Tuesday, 2017-08-01

« Monday, 2017-07-31 Index Wednesday, 2017-08-02 »
*** edmondsw has joined #openstack-keystone00:21
*** edmondsw has quit IRC00:25
*** ducttape_ has joined #openstack-keystone00:29
*** ducttap__ has joined #openstack-keystone00:30
*** ducttape_ has quit IRC00:30
*** ducttap__ has quit IRC00:34
*** harlowja has quit IRC00:38
*** zhurong has joined #openstack-keystone00:43
*** thorst_afk has joined #openstack-keystone00:46
*** Shunli has joined #openstack-keystone00:51
*** thorst_afk has quit IRC00:54
*** ducttape_ has joined #openstack-keystone00:58
*** ducttape_ has quit IRC01:03
*** ducttape_ has joined #openstack-keystone01:08
*** ducttape_ has quit IRC01:10
*** otleimat has quit IRC01:17
*** aojea has joined #openstack-keystone01:22
*** aojea has quit IRC01:26
*** ducttape_ has joined #openstack-keystone01:27
*** mjax has quit IRC01:28
*** thorst_afk has joined #openstack-keystone01:29
*** ducttape_ has quit IRC01:32
*** mjax has joined #openstack-keystone01:34
*** phalmos has quit IRC01:34
*** mjax has quit IRC01:36
*** thorst_afk has quit IRC01:38
*** thorst_afk has joined #openstack-keystone01:38
*** thorst_afk has quit IRC01:43
*** https_GK1wmSU has joined #openstack-keystone01:46
*** https_GK1wmSU has left #openstack-keystone01:47
*** mjax has joined #openstack-keystone01:52
*** mjax has quit IRC01:54
*** thorst_afk has joined #openstack-keystone01:55
*** thorst_afk has quit IRC01:55
*** rmascena has quit IRC01:58
*** aojea has joined #openstack-keystone02:07
*** thorst_afk has joined #openstack-keystone02:11
*** aojea has quit IRC02:12
*** phalmos has joined #openstack-keystone02:17
*** harlowja has joined #openstack-keystone02:22
*** ducttape_ has joined #openstack-keystone02:23
*** thorst_afk has quit IRC02:25
*** ducttape_ has quit IRC02:28
*** harlowja has quit IRC02:44
*** mjax has joined #openstack-keystone03:07
*** mjax has quit IRC03:09
*** lbragstad_ has joined #openstack-keystone03:14
*** lbragstad has quit IRC03:14
*** prashkre has joined #openstack-keystone03:38
*** harlowja has joined #openstack-keystone03:38
*** phalmos has quit IRC03:44
*** nicolasbock has joined #openstack-keystone03:45
*** ducttape_ has joined #openstack-keystone03:47
*** dave-mcc_ has quit IRC03:48
*** prashkre has quit IRC03:50
*** ducttape_ has quit IRC03:51
*** kbaegis has quit IRC03:59
*** phalmos has joined #openstack-keystone04:01
*** links has joined #openstack-keystone04:07
*** aselius has quit IRC04:18
*** thorst_afk has joined #openstack-keystone04:26
*** thorst_afk has quit IRC04:31
*** ducttape_ has joined #openstack-keystone04:48
*** ducttape_ has quit IRC04:53
*** harlowja has quit IRC05:10
*** ducttap__ has joined #openstack-keystone05:19
*** https___GK1wmSU has joined #openstack-keystone05:21
*** https__GK1wmSU has joined #openstack-keystone05:21
*** https___GK1wmSU has left #openstack-keystone05:23
*** https__GK1wmSU has left #openstack-keystone05:23
*** ducttap__ has quit IRC05:25
*** hoonetorg has quit IRC05:27
*** ducttape_ has joined #openstack-keystone05:30
*** ducttape_ has quit IRC05:35
*** hoonetorg has joined #openstack-keystone05:44
*** ducttape_ has joined #openstack-keystone05:46
*** ducttape_ has quit IRC05:51
*** harlowja has joined #openstack-keystone05:51
*** phalmos has quit IRC06:03
*** jaosorior has quit IRC06:05
*** tobberydberg has joined #openstack-keystone06:23
*** tobberydberg has quit IRC06:23
*** tobberydberg has joined #openstack-keystone06:24
*** jaosorior has joined #openstack-keystone06:24
*** prashkre has joined #openstack-keystone06:25
*** thorst_afk has joined #openstack-keystone06:28
*** thorst_afk has quit IRC06:32
*** ducttape_ has joined #openstack-keystone06:35
*** ducttape_ has quit IRC06:39
*** harlowja has quit IRC06:51
*** rcernin has joined #openstack-keystone06:55
*** rajalokan has joined #openstack-keystone07:01
*** Shunli has quit IRC07:03
*** Shunli has joined #openstack-keystone07:03
*** pcaruana has joined #openstack-keystone07:06
*** mjax has joined #openstack-keystone07:08
*** mjax has quit IRC07:09
openstackgerritOpenStack Proposal Bot proposed openstack/keystone master: Imported Translations from Zanata  https://review.openstack.org/48951307:39
*** kukacz has joined #openstack-keystone07:40
*** kukacz has quit IRC07:41
*** kukacz has joined #openstack-keystone07:41
*** ioggstream has joined #openstack-keystone07:43
*** rcernin has quit IRC07:48
*** rcernin has joined #openstack-keystone07:50
*** clarkb has quit IRC08:04
*** ducttape_ has joined #openstack-keystone08:16
*** aloga has quit IRC08:17
*** aloga has joined #openstack-keystone08:17
*** clarkb has joined #openstack-keystone08:18
*** ducttape_ has quit IRC08:20
*** thorst_afk has joined #openstack-keystone08:27
*** markvoelker has quit IRC08:30
*** rajalokan has quit IRC08:30
*** aojea has joined #openstack-keystone08:30
*** markvoelker has joined #openstack-keystone08:31
*** thorst_afk has quit IRC08:32
*** rajalokan has joined #openstack-keystone08:32
*** markvoelker has quit IRC08:35
*** ducttape_ has joined #openstack-keystone09:17
*** ducttap__ has joined #openstack-keystone09:20
*** ducttape_ has quit IRC09:21
*** ducttap__ has quit IRC09:24
*** Shunli has quit IRC09:30
*** __pyokan has joined #openstack-keystone09:57
*** rajalokan has quit IRC09:58
*** __pyokan is now known as rajalokan09:58
*** ducttape_ has joined #openstack-keystone10:20
*** ducttape_ has quit IRC10:25
*** thorst_afk has joined #openstack-keystone10:28
*** markvoelker has joined #openstack-keystone10:31
*** thorst_afk has quit IRC10:32
*** markvoelker has quit IRC11:05
*** edmondsw has joined #openstack-keystone11:09
*** edmondsw has quit IRC11:14
*** ducttape_ has joined #openstack-keystone11:26
*** markvoelker has joined #openstack-keystone11:30
*** ducttape_ has quit IRC11:30
*** ioggstream has quit IRC11:39
*** thorst_afk has joined #openstack-keystone11:40
*** efried has quit IRC11:40
*** efried has joined #openstack-keystone11:52
*** hoonetorg has quit IRC11:54
openstackgerritM V P Nitesh proposed openstack/keystone master: Added support for a ``description`` attribute for V3 Identity Roles  https://review.openstack.org/48434812:00
*** kukacz has quit IRC12:02
*** kukacz has joined #openstack-keystone12:03
*** hoonetorg has joined #openstack-keystone12:06
*** raildo has joined #openstack-keystone12:10
*** catintheroof has joined #openstack-keystone12:20
*** thorst_afk has quit IRC12:22
*** ioggstream has joined #openstack-keystone12:32
*** edmondsw has joined #openstack-keystone12:38
*** links has quit IRC12:40
mordredmorgan, efried: sorry was out yesterday - yes please, double-down on service-type12:42
mordredefried: and "service-type supplied in the conf" is a case we're trying to get away from12:44
mordredefried: setting non-standard service-type values is a thing we purposely want to make as hard as humanly possible, and in the fullness of time would prefer be impossible12:44
openstackgerritzhiguo.li proposed openstack/keystone master: Add two steps in part 'Configure the Apache HTTP server'  https://review.openstack.org/48958912:50
*** dave-mccowan has joined #openstack-keystone12:54
*** thorst_afk has joined #openstack-keystone12:57
openstackgerritzhiguo.li proposed openstack/keystone master: Add two steps in part 'Configure the Apache HTTP server'  https://review.openstack.org/48958913:00
*** kbaegis has joined #openstack-keystone13:01
openstackgerritzhiguo.li proposed openstack/keystone master: Add two steps in part 'Configure the Apache HTTP server'  https://review.openstack.org/48958913:02
openstackgerritzhiguo.li proposed openstack/keystone master: Add two steps in part 'Configure the Apache HTTP server'  https://review.openstack.org/48958913:06
*** kukacz has quit IRC13:06
*** kukacz has joined #openstack-keystone13:06
openstackgerritzhiguo.li proposed openstack/keystone master: Add two steps in part 'Configure the Apache HTTP server'  https://review.openstack.org/48958913:08
*** lucasxu has joined #openstack-keystone13:20
*** ducttape_ has joined #openstack-keystone13:22
*** ducttape_ has quit IRC13:25
*** ducttape_ has joined #openstack-keystone13:26
*** aojea has quit IRC13:29
*** aojea has joined #openstack-keystone13:29
*** ducttap__ has joined #openstack-keystone13:30
*** ducttape_ has quit IRC13:30
*** ducttap__ has quit IRC13:34
*** jmlowe has joined #openstack-keystone13:41
*** dstepanenko has joined #openstack-keystone13:54
*** rajalokan has quit IRC13:59
*** rajalokan has joined #openstack-keystone13:59
*** kukacz_ has joined #openstack-keystone14:00
*** kukacz__ has joined #openstack-keystone14:01
*** kukacz has quit IRC14:01
*** lbragstad_ is now known as lbragstad14:04
*** ChanServ sets mode: +o lbragstad14:04
*** kukacz_ has quit IRC14:05
*** kukacz__ has quit IRC14:08
*** ducttape_ has joined #openstack-keystone14:09
lbragstaddstepanenko: o/14:11
dstepanenkoyep :)14:11
lbragstaddstepanenko: looks like you have some new findings on https://bugs.launchpad.net/keystone/+bug/1701324 ?14:11
openstackLaunchpad bug 1701324 in OpenStack Identity (keystone) "Removing duplicated items doesn't work in case of federations" [Undecided,In progress] - Assigned to Dmitry Stepanenko (dstepanenko)14:11
dstepanenkoyes, I was able to reproduce this issue with duplication of roles14:11
prashkrelbragstad:samueldmq: Hi. Could you please review https://review.openstack.org/#/c/485302/ once again, I have proposed a new patch addressing all review comments.14:12
dstepanenkothere are 3 parts of code affected by the dirty code - domains, projects and roles14:12
dstepanenkoI was able to reproduce this issue for duplication of roles and added steps to repro to the comments of this bug14:13
lbragstaddstepanenko: i attempted to recreate this with unit tests for domains and projects but I couldn't14:13
lbragstadi didn't attempt recreating it with roles14:14
lbragstad(i wasn't aware of the case with roles at the time)14:14
dstepanenkosorry, this is my bad14:14
lbragstaddstepanenko: nothing to be sorry about14:14
dstepanenkothe thing is that initially I found this issue in roles duplication14:15
dstepanenkoI debuged it a bit and found out that the mechanism of removing duplications from the list of roles was wrong14:15
dstepanenkothen I looked through the commit where this code was added14:15
dstepanenkoand found out that the same mechanism also used for removing duplicated domains and projects14:16
dstepanenkoI added link to the commit where these changes were done14:16
dstepanenkoit's in bug description14:16
lbragstadhttps://review.openstack.org/#/c/284943/ ?14:16
dstepanenkoyes14:17
lbragstadsounds like we should be able to recreate this with a test then14:18
lbragstadthe original test that I modified trying to create this didn't exercise this case14:18
lbragstadi was trying to recreate this by having a federated user end up with role assignments on the same project14:18
lbragstadvia a group membership and a direct role assignment14:18
lbragstadbecause i wanted to verify that the duplicate project was being removed from the results14:19
lbragstadper the comment in code14:19
lbragstadbut I didn't attempt to do it with roles14:19
lbragstadso a test that:14:19
lbragstad- creates a federated user14:19
lbragstad- contains a mapping that puts the user in the 'admin' group on a 'demo' project14:20
lbragstad- creates a direct mapping giving the user the 'admin' role on the 'demo' project14:20
lbragstad- the user should authenticate and should see two duplicate roles in the response14:20
lbragstaddoes ^ that sound about right to recreate the issue?14:21
dstepanenkoyes, this sounds very similar to what I did14:22
dstepanenkoprobably this should do the trick14:23
lbragstaddstepanenko: ok - working on a test case locally14:25
*** lucasxu has quit IRC14:27
dstepanenkolbragstad: great!14:30
lbragstadrarora: o/14:34
lbragstadrarora: one thing i started thinking about with https://review.openstack.org/#/c/489297/ was to register a version object and associate it to the controller - which seems to be fine14:34
lbragstadbut we could leverage a callback for the actual version bits14:35
*** spilla has joined #openstack-keystone14:35
*** prashkre has quit IRC14:35
lbragstadsince the application determines the version automatically (since it has to inorder to wire up the proper controller), basing the version logic on the type of the controller seems to make the most sense14:36
lbragstad(at least to me, but I am willing to be convinced if there is a better way)14:36
lbragstadrarora: the thing i was going to try next was to put the version stuff into the common/controller.py code and then supply some sort of callback that the wsgi:Application object could call to get the version info when it needs it14:38
raroraright I agree that it makes the most sense I am just trying to figure out a way to do the callback that makes sense14:38
rarorawithout it ending up being the same kind of thing as before14:38
raroralbragstad: I am going to dig deeper into why getting to that version_object is failing right now sicne we are able to check isinstance(self, controller.V3Controller)14:44
*** dstepanenko has quit IRC14:45
*** dstepanenko has joined #openstack-keystone14:45
lbragstadrarora: i think it's because we specify another version object elsewhere in the code14:48
lbragstadrarora: so it could be bad naming on my part14:49
*** dstepanenko has quit IRC14:50
raroralbragstad: ok cool, I should have a "working" version up and running in a minute so I can debug a bit better14:50
lbragstadrarora: awesome14:50
lbragstadrarora: don't feel obligated to use what I wrote - i was more of less just looking for a way to associate the version information needed in Application to the controller in a way that made it easy to use14:51
raroralbragstad: ok sounds good, I think you have us on the right track14:52
*** josecastroleon has joined #openstack-keystone15:07
*** Guest76 has joined #openstack-keystone15:07
*** rcernin has quit IRC15:14
*** Guest76 has left #openstack-keystone15:15
*** dstepanenko has joined #openstack-keystone15:19
raroralbragstad: from the debugging it looks like the reason it fails currently is that self doesn't always refer to the same class15:21
lbragstadrarora: so it's expecting something to be a part of the class but isn't?15:22
*** pcaruana has quit IRC15:22
raroraif you do project list it is keystone.version.controllers.Version whereas if you do user list it is keystone.identity.controllers.UserV3 which is a subclass of controller.V3/V2Controller15:22
raroraso running openstack user list would work but project list would fail with an attribute error15:23
*** kbaegis has quit IRC15:24
*** kbaegis has joined #openstack-keystone15:24
*** aselius has joined #openstack-keystone15:26
raroralbragstad: so basically yeah what you said15:26
*** kbaegis1 has joined #openstack-keystone15:28
*** tobberyd_ has joined #openstack-keystone15:29
*** kbaegis has quit IRC15:31
*** dstepanenko has quit IRC15:32
*** tobberydberg has quit IRC15:33
*** kbaegis1 has quit IRC15:33
*** kbaegis has joined #openstack-keystone15:33
*** tobberyd_ has quit IRC15:34
*** kbaegis has quit IRC15:38
*** pcaruana has joined #openstack-keystone15:40
*** rmascena has joined #openstack-keystone15:40
*** kbaegis has joined #openstack-keystone15:40
*** raildo has quit IRC15:42
*** kbaegis has quit IRC15:47
*** rcernin has joined #openstack-keystone15:49
raroralbragstad: is the only case for not having the version in the url when we are asking for a list of all versions?15:53
raroraif so that kind of solves the problems and we can just use the url to parse the version out all the time15:53
lbragstadrarora: that seems like the only case to me15:55
lbragstadrarora: but there are cases where keystone runs without a version15:55
*** ducttape_ has quit IRC15:55
lbragstadrarora: like devstack for example15:55
lbragstadit's something like http://localhost/identity/15:55
raroraare version headers supposed to be in the response in that case?15:55
raroralbragstad: bc if not, then we don't have a problem15:56
*** lucasxu has joined #openstack-keystone16:04
raroralbragstad: also doesn't /identity/ just return the list of versions?16:04
*** ducttape_ has joined #openstack-keystone16:04
openstackgerritLance Bragstad proposed openstack/keystone master: Add test the exposes duplicate roles in token  https://review.openstack.org/48964716:09
lbragstadrarora: i want to say it might not?16:09
lbragstadrarora: i need to look at devstack - but i want to say there has been ongoing to work to run versionless16:09
rarorahmmmm16:09
*** links has joined #openstack-keystone16:12
lbragstadif there is anyone around looking to chase a super weird transient federation bug - check out https://review.openstack.org/#/c/489647/16:12
cmurphymost fun kind of bug16:14
lbragstadcmurphy: right?16:14
cmurphy:P16:14
lbragstadkinda reminds me of the time i debugged transient token revocation bugs across multiple versions of MySQL16:15
lbragstadthat took about 3 years off my life16:15
cmurphyewww >.<16:16
lbragstadhttps://twitter.com/LanceBragstad/status/75913413086085529616:17
openstackgerritGábor Antal proposed openstack/keystone master: Removed unnecessary setUp() calls from uinit tests  https://review.openstack.org/48965116:18
lbragstadstepping away to grab lunch quick16:18
gagehugolbragstad https://review.openstack.org/#/c/447139/16:22
gagehugodo we want to bump to pike?16:22
*** esp has joined #openstack-keystone16:22
openstackgerritGábor Antal proposed openstack/keystone master: Removed unnecessary setUp() calls from unit tests  https://review.openstack.org/48965116:24
openstackgerritGage Hugo proposed openstack/keystone master: Have project get domain_id from parent  https://review.openstack.org/48965516:31
*** dstepanenko has joined #openstack-keystone16:33
*** dstepanenko has quit IRC16:37
*** otleimat has joined #openstack-keystone16:48
*** mjax has joined #openstack-keystone16:49
*** ducttape_ has quit IRC16:55
*** pcaruana has quit IRC16:58
*** jistr is now known as jistr|afk17:00
openstackgerritGage Hugo proposed openstack/keystone master: Prep for is_admin_project for scoped operations  https://review.openstack.org/46267017:04
knikollao/17:10
*** ducttape_ has joined #openstack-keystone17:10
gagehugoo/17:14
*** ducttape_ has quit IRC17:15
*** kbaegis has joined #openstack-keystone17:17
*** rajalokan has quit IRC17:28
*** prashkre has joined #openstack-keystone17:31
*** dstepanenko has joined #openstack-keystone17:34
lbragstadgagehugo: sounds like that's what the security group advises?17:35
lbragstadbased on Luke's comment17:35
openstackgerritAbhishek Sharma M proposed openstack/pycadf master: Adding panko_api_audit_map.conf to pycadf  https://review.openstack.org/48968017:35
*** dstepanenko has quit IRC17:38
*** lucasxu has quit IRC17:41
*** gyee has joined #openstack-keystone17:41
openstackgerritLance Bragstad proposed openstack/keystone master: Add test the exposes duplicate roles in token  https://review.openstack.org/48964717:48
gagehugolbragstad yeah17:53
*** links has quit IRC17:57
*** markvoelker has quit IRC18:02
*** markvoelker has joined #openstack-keystone18:02
*** lucasxu has joined #openstack-keystone18:02
*** lucasxu has quit IRC18:02
openstackgerritGage Hugo proposed openstack/keystone-specs master: Update project-tags spec  https://review.openstack.org/48452918:12
openstackgerritGage Hugo proposed openstack/keystone-specs master: Move project-tags spec to backlog  https://review.openstack.org/48969618:13
*** EmilienM is now known as emacchi18:14
*** emacchi is now known as EmilienM18:14
*** ioggstream has quit IRC18:14
edmondswlbragstad you'll want to read the comment I just added to https://bugs.launchpad.net/keystone/+bug/169630818:21
openstackLaunchpad bug 1696308 in OpenStack Identity (keystone) "list revoked tokens API returns 500 when pki_setup is not run" [Wishlist,Triaged] - Assigned to Nisha Yadav (ynisha11)18:21
lbragstadedmondsw: noted - i'll catch up18:21
*** ducttape_ has joined #openstack-keystone18:23
*** jistr|afk is now known as jistr18:34
*** dstepanenko has joined #openstack-keystone18:34
*** dstepanenko has quit IRC18:39
*** spilla has quit IRC18:44
mjaxHi lbragstad, I talked with you the other day, and it looks like my team wants to move forward with writing the provider/trust driver/middleware auth for keystone. I am going to start with working on the external token provider and was wondering a couple things: 1. Are there any config files that I need to change other than keystone.conf in order t18:47
mjaxo recognize the athens token? 2. I'm working on a devstack instance, is there an easy way to restart the keystone services to test changes that I make? 3. Which unit tests should I be especially concerned about to make sure my implementation doesn't break anything? 4. other than making a athens.py in the tokens/providers/ folder, are there any othe18:47
mjaxr files that are relevant to the provider? 5. What is the difference between a credential and a token, since I saw that the credentials have a fernet folder in it as well18:47
lbragstad1.) nope, the main config your going to be concerned with is `keystone.conf [token] provider`18:48
lbragstadbut you also have to expose the entry to keystone in a way that it can find it18:49
lbragstadsee setup.cfg if you need examples on how to do this18:49
mjaxperfect, just what I was looking for. I'll take a look at that18:49
lbragstad2.) if you're using devstack, you should be able to restart keystone using apache or uwsgi18:49
lbragstad3.) there are a lot of unit tests in keystone/tests/unit/test_v3_auth.py and keystone/tests/unit/test_auth.py18:50
lbragstadthose ^ test modules handle a lot of the token flows18:50
lbragstadkeystone/tests/unit/token/18:51
lbragstadcontains unit tests for each of the providers specifically18:51
mjaxcool, got it18:51
lbragstad4.) The token provider interface in keystone/token/provider.py is essentailly the manager that is going to be calling into the implementation you provide18:51
lbragstadyou need to implement the interface so that the token provider API can operator normally18:52
lbragstadother than that - there shouldn't be any other files you need to worry about18:52
lbragstad5.) the credential backend is different than the token backend18:52
lbragstads/backend/provider/18:52
lbragstadcredentials are secrets that are stored in keystone18:53
lbragstadtokens are things you get back when you authenticate18:53
lbragstadit's just happens that we use a similar encryption mechanism for each18:53
lbragstadwhich is where you see the fernet bits in keystone/credential and keystone/token18:53
mjaxah ok, makes sense18:54
lbragstadif you're supplying your own token provider - you should only be concerned about the implementation in keystone/token/providers/base.py18:54
lbragstadand that shouldn't be coupled in anyway to the credential backout outside the fact that they require the same key repository utility class to manage the fernet keys18:55
lbragstad#startmeeting keystone-office-hours18:58
openstackMeeting started Tue Aug  1 18:58:13 2017 UTC and is due to finish in 60 minutes.  The chair is lbragstad. Information about MeetBot at http://wiki.debian.org/MeetBot.18:58
openstackUseful Commands: #action #agreed #help #info #idea #link #topic #startvote.18:58
openstackThe meeting name has been set to 'keystone_office_hours'18:58
edmondswlbragstad let me know if you want to talk about that bug comment. Not sure I can add a whole lot more to it, been years since I looked at that18:59
mjaxThanks lbragstad, very helpful. I'll let you know if I have any more questions later18:59
gagehugoo/18:59
gagehugoin a meeting, but can still look at something19:00
cmurphy\o19:01
mjaxeiddccgeilrlerkbjdglujthbrrkbevkuvbulckivdih19:01
knikollao/19:04
gagehugohttps://review.openstack.org/#/c/482971/ is close from what it looks like and it closes a bug19:04
*** kbaegis has quit IRC19:08
lbragstadmjax: anytime19:11
lbragstad#link https://review.openstack.org/#/c/485302/ closes a bug and is ldap related19:12
*** zeus has quit IRC19:13
*** zeus has joined #openstack-keystone19:15
*** zeus is now known as Guest4798719:15
openstackgerritAbhishek Sharma M proposed openstack/pycadf master: Adding panko_api_audit_map.conf to pycadf  https://review.openstack.org/48968019:23
*** ducttape_ has quit IRC19:25
*** ducttape_ has joined #openstack-keystone19:25
knikollalbragstad: so is the yaml catalog also pushed for queens?19:32
*** kbaegis has joined #openstack-keystone19:34
openstackgerritAbhishek Sharma M proposed openstack/pycadf master: Adding panko_api_audit_map.conf to pycadf  https://review.openstack.org/48968019:34
*** dstepanenko has joined #openstack-keystone19:35
*** rcernin has quit IRC19:36
*** dstepanenko has quit IRC19:40
openstackgerritAbhishek Sharma M proposed openstack/pycadf master: Adding panko_api_audit_map.conf to pycadf  https://review.openstack.org/48968019:40
*** nicolasbock has quit IRC19:45
morganknikolla: probably. unless someone can verify the code *and* help with tests19:46
knikollamorgan: what would the deadline for that merging be? i might be able to find some spare time.19:50
*** esp has quit IRC19:52
morgannot sure19:52
morganask lbragstad19:53
knikollalbragstad: ^^19:53
morganhttps://review.openstack.org/#/c/48351419:53
*** esp has joined #openstack-keystone19:54
*** kbaegis has quit IRC20:14
lbragstadknikolla: morgan since we only have two weeks for rc - we don't have much time20:19
lbragstadunfortunately20:19
lbragstadi'm not sure we'd want to merge the catalog bits two days before release (?)20:20
morgani figured20:23
*** ducttape_ has quit IRC20:25
*** ducttape_ has joined #openstack-keystone20:29
*** ioggstream has joined #openstack-keystone20:36
*** aojea has quit IRC20:39
*** jmlowe has quit IRC20:42
openstackgerritLance Bragstad proposed openstack/keystone master: Add test the exposes duplicate roles in token  https://review.openstack.org/48964720:44
lbragstadthis one closes *two* bugs - https://review.openstack.org/#/c/465530/20:46
*** aojea has joined #openstack-keystone20:54
*** esp has quit IRC21:00
*** esp has joined #openstack-keystone21:02
*** Guest47987 is now known as zeus`21:07
*** zeus` is now known as zeus21:07
*** zeus has quit IRC21:07
*** zeus has joined #openstack-keystone21:07
openstackgerritGage Hugo proposed openstack/keystone master: Have project get domain_id from parent  https://review.openstack.org/48965521:16
*** ioggstream has quit IRC21:27
*** dave-mccowan has quit IRC21:27
openstackgerritMerged openstack/keystonemiddleware master: strip whitespace from token  https://review.openstack.org/48297121:34
openstackgerritLance Bragstad proposed openstack/keystone master: Add contributor/ directory for docs  https://review.openstack.org/48975521:35
openstackgerritLance Bragstad proposed openstack/keystone master: Add user/ directory for documentation  https://review.openstack.org/48975621:35
openstackgerritLance Bragstad proposed openstack/keystone master: Add cli/ directory for documentation  https://review.openstack.org/48975721:35
lbragstadFYI - those ^ should close https://bugs.launchpad.net/keystone/+bug/169446021:35
openstackLaunchpad bug 1694460 in OpenStack Identity (keystone) "Keystone docs need to be migrated from the OpenStack-manuals" [High,In progress] - Assigned to Samriddhi (s-jain)21:35
lbragstadthis might make for a good learning opportunity for folks if anyone is interested21:41
lbragstad#link http://lists.openstack.org/pipermail/openstack-dev/2017-August/120429.html21:41
*** ducttape_ has quit IRC21:41
*** phalmos has joined #openstack-keystone21:42
openstackgerritLance Bragstad proposed openstack/keystone master: Add user/ directory for documentation  https://review.openstack.org/48975621:44
openstackgerritGage Hugo proposed openstack/keystone master: Have project get domain_id from parent  https://review.openstack.org/48965521:46
*** dstepanenko has joined #openstack-keystone21:47
openstackgerritLance Bragstad proposed openstack/keystone master: Add cli/ directory for documentation  https://review.openstack.org/48975721:47
*** phalmos has quit IRC21:48
cmurphylbragstad: do those really close #1694460? if they're leaving the sections blank doesn't that mean there's still work to do?21:49
*** eandersson has quit IRC21:50
gagehugoor is it about being compliant with the docs migration?21:50
*** dstepanenko has quit IRC21:52
lbragstadthose are just about being compliant21:52
cmurphyokie21:52
lbragstadi figured we could at least be compliant, because we've been shuffling documentation bits around for the last month21:53
*** kbaegis has joined #openstack-keystone21:53
*** ducttape_ has joined #openstack-keystone21:59
*** rmascena has quit IRC22:00
*** phalmos has joined #openstack-keystone22:00
*** esp has quit IRC22:00
*** kbaegis has quit IRC22:01
*** esp has joined #openstack-keystone22:02
lbragstad#endmeeting22:03
openstackMeeting ended Tue Aug  1 22:03:49 2017 UTC.  Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)22:03
openstackMinutes:        http://eavesdrop.openstack.org/meetings/keystone_office_hours/2017/keystone_office_hours.2017-08-01-18.58.html22:03
openstackMinutes (text): http://eavesdrop.openstack.org/meetings/keystone_office_hours/2017/keystone_office_hours.2017-08-01-18.58.txt22:03
openstackLog:            http://eavesdrop.openstack.org/meetings/keystone_office_hours/2017/keystone_office_hours.2017-08-01-18.58.log.html22:03
cmurphy\o/22:03
lbragstadcmurphy: achievement unlocked!22:04
*** thorst_afk has quit IRC22:05
lbragstadcmurphy: thanks for sticking around to kick some things through - we were able to get somethings merged today!22:07
*** prashkre has quit IRC22:07
cmurphyyep!22:07
* cmurphy smashes all the bugs22:08
openstackgerritGage Hugo proposed openstack/keystone master: Add project tags api-ref documentation and reno  https://review.openstack.org/47239622:17
*** thorst_afk has joined #openstack-keystone22:19
lbragstadhah! transient! https://review.openstack.org/#/c/489647/22:22
*** catintheroof has quit IRC22:23
*** thorst_afk has quit IRC22:24
openstackgerritMerged openstack/keystone master: Fix ec2tokens validation in v2 after regression in metadata_ref removal  https://review.openstack.org/46553022:31
openstackgerritGage Hugo proposed openstack/keystone master: Prep for is_admin_project scoped operations  https://review.openstack.org/46267022:32
gagehugoedmondsw thanks for the help with those changes!22:33
edmondswgagehugo np!22:33
*** edmondsw has quit IRC22:36
*** kbaegis has joined #openstack-keystone22:40
*** esp has left #openstack-keystone22:40
gagehugolbragstad do we want to bump https://review.openstack.org/#/c/447139/ to pike?22:43
*** dave-mccowan has joined #openstack-keystone22:44
*** sjain has joined #openstack-keystone22:47
*** dstepanenko has joined #openstack-keystone22:48
*** dstepanenko has quit IRC22:53
*** https_GK1wmSU has joined #openstack-keystone22:58
*** https_GK1wmSU has left #openstack-keystone22:59
*** otleimat has quit IRC23:00
*** jmlowe has joined #openstack-keystone23:02
*** jmlowe has quit IRC23:03
*** rajalokan has joined #openstack-keystone23:06
*** sjain has quit IRC23:07
*** kbaegis has quit IRC23:12
*** kbaegis has joined #openstack-keystone23:13
*** aselius has quit IRC23:15
*** jmlowe has joined #openstack-keystone23:16
*** aojea has quit IRC23:33
*** aojea has joined #openstack-keystone23:34
*** aojea has quit IRC23:38
*** ducttape_ has quit IRC23:40
*** kbaegis has quit IRC23:45
-openstackstatus- NOTICE: osic nodes have been removed from nodepool due to a problem with the mirror host beginning around 22:20 UTC. please recheck any jobs with failures installing packages.23:47
*** dstepanenko has joined #openstack-keystone23:49
*** dstepanenko has quit IRC23:53
*** markvoelker has quit IRC23:53
« Monday, 2017-07-31 Index Wednesday, 2017-08-02 »

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!