| *** mat_fechner is now known as matfechner | 04:58 | |
| *** tkajinam|off is now known as tkajinam | 05:48 | |
| rpittau | good morning ironic! o/ | 07:37 |
|---|---|---|
| kubajj | good morning rpittau | 07:50 |
| rpittau | hey kubajj :) | 07:50 |
| opendevreview | Merged openstack/sushy stable/yoga: Do not send compression as acceptable encoding https://review.opendev.org/c/openstack/sushy/+/853431 | 09:49 |
| opendevreview | Merged openstack/sushy stable/xena: Do not send compression as acceptable encoding https://review.opendev.org/c/openstack/sushy/+/853432 | 09:53 |
| opendevreview | Ke Niu proposed openstack/ironic-lib master: remove unicode prefix from code https://review.opendev.org/c/openstack/ironic-lib/+/854151 | 10:27 |
| iurygregory | good morning Ironic | 11:27 |
| opendevreview | Iury Gregory Melo Ferreira proposed openstack/ironic-lib master: Drop lower-constraints.txt and its testing https://review.opendev.org/c/openstack/ironic-lib/+/844666 | 11:30 |
| opendevreview | Ke Niu proposed openstack/ironic-python-agent master: remove unicode prefix from code https://review.opendev.org/c/openstack/ironic-python-agent/+/854160 | 11:42 |
| opendevreview | Ke Niu proposed openstack/ironic-python-agent master: remove unicode prefix from code https://review.opendev.org/c/openstack/ironic-python-agent/+/854160 | 11:44 |
| iurygregory | ironic-cores, thoughts on already creating stable/zed for the non-clients ? (since we will be doing the final release I think we can just go ahead and create the branch...) - metalsmith, sushy, ironic-lib =) | 11:56 |
| dtantsur | TheJulia: do I want to know which sorts of things? :) | 12:35 |
| dtantsur | iurygregory: we can or we can wait for the release team to do it | 12:35 |
| dtantsur | the key part is having the final releases | 12:35 |
| dtantsur | ajya: would you be okay with a follow-up on https://review.opendev.org/c/openstack/sushy/+/851023 ? I'd like to get it in the release, but absolutely no time to address the comment | 12:36 |
| ajya | dtantsur: ok | 12:51 |
| iurygregory | dtantsur, ack =) | 13:08 |
| opendevreview | Iury Gregory Melo Ferreira proposed openstack/metalsmith master: [DNM] Testing CI before Zed release https://review.opendev.org/c/openstack/metalsmith/+/854182 | 13:09 |
| TheJulia | dtantsur: I'm confused | 13:27 |
| TheJulia | but I also didn't sleep well | 13:27 |
| dtantsur | re mboot and horrible things it does | 13:27 |
| dtantsur | good (?) morning | 13:27 |
| TheJulia | oh, no. You don't want to know | 13:31 |
| * TheJulia needs coffee. Lots of coffee | 13:32 | |
| iurygregory | I don't think only coffee will help if we want to talk about the horrible things :D | 13:33 |
| iurygregory | good morning TheJulia | 13:33 |
| TheJulia | I really don't want we want to talk of horrors | 13:33 |
| iurygregory | dtantsur, going to push the follow-up with the unit tests for https://review.opendev.org/c/openstack/sushy/+/851023 o/ | 13:33 |
| dtantsur | iurygregory: is it a question or an offer? :) if the latter, thank you | 13:47 |
| iurygregory | offer =) | 13:47 |
| iurygregory | working on it | 13:47 |
| dtantsur | nice of you! | 13:47 |
| opendevreview | Merged openstack/sushy master: Better logging when registries are not available https://review.opendev.org/c/openstack/sushy/+/851023 | 13:56 |
| * TheJulia does the anaconda test has a +1 from zuul dance | 14:10 | |
| TheJulia | fyi folks, I'm going to be on PTO from Friday, returning Thursday. | 14:34 |
| dtantsur | enjoy! (I hope it's an enjoyable kind of PTO) | 14:38 |
| TheJulia | eh, some of it I'll likely just sleep in | 14:40 |
| TheJulia | Tuesday/Wednesday will be prep and trade-in of the dark bus | 14:40 |
| rpittau | TheJulia: enjoy! :) | 14:46 |
| kubajj | Hi, I have a question about the zuul ironic standalone ipa test. I changed the command that creates the RAID devices and now I am failing the test on test_software_raid https://zuul.opendev.org/t/openstack/build/f3dde69516a64fc1850b8536d522bafc | 15:10 |
| kubajj | I looked into the code of the test, but I am struggling to figure out how it works | 15:10 |
| kubajj | Any hints? | 15:10 |
| iurygregory | dtantsur, I think we forgot something when we dropped netboot... https://review.opendev.org/c/openstack/metalsmith/+/854182 :D | 15:31 |
| * iurygregory brb lunch time | 15:32 | |
| dtantsur | I was quite sure I fixed that... meh | 15:34 |
| rpittau | bye everyone, see you tomorrow! o/ | 15:48 |
| opendevreview | Dmitry Tantsur proposed openstack/metalsmith master: Deprecate instance network boot https://review.opendev.org/c/openstack/metalsmith/+/854239 | 15:59 |
| dtantsur | iurygregory: ^^ | 15:59 |
| dtantsur | may need tweaking around the cirros image | 15:59 |
| TheJulia | dtantsur: fyi, I revised https://review.opendev.org/c/openstack/ironic/+/850259 based upon your feedbac, so it should be a quick review | 16:15 |
| dtantsur | TheJulia: lgtm, but a question inline before I approve | 16:21 |
| JayF | TheJulia: if you wanna fix those typos, I'm here too and will happily apply a re-approval | 16:24 |
| JayF | dtantsur: most of that was based on my feedback requesting we hash+salt that password if it's going into ram | 16:25 |
| JayF | dtantsur: given the number of "hypervisor escape vulns" and side-channel "read memory" style attacks, I think it's reasonable to harden where we can | 16:25 |
| dtantsur | JayF: not when we have plan text values next to it... | 16:26 |
| dtantsur | and in the database | 16:26 |
| JayF | I agree with you that this data is accessible at the same level in other places. I do not agree that we should accept that as good enough and should improve stuff like that as we go. | 16:27 |
| JayF | Frankly, if we were implementing it today I'd find it tough to keep our current model of plaintext passwords in the DB, but that ship has sailed | 16:27 |
| JayF | this ship has not yet sailed :) | 16:27 |
| dtantsur | JayF: do you know how long the 500000 rounds will take? | 16:28 |
| JayF | I have no objection whatsoever to going <500k rounds | 16:28 |
| TheJulia | JayF: have I shared allison randall's summit talk? | 16:28 |
| dtantsur | we're a single process. a power cycle loop over 1500 nodes should not take additional seconds. | 16:28 |
| JayF | TheJulia: no, would be interested to see it | 16:28 |
| TheJulia | nor do I, I just grabbed the example | 16:28 |
| JayF | I mean, is there a compelling reason to do >1 round?> | 16:29 |
| TheJulia | so the salt is not entirely static | 16:29 |
| TheJulia | uhh.. brain where did brain go | 16:29 |
| JayF | if you're sha512'ing the whole thing at the end, I'm not sure there's value in separately hashing the salt | 16:30 |
| JayF | but bluntly not sure I'm crypto-smart enough to know that | 16:30 |
| TheJulia | https://www.youtube.com/watch?v=p2mQeF3gd2Q&t=115s <-- computers were a bad idea ;) | 16:30 |
| TheJulia | at least, predictive execution | 16:30 |
| dtantsur | btw predictable salt is also bad if we're strict :) | 16:30 |
| JayF | TheJulia: it's in my list, will probably look at it | 16:30 |
| JayF | dtantsur: my reason for asking for a salt was to avoid rainbow tables | 16:30 |
| JayF | dtantsur: specifically to avoid rainbow tables showing up with default password hashes | 16:31 |
| JayF | maybe that's a shallow threat model, but that's 100% where my mind was when asking for salt | 16:31 |
| dtantsur | I guess the securer way is to generate a random number on start up and mix it with redfish_address | 16:31 |
| TheJulia | and to be honest, I did think about it and thoguht it was a really valid point | 16:31 |
| JayF | "Man I don't want us to have SHA512 hashes that are calculated from 'password'" lol | 16:31 |
| dtantsur | but I'm nit-picking at this point :) | 16:31 |
| JayF | I agree we shouldn't overkill this, but making sure that people aren't caught with their default password exposed by a rainbow table is just polite lol | 16:32 |
| TheJulia | 2 rounds maybe ? ;) | 16:32 |
| dtantsur | I think even 1000 is still fine | 16:32 |
| * TheJulia goes back to $current_email | 16:33 | |
| dtantsur | see you tomorrow folks o/ | 16:34 |
| JayF | FYI, I started https://etherpad.opendev.org/p/JayFTODO where I'm tracking my upstream work. Starting out, I'm going to be focusing on helping get stable patches backported. If you want to get something on my radar, putting it on this etherpad in "INCOMING" is the best way to ensure I don't miss it. | 16:35 |
| TheJulia | <3 | 16:35 |
| JayF | once I get this flow going, I'll probably put a recurring meeting on my calendar to do bug triage too, but I need to raise my constitution first :P | 16:35 |
| TheJulia | ++ | 16:35 |
| TheJulia | sooooo many emails | 16:38 |
| JayF | I'm trying to grok bakcport order for our bugfix releases | 16:59 |
| JayF | it says that bugfix/19.0 was cut from yoga | 16:59 |
| JayF | does that mean you'd backport to yoga then to 19.0? or 19.0 then yoga? | 16:59 |
| iurygregory | JayF, correct stable/yoga first then bugfix/19.0 | 18:12 |
| JayF | iurygregory: so lines 8 -> 27 there are ordered properly? https://etherpad.opendev.org/p/JayFTODO | 18:17 |
| iurygregory | double checking | 18:18 |
| iurygregory | looks correct just missing bugfix/21.0 | 18:21 |
| JayF | then that is missing from the whiteboard | 18:26 |
| JayF | I added it, if you wanna check for correctness | 18:27 |
| iurygregory | yeah, we released last week | 18:42 |
| TheJulia | iurygregory: wrt ptg, I'm wondering if we should lift some additional items from the original ideas etherpad? | 20:44 |
| iurygregory | TheJulia, that makes sense | 23:15 |
| iurygregory | sorry, I was at the gym when you sent the message o/ | 23:16 |
| TheJulia | no worries | 23:33 |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!