afazekas_ is now known as afazekas07:06
*** yaguang has quit IRC07:07
*** odyssey4me has quit IRC07:07
*** odyssey4me has joined #openstack-dev07:08
*** jerryz has quit IRC07:08
*** pschaef has quit IRC07:09
*** jamielennox is now known as jamielennox|away07:12
*** odyssey4me2 has joined #openstack-dev07:12
*** odyssey4me has quit IRC07:12
*** odyssey4me has joined #openstack-dev07:14
*** prekarat has quit IRC07:15
*** prekarat has joined #openstack-dev07:15
*** prekarat has quit IRC07:16
*** prekarat has joined #openstack-dev07:16
*** odyssey4me2 has quit IRC07:16
*** hailiang has quit IRC07:17
*** aababilov has joined #openstack-dev07:19
aababilovapiclient is introduced to keystoneclient: https://review.openstack.org/#/c/28043/07:19
aababilovplease review07:19
*** aababilov has left #openstack-dev07:19
*** flaper87|afk is now known as flaper8707:22
*** ljjjustin has quit IRC07:29
*** hailiang has joined #openstack-dev07:31
*** ljjjustin has joined #openstack-dev07:32
*** AnilV4 has joined #openstack-dev07:33
*** adjohn has joined #openstack-dev07:35
*** xqueralt-afk is now known as xqueralt07:36
*** MaxV has joined #openstack-dev07:37
*** Ryan_Lane has joined #openstack-dev07:38
*** pschaef has joined #openstack-dev07:38
*** jistr has joined #openstack-dev07:38
*** yaguang has joined #openstack-dev07:39
*** adjohn has quit IRC07:40
*** dina_belova has joined #openstack-dev07:42
bashoksalv-orlando: ping07:44
*** stevemar has quit IRC07:44
salv-orlandobashok: hi07:44
*** psedlak has quit IRC07:44
bashoksalv-orlando: I saw your response on the network namespaces issue, I wanted to share my input, I faced similar issues in the past , that time I was told that a bug in ip-route2 packaged causing the issue while deleting the namespace, but till now I dont see any updates on that area. netns-cleanup also wont help (when you get "setting namespace failed" error), it defnitely needs some attention07:45
*** lexinator has joined #openstack-dev07:45
salv-orlandobashok: Did not mention that in the mail, but I am aware too of situations when clearing out the namespace becomes a nightmare07:45
salv-orlandoyou're right it's an iproute2 issue07:46
salv-orlandoI have not seen any progress as well07:46
salv-orlandoThe only thing I've noticed is that this might happen when you try to remove a ns with active ifaces07:46
*** dina_belova has quit IRC07:46
*** dina_belova has joined #openstack-dev07:47
bashoksalv-orlando: especially deleting the qrouter-* namespace is the most trickiest part ,07:47
salv-orlandoI guess because it has lots of interfaces07:47
*** lexinator has quit IRC07:49
*** yolanda has joined #openstack-dev07:53
*** yolanda has quit IRC07:54
*** danwent has quit IRC07:54
*** yolanda has joined #openstack-dev07:54
*** SergeyLukjanov has joined #openstack-dev07:57
*** jerryz has joined #openstack-dev07:59
*** Ng_holiday is now known as Ng08:00
*** giulivo has joined #openstack-dev08:01
*** jaimegil has joined #openstack-dev08:03
*** jpich has joined #openstack-dev08:03
*** boris-42 has quit IRC08:05
*** boden has joined #openstack-dev08:05
*** psedlak has joined #openstack-dev08:07
*** lucasagomes has joined #openstack-dev08:08
*** jerryz has quit IRC08:11
*** cmark has joined #openstack-dev08:18
*** BobBall_Away is now known as BobBall08:18
*** ema has joined #openstack-dev08:20
*** Alexei_987 has joined #openstack-dev08:21
*** xBsd has quit IRC08:23
*** iartarisi has joined #openstack-dev08:26
*** llu has joined #openstack-dev08:29
*** jtomasek has quit IRC08:32
*** jtomasek has joined #openstack-dev08:33
*** sushils has joined #openstack-dev08:36
*** fbo_away is now known as fbo08:37
*** boris-42 has joined #openstack-dev08:37
*** ljjjustin has quit IRC08:39
*** troytoman is now known as troytoman-away08:40
*** vsergeyev has joined #openstack-dev08:46
*** henrynash has quit IRC08:46
sergmelikyanWhat is happening with Zuul?08:47
sergmelikyanhttp://status.openstack.org/zuul/08:47
sergmelikyanto many unstable builds!08:47
*** shane-wang_ has quit IRC08:49
*** zbitter is now known as zaneb08:50
*** ruhe has joined #openstack-dev08:53
*** alexxu has joined #openstack-dev09:00
*** odyssey4me2 has joined #openstack-dev09:00
*** odyssey4me3 has joined #openstack-dev09:02
*** odyssey4me has quit IRC09:03
*** xBsd has joined #openstack-dev09:04
*** odyssey4me2 has quit IRC09:05
*** xqueralt is now known as xqueralt-afk09:06
*** martyntaylor has joined #openstack-dev09:16
*** athomas has joined #openstack-dev09:18
*** salv-orlando has quit IRC09:18
*** dina_belova has quit IRC09:26
*** bashok has quit IRC09:38
xBsdping09:39
xBsdwhat happened with zulu? why all jobs are freezes?09:40
*** morganfainberg is now known as morganfainberg_a09:49
*** morganfainberg_a is now known as morganfainberg09:52
*** jhesketh has quit IRC09:53
*** morganfainberg is now known as morganfainberg|a09:54
*** morganfainberg|a is now known as morganfainberg09:55
*** morganfainberg is now known as morganfainberg|a09:56
*** rods has joined #openstack-dev09:59
gongyshhi, is there a complete state transition diagram somewhere of the VM managed by openstack?10:04
*** kushal has quit IRC10:05
*** hailiang has quit IRC10:07
*** kushal has joined #openstack-dev10:08
*** ruhe has quit IRC10:10
*** sumanthns has joined #openstack-dev10:13
*** kaushikc has joined #openstack-dev10:14
*** para__ has joined #openstack-dev10:15
*** mmagr has quit IRC10:17
*** salv-orlando has joined #openstack-dev10:19
*** para__ is now known as mmagr10:24
*** dina_belova has joined #openstack-dev10:26
*** xchu has quit IRC10:27
*** dina_belova has quit IRC10:31
*** pcm_ has joined #openstack-dev10:32
*** pcm_ has quit IRC10:32
*** pcm_ has joined #openstack-dev10:33
*** dina_belova has joined #openstack-dev10:34
*** dina_belova has quit IRC10:34
*** pschaef has quit IRC10:34
*** lexinator has joined #openstack-dev10:37
*** gongysh has quit IRC10:37
*** sumanthns has quit IRC10:37
*** mjfork has joined #openstack-dev10:39
*** dina_belova has joined #openstack-dev10:40
*** dina_bel_ has joined #openstack-dev10:40
*** dina_belova has quit IRC10:40
*** lexinator has quit IRC10:42
*** dina_bel_ has quit IRC10:42
*** yaguang has quit IRC10:43
*** ruhe has joined #openstack-dev10:45
*** bashok has joined #openstack-dev10:48
*** jruzicka has joined #openstack-dev10:49
*** AnilV4 has quit IRC10:52
*** derekh has joined #openstack-dev10:57
*** ndipanov is now known as nick_long10:58
*** openstackstatus has joined #openstack-dev11:06
openstackstatusNOTICE: some sort of gating disruption has been identified--looking into it now11:07
*** ChanServ changes topic to "some sort of gating disruption has been identified--looking into it now"11:07
*** odyssey4me3 has quit IRC11:08
*** dims has joined #openstack-dev11:08
mordredmorganfainberg|a: ping whne you're awake11:09
*** giulivo has quit IRC11:11
*** martine has joined #openstack-dev11:15
*** martine is now known as Guest1380511:15
*** odyssey4me3 has joined #openstack-dev11:16
*** lexinator has joined #openstack-dev11:17
*** giulivo has joined #openstack-dev11:17
*** lexinator has quit IRC11:21
openstackstatusNOTICE: the log server has filled up, disrupting job completion--working on it now, ETA 12:30 UTC11:21
*** ChanServ changes topic to "the log server has filled up, disrupting job completion--working on it now, ETA 12:30 UTC"11:21
*** nayward has quit IRC11:22
*** lucasagomes is now known as lucas-hungry11:24
*** kushal has quit IRC11:30
*** drewlander has joined #openstack-dev11:31
*** huats_ is now known as huats11:32
*** yamahata has quit IRC11:35
*** tmclaugh[work] has joined #openstack-dev11:36
*** e1mer has quit IRC11:41
*** FunnyLookinHat has joined #openstack-dev11:45
*** kirankv has quit IRC11:50
*** lexinator has joined #openstack-dev11:52
*** dina_belova has joined #openstack-dev11:53
*** flaper87 is now known as flaperboon11:53
*** dvarga has joined #openstack-dev11:56
*** lexinator has quit IRC11:56
*** dina_belova has quit IRC11:57
*** kushal has joined #openstack-dev12:00
openstackstatusNOTICE: log server has a larger filesystem now--rechecking/reverifying jobs, ETA 12:30 UTC12:00
*** ChanServ changes topic to "log server has a larger filesystem now--rechecking/reverifying jobs, ETA 12:30 UTC"12:00
*** markmc has joined #openstack-dev12:01
*** CaptTofu has quit IRC12:02
*** CaptTofu has joined #openstack-dev12:02
*** spzala has joined #openstack-dev12:02
*** CaptTofu has quit IRC12:04
*** CaptTofu has joined #openstack-dev12:04
*** CaptTofu has quit IRC12:05
*** CaptTofu has joined #openstack-dev12:05
*** jimjiang has joined #openstack-dev12:09
*** jimjiang has joined #openstack-dev12:10
*** jaimegil has quit IRC12:13
*** troytoman-away is now known as troytoman12:13
*** bashok has quit IRC12:16
*** wwallnrr__ has joined #openstack-dev12:16
*** mberwanger has joined #openstack-dev12:18
*** mrunge has quit IRC12:18
*** galstrom_zzz is now known as galstrom12:20
*** odyssey4me3 has quit IRC12:20
*** slagle has quit IRC12:21
*** ruhe has quit IRC12:22
*** ruhe has joined #openstack-dev12:24
*** gordc has joined #openstack-dev12:26
*** AnilV4 has joined #openstack-dev12:27
*** odyssey4me3 has joined #openstack-dev12:28
*** nshaikh has quit IRC12:29
*** rcrit has joined #openstack-dev12:29
*** nshaikh has joined #openstack-dev12:29
*** SergeyLukjanov has quit IRC12:30
*** woodspa has joined #openstack-dev12:31
*** alunch has quit IRC12:31
*** mberwanger has quit IRC12:33
*** mberwanger has joined #openstack-dev12:34
*** slagle has joined #openstack-dev12:34
*** mberwang_ has joined #openstack-dev12:35
*** kaushikc has quit IRC12:36
*** roz_ has joined #openstack-dev12:36
*** roz_ is now known as andrearoz12:36
*** kaushikc has joined #openstack-dev12:37
*** mberwanger has quit IRC12:38
*** radez_g0n3 is now known as radez12:39
*** redbeard2 has quit IRC12:39
*** dolphm has joined #openstack-dev12:40
openstackstatusNOTICE: still rechecking/reverifying false negative results on changes, but the gate is moving again12:41
*** ChanServ changes topic to "OpenStack development || Support is in #openstack"12:41
*** jasondotstar has joined #openstack-dev12:42
fungisergmelikyan: thanks for pitching in on rechecks--that's helping a ton!12:42
*** lucas-hungry is now known as lucasagome12:43
*** lucasagome is now known as lucasagomes12:43
*** kaushikc has quit IRC12:43
xBsdfungi: is jenkins01.openstack.org is up?12:44
xBsdfungi: it seems that a lot of stuff freeze on the node12:45
*** dims has quit IRC12:48
*** dvarga has quit IRC12:50
fungixBsd: yes, we ran out of space for the jobs to upload their logs, so everything started going haywire. i added more space and it's working again now but stuff which failed earlier has to be rechecked or reverified so it re-runs12:52
*** sandywalsh has quit IRC12:52
*** galstrom is now known as galstrom_zzz12:53
*** dina_belova has joined #openstack-dev12:53
xBsdfungi: but I still couldn't open web interface on that node. is it ok?12:54
*** bashok has joined #openstack-dev12:55
*** mberwang_ has quit IRC12:56
fungixBsd: the log links which got left for jobs which failed around those times point to log files which never got uploaded/directories which were never successfully created12:56
fungiso when we rerun jobs on those, working links will get posted once they complete12:57
*** dstanek has joined #openstack-dev12:57
*** dina_belova has quit IRC12:57
*** ruhe has quit IRC12:58
*** mkollaro has joined #openstack-dev12:59
simorussellb: what was the command to see the diff between 2 revisions in gerrit ?12:59
xBsdfungi: but I tried to open https://jenkins01.openstack.org/ without any additional links )12:59
*** SergeyLukjanov has joined #openstack-dev13:00
russellbsimo: $ git review -m <review#>,<rev1>-<rev2>13:00
fungixBsd: it works for me. perhaps your browser is configured to try and protect you from servers which have self-signed certificates?13:00
*** jjmb has quit IRC13:01
*** lexinator has joined #openstack-dev13:01
*** anteaya has joined #openstack-dev13:01
simorussellb: uhmm my git review doesn't like -m13:01
russellbsimo: the one in fedora is really old13:02
russellbsimo: grab it from pip instead13:02
fungisimo: i think you need git-review 1.21 or later for -m to be available13:02
russellb-m is glorious13:02
xBsdfungi: don't think so, but thanks, I'll try to start reverify job :)13:03
simorussellb: do you know who is the fedora packager ? We should get it in fedora properly13:04
fungixBsd: if you can load https://jenkins.openstack.org/ but not jenkins01 or jenkins02 it's probably because 01 and 02 have self-signed certificates13:04
russellbsimo: i think pete zaitcev did it originally13:05
fungisimo: russellb: indeed, i released 1.23 yesterday and GheRivero_CH uploaded it to debian from a pub13:05
*** ema_ has joined #openstack-dev13:05
russellbsimo: https://admin.fedoraproject.org/pkgdb/acls/name/git-review13:05
*** dims has joined #openstack-dev13:05
simointerestingly I do not find the component13:06
*** herndon has joined #openstack-dev13:06
simogoing to open a bug to get it properly updated13:06
*** lexinator has quit IRC13:06
*** sandywalsh has joined #openstack-dev13:07
*** bknudson has joined #openstack-dev13:07
*** dstanek has quit IRC13:07
*** ema has quit IRC13:08
fungisimo: russellb: if rh/fed have an active maintainer for g-r i'll be sure to give them a heads up on future releases13:09
xBsdfungi: I'be made reverify but the jobs still freeze in zuul13:09
simofungi: donno how active he is but we do have a maintainer13:09
russellbfungi: he should be active, he's still doing openstack stuff ... i think ... i don't see him online though13:09
xBsdfungi: http://status.openstack.org/zuul/ openstack/cinder42241,113:10
flaperboonrussellb: fungi he's still active, he's mainly focused on swift13:10
*** jayg|g0n3 is now known as jayg13:11
*** russellb is now known as rustlebee13:11
rustlebeehappy casual nick Friday13:11
*** comstud is now known as bearhands13:11
*** ema_ is now known as ema13:12
*** mberwanger has joined #openstack-dev13:12
fungixBsd: yeah, looks like there could be some hung jobs on the jenkins servers i'll need to cancel and reverify13:12
*** vartom117 has quit IRC13:13
fungisimo: rustlebee: yeah, just didn't know if he was still active as a distro package maintainer. i know i've seen him working on openstack upstream stuff13:13
xBsdfungi: thanks )13:14
*** neelashah has joined #openstack-dev13:15
fungiright, i eventually get "The proxy server could not handle the request GET /job/gate-tempest-devstack-vm-postgres-full/2296/."13:16
*** dina_belova has joined #openstack-dev13:16
*** zul has quit IRC13:16
*** mberwanger has quit IRC13:21
*** redbeard2 has joined #openstack-dev13:21
*** dprince has joined #openstack-dev13:22
*** rfolco has joined #openstack-dev13:22
fungiactually, i've started timing out getting to its web interface13:23
xBsdfungi: as I said :)13:23
xBsdsomething wrong )13:23
*** sergmelikyan has quit IRC13:23
*** dansmith is now known as Steely_Dan13:24
fungibut it was working for me a little while ago, even after i started rechecking changes13:25
*** jprovazn has quit IRC13:26
*** dina_belova has quit IRC13:26
*** vsergeyev has left #openstack-dev13:29
*** xchu has joined #openstack-dev13:30
xBsdfungi13:30
xBsdfungi: btw what is official place for such bugs?13:31
fungixBsd: here basically, or in #openstack-infra13:31
*** jecarey has joined #openstack-dev13:31
fungii'm going to restart the jenkins process on jenkins01, but we may also need to restart zuul because i'm not sure if it will consider those jobs still running if it never hears back from them on the gearman queue13:32
*** lexinator has joined #openstack-dev13:32
xBsdlet's burn! :)13:32
openstackstatusNOTICE: the earlier log server issues seem to have put one of the jenkins servers in a bad state, blocking the gate--working on that, ETA 14:00 UTC13:34
*** ChanServ changes topic to "the earlier log server issues seem to have put one of the jenkins servers in a bad state, blocking the gate--working on that, ETA 14:00 UTC"13:34
*** dolphm_ has joined #openstack-dev13:34
*** Shaan7 has joined #openstack-dev13:35
fungixBsd: we do also take bug reports on launchpad as the openstack-ci project there, but when we're busy fighting fires we usually don't notice those since e-mail tends to take a back seat to irc13:36
*** dolphm has quit IRC13:36
*** lexinator has quit IRC13:36
*** dolphm has joined #openstack-dev13:37
xBsdfungi: I asked, cause I'd written here about this issue about 4 hours ago and didn't get any response13:40
*** litong has joined #openstack-dev13:40
xBsdfungi: but I got #os-infra is better place for that ;)13:40
*** FunnyLookinHat has quit IRC13:40
*** alunch has joined #openstack-dev13:41
*** kbringard has joined #openstack-dev13:41
fungixBsd: the bigger issue is that right now all the coremudgeons for -infra are on the same piece of rock, so we tend to be asleep at similar times13:41
*** jtomasek has quit IRC13:43
*** jtomasek has joined #openstack-dev13:43
*** jtomasek has quit IRC13:45
fungixBsd: i'm usually the first one awake an on line, so i didn't spot everyone's concerns in scrollback until about 1100 utc13:45
*** SergeyLukjanov has quit IRC13:45
*** jtomasek has joined #openstack-dev13:45
fungiand it was unfortunately a cascade failure, so i addressed the most immediate problem of the full log server filesystem but once it was back and working it took some time to be sure that there were further problems which seemed to have been triggered by that one13:46
fungianyway, everything looks happy again now that the jenkins process has been forcibly killed and restarted on jenkins01 (jobs were continuing to run on jenkins.o.o and jenkins02, but the hung jobs on 01 were blocking results for older changes being returned and keeping the gate from advancing)13:48
*** burt has joined #openstack-dev13:48
*** bswartz has quit IRC13:49
*** noslzzp has joined #openstack-dev13:50
*** sudorandom has joined #openstack-dev13:51
*** SergeyLukjanov has joined #openstack-dev13:51
*** otherwiseguy has joined #openstack-dev13:52
openstackstatusNOTICE: the gate seems to be properly moving now, but some changes which were in limbo earlier are probably going to come back with negative votes now. rechecking/reverifying those too13:53
*** ChanServ changes topic to "OpenStack development || Support is in #openstack"13:53
*** beagles is now known as seagulls13:54
*** bnemec is now known as oldben13:54
*** ruhe has joined #openstack-dev13:54
*** eharney has joined #openstack-dev13:55
sandywalshflaperboon, thanks for the input on the ack() issue ... I may need to pick your brain on some mongo questions next week if you're available?13:55
*** adhately has joined #openstack-dev13:55
*** jimfehlig has joined #openstack-dev13:56
*** reidrac has quit IRC13:56
*** reidrac has joined #openstack-dev13:56
*** spzala has quit IRC13:58
*** spzala has joined #openstack-dev13:59
*** jtomasek has quit IRC13:59
*** jtomasek has joined #openstack-dev13:59
*** dolphm_ has quit IRC14:00
*** martyntaylor1 has joined #openstack-dev14:00
*** rwsu-away is now known as rwsu14:00
*** martyntaylor has quit IRC14:02
*** networkstatic has quit IRC14:02
*** datsun180b has joined #openstack-dev14:02
flaperboonsandywalsh: np :), As Eric, I'm not 100% against that idea, I'd like to see if there's a better way to do it w/o actually exposing it through the API. (btw, When I mention that not all back-ends support ack, I'm also thinking about Marconi)14:02
*** networkstatic has joined #openstack-dev14:03
*** kevinconway_ has joined #openstack-dev14:03
markmcsimo, oslo meeting now14:03
markmcsandywalsh, you also :)14:03
*** datsun180b has quit IRC14:03
markmc#openstack-meeting14:03
flaperboonsandywalsh: re mongo: Sure, whenever you want. I'll out from Wed-Friday, so we better chat on Mond and / or Tuesday14:03
*** datsun180b has joined #openstack-dev14:03
sandywalshflaperboon, cool14:04
sandywalshmarkmc, in there14:04
markmcsandywalsh, cool14:04
*** kevinconway has quit IRC14:04
*** kevinconway_ is now known as kevinconway14:04
*** HenryG has joined #openstack-dev14:05
*** redbeard2 has quit IRC14:06
*** lexinator has joined #openstack-dev14:06
simomarkmc: joining14:07
*** krtaylor has quit IRC14:08
*** briancurtin has joined #openstack-dev14:09
*** changbl has quit IRC14:10
*** slagle has quit IRC14:10
*** lexinator has quit IRC14:10
*** slagle has joined #openstack-dev14:12
*** FunnyLookinHat has joined #openstack-dev14:12
*** bswartz has joined #openstack-dev14:12
*** adhately has left #openstack-dev14:12
*** valgrind has joined #openstack-dev14:12
*** galstrom_zzz is now known as galstrom14:16
*** dprince has quit IRC14:18
*** jmontemayor has joined #openstack-dev14:18
*** tjones has joined #openstack-dev14:19
*** mohits has quit IRC14:19
*** freedomhui has quit IRC14:21
*** redbeard2 has joined #openstack-dev14:21
*** herndon has quit IRC14:23
*** redbeard2 has quit IRC14:24
*** dina_belova has joined #openstack-dev14:27
ayoungdolphm, I was thinking about josecastro's recent post where they put up 3 copies of Keystone in HTTPD:   one for uid/pw, one for Kerberos, and one for X509.  THis patch, which makes sense under the present approach, won't work for that: https://review.openstack.org/#/c/41707/214:28
ayoungSomething to think about for Icehouse14:28
*** cthulhup_ has joined #openstack-dev14:28
*** aelkikhia has joined #openstack-dev14:28
*** aelkikhia has left #openstack-dev14:29
*** zul has joined #openstack-dev14:31
ayoungsimo, are you giving up on KDS for Havana?14:31
ayoungPlease don't.14:31
*** dina_belova has quit IRC14:32
simoayoung: already did14:32
simoseem everybody agrees is too risky14:32
ayoungI think it is very close.  The API review is down to word choice, and the code is pretty simple.   We were discussing if we could tag something as experimental14:32
*** jimjiang has quit IRC14:32
simo2 PTLs do and Thierry also does14:32
simoayoung: we can still commit it of course14:32
*** dprince has joined #openstack-dev14:32
simoas long as it is clearly marked experimental I guess14:33
simoand dolphm agrees14:33
ayoungyeah, I think that is the right approach14:33
simobut we will start using it only in Icehouse14:33
ayoungwe tag that in the API doc and in the paste file14:33
simoso ...14:33
*** esheffield has joined #openstack-dev14:33
simoayoung: nothing is using it right now, that's the point14:33
simoand nova won't at this point .. too late14:34
ayoungsimo, but no one can build on it if it is not part of the project14:34
simoayoung: which is why the idea is to push it in on the first few days IceHouse opens up14:34
simoie keep review up to date and ready to go14:34
ayoungsimo, it is the same thing as trusts...it is not just the people that are doing active development here that use our code.  It has value to the community at large, and they can build on it in house if they want, but only if it is released14:35
simojust hold the actual push until Icehouse opens14:35
simoayoung: we can make that case14:35
simoI am ok one way or the other14:35
simoI need to keep the code up and running anyway14:35
*** rharwood has joined #openstack-dev14:37
ayoungttx, dolphm markmc would you be OK if we use the KDS code as the first example of tagging a feature as experimental?  I thin the trules  would be:  annotated in the API doc, annotated in the paste file, disabled by default.14:37
*** lexinator has joined #openstack-dev14:37
*** nayward has joined #openstack-dev14:37
*** dina_belova has joined #openstack-dev14:37
dolphmayoung: does "experimental" mean "will not receive security patches" or "security issues will be public by default"?14:38
ayoungdolphm, yes, I think so.14:38
dolphmayoung: otherwise, you're not buying yourself anything14:39
*** boris-42 has quit IRC14:39
ayoung"This code is here to aid in integration.  It will benefit from increased scrutiny by the largest audience..."14:39
dolphmayoung: i wouldn't call it "experimental" then, i'd call it what it is: "completely unsupported"14:41
*** dina_belova has quit IRC14:41
*** lexinator has quit IRC14:41
*** _TheDodd_ has joined #openstack-dev14:42
ayoungdolphm, well, "Experimental" is how features like this are tagged in the Linux Kernel development process, so there is some precedent.  "Experimental and Unsupported"  works for me14:42
dolphm(it's actually not a bad idea to consider *all* new features as completely unsupported the *first* time they see a release...)14:44
*** stevemar has joined #openstack-dev14:44
dolphmi bet ttx would love that :P14:44
dolphm"you're on your own attempting to use this feature in a production capacity. if the feature still exists in the next release, it will begin to receive stable backports."14:46
*** ruhe has quit IRC14:47
ayoungdolphm,   http://paste.fedoraproject.org/32581/76664403/14:47
ayoungthat would be in keystone-paste.ini14:47
*** henrynash has joined #openstack-dev14:47
*** reidrac has left #openstack-dev14:47
*** rnirmal has joined #openstack-dev14:48
ayoungdolphm, also,  we move the api review from https://github.com/openstack/identity-api/tree/master/openstack-identity-api/v3  to https://github.com/openstack/identity-api/tree/master/openstack-identity-api/experimental14:48
dolphmayoung: wouldn't it be v3/experimental/ ?14:49
dolphmayoung: or if it's really a top level api, it either needs it's own repo or you're talking about drafting v414:50
*** henrynash has quit IRC14:50
*** krtaylor has joined #openstack-dev14:51
ayoungdolphm, I think we keep something in /experimental until we decide where it is going to live for real.  But are extensions supposed to be under /v2 /v3 /v4  anyway, or should they be under /extensions?14:51
dolphmayoung: i'm pretty sure glance shipped with an unsupported api for at least a release ? ... i'd inquire with ttx on the precedent an unsupported release process14:51
ayoungdolphm, I though only the extension discovery was going to be versioned.14:52
*** rcleere has joined #openstack-dev14:52
dolphmayoung: an extension would need to be documented for any top level api that it extends; the versioning presented by /extensions should imply on which top level api the extension can be expected to exist14:53
*** pasquier-s has quit IRC14:54
ayoungdolphm, So something like kds, which does not extend anything that is currently core is a top level api in and of itself.  I just extends Keystone.  So if we are targetting, say v3.5 we could put it in /v3/extensions  and for now it would go in /v3/experimental.14:55
dolphmayoung: are you really proposing that kds is it's own application??14:56
*** freedomhui has joined #openstack-dev14:56
dolphmayoung: if that's how it's implemented, then it doesn't belong anywhere near our repo14:56
*** fifieldt_ has quit IRC14:58
*** danwent has joined #openstack-dev14:59
*** herndon has joined #openstack-dev14:59
ayoungdolphm, so, there is an implied relationship that we don't explicitly have right now, between Endpoints and the "targets" of Kds.  Keystone doesn't currently have a way to distinguish between, say, two differen Nova Compute Nodes.  However, from a security standpoint, you would want each to be its own principal, and to have separate security credentials.  KDS is a move in that direction.  When you create a token, and that token is supposed to be scop14:59
ayounged to the service that is going to consume it, you would ideally say "and this can only be done on node123456"  but we don';t have that today14:59
*** ffio has joined #openstack-dev14:59
ayoungNoe, from an end user perspective, we don't want to show that to them anyway...too much detail.14:59
ayoungBut there is no other service in OpenStack that plays this "Internal Identity Management" role either15:00
ayoungPolicy kindof falls into the same realm15:00
ayoungEnd users should not really be messing with policy.15:00
*** sthaha has quit IRC15:00
ayoungAlthough there you could make the argument "I need to be able to see the policy in order to give appropriate roles to users."15:01
*** woodspa_ has joined #openstack-dev15:01
*** mikemar10 has joined #openstack-dev15:01
dolphmayoung: you're avoiding the question15:01
ayoungdolphm, no, I am thinking through it...you have an interesting point....15:01
*** yaguang has joined #openstack-dev15:03
*** athomas has quit IRC15:03
ayoungdolphm, I could easily say it is its own application.  But then, I also think that the identity backends and the assignment backends are separate applications as well, they are just consumed by the token issuing application.15:03
ayoungBut KDS does not tie in with Tokens.15:03
ayoungThen again, neither does policy.15:03
*** jvrbanac has joined #openstack-dev15:03
simoayoung: it consumes them only for administrative duties like any other component15:03
ayoungCatalog...is consumed by tokens.15:03
dolphmayoung: "kds, which does not extend anything that is currently core is a top level api in and of itself" <-- you're describing a stand alone service15:03
*** ruhe has joined #openstack-dev15:03
ayoungdolphm, true15:04
*** woodspa has quit IRC15:04
*** AnilV4 has quit IRC15:05
ayoungdolphm, we had this discussion back at the start of the efforts.  There really is nowhere that KDS could run, but starting up a whole project just for Keys seemed too heavyweight15:05
ayoungI thought you were in on that discussion15:05
dolphmayoung: exactly which application pipeline should "kds_extension" be deployed to?15:05
ayoungdolphm, I would say admin.15:05
*** colinmcnamara has joined #openstack-dev15:06
ayoungdolphm, the only reason it would be public is if we were making it avaialable as a service to end users.  I could see that being valuable, but it is not what we are proposing for now15:06
*** athomas has joined #openstack-dev15:06
ayoungit would make sense as part of the Queuing-as-a-service effort15:06
dolphmayoung: let me try again... we have exactly 5 application pipelines in keystone.conf.sample. which one should "kds_extension" be included in? https://github.com/openstack/keystone/blob/master/etc/keystone-paste.ini15:07
ayoung[pipeline:admin_api]15:07
dolphmayoung: hrm, so KDS is a /v2.0/ extension then?15:08
simocurrently it sits in api_v315:08
*** dolphm_ has joined #openstack-dev15:09
*** MaxV has quit IRC15:09
ayoungdolphm, well, I was not thinking in terms of versions.  As I said before, I wasn't thinking that extensionwere falling under vbersions.  So, yeah, it would haveto be v3.15:09
*** dolphm has quit IRC15:09
ayoungBut then the role that provides access to it should only be given (at least for now) to service_users15:09
*** pabelanger is now known as nubbie15:10
dolphm_so, if it's in api_v3, then it's deployed indiscriminately on both ports :5000 and :35357 and relies on RBAC15:10
*** dina_belova has joined #openstack-dev15:10
*** dina_belova has quit IRC15:12
*** dina_belova has joined #openstack-dev15:12
*** changbl has joined #openstack-dev15:12
dolphm_ayoung: however, "service_users" is an arbitrary deployment-specific concept, in which case relying on RBAC is perfect... correct?15:13
*** yaguang has quit IRC15:13
*** matiu has joined #openstack-dev15:13
*** matiu has quit IRC15:13
*** matiu has joined #openstack-dev15:13
*** cthulhup_ has quit IRC15:15
*** martyntaylor1 has quit IRC15:17
*** nayward has quit IRC15:17
*** noslzzp has quit IRC15:17
*** mrodden has quit IRC15:17
*** markmcclain has joined #openstack-dev15:17
*** martyntaylor has joined #openstack-dev15:18
*** bashok has quit IRC15:19
*** dolphm has joined #openstack-dev15:19
ayoungdolphm_, yes,  RBAC is made for this.  There really is no reason that end users cannot make use of KDS, and I could see it being useful for securing Queue traffic beyond the scoped of the Queues supporting Nova etc15:19
*** bashok has joined #openstack-dev15:19
*** bashok_ has joined #openstack-dev15:19
ayoungIt really is a generic mechanism for two entities to share a symmetric key.  We had discussed using Kerberos to do this, but simo and I both felt that requiring Kerberos for Securing OpenStack was too high a bar to pass.15:20
*** seagulls has quit IRC15:20
*** beagles has joined #openstack-dev15:21
simoayoung: technically we can bolt kerberos on/around KDS15:21
ayoungsimo, Shh don't give away our secret sauce... :)15:21
ayoungSeriously, though, it does make sense to have it as a web service15:21
*** nayward has joined #openstack-dev15:22
*** dolphm_ has quit IRC15:22
ayoungand as such, it  nicely augments any crypto implementation, to include NSS. OpenSSL, or Kerberos15:22
*** bashok__ has joined #openstack-dev15:22
*** valgrind has quit IRC15:23
ayoungSo, while Nova devs won't be able to make use of it until Icehouse, it will be avaialble for the Marconi project to make use of as well.15:23
*** Mandell has quit IRC15:23
*** bashok has quit IRC15:23
*** bashok_ has quit IRC15:24
*** dprince has quit IRC15:24
*** Guest13805 has quit IRC15:25
*** yaguang has joined #openstack-dev15:26
*** henrynash has joined #openstack-dev15:27
henrynashayoung, bknudson: ok, let's give https://review.openstack.org/#/c/39530/ another go after yet another rebase…15:28
*** mrodden has joined #openstack-dev15:28
*** colinmcnamara has quit IRC15:28
*** colinmcnamara has joined #openstack-dev15:29
*** tjones has quit IRC15:30
*** bashok_ has joined #openstack-dev15:30
ayounghenrynash, all logging changes?15:30
henrynashayoung: yes15:31
*** freedomhui has quit IRC15:31
*** yaguang has quit IRC15:31
*** rharwood has quit IRC15:32
*** yolanda has quit IRC15:32
*** krtaylor has quit IRC15:32
*** mrodden has quit IRC15:32
henrynashayoung: …and I updated the wrappers in https://review.openstack.org/#/c/38308/15:33
*** spawnofbelliott has quit IRC15:33
*** bashok__ has quit IRC15:33
ayounghenrynash, I just did the diff on the domain backend patch and it looks good, so reapproved15:34
henrynashayoung: thx15:34
*** belliott has joined #openstack-dev15:35
henrynashayoung: what's urgent that needs reviewing from your side...?15:35
*** cthulhup_ has joined #openstack-dev15:35
*** pmathews has joined #openstack-dev15:36
ayounghenrynash, KDS stuff, mostly.  I am trying to stay in review mode, and not writ new code right now...but I have some bug fixes on the way.15:36
*** grepory has joined #openstack-dev15:36
ayounghenrynash, did you deal with those split id crashes?15:36
*** mrodden has joined #openstack-dev15:37
ayounghttps://bugs.launchpad.net/keystone/+bug/1210590  and https://bugs.launchpad.net/keystone/+bug/1211445 are both assigned to you15:37
uvirtbotLaunchpad bug 1210590 in keystone "Split backend crashes with AttributeError" [Critical,Confirmed]15:37
ayoungbut I can take the second one15:37
dolphmayoung: i owe another attempt at reproducing15:37
henrynashayoung: no..so far I haven't reproduced…Dolphm was seeing if he could get more data...15:37
ayoungOK.  Suspect it is related the UNicode and LDAP.15:38
henrynashdolphm:  I tried hitting it…and I checked the unit tests - all which seem to cover this case…but there must be something I'm missing....15:38
*** nshaikh has quit IRC15:38
ayoungdolphm, for the gate, once henrynash 's commit lands, suggest we make the split backend the default for tempest testing.  THat way we can run both SQL and LDAP through their paces in one test suite.15:39
dolphmhenrynash: i'm trying now15:39
henrynashdolphm: ok…if can get more data, I'll drive it to fix tonight15:39
ayoungMaybe run a few of the tests twice, once against "default domain" which would be LDAP and once against a dynamically created domain which would be in SQL15:39
ayounghenrynash, so, how is the decorator on your new patch applied?15:41
ayoungIs it using a method  on the controller?15:42
henrynashayoung: so @targetprotected will do a get on the target entity and then call the policy engine using it and any api parameters15:42
henrynashayoung: yes, @targetprotected is in the controller15:42
ayounghenrynash, hmm, that will make it hard to migrate it to oslo common, where it belongs long term15:43
ayoungwhy'd you use that approach?15:43
dolphmhenrynash: ayoung: UTR! :) downgrading priority15:43
henrynashayoung: err, I thought that's what you were advocating…and that's how all the other protection is being done15:44
*** tjones has joined #openstack-dev15:44
*** markmc has quit IRC15:44
*** yaguang has joined #openstack-dev15:44
ayounghenrynash, nah, there was an article I linked which showed how the whole decorator could be done as a stand alone class. __init__ is called before the function, and __call__ is called on the way out.  THen, we can extract the logic from the controller class and make the policy enforcement reusable15:45
ayounghenrynash, let me give it a hack.  I want to see if this actually works15:45
henrynashayoung: …so are you advocating changing ALL the existing protection decorators?15:46
henrynashdolphm: (what's UTR ?_15:46
*** alexb_ has quit IRC15:47
dolphmhenrynash: unable to reproduce15:47
henrynashdolphm: ahh, right!15:47
stevemarshardy: i just replied to your note, with stuff that was completely useless15:48
*** ifarkas has quit IRC15:48
stevemarshardy: i mis-read the question that was asked, sorry :(15:48
*** tiamar has quit IRC15:48
*** bdpayne has joined #openstack-dev15:48
*** matiu has quit IRC15:48
shardystevemar: no worries, maybe ayoung can help ;)15:48
stevemarshardy: do you have any more info on why it's not working?15:49
*** xchu has quit IRC15:49
*** edmund has joined #openstack-dev15:50
shardystevemar: well that's the problem, every attempt to authenticate with a trust_id specified in the scope just gives 40115:50
shardyso without some sample known-good requests, it's hard to see where it's going wrong15:50
shardystevemar: I can clean up my hacked up test code and post it if needed15:50
ayoungfor BRANCH in `git branch |  grep review ` ; do  git branch -D $BRANCH ; done15:50
dolphmshardy: is your question on list directly related to your bug? if so, you should cross link them15:50
shardydolphm: well I was going to, but it sounds like the bug may just be a non-obvious error due to the v2 token?15:51
shardyNow I'm just trying to get it working with username/password15:51
shardyall via the v3 api15:51
stevemarshardy: do you never get back a token id at all?15:51
ayounghenrynash, let me put it this way:  we are the people most closely looking at policy enforcement, but others will need to consume it.  We should be looking to take our extensions and push them to Oslo in the near future.15:51
ayoungTHat will imply a refactoring effort to extract them from the rest of the controller code, or to set up a reasonable interface between controller and policy15:52
shardystevemar: If I specify OS-TRUST:trust in the scope of the request I always get 401 back15:52
shardystevemar: I may very well be doing something stupid ;)15:52
dolphmshardy: if you're tackling the same problem in both places, providing the extra context will help people trying to help you15:52
shardybut I've burned a lot of time trying to figure out what ;)15:52
jaypipesdhellmann: ok, addressed the one issue you found with the downgrade migration on https://review.openstack.org/#/c/41316/. Should be good to go. thx.15:52
dolphmshardy: no reason to maintain discrete conversations15:52
ayoungshardy, what is happening?15:53
dolphmayoung: should a v2 token be able to consume a trust on v3?15:53
shardydolphm: So you'd like me to update the thread with bug info or vice versa?15:53
dolphmshardy: both15:53
*** aeperezt_ has joined #openstack-dev15:53
shardydolphm: Ok, will do, thanks15:53
*** aeperezt_ has quit IRC15:53
ayoungdolphm, not quite sure what your are asking.  By consume, do you mean create a new token?  IE I have a v2 token, and I pass that and a trustid to the v3 api?15:54
dolphmayoung: yes15:54
shardyayoung: I'm struggling with consuming trusts, getting a trust scoped token, ref bug #1212778 and openstack-dev thread15:54
uvirtbotLaunchpad bug 1212778 in keystone "Authenticating with trust ID fails with 500 error" [Undecided,Incomplete] https://launchpad.net/bugs/121277815:54
*** otherwiseguy has quit IRC15:54
shardyayoung: Yeah I'm trying to do the bit marked "Consuming a trust with: POST /auth/tokens" in the API docs15:55
*** zul has quit IRC15:55
stevemarshardy: i was just going to link that: https://github.com/openstack/identity-api/blob/master/openstack-identity-api/v3/src/markdown/identity-api-v3-os-trust-ext.md#consuming-a-trust-with-post-authtokens15:55
ayoungwell, 500 is never the right response. But that aside, I think the answer we settled on was 'yes'  V2 and V3 tokens can both be passed to V3 API, so trusts should work with a v2 token15:55
shardyso I get a trust-scoped token back, ie authenticate a v3.Client via a trust15:55
ayoungkeystone/keystone/auth/plugins/token.py  line 42....15:56
*** henrynash has quit IRC15:56
*** freedomhui has joined #openstack-dev15:56
dolphmayoung: "should" ... is that tested?15:56
ayounghttps://github.com/openstack/keystone/blob/master/keystone/auth/plugins/token.py#L4215:56
dolphmayoung: if it's not tested, then it doesn't work..15:57
ayoungdolphm, It was, but there has been a lot of rework of the code since then.  But that doesn't seem to be the problem15:57
ayoungSeems like the token plugin is not handling something cleanly,  and that is irrelevant of trusts15:57
*** matiu has joined #openstack-dev15:57
*** matiu has joined #openstack-dev15:57
ayoungKeyError: 'token'15:58
*** tjones has quit IRC15:58
ayoungtoken_ref['token_data']['token']  seems to me that is the v3 code called against a v2 token, if I had to guess15:58
*** jpeeler has quit IRC15:58
*** jpeeler has joined #openstack-dev15:59
ayoungdolphm, in this case, there is no difference between creating a token from a trust and any other operations performed during authenticate.  It looks like passing a v2 token to the v3 api is broken, but I thought we had tests for that.15:59
*** rharwood has joined #openstack-dev16:00
*** kevinconway has quit IRC16:00
ayoungshardy,   see the logic executed here, and note that the same logic is missing for the code plugins/token.py https://github.com/openstack/keystone/blob/master/keystone/common/controller.py#L3216:01
*** iartarisi has quit IRC16:01
ayoungdolphm, should the token auth plugin delegate the validation of the token data to the token provider?  I think that both our controller code and our auth/plugins/token.py code are doing differnent thing, and they should hit a unified code path16:02
*** nayward has quit IRC16:04
dolphmayoung: i would expect the token auth plugin to call the token driver directly... it shouldn't have to go through the provider?16:04
ayoungdolphm, driver is just for storage.  THis is a format issue.  I thought token format was considered the provice of the provider.16:05
ayoungprovince16:05
dolphmayoung: regardless of format, i would expect you to be able to validate a token against the token driver16:05
*** ruhe has quit IRC16:06
*** alop has joined #openstack-dev16:07
ayoungdolphm, driver should say "yes, that is atoken"  but when it comes to reading the data out of the token.  THe controller code does that for policy enforcement. IN the case of the token driver..it might be a mistake to have that in the plugin.16:07
ayounguser_context.setdefault(16:07
ayoung                'user_id', token_ref['token_data']['token']['user']['id'])16:07
dolphmayoung: the mistake is that the data persisted as a "token" varies by v2 / v3 / uuid / pki16:08
ayoungdolphm, so it is failing trying to pull the userid out of the token16:08
ayoungthat whole block is v3 specific16:08
*** woodspa__ has joined #openstack-dev16:08
*** cthulhup_ has quit IRC16:08
*** zbitter has joined #openstack-dev16:09
ayoungdolphm, So, the provider should have a "normalize_data" call or something.  Pass it the token you have, and get the data back in V3 format16:09
dolphmayoung: because tokens aren't persisted consistently, all the code that depends on the token driver is confusing (to say the least) probably broken (in many more ways than just that one)16:09
*** cococafe has joined #openstack-dev16:10
ayoungdolphm, so we can either change it in the persistance, or we can do the George Lucas thing and fix it in postproduction.16:10
ayoungUntil we fix persisitance, I would argue that we need a fix common to the auth plugin and the policy code16:10
ayoungand...that fix really should live in the client, because the same deal for people consuming tokens....16:11
*** sarob has joined #openstack-dev16:11
*** nachi has joined #openstack-dev16:11
*** fbo is now known as fbo_away16:11
ayoungdolphm, I'll take the above bug for now, and I think we need to have at least on session in Icehouse on "Keystone client:  how do we cleanup the mess"16:12
*** woodspa_ has quit IRC16:12
*** yaguang has quit IRC16:12
*** zaneb has quit IRC16:12
dolphmayoung: token-related code in the service is a much bigger mess than anything on the client side16:12
sdake_mic is on16:13
sdake_not sure how to fix - guess should test it out next time :)16:13
ayoungdolphm, agreed.  But token format processing should be common to server and client.  Keystone the server needs to consume the Keystone client, with common behaviour being fixed there.  Or at least keystone/common really does need to be common.16:14
*** ftcjeff has joined #openstack-dev16:14
*** armax has joined #openstack-dev16:14
*** zbitter is now known as zaneb16:16
*** yolanda has joined #openstack-dev16:16
shardyayoung, dolphm: thanks for working through this16:16
shardydoes the Icehouse comment mean we're unlikely to fix this in time for h3?16:17
*** giulivo has quit IRC16:17
*** dprince has joined #openstack-dev16:17
dolphmshardy: your bug is fixable16:18
dolphmshardy: keystone is not :P16:18
stevemarshardy: we try our best to keep it from falling apart everyday16:18
*** krtaylor has joined #openstack-dev16:18
shardystevemar: haha16:19
*** tjones has joined #openstack-dev16:19
*** jistr has quit IRC16:19
shardydolphm, ayoung: I'm starting to thing it may be safer to push the heat-trusts work to Icehouse, until this is all a bit better proven16:20
ayoungdolphm, where would I expect to see a test for validating a v2 token in the V3 api?  test_v3_auth, right?16:20
shardyayoung: I was looking at test_v3_v2_intermix as an example request16:21
ayoungshardy, well, you are using a v2 token.  Mixing v2 and v3 is a bit wonky, and this is new stuff16:21
*** cthulhup_ has joined #openstack-dev16:21
*** kevinconway has joined #openstack-dev16:21
ayoungshardy, yes, me to, but that is the reverse of what you are doing16:21
dolphmayoung: yep16:21
ayoungshardy, this is development, this is where we find bugs.  You found a bug.16:21
shardyayoung: I've still not managed to request a trust scoped token using just the v3 API either..16:21
ayoungWe fix bugs16:21
shardyayoung: sure, I'm more than happy to help with the process, just truying to figure out how lengthy it's likely to be ;)16:22
shardyI've spent too long getting the keystoneclient stuff done and left myself short on time ;)16:22
ayoungshardy, this one will be relatively fast16:22
dolphms/fix/create/16:22
*** jistr has joined #openstack-dev16:23
shardycreate/fix/refactor/fix-again, the cycle of software ;)16:23
*** ema has quit IRC16:24
*** dstufft_ has joined #openstack-dev16:26
*** dstufft has quit IRC16:26
*** dstufft_ is now known as dstufft16:26
dolphmanyone want to review oauth? :D https://review.openstack.org/#/c/29130/16:27
*** jbresnah has joined #openstack-dev16:28
simodolphm: I started a few days ago, but it is big and requires a lot of back and forth to see all that is going on, will take a while16:29
*** martyntaylor has quit IRC16:30
*** noslzzp has joined #openstack-dev16:30
*** zul has joined #openstack-dev16:30
*** odyssey4me3 has quit IRC16:30
*** dolphm has quit IRC16:31
stevemardolphm: i'm sure morganfainberg will want another look at it16:34
*** datsun180b_ has joined #openstack-dev16:34
ayoungstevemar, I'll take another look, too.16:35
ayoungI have to deal with shardy 's issue first, though, as I think it is a show stopper16:35
*** jistr has quit IRC16:37
*** afazekas has quit IRC16:37
*** vkmc has joined #openstack-dev16:37
*** vkmc has quit IRC16:37
*** vkmc has joined #openstack-dev16:37
*** datsun180b has quit IRC16:37
*** datsun180b_ is now known as datsun180b16:37
*** yolanda has quit IRC16:38
*** ruhe has joined #openstack-dev16:40
*** dolphm has joined #openstack-dev16:41
*** henrynash has joined #openstack-dev16:42
*** jkyle has quit IRC16:44
*** jduhamel_ has quit IRC16:45
*** jduhamel has joined #openstack-dev16:49
*** adjohn has joined #openstack-dev16:49
*** hartsocks has joined #openstack-dev16:49
*** ms_brown has joined #openstack-dev16:49
*** fabio__ has joined #openstack-dev16:50
*** alexxu has quit IRC16:51
*** kirankv has joined #openstack-dev16:51
*** hartsocks has quit IRC16:53
*** jecarey has quit IRC16:54
*** jpich has quit IRC16:54
*** alunduil has quit IRC16:55
*** spzala has quit IRC16:56
*** mkerrin has quit IRC16:56
*** sushils has quit IRC16:56
*** lucasagomes is now known as lucas-away16:56
*** sdake_ has quit IRC16:58
*** sdake_ has joined #openstack-dev16:58
*** sdake_ has quit IRC16:59
*** sdake_ has joined #openstack-dev16:59
*** dvarga has joined #openstack-dev16:59
*** nati_ueno has joined #openstack-dev16:59
*** aelkikhia has joined #openstack-dev16:59
*** Ryan_Lane has quit IRC17:02
*** mmagr has quit IRC17:02
*** lucas-away is now known as lucasagomes17:02
*** yolanda has joined #openstack-dev17:03
*** lucasagomes has quit IRC17:04
*** derekh has quit IRC17:04
*** aelkikhia has quit IRC17:06
*** krtaylor has quit IRC17:06
*** sandeepr_ltp has joined #openstack-dev17:07
*** alexb_ has joined #openstack-dev17:09
*** rharwood has quit IRC17:09
*** bashok_ has quit IRC17:09
*** cthulhup_ has quit IRC17:10
*** rharwood has joined #openstack-dev17:11
*** kushal has quit IRC17:13
*** lexinator has joined #openstack-dev17:14
*** spzala has joined #openstack-dev17:16
*** jayg is now known as jayg|g0n317:17
*** stevemar is now known as stevemar-afk17:18
*** aelkikhia has joined #openstack-dev17:19
*** psedlak has quit IRC17:20
*** dina_belova has quit IRC17:21
ayoungdolphm, should the V3 api accept v2 tokens?17:21
*** SergeyLukjanov has quit IRC17:22
*** gordc has quit IRC17:22
*** bdpayne has quit IRC17:24
*** kushal has joined #openstack-dev17:25
*** bdpayne has joined #openstack-dev17:25
*** mdomsch has joined #openstack-dev17:27
*** Mandell has joined #openstack-dev17:28
*** adjohn has quit IRC17:28
*** kirankv has quit IRC17:31
*** jfriedly has joined #openstack-dev17:31
*** sarob has quit IRC17:31
*** sarob has joined #openstack-dev17:32
*** noslzzp has quit IRC17:32
*** nayward has joined #openstack-dev17:33
*** kushal has quit IRC17:33
*** cthulhup has joined #openstack-dev17:36
*** sarob has quit IRC17:36
*** sarob has joined #openstack-dev17:37
*** melwitt has joined #openstack-dev17:37
*** holms has joined #openstack-dev17:37
*** yolanda has quit IRC17:37
*** sarob has quit IRC17:38
*** sarob has joined #openstack-dev17:39
*** rods` has quit IRC17:39
*** morganfainberg|a is now known as morganfainberg17:41
*** rods` has joined #openstack-dev17:41
*** yolanda has joined #openstack-dev17:41
*** burt has quit IRC17:41
morganfainbergdolphm: in the latest patch on oAuth did you mean to remove the nullable=false args?17:41
*** afazekas has joined #openstack-dev17:41
morganfainbergmordred: pong (but only here for a few minutes before heading into the office)17:42
*** herndon has quit IRC17:42
mordredmorganfainberg: hey17:43
morganfainbergmordred: what can i do for ya?17:43
*** sarob has quit IRC17:43
*** noslzzp has joined #openstack-dev17:45
mordredmorganfainberg: I do not recall why I was pinging you17:45
morganfainbergmordred: hehe, ok then.17:45
*** dkehn_ has joined #openstack-dev17:45
*** dkehn has quit IRC17:45
*** kushal has joined #openstack-dev17:45
*** dvarga has quit IRC17:47
holmsy17:47
*** otherwiseguy has joined #openstack-dev17:49
*** sarob has joined #openstack-dev17:49
ayoungshardy, so the issue is that you are passing a v2 token to a v3 api.  Is there any reason you can't use a V3 token instead of a v2 token?17:49
holmsi wonder if it even possible to get a remote job, for openstack contribution..17:49
*** carl_baldwin has joined #openstack-dev17:50
holmsany lucky people in here who has this job :P?17:51
*** kushal has quit IRC17:51
*** kushal has joined #openstack-dev17:51
*** SumitNaiksatam has quit IRC17:51
*** ffio has quit IRC17:51
*** ffio_ has joined #openstack-dev17:51
*** ruhe has quit IRC17:52
*** SumitNaiksatam has joined #openstack-dev17:53
*** cthulhup has quit IRC17:56
dolphmmorganfainberg: no? :(17:56
dolphmayoung: and yes17:56
*** athomas has quit IRC17:57
dolphmmorganfainberg: fixing17:57
*** eharney has quit IRC17:57
*** athomas has joined #openstack-dev17:57
*** eharney has joined #openstack-dev17:59
*** eharney has quit IRC17:59
*** eharney has joined #openstack-dev17:59
*** morganfainberg is now known as morganfainberg|a17:59
*** athomas has quit IRC17:59
*** dkehn_ has quit IRC18:02
dolphmmorganfainberg|a: updated, and also fixed a merge conflict with the config changes18:02
*** briancurtin has quit IRC18:03
*** dkehn has joined #openstack-dev18:03
*** jasdeepH has joined #openstack-dev18:05
*** nick_long has quit IRC18:05
*** jbresnah has quit IRC18:07
*** dolphm has quit IRC18:08
*** _TheDodd_ has quit IRC18:12
*** anniec has joined #openstack-dev18:13
*** jergerber has quit IRC18:13
*** morganfainberg|a is now known as morganfainberg18:15
*** Mandell has quit IRC18:16
*** jtomasek has quit IRC18:18
*** dmakogon_ has joined #openstack-dev18:18
*** jtomasek has joined #openstack-dev18:18
*** nachi has left #openstack-dev18:19
dmakogon_hey, guys, we seeing bug in devstack, this bug failing gerrit build of dashboard18:19
*** freedomhui has quit IRC18:20
*** kbrierly has joined #openstack-dev18:20
*** dina_belova has joined #openstack-dev18:21
*** sarob has quit IRC18:23
*** diogogmt has joined #openstack-dev18:23
*** sarob has joined #openstack-dev18:23
*** mkollaro has quit IRC18:24
*** dina_belova has quit IRC18:25
*** sarob has quit IRC18:28
*** jayg|g0n3 is now known as jayg18:28
*** briancurtin has joined #openstack-dev18:31
*** dina_belova has joined #openstack-dev18:31
*** jasdeepH has quit IRC18:34
*** sdake_ has quit IRC18:35
*** dina_belova has quit IRC18:36
*** aelkikhia has quit IRC18:39
*** SergeyLukjanov has joined #openstack-dev18:40
*** nubbie has quit IRC18:41
*** vkmc has quit IRC18:42
*** ffio_ has quit IRC18:43
*** Mandell has joined #openstack-dev18:46
*** Alexei_987 has quit IRC18:47
*** jasdeepH has joined #openstack-dev18:47
*** tjones has quit IRC18:50
*** sarob has joined #openstack-dev18:51
*** nachi has joined #openstack-dev18:51
nachihenrynash: ping18:53
*** openstackstatus has quit IRC18:53
*** bdpayne has quit IRC18:54
nachiayoung: ping18:54
*** bdpayne has joined #openstack-dev18:55
*** networkstatic has quit IRC18:56
*** donaldh has joined #openstack-dev18:58
nachihenrynash, ayoung: I am trying to update the keystone/common/config.py for registering a new auth plugin. I found https://github.com/openstack/keystone/blob/master/keystone/common/config.py#L220 is incorrect. The code tries to register default value for password plugin as keystone.auth.plugins.token.Token. Is this correct?19:00
*** dina_belova has joined #openstack-dev19:01
*** salv-orlando has quit IRC19:01
*** yolanda has quit IRC19:06
*** cthulhup has joined #openstack-dev19:07
*** aeperezt has quit IRC19:08
*** aeperezt has joined #openstack-dev19:10
*** dstanek has joined #openstack-dev19:11
*** cthulhup has quit IRC19:12
*** noslzzp has quit IRC19:12
*** sandywalsh has quit IRC19:14
morganfainbergnachi: it looks like token and password are inverted19:17
nachimorganfainberg: ok.19:17
morganfainbergnachi: if you look at the https://github.com/openstack/keystone/blob/master/keystone/common/config.py#L222 it tries to use Password for token19:18
morganfainbergi don't know if this actually would cause problems on the back end, but it definitely looks "off"19:18
nachimorganfainberg: yes. I will change it. thanks for checking for me19:19
ayoungyeah, that looks reversed.  Bet I did that.19:19
*** donaldh has quit IRC19:20
morganfainbergnachi: sure thing.19:20
ayoungactually, It might have been henrynash that did that19:20
ayoungbut still my fault19:21
ayoungnope, was there before me...lets see19:22
nachiayoung: i think gyee added like that19:22
*** adjohn has joined #openstack-dev19:23
ayoungnachi, yes he did19:24
ayoungnachi, in commit 9f81293919:24
nachiayoung: ok.19:24
ayoungnachi, he owes you a beer, or your beverage of choise19:24
ayoungchoice19:24
ayoungnachi, you coming to Hong Kong?19:24
nachia beer would be nice19:24
*** vipul is now known as vipul-away19:24
*** dprince has quit IRC19:25
henrynashnachi: looks like those two lines are swapped?19:25
ayoungnachi, please file that as a bug.  Ping me and I'll set it as confirmed19:25
nachiayoung: ok19:26
*** sandywalsh has joined #openstack-dev19:26
*** vipul-away is now known as vipul19:26
*** colinmcnamara has quit IRC19:28
henrynashnachi: no, I think it was always like that…I (and young) just converted it to the new format19:30
*** adjohn_ has joined #openstack-dev19:30
henrynashnachi: if you want to raise it and assign to me, happy to fix19:31
*** novas0x2a|laptop has joined #openstack-dev19:32
*** henrynash has quit IRC19:32
*** adjohn has quit IRC19:32
nachihenrynash: OK. https://bugs.launchpad.net/keystone/+bug/121321619:32
uvirtbotLaunchpad bug 1213216 in keystone "Default values of token and password are inverted in the code keystone/common/config.py " [Undecided,New]19:32
*** dolphm has joined #openstack-dev19:33
*** alexb_ has quit IRC19:33
*** lexinator has quit IRC19:35
*** alexb_ has joined #openstack-dev19:36
*** herndon has joined #openstack-dev19:41
*** adjohn_ has quit IRC19:43
ttxayoung, dolphm: I don't think there was consensus around having unsupported "experimental features" in stable/supported branches19:44
dolphmttx: i wanted to follow up with you -- is there any precedent in the release process for that?19:44
ttxat least not until there is a code framework do make all sorts of bells and whistles go off if you do19:44
ttxdolphm: not that I know of19:45
ttxThe past "experimental features" were fully suppored19:45
ttxsupported*19:45
ttxyou were just discouraged (by various means, including setting the default off) to use them19:45
ttxbut if a security issue is found in them we'd still have to fix it19:46
*** vipul is now known as vipul-away19:46
ttxdolphm: "feature branches" are what we have for unsupported code19:46
*** zul has quit IRC19:47
ttxso the kds could be landed now in a feature branch if that makes maintaining the future master landing easier19:47
dolphmttx: i doubt ayoung / simo would be satisfied with that19:48
dolphmttx: but i find "experimental" to be a completely meaningless weasel word19:48
dolphmttx: especially when it means backporting private security fixes to a stable branch, anyway19:49
ttxdolphm: I see no point in having this in keystone, unused, but still having to maintain it with security patches.19:49
dolphmttx: agree19:49
ttxmuch better to highlight it as a feature that everyone would use by the end of Icehouse19:49
*** shardy is now known as shardy_afk19:50
ttxby landing it early in the cycle, people can talk about integration at the design summit and actually complete it within the cycle19:50
*** noslzzp has joined #openstack-dev19:50
*** tmclaugh[work] has quit IRC19:51
*** psedlak has joined #openstack-dev19:52
*** bswartz has quit IRC19:54
*** jruzicka has quit IRC19:55
*** noslzzp has quit IRC19:55
*** dolphm has quit IRC19:56
*** vipul-away is now known as vipul19:57
*** dolphm has joined #openstack-dev19:59
*** drewlander has quit IRC20:00
*** MIDENN_ has joined #openstack-dev20:01
*** anniec has quit IRC20:01
*** henrynash has joined #openstack-dev20:02
*** alop has quit IRC20:04
*** anniec has joined #openstack-dev20:04
*** otherwiseguy has quit IRC20:04
*** lcheng has quit IRC20:04
*** mdenny has quit IRC20:04
*** vaml has joined #openstack-dev20:05
*** lcheng has joined #openstack-dev20:05
*** henrynash has quit IRC20:05
*** kushal has quit IRC20:06
*** jdurgin has quit IRC20:06
stevemar-afkdolphm: classic dolph, over-writing my changes20:07
*** stevemar-afk is now known as stevemar20:07
*** alop has joined #openstack-dev20:07
*** galstrom is now known as galstrom_zzz20:08
*** gyee has joined #openstack-dev20:08
*** psedlak has quit IRC20:08
*** jdurgin has joined #openstack-dev20:09
*** cococafe has quit IRC20:09
*** tjones has joined #openstack-dev20:11
*** bswartz has joined #openstack-dev20:13
*** adjohn has joined #openstack-dev20:14
*** xBsd has quit IRC20:14
morganfainbergstevemar: i don't think there is anything else i can add to the oauth stuff, doing one more pass, but i wont approve so ayoung can review it if he wants.20:16
stevemarmorganfainberg: m'alrighty20:16
*** sarob has quit IRC20:17
stevemarayoung: pressure is on20:17
ayoungmorganfainberg, looking now20:17
morganfainbergayoung: cool.20:17
*** nayward has quit IRC20:17
*** sarob has joined #openstack-dev20:17
morganfainbergooh henrynash's change went in.  nice.20:18
*** krtaylor has joined #openstack-dev20:18
ayoung64.  stevemar you may now have the record.  Let me check20:19
stevemarayoung: i do, yours was 5920:19
ayoungYes it was.  Well done.20:20
ayoungstevemar, however, in mine, the tests were in a second review, so you really should count the two together... roughly 12020:21
*** gordc has joined #openstack-dev20:21
stevemarayoung: yowza20:21
morganfainbergayoung: wow.20:21
morganfainbergayoung: thats a lot of patchsets.20:22
ayoungstevemar, https://review.openstack.org/#/c/23057/20:22
stevemarayoung: i imagine finding out the initial token revocation rules was not fun20:22
ayoungActually, 9420:22
ayoung35 for the tests20:22
ayoungso you can still make it20:23
stevemari was hoping to tie you at 59 :)20:23
*** jbresnah has joined #openstack-dev20:24
morganfainbergstevemar: looks good to me.20:25
stevemarwoo hoo20:25
stevemar2 outta 320:25
*** vkmc has joined #openstack-dev20:25
stevemarayoung: your turn20:25
stevemarayoung: c'mon, let me have a relaxing weekend :) (just kidding)20:26
*** macjack has quit IRC20:26
morganfainbergstevemar: oh.. if this means you get to relax this weekend… maybe i should find something for you to fix :P20:26
stevemarmorganfainberg: no take backs!20:26
stevemarschool yard rules20:26
stevemarmorganfainberg: i forget... i know we can review WIP patches, but should we?20:28
*** boden has quit IRC20:28
*** lexinator has joined #openstack-dev20:28
morganfainbergstevemar: my view on that is if it is something you've been asked to look at, sure.  but likely, i'd ask the person in irc.20:29
stevemarmorganfainberg: good call20:29
morganfainbergstevemar: WIP and Draft aren't going to merge for the most part w/o a subsequent patchset.20:29
stevemaryeah20:29
*** lexinator1 has joined #openstack-dev20:31
*** lexinator1 has quit IRC20:31
*** lexinator1 has joined #openstack-dev20:32
*** dolphm has quit IRC20:32
*** woodspa__ is now known as woodspa20:34
*** lexinator has quit IRC20:35
*** jonesld has quit IRC20:35
*** sdake_ has joined #openstack-dev20:36
*** sdake_ has quit IRC20:36
*** sdake_ has joined #openstack-dev20:36
*** sdake_ has quit IRC20:36
*** sdake_ has joined #openstack-dev20:36
stevemarlbragstad: for https://review.openstack.org/#/c/41970/3 you went back to sending notifications in the controller?20:37
*** otherwiseguy has joined #openstack-dev20:37
*** xBsd has joined #openstack-dev20:39
ayoungstevemar, so, I have to admit that I am working on something that I think is slightly higher priority first...but I'll try to get to oauth  shortly20:41
*** sarob has quit IRC20:42
stevemarayoung: that's cool20:42
morganfainbergayoung: i put a +2 on it, with a note i was holding on approval, should i just make that a +1 so no one gets to it before you?20:42
morganfainbergjust was thinking about that and it prob. makes sense to make that a +1 instead.20:43
morganfainbergstevemar: ok, well, i +1'd it ;)20:45
*** rods has quit IRC20:45
*** SumitNaiksatam has quit IRC20:47
*** jonesld has joined #openstack-dev20:47
roaetany thoughts of devstack on ubuntu 13.10?20:48
*** msmedved has quit IRC20:49
*** pabelanger has joined #openstack-dev20:49
*** salv-orlando has joined #openstack-dev20:50
*** msmedved has joined #openstack-dev20:50
*** rfolco has quit IRC20:53
*** msmedved has quit IRC20:53
*** jonesld has quit IRC20:54
*** alop has quit IRC20:54
*** ajyounge has quit IRC20:55
*** ajyounge has joined #openstack-dev20:56
*** litong has quit IRC20:59
ayoungmorganfainberg, +2 is fine.  If another core wants to put their name on the final approval, I'm OK with that.  Just not going to do it without one last look21:03
annegentleon a devstack install, should I get a service catalog back?21:03
ayoungannegentle, only if you ask for it21:03
annegentlemine's empty on a /tokens/ call. Howcome?21:04
ayoungannegentle, do you have anything in the database?21:04
*** SumitNaiksatam has joined #openstack-dev21:04
ayoungCould be a bad install21:04
annegentleayoung: does devstack do a database or a file catalog?21:04
ayoungannegentle, db21:04
annegentleayoung: yeah I'm sure it's a drifted install at this point so I can just redo21:04
*** jasondotstar has quit IRC21:04
annegentleayoung: just making sure21:04
*** mrodden has quit IRC21:04
lbragstadstevemar: yeah, for now.. I responded with my reasoning here: https://review.openstack.org/#/c/41970/1/keystone/identity/controllers.py21:05
ayounglbragstad, what do you need from context?21:05
*** carl_baldwin has quit IRC21:05
ayoungWe dropped context as it was never used.  I would prefer to pass in an explicit value that is fetched from context.  We were doing contexts of {} all over the place.21:06
ayoungtwas dumb21:06
stevemarayoung: notifications frameworks just needs it apparently21:06
lbragstadayoung: it is required by the notifier API in Oslo https://github.com/openstack/oslo-incubator/blob/master/openstack/common/notifier/api.py#L9521:06
ayounglbragstad, stevemar, that is not an answer21:06
ayoungthat is like  abuse...passed on from generation to generation21:07
*** donaldh has joined #openstack-dev21:07
mordredayoung: we're caling them project and not tenants now right?21:07
*** sdake has quit IRC21:07
stevemarmordred: yep21:07
ayoungmordred, yeah, they never really were tenants21:07
*** sdake has joined #openstack-dev21:07
*** sdake has quit IRC21:07
*** sdake has joined #openstack-dev21:07
mordredayoung: then why did we call them tenants?21:08
ayoungmordred, I think it was optimism21:08
mordredheh21:08
mordredwhat if we just called them julia?21:08
ayoungthey were going for multitenancy, but never quite got the implementation to match the real req21:08
stevemarromeo wouldn't be happy21:08
mordredstevemar: well, he's dead, so nyeh21:08
mordred:)21:08
jgriffithdtroyer: around?21:08
ayoungstevemar, I think he means Julia Child21:08
stevemarayoung: how could you know that :P21:09
ayoungstevemar, I work on OpenStack.  OpenStack is used by the NSA....draw your own conclusions21:09
stevemarayoung: haha, well done sir, well done.21:10
ayoungstevemar, so I see driver.notify(context, msg)21:10
stevemarayoung: yeah, i was writing out that reason, but got distracted21:10
lbragstadhttps://github.com/openstack/oslo-incubator/blob/master/openstack/common/notifier/api.py#L14321:10
ayoung if not context:21:10
ayoung        context = req_context.get_admin_context()21:10
*** changbl has quit IRC21:11
ayoungwhat does it actually need out of the context?21:11
ayounghttps://github.com/openstack/oslo-incubator/blob/master/openstack/common/notifier/log_notifier.py21:11
ayoungnothing there21:11
ayoungrpc.notify(context, topic, message)21:12
lbragstadhttps://github.com/openstack/oslo-incubator/blob/master/openstack/common/rpc/impl_kombu.py#L85221:12
*** flaperboon is now known as flaper87|afk21:12
lbragstadwhich leads into: https://github.com/openstack/oslo-incubator/blob/master/openstack/common/rpc/amqp.py#L60221:13
ayounghttps://github.com/openstack/oslo-incubator/blob/master/openstack/common/rpc/__init__.py#L22621:13
ayounghttps://github.com/openstack/oslo-incubator/blob/master/openstack/common/rpc/amqp.py#L29421:13
lbragstadyep21:14
*** adalbas has quit IRC21:14
dtroyerjgriffith: yeah, lost in a sea of IRC tabs...21:14
ayounglbragstad, um, don't send that21:14
ayoungcontext = {}21:14
*** grepory has quit IRC21:14
lbragstadjust hand it an empty context?21:14
ayoungyou are going to be sending the whole http request context on each log message?21:15
jgriffithdtroyer: haha21:15
ayounglbragstad for this kind of notification, I think so21:15
jgriffithdtroyer: what's the secret to getting unstack.sh/stack.sh to work again?21:15
ayounglbragstad this is in addition to the actual message, no?21:15
jgriffithdtroyer: I've learned that I pretty much need to delete /opt/stack and reclone21:15
lbragstadyeah. everything else specific to the resource being modified should be in the payload21:15
dtroyerjgriffith: cross your toes and put one hand in the air21:16
lbragstadbuilt independently from the context21:16
ayounglbragstad then, yes, empty context.21:16
jgriffithdtroyer: Ha!21:16
dtroyerjgriffith: or try adding RECLONE=yes to localrc21:16
lbragstadayoung: cool, I'll respin that21:16
stevemarlbragstad, do as the man says21:16
jgriffithdtroyer: indeed, doing that but now hitting: http://paste.openstack.org/show/44351/21:16
lbragstadayoung: stevemar thanks guys21:16
ayoungNP21:16
jgriffithdtroyer: err... wait, not adding reclone to localrc but deleting /opt/stack should essential be equivalent no?21:16
jgriffithdtroyer: even doing 'rm -rf devstack' and reclone still getting htis21:17
*** colinmcnamara has joined #openstack-dev21:17
dtroyerjgriffith: RECLONE only affects the repos, deleting /opt/stack cleans out /opt/stack/data and friends.  sounds like something in unstack isn't removing something that needs to be removed.21:17
dtroyerjgriffith: try ./clean.sh though21:18
*** vkmc has quit IRC21:18
jgriffithdtroyer: bummer... was hoping you'd say "oh yeah.. just do this" :)21:18
*** mrodden has joined #openstack-dev21:18
dtroyerjgriffith: it calls unstack.sh then gets all ruthless on things like rabbitmq and other stuff…it might get the data dirs you need21:18
jgriffithdtroyer: k, I'll keep messing with it, if I figure anything out you'll be one of the first to hear ;)21:18
jgriffithdtroyer: trying now21:18
dtroyerjgriffith: I haven't seen that particular error, but it reeks of a cert cache dir not getting cleaned out or overwritten as it should21:19
jgriffithdtroyer: oh.. indeed, that's a bit more in depth21:19
dtroyerjgriffith: I'm not too familiar with the accrc bits21:19
*** donaldh has quit IRC21:19
jgriffithdtroyer: yeah, I tried tracing through *where* those end up living but no luck21:20
jgriffithdtroyer: ok, well, trying w/ clean.sh now... maybe I'll get lucky :)21:20
*** radez is now known as radez_g0n321:20
*** rods has joined #openstack-dev21:22
*** dina_belova has quit IRC21:25
*** adjohn has quit IRC21:25
*** adjohn has joined #openstack-dev21:25
*** Aj0 has joined #openstack-dev21:28
*** rwsu has quit IRC21:29
*** adalbas has joined #openstack-dev21:29
*** rwsu has joined #openstack-dev21:33
*** anniec has quit IRC21:36
*** anniec has joined #openstack-dev21:37
*** adalbas has quit IRC21:38
*** hemanth has joined #openstack-dev21:40
*** hemanth has quit IRC21:40
*** markwash has joined #openstack-dev21:43
*** spzala has quit IRC21:47
*** mdomsch has quit IRC21:52
*** jrgcombr has quit IRC21:53
*** jrgcombr has joined #openstack-dev21:53
*** eharney has quit IRC21:55
*** esheffield has quit IRC21:55
*** ms_brown has quit IRC21:57
*** egallen has joined #openstack-dev22:03
*** ftcjeff has quit IRC22:04
*** bknudson has quit IRC22:06
*** kbringard has quit IRC22:07
*** aeperezt has quit IRC22:08
*** jv__ has joined #openstack-dev22:09
*** jv__ has quit IRC22:10
*** gordc has quit IRC22:11
*** woodspa has quit IRC22:12
*** jtomasek has quit IRC22:13
*** neelashah has quit IRC22:14
*** kbrierly has quit IRC22:15
*** blamar has joined #openstack-dev22:16
*** rharwood has quit IRC22:19
*** jvrbanac has quit IRC22:20
*** SergeyLukjanov has quit IRC22:25
*** dina_belova has joined #openstack-dev22:25
*** jimfehlig has quit IRC22:25
*** blamar has quit IRC22:25
*** sarob has joined #openstack-dev22:28
*** jmontemayor has quit IRC22:28
*** sarob has quit IRC22:28
*** anniec has quit IRC22:28
*** sarob has joined #openstack-dev22:29
*** dina_belova has quit IRC22:30
*** wu_wenxiang has joined #openstack-dev22:33
*** stevemar has quit IRC22:34
*** rcleere has quit IRC22:35
*** wu_wenxiang has quit IRC22:35
*** dina_belova has joined #openstack-dev22:36
*** alunch has quit IRC22:36
*** moted has quit IRC22:38
*** moted has joined #openstack-dev22:39
*** dina_belova has quit IRC22:40
*** FunnyLookinHat has quit IRC22:45
*** sudorandom has quit IRC22:45
*** anniec has joined #openstack-dev22:48
*** pmathews has quit IRC22:49
*** xBsd has quit IRC22:54
*** Mandell has quit IRC22:55
*** Mandell has joined #openstack-dev22:55
*** edmund has quit IRC22:55
*** rnirmal has quit IRC22:56
*** nati_uen_ has joined #openstack-dev22:56
*** jasdeepH has quit IRC22:57
*** rods has quit IRC22:57
*** eharney has joined #openstack-dev22:57
*** eharney has quit IRC22:57
*** eharney has joined #openstack-dev22:57
*** fabio__ has quit IRC22:58
*** nati_ueno has quit IRC22:59
*** jasdeepH has joined #openstack-dev23:02
*** vaml has quit IRC23:04
*** jasondotstar has joined #openstack-dev23:04
*** stevemar has joined #openstack-dev23:06
*** fabio has joined #openstack-dev23:06
*** datsun180b has quit IRC23:06
*** fabio has quit IRC23:06
*** stevemar has quit IRC23:11
*** herndon has quit IRC23:11
*** zul has joined #openstack-dev23:16
*** gyee has quit IRC23:16
*** vladimir3p has joined #openstack-dev23:19
*** colinmcnamara has quit IRC23:21
*** tjones has quit IRC23:23
*** alexxu has joined #openstack-dev23:25
*** colinmcnamara has joined #openstack-dev23:26
*** pcm_ has quit IRC23:30
*** otherwiseguy has quit IRC23:30
*** jasdeepH has quit IRC23:31
*** danwent has quit IRC23:32
*** alunch has joined #openstack-dev23:32
*** tjones has joined #openstack-dev23:32
*** dstanek has quit IRC23:33
*** pcm_ has joined #openstack-dev23:34
*** pcm_ has quit IRC23:34
*** diogogmt has quit IRC23:35
*** alexb_ has quit IRC23:36
*** dina_belova has joined #openstack-dev23:36
*** alunch has quit IRC23:37
*** vipul is now known as vipul-away23:38
*** terryh has quit IRC23:41
*** dina_belova has quit IRC23:41
*** alunch has joined #openstack-dev23:43
*** vipul-away is now known as vipul23:53
*** Aj0 has quit IRC23:53
*** anniec has quit IRC23:56
*** anniec has joined #openstack-dev23:59
« Thursday, 2013-08-15 Index Saturday, 2013-08-17 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!