Monday, 2018-01-29

« Sunday, 2018-01-28 Index Tuesday, 2018-01-30 »
*** lbragstad has joined #openstack-keystone00:14
*** ChanServ sets mode: +o lbragstad00:14
*** hemna has quit IRC00:55
*** hemna has joined #openstack-keystone01:01
*** gongysh has joined #openstack-keystone01:29
*** gongysh has quit IRC03:03
*** rcernin has quit IRC03:08
*** harlowja has joined #openstack-keystone03:11
*** harlowja has quit IRC03:18
*** dave-mccowan has quit IRC03:20
*** jgwentworth is now known as melwitt03:26
*** annp has joined #openstack-keystone03:40
*** rcernin has joined #openstack-keystone04:04
*** bhagyashris has quit IRC04:22
*** daidv has joined #openstack-keystone04:31
openstackgerritMerged openstack/oslo.policy master: Updated from global requirements  https://review.openstack.org/53714604:32
*** bhagyashris has joined #openstack-keystone04:33
*** AlexeyAbashkin has joined #openstack-keystone05:06
*** AlexeyAbashkin has quit IRC05:10
*** AlexeyAbashkin has joined #openstack-keystone05:31
openstackgerritVishakha Agarwal proposed openstack/keystone master: Delete tokens from DB is not required in case of Fernet.    https://review.openstack.org/53732205:39
*** AlexeyAbashkin has quit IRC05:46
*** AlexeyAbashkin has joined #openstack-keystone06:17
*** Dinesh_Bhor has joined #openstack-keystone06:37
Dinesh_Bhorcmurphy: Hi, you there?06:40
Dinesh_Bhorcmurphy:  I want to discuss about this: https://review.openstack.org/#/c/267456/06:41
openstackgerritAndreas Jaeger proposed openstack/keystone master: Use native Zuul v3 tox job  https://review.openstack.org/53778706:50
*** rarora has joined #openstack-keystone06:58
*** Dinesh_Bhor has quit IRC07:10
*** rcernin has quit IRC07:11
*** Dinesh_Bhor has joined #openstack-keystone07:11
*** namnh has joined #openstack-keystone07:21
*** Dinesh_Bhor has quit IRC07:23
*** Dinesh_Bhor has joined #openstack-keystone07:25
*** Dinesh_Bhor has quit IRC07:34
*** hoonetorg has quit IRC07:35
*** Dinesh_Bhor has joined #openstack-keystone07:36
*** Dinesh_Bhor has quit IRC07:38
*** Dinesh_Bhor has joined #openstack-keystone07:39
*** pcaruana has joined #openstack-keystone07:44
*** Supun has joined #openstack-keystone07:44
*** Dinesh_Bhor has quit IRC07:45
*** belmoreira has joined #openstack-keystone07:47
*** Dinesh_Bhor has joined #openstack-keystone07:50
*** hoonetorg has joined #openstack-keystone07:52
*** AlexeyAbashkin has quit IRC07:55
*** gongysh has joined #openstack-keystone08:03
*** gongysh has quit IRC08:08
*** links has joined #openstack-keystone08:09
*** Supun has quit IRC08:22
*** d0ugal has quit IRC08:22
*** tesseract has joined #openstack-keystone08:26
*** d0ugal has joined #openstack-keystone08:27
*** Dinesh_Bhor has quit IRC08:29
*** AlexeyAbashkin has joined #openstack-keystone08:35
*** AlexeyAbashkin has quit IRC08:40
*** Dinesh_Bhor has joined #openstack-keystone08:41
*** masber has quit IRC08:41
*** masber has joined #openstack-keystone08:42
*** Dinesh_Bhor has quit IRC08:46
*** aloga has quit IRC08:49
*** aloga has joined #openstack-keystone08:49
*** Dinesh_Bhor has joined #openstack-keystone08:50
*** belmorei_ has joined #openstack-keystone08:52
*** Dinesh_Bhor has quit IRC08:52
*** belmoreira has quit IRC08:53
*** d0ugal has quit IRC09:00
*** Dinesh_Bhor has joined #openstack-keystone09:06
cmurphyDinesh_Bhor: I'm here now09:10
Dinesh_Bhorcmurphy: about this: https://review.openstack.org/#/c/267456/09:11
Dinesh_Bhorcmurphy:  do you want me to combine all three patches into one? That will be difficult for review.09:11
cmurphyDinesh_Bhor: no I wouldn't combine them, I just wasn't sure if the other two were needed if the functionality existed in the base classes09:12
cmurphyDinesh_Bhor: if they are needed then that's fine09:13
Dinesh_Bhorcmurphy: yes, those are required.09:13
cmurphyDinesh_Bhor: okay then I can take a look09:14
cmurphyDinesh_Bhor: part of my confusion was that the commit message listed a bunch of files that weren't being touched so i wasn't sure whether it was out of date09:15
Dinesh_Bhorcmurphy: yeah, actually. Some of the v3 API's are getting covered in base patch itself. But this patch is specifically for v3 so I have made changes to the remaining API's and added test cases for all v3 API's including the API's covered in base patch.09:17
cmurphyDinesh_Bhor: maybe those test cases should go into the base patch then?09:18
cmurphyor at least that could be explained in the commit message09:18
Dinesh_Bhorcmurphy: okay. understood. I will update the commit message.09:19
*** vish_18 has joined #openstack-keystone09:20
*** d0ugal has joined #openstack-keystone09:20
cmurphythanks!09:20
Dinesh_Bhorcmurphy: Thank you for your time.09:20
cmurphyno problem09:20
*** AlexeyAbashkin has joined #openstack-keystone09:22
*** Dinesh_Bhor has quit IRC09:42
*** Supun has joined #openstack-keystone09:42
*** Supun has quit IRC09:47
*** aloga has quit IRC09:52
*** aloga has joined #openstack-keystone09:52
*** namnh has quit IRC10:09
*** namnh has joined #openstack-keystone10:09
*** AlexeyAbashkin has quit IRC10:13
*** AlexeyAbashkin has joined #openstack-keystone10:13
*** threestrands_ has joined #openstack-keystone10:33
*** Supun has joined #openstack-keystone10:35
*** threestrands has quit IRC10:36
*** jappleii__ has joined #openstack-keystone10:37
*** jappleii__ has quit IRC10:38
*** jappleii__ has joined #openstack-keystone10:39
*** Neptu_ has joined #openstack-keystone10:39
*** threestrands_ has quit IRC10:41
*** belmorei_ has quit IRC10:46
*** jaosorior has joined #openstack-keystone10:52
*** namnh has quit IRC10:52
*** annp has quit IRC11:01
-openstackstatus- NOTICE: Zuul is currently under heavy load. Do not *recheck* or *approve* any changes.11:03
*** AlexeyAbashkin has quit IRC11:23
*** sambetts|afk is now known as sambetts|11:24
*** sambetts| is now known as sambetts11:24
*** bhagyashri_s has joined #openstack-keystone11:50
*** dklyle has quit IRC11:52
*** bhagyashris has quit IRC11:53
*** david-lyle has joined #openstack-keystone11:53
*** raildo has joined #openstack-keystone11:54
*** AlexeyAbashkin has joined #openstack-keystone11:59
*** bhagyashri_s has quit IRC12:01
*** bhagyashris has joined #openstack-keystone12:02
*** mvk has quit IRC12:02
*** belmoreira has joined #openstack-keystone12:05
*** panbalag has joined #openstack-keystone12:06
*** panbalag has left #openstack-keystone12:07
*** mvenesio has joined #openstack-keystone12:57
*** mvk has joined #openstack-keystone13:17
-openstackstatus- NOTICE: Zuul is currently under heavy load. Do not *recheck* or *approve* any changes until we give the go ahead.13:32
*** ChanServ changes topic to "Zuul is currently under heavy load. Do not *recheck* or *approve* any changes until we give the go ahead."13:32
*** d0ugal has quit IRC13:38
*** d0ugal has joined #openstack-keystone13:38
*** edmondsw has joined #openstack-keystone13:41
*** ayoung has joined #openstack-keystone14:14
*** david-lyle has quit IRC14:15
*** r-daneel has joined #openstack-keystone14:20
*** edmondsw has quit IRC14:25
lbragstado/14:28
*** superdan is now known as dansmith14:28
*** dave-mccowan has joined #openstack-keystone14:28
*** edmondsw has joined #openstack-keystone14:28
*** belmorei_ has joined #openstack-keystone14:29
-openstackstatus- NOTICE: we've been able to restart zuul, and re-enqueue changes for gate. Please hold off on recheck or approves, we are still recovering. More info shortly.14:29
cmurphy\o see notice ^ don't recheck things yet14:30
*** belmoreira has quit IRC14:32
*** dave-mccowan has quit IRC14:33
*** dave-mccowan has joined #openstack-keystone14:34
lbragstadnice14:36
lbragstadi was just checking the queue and it looked like the application credential stuff was just about start gate jobs14:36
cmurphyit was just reenqueued14:40
cmurphyit's been trying to run gate jobs for a long time now :(14:40
*** daidv has quit IRC14:49
*** daidv has joined #openstack-keystone14:49
lbragstadyeah... i saw that over the weekend14:50
lbragstadthat patch series just can't seem to catch a break :)14:50
*** mvenesio has quit IRC14:55
*** spilla has joined #openstack-keystone14:59
*** r-daneel_ has joined #openstack-keystone15:02
*** r-daneel has quit IRC15:04
*** r-daneel_ is now known as r-daneel15:04
knikollao/15:06
*** r-daneel has quit IRC15:11
*** r-daneel has joined #openstack-keystone15:11
*** gus has quit IRC15:13
*** gus has joined #openstack-keystone15:14
gagehugoo/15:17
*** bhagyashris has quit IRC15:21
*** bhagyashris has joined #openstack-keystone15:21
*** Supun has quit IRC15:22
*** Supun has joined #openstack-keystone15:25
*** mylu has joined #openstack-keystone15:33
*** r-daneel_ has joined #openstack-keystone15:39
*** r-daneel has quit IRC15:40
*** r-daneel_ is now known as r-daneel15:40
*** bhagyashris has quit IRC15:40
*** bhagyashris has joined #openstack-keystone15:50
*** mylu has quit IRC15:53
*** mylu has joined #openstack-keystone15:55
*** david-lyle has joined #openstack-keystone15:56
*** phalmos has joined #openstack-keystone15:57
*** spilla has quit IRC15:59
*** spilla has joined #openstack-keystone15:59
*** belmorei_ has quit IRC15:59
*** tesseract has quit IRC16:03
*** jappleii__ has quit IRC16:05
*** jmlowe_ has quit IRC16:07
*** jmlowe has joined #openstack-keystone16:07
*** phalmos has quit IRC16:11
*** mylu has quit IRC16:17
*** links has quit IRC16:20
*** ChanServ changes topic to "Queens release schedule: https://releases.openstack.org/queens/schedule.html | Meeting agenda: https://etherpad.openstack.org/p/keystone-weekly-meeting | Bugs that need triaging: http://bit.ly/2iJuN1h | Trello: https://trello.com/b/5F0h9Hoe/keystone"16:21
-openstackstatus- NOTICE: zuul.o.o is back online, feel free to recheck / approve patches.16:21
lbragstadcc gagehugo cmurphy knikolla ^16:25
gagehugowoo16:25
cmurphyi think there's nothing in dire need of rechecking16:25
*** pcaruana has quit IRC16:25
*** phalmos has joined #openstack-keystone16:30
*** rmcall has joined #openstack-keystone16:31
knikollacmurphy: do you know if the trusted_dashboard option allows a hostname or a wildcard instead of a very specific url?16:42
*** phalmos has quit IRC16:42
cmurphyknikolla: i don't think so16:43
*** jose-phillips has quit IRC16:43
knikollacmurphy: argh... i wanted to use https://hostname/invitations/<uuid_of_invitation>. guess i'll have to use sessions.16:44
*** jose-phillips has joined #openstack-keystone16:45
*** tesseract has joined #openstack-keystone16:47
cmurphyknikolla: yeah i'm not 100% sure but in my experience it was pretty picky and stupid16:48
cmurphyyou could try it, it'll be pretty obvious if it's not working16:48
*** ayoung has quit IRC16:57
*** aojea_ has joined #openstack-keystone17:07
*** aojea__ has joined #openstack-keystone17:13
*** phalmos has joined #openstack-keystone17:15
*** aojea_ has quit IRC17:16
*** aojea has joined #openstack-keystone17:18
*** Supun has quit IRC17:20
*** aojea__ has quit IRC17:21
*** Supun has joined #openstack-keystone17:21
*** r-daneel_ has joined #openstack-keystone17:21
openstackgerritLance Bragstad proposed openstack/keystone master: Add scope_types for user policies  https://review.openstack.org/52620317:23
*** r-daneel has quit IRC17:23
*** r-daneel_ is now known as r-daneel17:23
*** aojea_ has joined #openstack-keystone17:23
*** aojea has quit IRC17:26
*** phalmos has quit IRC17:26
openstackgerritGage Hugo proposed openstack/keystone master: Add functional testing gate  https://review.openstack.org/53101417:27
*** aojea has joined #openstack-keystone17:28
*** gyee has joined #openstack-keystone17:29
*** aojea_ has quit IRC17:30
*** aojea_ has joined #openstack-keystone17:33
*** AlexeyAbashkin has quit IRC17:34
*** aojea has quit IRC17:36
*** AlexeyAbashkin has joined #openstack-keystone17:37
*** aojea has joined #openstack-keystone17:38
*** aojea_ has quit IRC17:40
*** AlexeyAbashkin has quit IRC17:41
*** Supun has quit IRC17:41
*** mvenesio has joined #openstack-keystone17:42
*** Supun has joined #openstack-keystone17:42
*** aojea_ has joined #openstack-keystone17:43
*** aojea has quit IRC17:46
*** aojea has joined #openstack-keystone17:49
lbragstadbreaking for lunch quick17:50
*** aojea_ has quit IRC17:52
*** aojea_ has joined #openstack-keystone17:53
*** mvk has quit IRC17:56
*** aojea has quit IRC17:56
*** aojea__ has joined #openstack-keystone18:01
*** sambetts is now known as sambetts|afk18:01
*** aojea_ has quit IRC18:02
*** phalmos has joined #openstack-keystone18:03
*** aojea_ has joined #openstack-keystone18:06
*** phalmos has quit IRC18:09
*** aojea__ has quit IRC18:09
*** david-lyle has quit IRC18:09
*** aojea has joined #openstack-keystone18:12
*** aojea_ has quit IRC18:14
*** aojea_ has joined #openstack-keystone18:16
*** rmcall has quit IRC18:17
*** rmcall has joined #openstack-keystone18:18
*** aojea has quit IRC18:19
*** aojea has joined #openstack-keystone18:22
*** AJaeger has joined #openstack-keystone18:24
AJaegerkeystone cores, a simple Zuul jobs change for you - could I get a second core review, please? https://review.openstack.org/#/c/53839718:25
*** aojea_ has quit IRC18:25
AJaegerSorry, I meant https://review.openstack.org/#/c/53778718:25
*** aojea_ has joined #openstack-keystone18:27
lbragstadAJaeger: dome18:27
lbragstaddone*18:27
AJaegerthanks, lbragstad18:27
lbragstadAJaeger: no problem - thanks for the ping18:28
*** efried is now known as efried_hexchat18:29
*** aojea has quit IRC18:29
*** aojea__ has joined #openstack-keystone18:32
*** r-daneel_ has joined #openstack-keystone18:33
*** henrynash has joined #openstack-keystone18:34
*** r-daneel has quit IRC18:34
*** mvk has joined #openstack-keystone18:35
*** aojea_ has quit IRC18:35
*** r-daneel has joined #openstack-keystone18:37
*** spzala has joined #openstack-keystone18:37
*** spzala has quit IRC18:37
*** aojea_ has joined #openstack-keystone18:37
*** r-daneel_ has quit IRC18:38
*** jose-phillips has quit IRC18:40
*** aojea__ has quit IRC18:40
*** aojea__ has joined #openstack-keystone18:42
*** AJaeger has left #openstack-keystone18:44
*** aojea_ has quit IRC18:44
openstackgerritLance Bragstad proposed openstack/keystone master: Document flat limit enforcement model  https://review.openstack.org/53832218:45
*** aojea_ has joined #openstack-keystone18:47
*** jaosorior has quit IRC18:48
*** aojea__ has quit IRC18:50
*** aojea_ has quit IRC18:50
*** rmcall has quit IRC19:08
*** AlexeyAbashkin has joined #openstack-keystone19:11
*** phalmos has joined #openstack-keystone19:12
*** rmcall has joined #openstack-keystone19:13
lbragstadcmurphy: are you actively investigating https://bugs.launchpad.net/keystone/+bug/1746016 ?19:14
openstackLaunchpad bug 1746016 in OpenStack Identity (keystone) "unit test jobs sometimes time out" [High,New]19:14
cmurphylbragstad: yes and no, I've been looking at it but i have no idea what's going on19:15
cmurphyneed to try to rope in some QA people to help19:15
lbragstadoh - interesting...19:15
lbragstadis this what you were referencing in the bug - http://logs.openstack.org/33/530133/13/check/openstack-tox-py27/d6560ad/job-output.txt.gz#_2018-01-27_14_26_31_625384 ?19:16
cmurphylbragstad: yeah19:16
cmurphyit seems like everything's going great and then it just halts for no reason and then dies19:16
lbragstadthat's a good 35 minutes...19:16
cmurphyit's not helping us get things merged faster19:16
lbragstadright19:17
*** edmondsw has quit IRC19:23
*** harlowja has joined #openstack-keystone19:25
*** david-lyle has joined #openstack-keystone19:27
*** tesseract has quit IRC19:31
*** cfriesen has joined #openstack-keystone19:31
*** henrynash has quit IRC19:31
lbragstadcfriesen: o/19:32
cfrieseno/19:32
lbragstadyeah - so jamielennox was the one driving a bunch of the service token work19:32
lbragstadcmurphy: hrybacki do we know if anyone was trying to pick up those efforts (or if there was anything to pick up?)19:33
cmurphylbragstad: i recall lamt was going to pick up some ksm work but i don't recall whether that included service token stuff19:33
lbragstadcmurphy: ok - yeah, that's what i remember, too19:34
lbragstadcmurphy: cfriesen has an interesting service token case.. but i'm not sure anyone outside of jamielennox would have thought that far ahead?19:34
lbragstadcfriesen: do you wanna describe what you're trying to do?19:34
hrybackilbragstad: no I wasn't tracking that -- I assumed he'd removed all his commitments awhile back19:35
cfriesenSure...the scenario I'm trying to solve is that the glance v2 API doesn't allow users to modify the location of an image by default.  (You can turn on a setting to allow it, but it's got security warnings around it.)19:35
cfriesenWhat I'd like to do is figure out a way for glance to allow this operation if the request comes from nova, but to disallow it for normal users.19:36
lbragstadcfriesen: do you know how glance makes that check?19:36
cfriesenOne of the glance folks suggested it might be possible to use service tokens for this, in order to ensure that the request came from an openstack service.19:36
cfriesenlbragstad: Right now glance just checks a config option to decide whether it's allowed or not.19:37
* lbragstad grabs a copy of glance's code19:37
*** phalmos has quit IRC19:37
cfriesenapi/v2/images.py, _do_add_locations()19:38
*** phalmos has joined #openstack-keystone19:39
lbragstadshow_multiple_locations ?19:39
cfriesenyes, it's kind of overloaded.19:40
cfriesenthere's a separate conf option to determine whether a single location is visible to the user.19:41
lbragstadgot it19:41
lbragstadi'm trying to find out where in the API that is wired up..19:42
cfriesenThe current code path on the nova side is to create the image with no location, do some ceph stuff directly, then update the image with the location within ceph.  This worked with glance v1 API, but fails with v2.19:42
cfriesenlbragstad: it's part of the image update call19:42
lbragstadaha19:43
lbragstadi was thinking if it was a somewhat specific/isolated API, you could create a specific role and map that to the glance policy that protects that API19:43
lbragstadthen you'd give that role to the nova service user19:44
lbragstadbut if users use that same glance API to do other image update operations that might be a bit tough...19:45
lbragstadthat's neither here nor there with service tokens, i gues19:45
lbragstadotherwise, it looks like glance might have to incorporate some code to check token specific to see if it actually came from a service, or nova)19:52
*** phalmos has quit IRC19:53
cfrieseninterestingly, glance does have a "set image location" policy, but it applies to any time the location is set, including on initial creation.19:54
cfriesenas far as checking the context for service token information, is there enough information currently guaranteed by the keystone APIs to check the service token even if it wasn't needed to deal with user token expiry?19:55
openstackgerritLance Bragstad proposed openstack/keystone master: Document flat limit enforcement model  https://review.openstack.org/53832219:55
lbragstadcfriesen: well - the token expiry case is handled mostly on the client side and only had a couple changes to keystone server19:57
*** phalmos has joined #openstack-keystone19:57
lbragstadtechnically, a service token is the same as a token used by non-service users19:57
lbragstadthe tricky bit with that specific case was that we extended keystone validate_token API so that service tokens could be used to validate other tokens in the deployment (and even expired tokens019:58
*** jose-phillips has joined #openstack-keystone19:59
lbragstadhttps://github.com/openstack/keystone/blob/7921249ed7b5fc3d9b43a05055dcd20793b831d2/keystone/common/policies/token.py#L2620:00
lbragstadand https://github.com/openstack/keystone/blob/7921249ed7b5fc3d9b43a05055dcd20793b831d2/keystone/common/policies/base.py#L5620:00
lbragstadkeystone detects if a user is a "service user" based on the role assignment - https://github.com/openstack/keystone/blob/7921249ed7b5fc3d9b43a05055dcd20793b831d2/keystone/common/policies/base.py#L38-L4020:01
cfriesenpresumably glance could extract the service token from the context, validate it with keystone, and check the role assignment?20:02
*** pramodrj07 has joined #openstack-keystone20:04
lbragstadyeah... that would be one way to do it20:07
lbragstadthe values of the context might have some information20:07
lbragstadregarding role assignments20:07
lbragstadthat part that gets muddy is that both glance and keystone would be duplicating the mapping of what a service user is20:08
cfriesenI suppose we might be able to tighten it down so only a glance-configured username (ie "nova") is allowed to set image locations.  seems a bit special-case-y though.20:09
lbragstadyeah - i agree20:09
lbragstadwe're working on building out the system scope stuff in keystone, and I feel like that might help this case20:09
lbragstadsomething glance might consider doing is create a new policy for that specific API20:10
lbragstadand make a system-scoped operation20:10
lbragstadand make it a *20:11
lbragstadthen, in order for nova to execute it, the operator would have to give nova a role on the system20:11
lbragstadand we'd have to teach nova to get a system scoped token when making that call to glance20:11
lbragstadso - the API would be exposed via glance, but it would be locked down so only system users can actually call it20:12
lbragstad(people using project-scoped tokens wouldn't be able to actually invoke the API directly through glance)20:12
cfriesenwould it make sense to make all service tokens be system scope?20:13
lbragstadgood question... it really depends on what the service needs20:13
lbragstador what the service needs to do with other services20:13
lbragstadif nova needs a list of all volumes in a specific project from cinder, then a project-scoped token for the project in question seems to make sense20:14
lbragstadbut if nova wants to update an image location (which seems like a system level thing) it would use a system scoped token20:14
cfriesensounds reasonable.   okay, this gives me some good info for my immediate issue.  thanks a bunch.20:15
*** rmascena has joined #openstack-keystone20:15
lbragstadcfriesen: yep - anytime, i'm hoping to get more involved, especially with nova and trying to get some of this making sense from a service level20:16
lbragstadcertainly open to more feedback/options if you come up with any20:16
*** raildo has quit IRC20:18
*** ayoung has joined #openstack-keystone20:21
*** AlexeyAbashkin has quit IRC20:25
*** jose-phillips has quit IRC20:25
*** edmondsw has joined #openstack-keystone20:30
*** edmondsw has quit IRC20:32
*** edmondsw_ has joined #openstack-keystone20:32
cfriesenlbragstad: just blue-skying here, but I wonder if a "does this context have a valid system-scoped token" operation might be useful.20:32
*** jose-phillips has joined #openstack-keystone20:38
*** jose-phillips has quit IRC20:50
openstackgerritGage Hugo proposed openstack/keystone master: Move fernet specific doctor checks into tokens  https://review.openstack.org/52752720:57
*** mvenesio has quit IRC21:11
*** rmascena has quit IRC21:12
*** mvenesio has joined #openstack-keystone21:12
*** mvenesio has quit IRC21:16
*** Supun has quit IRC21:18
*** aojea_ has joined #openstack-keystone21:22
*** aojea__ has joined #openstack-keystone21:27
*** aojea_ has quit IRC21:29
*** spilla has quit IRC21:31
*** aojea has joined #openstack-keystone21:33
*** r-daneel has quit IRC21:33
*** r-daneel has joined #openstack-keystone21:33
*** aojea__ has quit IRC21:35
*** aojea_ has joined #openstack-keystone21:37
lbragstadcfriesen: would that be something keystone determines or oslo.context?21:39
lbragstador oslo.context just relays that information from keystone somehow21:39
lbragstadhrybacki: i threw us down on the agenda for tomorrows meeting to go through the trello updates as a team21:40
*** aojea has quit IRC21:40
hrybackiperfect, thanks lbragstad21:40
*** spilla has joined #openstack-keystone21:41
*** aojea has joined #openstack-keystone21:43
*** aojea_ has quit IRC21:45
*** aojea_ has joined #openstack-keystone21:48
*** aojea has quit IRC21:50
cfriesenlbragstad: I'm not opinionated. :)  I'm just thinking of what the services might ultimately care about.21:52
*** aojea has joined #openstack-keystone21:52
lbragstadcfriesen: yeah - i think this is all eluding to the need for a service to service communication session21:54
lbragstadadded it to our planning etherpad - https://etherpad.openstack.org/p/keystone-rocky-ptg21:54
lbragstadwe'll start shaping up the schedule for that week soon, but likely monday or tuesday we can all sit down and go through some of that21:54
*** aojea_ has quit IRC21:55
*** aojea_ has joined #openstack-keystone21:58
*** aojea has quit IRC22:01
*** aojea_ has quit IRC22:04
cfriesencool22:04
*** threestrands has joined #openstack-keystone22:05
*** threestrands has quit IRC22:05
*** threestrands has joined #openstack-keystone22:05
lbragstadwe might be about an hour away from merging the application credential chain22:06
* lbragstad cross fingers22:06
*** threestrands_ has joined #openstack-keystone22:07
cmurphyyou're optimistic22:08
*** threestrands has quit IRC22:08
*** threestrands_ has quit IRC22:08
* lbragstad crosses toes, too22:08
cmurphy:)22:08
*** threestrands has joined #openstack-keystone22:08
*** threestrands has quit IRC22:08
*** threestrands has joined #openstack-keystone22:08
lbragstadcmurphy: for being one of the first features done this release, its been a long road for that series22:09
cmurphyyeah :(22:09
lbragstadsorry cmurphy22:09
cmurphyheh no worries22:09
*** dtruong has quit IRC22:13
*** henrynash has joined #openstack-keystone22:15
lbragstadwhoa - we have a henrynash!22:20
lbragstadgood evening, sir :)22:20
henrynash…delurking...22:20
henrynashhi there22:20
lbragstadhow goes it?22:20
*** threestrands_ has joined #openstack-keystone22:21
henrynashgood…just got back from a long vacation, so renewed, reinvigorated, etc. etc.22:21
lbragstadthat sounds nice22:21
lbragstadare we going to be lucky enough to see you in dublin?22:21
henrynashnot sure yet…do we haeva. schedule for whcih days the keystone sessions are on?22:22
lbragstadwe have a list of topics that we'll probably start shaping into a schedule later this week22:22
lbragstadbut it will be the usual format22:22
lbragstadcross-project stuff monday and tuesday22:23
lbragstadproject specific things wednesday - friday22:23
lbragstadhttps://etherpad.openstack.org/p/keystone-rocky-ptg22:23
*** threestrands has quit IRC22:23
henrynashah, that sounds good…that mught work since I need to be in the UK on Tuesday, so could make it out for, say, Wednesday and Thursday (Or something like that)22:23
lbragstadthat'd be cool22:24
lbragstadit'd be great to have you there22:24
henrynashok, I’ll work on that22:24
henrynashmeanwhile, I’ll try and be a review-bot for the coming weeks22:24
lbragstadthanks for all the reviews btw22:25
henrynashnp22:25
*** edmondsw_ is now known as edmondsw22:26
*** dave-mccowan has quit IRC22:31
*** rmcall has quit IRC22:31
*** jappleii__ has joined #openstack-keystone22:35
*** jappleii__ has quit IRC22:36
*** jappleii__ has joined #openstack-keystone22:37
*** threestrands_ has quit IRC22:37
*** jose-phillips has joined #openstack-keystone22:41
*** mylu has joined #openstack-keystone22:42
*** mylu has quit IRC22:46
*** rcernin has joined #openstack-keystone22:46
*** mylu has joined #openstack-keystone22:46
*** mylu has quit IRC22:50
*** spilla has quit IRC22:56
*** phalmos_ has joined #openstack-keystone22:56
*** phalmos has quit IRC22:59
*** dtruong has joined #openstack-keystone23:04
*** edmondsw has quit IRC23:06
*** edmondsw has joined #openstack-keystone23:20
*** logan- has quit IRC23:45
*** errr has quit IRC23:45
*** jlvillal has quit IRC23:45
*** zeus has quit IRC23:45
*** jistr has quit IRC23:45
*** r-daneel has quit IRC23:45
*** edmondsw has quit IRC23:46
*** edmondsw has joined #openstack-keystone23:47
*** freerunner has quit IRC23:48
*** freerunner has joined #openstack-keystone23:51
*** logan- has joined #openstack-keystone23:51
*** errr has joined #openstack-keystone23:51
*** jlvillal has joined #openstack-keystone23:51
*** zeus has joined #openstack-keystone23:51
*** jistr has joined #openstack-keystone23:51
*** mylu has joined #openstack-keystone23:51
*** edmondsw has quit IRC23:51
*** dave-mccowan has joined #openstack-keystone23:52
*** sapd_ has quit IRC23:57
« Sunday, 2018-01-28 Index Tuesday, 2018-01-30 »

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!