Friday, 2018-01-05

*** jose-phillips has quit IRC		00:09
*** jistr has quit IRC		00:11
*** jose-phillips has joined #openstack-keystone		00:13
*** jistr has joined #openstack-keystone		00:16
*** zhurong has joined #openstack-keystone		00:16
openstackgerrit	Merged openstack/keystone master: Use keystone.common.provider_api for token APIs https://review.openstack.org/530227	00:22
*** EmilienM has quit IRC		00:30
*** edmondsw has joined #openstack-keystone		00:36
*** edmondsw has quit IRC		00:41
*** dave-mccowan has joined #openstack-keystone		00:48
*** gyee has quit IRC		00:49
*** jose-phillips has quit IRC		01:00
*** BenderRodriguez has left #openstack-keystone		01:05
*** jose-phillips has joined #openstack-keystone		01:05
*** nicolasbock has joined #openstack-keystone		01:17
*** panbalag has joined #openstack-keystone		01:19
*** panbalag has left #openstack-keystone		01:24
openstackgerrit	Merged openstack/keystone master: Use keystone.common.provider_api for credential APIs https://review.openstack.org/530234	01:25
openstackgerrit	Merged openstack/keystone master: Use keystone.common.provider_api for endpoint_policy APIs https://review.openstack.org/530235	01:25
openstackgerrit	Merged openstack/keystone master: Use keystone.common.provider_api for oauth APIs https://review.openstack.org/530241	01:25
openstackgerrit	Merged openstack/keystone master: Use keystone.common.provider_api for revoke APIs https://review.openstack.org/530244	01:29
openstackgerrit	Merged openstack/keystone master: Use keystone.common.provider_api for federation APIs https://review.openstack.org/530238	01:29
openstackgerrit	Merged openstack/keystone master: Use keystone.common.provider_api for resource APIs https://review.openstack.org/530243	01:29
openstackgerrit	Merged openstack/keystone master: Use keystone.common.provider_api directly in assignment https://review.openstack.org/529886	01:29
openstackgerrit	Merged openstack/keystone master: Handle InvalidScope exception from oslo.policy https://review.openstack.org/530263	01:29
*** dansmith has joined #openstack-keystone		01:30
*** jroll has quit IRC		01:46
*** gagehugo has joined #openstack-keystone		01:50
*** jroll has joined #openstack-keystone		01:51
*** threestrands_ has joined #openstack-keystone		02:14
*** threestrands_ has quit IRC		02:14
*** threestrands_ has joined #openstack-keystone		02:14
*** threestrands has quit IRC		02:16
*** zzzeek has quit IRC		02:19
*** zzzeek has joined #openstack-keystone		02:20
*** namnh has joined #openstack-keystone		02:20
*** zzzeek has quit IRC		02:20
*** zzzeek has joined #openstack-keystone		02:21
*** edmondsw has joined #openstack-keystone		02:24
*** edmondsw has quit IRC		02:28
*** harlowja has quit IRC		02:36
*** spzala has quit IRC		02:47
lbragstad	wxy: i made a couple comments on the unified limits series	03:03
*** spzala has joined #openstack-keystone		03:06
wxy	lbragstad: Thanks! Looking now.	03:07
lbragstad	wxy: glad to see the tests in the manager patch, those look pretty good	03:07
wxy	BTW, cmurphy, kmalloc , can you take a look at the db patch when you are free? https://review.openstack.org/#/c/523041/ It's about the creation for limits table. Other patches are relied on it. If there is some problem, I should consider more later for all the logic.	03:09
wxy	lbragstad: :)	03:09
*** spzala has quit IRC		03:12
*** nicolasbock has quit IRC		03:14
*** rajalokan has joined #openstack-keystone		03:24
*** rajalokan has quit IRC		03:26
*** rajalokan has joined #openstack-keystone		03:27
*** rajalokan has quit IRC		03:28
*** rajalokan has joined #openstack-keystone		03:29
*** links has joined #openstack-keystone		03:29
*** rajalokan has quit IRC		03:30
*** rajalokan has joined #openstack-keystone		03:33
*** links has quit IRC		03:34
*** rajalokan has quit IRC		03:34
*** zhurong has quit IRC		03:34
*** rajalokan has joined #openstack-keystone		03:35
*** rajalokan has quit IRC		03:35
*** rajalokan has joined #openstack-keystone		03:35
*** rajalokan has quit IRC		03:36
*** rajalokan has joined #openstack-keystone		03:40
*** rajalokan has quit IRC		03:43
*** spzala has joined #openstack-keystone		03:51
*** spzala has quit IRC		03:55
*** annp has joined #openstack-keystone		03:56
*** links has joined #openstack-keystone		03:56
*** edmondsw has joined #openstack-keystone		04:13
*** edmondsw has quit IRC		04:17
*** rajalokan has joined #openstack-keystone		04:39
*** dave-mccowan has quit IRC		05:06
*** rajalokan has quit IRC		05:15
*** magicboiz has joined #openstack-keystone		06:07
*** threestrands_ has quit IRC		06:13
*** magicboiz has quit IRC		06:14
*** magicboiz has joined #openstack-keystone		06:17
*** magicboiz has quit IRC		06:18
*** magicboiz has joined #openstack-keystone		07:28
*** magicboiz has quit IRC		07:28
*** zhurong has joined #openstack-keystone		07:48
*** edmondsw has joined #openstack-keystone		07:49
openstackgerrit	Merged openstack/keystone master: Use keystone.common.provider_api for catalog APIs https://review.openstack.org/530231	07:53
openstackgerrit	Merged openstack/keystone master: Use keystone.common.provider_api for identity APIs https://review.openstack.org/530230	07:53
*** edmondsw has quit IRC		07:53
openstackgerrit	wangxiyuan proposed openstack/keystone master: Add schema check for authorize request token https://review.openstack.org/526296	08:06
*** spzala has joined #openstack-keystone		08:07
*** markvoelker has joined #openstack-keystone		08:09
*** spzala has quit IRC		08:11
*** tesseract has joined #openstack-keystone		08:12
openstackgerrit	wangxiyuan proposed openstack/keystone master: Fix list users by name https://review.openstack.org/529914	08:13
*** zhurong has quit IRC		08:16
*** zhurong has joined #openstack-keystone		08:27
*** rcernin has quit IRC		08:28
cmurphy	wxy: sure, will do	08:32
*** markvoelker has quit IRC		08:44
*** johnthetubaguy has quit IRC		09:17
*** johnthetubaguy has joined #openstack-keystone		09:18
*** cristicalin has joined #openstack-keystone		09:34
*** edmondsw has joined #openstack-keystone		09:37
*** cristicalin has quit IRC		09:39
*** markvoelker has joined #openstack-keystone		09:41
*** edmondsw has quit IRC		09:42
*** nkinder has joined #openstack-keystone		09:48
*** aojea has joined #openstack-keystone		10:07
*** aojea_ has joined #openstack-keystone		10:13
*** markvoelker has quit IRC		10:15
*** aojea has quit IRC		10:16
*** aojea has joined #openstack-keystone		10:18
*** aojea_ has quit IRC		10:22
*** aojea_ has joined #openstack-keystone		10:23
*** aojea has quit IRC		10:26
*** aojea has joined #openstack-keystone		10:29
*** aojea_ has quit IRC		10:31
*** namnh_ has joined #openstack-keystone		10:33
*** namnh_ has quit IRC		10:34
*** aojea has quit IRC		10:37
*** namnh has quit IRC		10:37
*** szaher has joined #openstack-keystone		10:54
*** zhurong has quit IRC		10:57
*** pcaruana has joined #openstack-keystone		11:01
*** aojea has joined #openstack-keystone		11:10
*** markvoelker has joined #openstack-keystone		11:11
*** aojea_ has joined #openstack-keystone		11:14
*** aojea has quit IRC		11:16
*** aojea has joined #openstack-keystone		11:19
*** aojea_ has quit IRC		11:22
*** aojea_ has joined #openstack-keystone		11:25
*** aojea has quit IRC		11:28
*** aojea has joined #openstack-keystone		11:29
*** aojea_ has quit IRC		11:32
*** Drankis has joined #openstack-keystone		11:33
*** aojea_ has joined #openstack-keystone		11:34
*** nicolasbock has joined #openstack-keystone		11:35
*** aojea has quit IRC		11:37
*** aojea has joined #openstack-keystone		11:40
*** aojea_ has quit IRC		11:42
*** aojea_ has joined #openstack-keystone		11:45
*** markvoelker has quit IRC		11:45
*** aojea has quit IRC		11:47
*** aojea has joined #openstack-keystone		11:49
*** aojea_ has quit IRC		11:52
*** aojea_ has joined #openstack-keystone		11:55
*** aojea has quit IRC		11:57
*** lxnch has joined #openstack-keystone		11:59
*** aojea has joined #openstack-keystone		12:00
*** annp has quit IRC		12:00
*** lxnch_ has quit IRC		12:03
*** aojea_ has quit IRC		12:03
samueldmq	happy new year keystone!	12:04
*** spzala has joined #openstack-keystone		12:07
*** aojea has quit IRC		12:07
*** spzala has quit IRC		12:12
*** kong has quit IRC		12:23
*** spzala has joined #openstack-keystone		12:25
*** raildo has joined #openstack-keystone		12:25
*** spzala has quit IRC		12:29
*** markvoelker has joined #openstack-keystone		12:42
openstackgerrit	Sam Betts proposed openstack/keystonemiddleware master: Fix bug in config conversion processing https://review.openstack.org/531370	12:57
*** hoonetorg has quit IRC		12:57
*** sambetts has joined #openstack-keystone		13:00
sambetts	lbragstad, kmalloc, jlvillal, jroll: pinging you all as you were part of the conversation about the Ironic UTs failing due to keystonemiddleware, I've done a bunch of debugging this morning and discovered what I think is a bug in keystonemiddleware's _common/config.py module: https://review.openstack.org/#/c/531370/	13:04
sambetts	with that fix applied all the ironic UTs pass as expectedf	13:05
*** edmondsw has joined #openstack-keystone		13:13
*** markvoelker has quit IRC		13:15
*** edmondsw has quit IRC		13:17
*** dave-mccowan has joined #openstack-keystone		13:23
*** slunkad has joined #openstack-keystone		13:32
*** markvoelker has joined #openstack-keystone		13:36
*** bhagyashri_s has joined #openstack-keystone		13:47
*** links has quit IRC		13:47
*** bhagyashris has quit IRC		13:49
*** jistr is now known as jistr\|biab		13:51
*** edmondsw has joined #openstack-keystone		13:53
*** spzala has joined #openstack-keystone		13:56
*** spzala has quit IRC		14:03
dave-mccowan	hello keystone... i have a question: can I use keystone client to update the endpoint URLs of keystone?	14:05
cmurphy	dave-mccowan: you can use openstackclient to do it, we removed the CLI bits from the keystone client	14:06
dave-mccowan	cmurphy ok, i'm using python-keystoneclient. i am using delete() and create() to change the endpoints for other services, but got an error on keystone. if there is no restriction on changing keystone, then i'll double check my code.	14:10
cmurphy	dave-mccowan: there shouldn't be, what error are you getting?	14:11
dave-mccowan	cmurphy endpoint not found (which is weird, since my code just found the UUID in the line before) :-)	14:12
cmurphy	hmm that is weird	14:13
dave-mccowan	cmurphy i'll debug some more and come back if i need too. i just wanted to check to make sure keystone didn't have a restriction not to change itself.	14:14
dave-mccowan	cmurphy hmm. v3 has update, but v2 has only delete/create. so i guess the question is: can keystone delete its own endpoint?	14:16
cmurphy	trying it out...on devstack it seems to work but is not very happy about it afterward http://paste.openstack.org/show/639189/	14:19
*** spzala has joined #openstack-keystone		14:30
dave-mccowan	cmurphy can you do a create endpoint to replace it?	14:33
cmurphy	dave-mccowan: no, after that all admin commands fail	14:34
cmurphy	this might be a devstack-specific case though	14:34
cmurphy	i know on our cloud product we support changing the keystone endpoints	14:34
*** spzala has quit IRC		14:35
dave-mccowan	cmurphy that looks like the error i'm getting. i'd appreciate any ideas on how to work around it.	14:36
jroll	sambetts: nice find, though that breaks half the tests :P	14:37
cmurphy	dave-mccowan: so the delete works okay for you but things break after that? or the delete doesn't work at all?	14:39
cmurphy	dave-mccowan: after i deleted the admin endpoint i can recreate it but i have to set OS_INTERFACE=public in my osc command (there's an equivalent parameter in keystoneclient)	14:41
dave-mccowan	cmurphy i'll recreate and double check. it's probably the delete worked, and then the create failed.	14:41
sambetts	jroll: yeah... seems like those tests are relying on broken config settings	14:41
dave-mccowan	cmurphy that makes sense. as long as i update one at a time, i should be good.	14:42
cmurphy	dave-mccowan: yep	14:42
*** jmlowe has quit IRC		14:43
*** jmlowe has joined #openstack-keystone		14:45
*** jmlowe has quit IRC		14:48
*** nicolasbock has quit IRC		14:51
lbragstad	sambetts: nice - i'll check it out	14:53
hrybacki	lbragstad: o/ any chance we could +1 workflow for https://review.openstack.org/#/c/528129/ ?	14:58
lbragstad	hrybacki: yep - glad to see it passing	14:59
hrybacki	thanks!	14:59
hrybacki	Happy New Year keystone-folk! (I know I'm late)	14:59
gagehugo	o/	15:00
lbragstad	samueldmq: gagehugo o/	15:01
*** jistr\|biab is now known as jistr		15:04
*** hoonetorg has joined #openstack-keystone		15:10
*** panbalag has joined #openstack-keystone		15:14
openstackgerrit	Gage Hugo proposed openstack/keystone master: WIP - Add functional testing gate https://review.openstack.org/531014	15:23
*** panbalag has left #openstack-keystone		15:26
lbragstad	cmurphy: i just saw your comments on the system scope patch, addressing them now	15:27
cmurphy	lbragstad: okay i wasn't that worried about it just hadn't gotten through enough of the stack to start +2ing	15:28
lbragstad	cool - since all the PROVIDER stuff landed it's in merge conflict	15:29
lbragstad	addressing those comments while i'm at it	15:29
*** jmlowe has joined #openstack-keystone		15:32
openstackgerrit	Lance Bragstad proposed openstack/keystone master: Implement controller logic for system user assignments https://review.openstack.org/515215	15:35
*** spzala has joined #openstack-keystone		15:43
*** panbalag has joined #openstack-keystone		15:48
*** panbalag has left #openstack-keystone		15:51
*** Drankis has quit IRC		15:51
openstackgerrit	Lance Bragstad proposed openstack/keystone master: Implement controller logic for system user assignments https://review.openstack.org/515215	16:01
openstackgerrit	Lance Bragstad proposed openstack/keystone master: Implement controller logic for system group assignments https://review.openstack.org/524017	16:01
openstackgerrit	Lance Bragstad proposed openstack/keystone master: Add system role assignment documentation https://review.openstack.org/524307	16:01
openstackgerrit	Lance Bragstad proposed openstack/keystone master: Add ability to list all system role assignments https://review.openstack.org/524407	16:01
openstackgerrit	Lance Bragstad proposed openstack/keystone master: Teach TokenFormatter how to handle system scope https://review.openstack.org/525330	16:01
openstackgerrit	Lance Bragstad proposed openstack/keystone master: Implement system-scope in the token provider API https://review.openstack.org/525360	16:01
openstackgerrit	Lance Bragstad proposed openstack/keystone master: Introduce assertions for system-scoped token testing https://review.openstack.org/528037	16:01
openstackgerrit	Lance Bragstad proposed openstack/keystone master: Implement system-scoped tokens https://review.openstack.org/525687	16:01
openstackgerrit	Lance Bragstad proposed openstack/keystone master: Add release note for system-scope https://review.openstack.org/528039	16:01
openstackgerrit	Lance Bragstad proposed openstack/keystone master: Update documentation to reflect system-scope https://review.openstack.org/530133	16:01
openstackgerrit	Lance Bragstad proposed openstack/keystone master: Grant admin a role on the system during bootstrap https://review.openstack.org/530410	16:01
openstackgerrit	Lance Bragstad proposed openstack/keystone master: Implement GET /v3/auth/system https://review.openstack.org/530490	16:01
*** jmlowe has quit IRC		16:02
lbragstad	ok - ^ those should be out of merge conflict	16:03
*** mtreinish has quit IRC		16:08
*** mtreinish has joined #openstack-keystone		16:09
lbragstad	and they pass for me locally	16:15
*** jmlowe has joined #openstack-keystone		16:21
openstackgerrit	Merged openstack/keystonemiddleware master: Log TokenNotFound at INFO level instead of WARNING https://review.openstack.org/528129	16:25
lbragstad	hrybacki: do you need a release for that ^	16:29
lbragstad	or should it wait?	16:29
hrybacki	That's the last change we (RH) is trying to pull in. I'm not sure how they cut the internal branches tbh -- not sure if they just pull form current master or from the latest 'release' tag	16:30
lbragstad	we just rolled out 4.20 a couple days ago	16:31
hrybacki	phrasing XD	16:32
lbragstad	bah!	16:32
lbragstad	ksm version 4.20 was released a couple days ago :)	16:32
hrybacki	lbragstad: if it's not too much trouble a release would be nice :) Not sure what that entails on your end though	16:32
lbragstad	hrybacki: https://review.openstack.org/#/c/531423/	16:36
lbragstad	i don't have to be the one proposing those either - they just like to have ptl signoff on it	16:36
lbragstad	so if there is anything you need release-wise you can always throw a review up	16:36
hrybacki	good to know -- this is pretty straightforward	16:38
lbragstad	yeah - the release tooling is pretty nice	16:39
*** openstackstatus has quit IRC		16:40
*** openstackstatus has joined #openstack-keystone		16:41
*** ChanServ sets mode: +v openstackstatus		16:41
*** jaosorior has quit IRC		16:45
* lbragstad takes lunch		17:01
kmalloc	sambetts: that doesn't replicate your fakememcache however	17:04
kmalloc	sambetts: if that is all that is needed to mkae your tests pass, your tests are not using the values from fakememcache, which makes me wonder what you're doing with it. You could just change the KSM config to a null cache.	17:05
kmalloc	sambetts: replicate behavior*	17:06
sambetts	kmalloc: they are using it, the bug is that the "cache" config option isn't being read correctly without that patch, with that patch our cache gets loaded in here https://github.com/openstack/keystonemiddleware/blob/master/keystonemiddleware/auth_token/_cache.py#L136	17:07
sambetts	without that patch it tries to create one of the other cache pools	17:07
sambetts	because it doesn't load it from the env	17:07
kmalloc	right, you should use the oslo.cache backend mechanism, not load from the ENV	17:09
kmalloc	the load from ENV is not a good tool, never has been. it was only there for swift and what you're doing is not really the reason we supported it.	17:10
sambetts	kmalloc: regardless the bug exists and env.get(self._env_cache_name) on L149 returns a string of "<GroupAttr @ 12345>" which is a repr of an oslo.config object not the value from the config itself	17:10
sambetts	kmalloc: so the config loading is broken	17:11
*** dtroyer has quit IRC		17:11
sambetts	I meant the .get here https://github.com/openstack/keystonemiddleware/blob/master/keystonemiddleware/auth_token/__init__.py#L972	17:11
sambetts	returns that bad string	17:11
sambetts	so the config loading is broken	17:12
kmalloc	i really, really, really hate oslo.conf	17:12
kmalloc	i want to remove it from ksm. but can't	17:12
sambetts	it really not oslo.confs fault...	17:12
sambetts	you just access it wrong	17:12
sambetts	your*	17:12
kmalloc	it is, because of the way it is abstracting things it has been a pain every step of the way	17:12
kmalloc	i would rather drop down to something far less "magic"	17:12
kmalloc	i'll +2 the change, just needs to pass tests.	17:13
kmalloc	i also HIGHLY recommend not loading in via env in your tests.	17:13
kmalloc	i think i want to force a change to no longer support ENV based cache obj in KSM	17:13
sambetts	kmalloc: the problem I've hit with the tests is that they all pass in a conf dict in the form self.conf = { auth_host': '2001:2013:1:f101::1',} instead of self.conf = { "keystone_authtoken": { 'auth_host': '2001:2013:1:f101::1' }} so I don't know what the behaviour should be	17:16
sambetts	should that function even be processing an oslo.conf object	17:16
sambetts	I'm not sure I get the purpose of keystonemiddleware/_common/config.py	17:17
sambetts	I don't get what it offers over just using oslo.conf directly... it seems to just be converting values which are already converted	17:18
kmalloc	it's to process the config options. we have to support loading options from .conf files and paste.ini files	17:18
kmalloc	it has to do a bunch of magic because of leaning on both of those through oslo.config	17:18
kmalloc	the values from paste.ini are very wonky	17:18
sambetts	oslo.config handles all of that though if you set up the right types of Opt	17:19
kmalloc	except it can't from paste.ini	17:19
kmalloc	that needs extra work	17:19
kmalloc	so we have to do conversions	17:19
kmalloc	paste.ini options are passed in totally differently	17:20
kmalloc	we tried to eliminate that support and broke too many people	17:20
sambetts	kmalloc: seems like you need the custom oslo.config opts I wrote for my networking- project	17:21
sambetts	looking at the formrt of that file	17:21
sambetts	then oslo.config will process it for you	17:21
*** pcaruana has quit IRC		17:21
sambetts	still not sure why that convert function is being called for the "keystone_authtoken" group though, surely it should just be for the paste.ini headers	17:22
sambetts	kmalloc: https://github.com/openstack/networking-cisco/blob/master/networking_cisco/config/base.py#L68	17:23
kmalloc	anyway, since we're not going to be able to add a huge chunk of code to fix this.	17:23
kmalloc	get your fix to pass check and I'll push it through and we can release a new KSM.	17:23
kmalloc	though I highly recommend using oslo.cache backends instead of ENV based.	17:24
kmalloc	i can tell you now we're not going to land a giant new way to process opts in the short term. (And i don't want to add a ton more support for in-paste.ini opts)	17:25
kmalloc	but i'd be open to it with more convo with the team.	17:25
kmalloc	and FTR i want to nuke the support for passing in a cache object via ENV.	17:26
sambetts	makes sense, /me is out of my depth with all the reasoning behind why that exists in the first place	17:27
kmalloc	largely historical.	17:27
kmalloc	and.... switft	17:27
kmalloc	everything used to put KSM opts in paste.ini and someone still needs it =/	17:28
kmalloc	or needed it not that long ago	17:28
kmalloc	we might be able to nuke it not too far out.	17:29
sambetts	kmalloc: qq, when someone init's a new https://github.com/openstack/keystonemiddleware/blob/master/keystonemiddleware/auth_token/__init__.py#L546 AuthProtocol, is the conf parameter supposed to be from oslo.config, or something else created manually	17:47
*** dave-mccowan has quit IRC		17:57
*** dcdamien has quit IRC		18:06
*** harlowja has joined #openstack-keystone		18:09
openstackgerrit	Lance Bragstad proposed openstack/keystone master: Update documentation to reflect system-scope https://review.openstack.org/530133	18:11
openstackgerrit	Lance Bragstad proposed openstack/keystone master: Grant admin a role on the system during bootstrap https://review.openstack.org/530410	18:11
openstackgerrit	Lance Bragstad proposed openstack/keystone master: Implement GET /v3/auth/system https://review.openstack.org/530490	18:11
openstackgerrit	Gage Hugo proposed openstack/keystone master: WIP - Add functional testing gate https://review.openstack.org/531014	18:12
sambetts	kmalloc: oh wow... I just worked out what is going on ... it seems like Config and therefore AuthProtocol's conf parameter is supposed to be in the form {'oslo_config_config': cfg.CONF} which then gets popped before the convert call, which means we're initing it wrong on our side (not sure why its only just become an issue though, that code's been around for ages)	18:23
lbragstad	https://review.openstack.org/#/c/530550/9 looks good to go - we can start working through the app cred stuff once that merges	18:23
sambetts	kmalloc: after learning more about keystonemiddleware config than I wanted to I think this is actually the fix for us instead of the keystonemiddleware one https://review.openstack.org/531462	18:30
*** sambetts is now known as sambetts\|afk		18:37
*** dtroyer has joined #openstack-keystone		18:37
*** panbalag has joined #openstack-keystone		18:39
cmurphy	lbragstad: that is ready to go but i realized i can't make use of it because of https://bugs.launchpad.net/keystone/+bug/1475091	18:42
openstack	Launchpad bug 1475091 in OpenStack Identity (keystone) "It's possible to create duplicate trusts" [Medium,Fix released] - Assigned to Kent Wang (k.wang)	18:42
kmalloc	sambetts\|afk: likely because we swapped to oslo.cache and now have extra groups	18:42
cmurphy	if expires_at is not null then you can't create more than one trust for the same trustor/trustee/project etc	18:42
lbragstad	?	18:43
cmurphy	lbragstad: re https://review.openstack.org/#/c/530550/9	18:43
kmalloc	withe the same expiration, right?	18:43
cmurphy	kmalloc: right	18:43
lbragstad	oh.. you mean in the contract phase when you're doing the migration?	18:44
kmalloc	honestly, i think we need to nuke a huge chunk of that unique constraint then	18:44
cmurphy	lbragstad: no...unrelated to the migration	18:44
kmalloc	its seems like a bad constraint... like... why do we care if there are duplicate trusts of any kind	18:45
cmurphy	kmalloc: we care for the reasons given in that bug, mainly config management concerns	18:45
cmurphy	but i really don't think it solves it very well	18:45
kmalloc	yeah lets just drop the constraint	18:45
cmurphy	because in mysql if one of the values is null then you can have multiples of it	18:45
cmurphy	which defeats the point	18:45
kmalloc	this solves nothing really.	18:45
kmalloc	yeah a NULL in a constraint doesn't prevent the constraint	18:46
lbragstad	wxy: is hitting that with the unified limits implementation	18:46
kmalloc	/me says something unpopular	18:46
kmalloc	anyway	18:47
kmalloc	yeah just nuke the constraint all together	18:47
kmalloc	there is no real benefit to it.	18:47
lbragstad	you'd have to move the constraint into code then, yeah?	18:47
cmurphy	i'm not really sure how that would fix it	18:51
lbragstad	me either.. i need to wrap something up quick and then context switch properly	19:01
lbragstad	i'm missing something	19:02
cmurphy	let me know when you're back, i'll try to explain what i wanted to do and why i can't	19:04
*** openstack has joined #openstack-keystone		21:14
*** ChanServ sets mode: +o openstack		21:14
openstackgerrit	Gage Hugo proposed openstack/keystone master: Have project get domain_id from parent https://review.openstack.org/489655	21:16
*** jose-phillips has quit IRC		21:17
*** jose-phillips has joined #openstack-keystone		21:19
openstackgerrit	Gage Hugo proposed openstack/keystone master: Move fernet specific doctor checks into tokens https://review.openstack.org/527527	21:25
*** jose-phillips has quit IRC		21:29
*** jose-phillips has joined #openstack-keystone		21:30
openstackgerrit	Gage Hugo proposed openstack/keystone master: Migrate jobs to zuulV3 https://review.openstack.org/523231	21:45
openstackgerrit	Lance Bragstad proposed openstack/keystone master: Add scope_types to role policies https://review.openstack.org/526171	21:46
*** raildo has quit IRC		21:46
*** dave-mccowan has quit IRC		21:50
openstackgerrit	Lance Bragstad proposed openstack/keystone master: Add scope_types to endpoint group policies https://review.openstack.org/525700	21:50
openstackgerrit	Lance Bragstad proposed openstack/keystone master: Add scope_types to token revocation policies https://review.openstack.org/526175	21:53
openstackgerrit	Lance Bragstad proposed openstack/keystone master: Add scope_types to ec2 policies https://review.openstack.org/526191	21:54
*** jose-phillips has quit IRC		21:55
openstackgerrit	Lance Bragstad proposed openstack/keystone master: Add scope_types to trust policies https://review.openstack.org/526176	21:56
*** jose-phillips has joined #openstack-keystone		21:58
*** spzala has quit IRC		22:00
openstackgerrit	Lance Bragstad proposed openstack/keystone master: Add scope_types to credential policies https://review.openstack.org/526189	22:10
*** jose-phillips has quit IRC		22:16
openstackgerrit	Lance Bragstad proposed openstack/keystone master: Add scope_types to project policies https://review.openstack.org/526159	22:19
*** edmondsw has quit IRC		22:22
*** edmondsw has joined #openstack-keystone		22:23
openstackgerrit	Lance Bragstad proposed openstack/keystone master: Add scope_types for user policies https://review.openstack.org/526203	22:24
openstackgerrit	Lance Bragstad proposed openstack/keystone master: Add scope_types to oauth policies https://review.openstack.org/526184	22:25
*** edmondsw has quit IRC		22:26
openstackgerrit	Lance Bragstad proposed openstack/keystone master: Add scope_types for policy policies https://review.openstack.org/526197	22:28
*** jose-phillips has joined #openstack-keystone		22:29
openstackgerrit	Lance Bragstad proposed openstack/keystone master: Add scope_types to domain policies https://review.openstack.org/525705	22:29
* lbragstad 's "patches that need attention" column is getting smaller		22:29
*** spzala has joined #openstack-keystone		22:35
*** jose-phillips has quit IRC		22:42
openstackgerrit	Gage Hugo proposed openstack/keystone master: Clarify developer docs for contributors https://review.openstack.org/531518	22:49
*** david-lyle has joined #openstack-keystone		23:04
openstackgerrit	Colleen Murphy proposed openstack/keystone master: WIP Add application credential auth plugin https://review.openstack.org/525346	23:15
*** gyee has quit IRC		23:35
*** panbalag has left #openstack-keystone		23:37
*** jose-phillips has joined #openstack-keystone		23:52

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!