Monday, 2018-07-02

« Sunday, 2018-07-01 Index Tuesday, 2018-07-03 »
*** wxy has joined #openstack-keystone01:24
*** edmondsw has joined #openstack-keystone01:29
*** edmondsw has quit IRC01:34
*** openstackgerrit has quit IRC01:49
*** jmlowe has quit IRC02:13
*** jmlowe has joined #openstack-keystone02:14
*** slunkad has quit IRC02:17
*** slunkad has joined #openstack-keystone02:19
*** idlemind has joined #openstack-keystone02:44
*** edmondsw has joined #openstack-keystone03:17
*** edmondsw has quit IRC03:22
*** pooja_jadhav has joined #openstack-keystone04:36
*** openstackgerrit has joined #openstack-keystone04:39
openstackgerritTuan Do Anh proposed openstack/keystone master: Change "a SQL" to "an SQL"  https://review.openstack.org/57943204:39
*** rcernin has quit IRC04:55
*** dklyle has quit IRC04:58
*** edmondsw has joined #openstack-keystone05:06
*** links has joined #openstack-keystone05:09
*** links has quit IRC05:09
*** edmondsw has quit IRC05:11
*** sonuk_ has joined #openstack-keystone05:16
*** sonuk has quit IRC05:19
*** rcernin has joined #openstack-keystone05:41
*** rcernin has quit IRC05:41
*** rcernin has joined #openstack-keystone05:41
*** rcernin has quit IRC05:41
*** rcernin has joined #openstack-keystone05:42
*** blake has joined #openstack-keystone05:57
*** peereb has joined #openstack-keystone06:00
*** martinus__ has joined #openstack-keystone06:12
*** josecastroleon has joined #openstack-keystone06:20
*** dmellado has joined #openstack-keystone06:23
openstackgerritAdrian Turjak proposed openstack/keystone master: Implement auth receipts spec  https://review.openstack.org/57228606:29
adriantcmurphy, lbragstad[m], kmalloc: ^ I've removed the WIP, tested in devstack, found the thing that was bugging me about the tests, and was able to issue myself a receipt, and then a token by doing password + totp!06:30
adriantMy plan right now is if we can get this in by rocky, to then start work in Keystoneauth to make this all play nice and my goal by end of Stein is support in OpenstackClient and Horizon06:32
*** threestrands has joined #openstack-keystone06:33
*** threestrands has quit IRC06:33
*** threestrands has joined #openstack-keystone06:33
adriantkeystoneauth doesn't follow the release cycle right? So I can probably start work on that and get it in around end of rocky, and then Stein will be all about getting the rest to play nice06:34
adriantWe also need to add support for user Options to the SDK, and do we have docs for user options?06:34
adriantThe API ref doesn't mention options, so maybe we should add them there.06:35
*** threestrands has quit IRC06:37
*** nicolasbock has joined #openstack-keystone06:39
adriantWe should also consider if we want to expose some element of MFA options to users themselves with a refined policy, but meanwhile I'll add an API in Adjutant for managing those that's based on what I have in adjutant-mfa already.06:44
*** edmondsw has joined #openstack-keystone06:55
*** edmondsw has quit IRC07:00
*** josecastroleon has quit IRC07:01
*** rcernin has quit IRC07:09
*** josecastroleon has joined #openstack-keystone07:11
cmurphyadriant: keystoneauth follows the non-client schedule of the release cycle, so its deadline is the week after keystone's feature freeze https://releases.openstack.org/rocky/schedule.html07:14
cmurphyI'm not sure what you mean by options07:15
*** rha has joined #openstack-keystone07:24
*** rha has quit IRC07:24
*** rha has joined #openstack-keystone07:24
*** tesseract has joined #openstack-keystone07:27
*** sapd_ has quit IRC07:33
*** sapd_ has joined #openstack-keystone07:34
*** sonuk has joined #openstack-keystone07:42
openstackgerritwangxiyuan proposed openstack/keystone master: Add project_id filter for listing limit  https://review.openstack.org/57933007:43
openstackgerritwangxiyuan proposed openstack/keystone master: [WIP] Add show hierarchy filter  https://review.openstack.org/57933107:43
*** blake has quit IRC07:43
*** sonuk_ has quit IRC07:45
*** vishakha has quit IRC07:45
*** vishakha has joined #openstack-keystone07:59
*** d0ugal has joined #openstack-keystone08:01
*** d0ugal has quit IRC08:01
*** d0ugal has joined #openstack-keystone08:01
*** josecastroleon has quit IRC08:35
openstackgerritNeha Alhat proposed openstack/keystonemiddleware master: Register 'split_loggers' conf option  https://review.openstack.org/57800808:40
*** edmondsw has joined #openstack-keystone08:43
*** edmondsw has quit IRC08:47
*** sonuk_ has joined #openstack-keystone09:10
*** sonuk has quit IRC09:13
*** lifeless has quit IRC09:17
*** lifeless has joined #openstack-keystone09:18
*** AlexeyAbashkin has joined #openstack-keystone09:23
*** AlexeyAbashkin has quit IRC09:32
*** sanjaik has joined #openstack-keystone09:35
*** vigneshwar has joined #openstack-keystone09:42
*** vigneshwar has left #openstack-keystone09:49
*** vigneshwar has joined #openstack-keystone09:49
*** d0ugal has quit IRC09:55
*** d0ugal has joined #openstack-keystone09:55
*** d0ugal has quit IRC09:55
*** d0ugal has joined #openstack-keystone09:55
*** sonuk has joined #openstack-keystone10:41
*** sonuk_ has quit IRC10:43
*** sanjaik has quit IRC10:57
*** edmondsw has joined #openstack-keystone11:14
*** jroll has quit IRC11:36
*** mvk has quit IRC11:37
*** jroll has joined #openstack-keystone11:40
*** peereb has quit IRC11:54
*** raildo has joined #openstack-keystone12:16
*** jrist has joined #openstack-keystone12:34
*** mvk has joined #openstack-keystone12:41
*** tesseract has quit IRC13:04
*** tesseract has joined #openstack-keystone13:10
*** tesseract has quit IRC13:10
*** d0ugal has quit IRC13:13
*** raildo has quit IRC13:17
*** raildo has joined #openstack-keystone13:18
*** raildo has quit IRC13:21
*** raildo has joined #openstack-keystone13:30
*** d0ugal has joined #openstack-keystone13:35
openstackgerritLance Bragstad proposed openstack/oslo.policy master: Convert oslo.policy to using stestr  https://review.openstack.org/57929513:37
openstackgerritLance Bragstad proposed openstack/oslo.policy master: Convert oslo.policy to using stestr  https://review.openstack.org/57929513:38
*** tesseract has joined #openstack-keystone13:38
openstackgerritLance Bragstad proposed openstack/oslo.policy master: Pass dictionary as creds in policy tests  https://review.openstack.org/57899413:41
openstackgerritLance Bragstad proposed openstack/oslo.policy master: Teach Enforcer.enforce to deal with context objects  https://review.openstack.org/57899513:41
knikollao/13:56
elbragstadmorning13:56
cmurphy\o13:57
*** vegarl has quit IRC13:57
elbragstadsome folks are going to be on a short week, yeah?13:57
* cmurphy nope :'(13:58
elbragstadi can already feel how quiet it is going to be13:59
*** raildo has quit IRC13:59
elbragstadi'll be in today and tomorrow, but otherwise i'll be trying to be afk14:01
*** vegarl has joined #openstack-keystone14:03
*** hoonetorg has quit IRC14:06
*** raildo has joined #openstack-keystone14:07
*** xinran__ has joined #openstack-keystone14:09
*** vigneshwar has quit IRC14:30
kmallocO/14:33
kmallocMorning.14:33
kmallocI am trying to be afkish. But lots to do.14:33
kmallocWill mostly be checking in in the afternoons.. technically on vacation (but massive neck spasm, so stuck laying down)14:34
elbragstadfeel better =/14:34
kmallocIt is already better, hot compress. But ugh woke up with it today.14:38
gagehugoo/14:40
kmallocMaybe I'll take this week to write a non-sucky mobile Gerrit interface14:42
kmallocTime to learn JavaScript better sometime :P14:42
kmallocelbragstad: is our functional gate unhappy somehow?14:43
*** elbragstad is now known as lbragstad14:43
cmurphythe next gerrit upgrade will include polygerrit which will be more mobile friendly14:43
lbragstadnice14:43
lbragstadkmalloc: do you have a link?14:43
kmalloccmurphy: oh that would be nice. The current interface we have had (JavaScript based one) has been awful for years now.14:44
kmallocI used to do most my reviews and such via.phone.14:44
cmurphythat sounds painful14:45
kmalloclbragstad: looks like pip errors nvm14:45
kmalloccmurphy: when I lived in Pasadena (and when I was ptl) it wasn't bad. I also did most IRC meetings from my phone.14:46
lbragstadthat would drive me nuts14:46
kmallocCoffee shop life yo ;)14:46
lbragstadi can barely work from my kitchen counter *with* a laptop14:46
kmallocThe Gerrit interface was a static page. This whole dynamic frame scrolling thing is tereible14:47
kmallocIt sucks on mobile it sucks on desktop.14:47
kmallocI honestly would love to go back to the old ui.14:47
kmallocBasically, over engineered to be "slick".14:48
ayoungkmalloc, I need to relearn Javascript at some point14:49
ayoungfine something that walks the balance of "Reactuive" and "just in the browser, no server side"14:49
ayoungOr, for Gerrit, I should re-learn the Terminal based interface, whatever that was14:50
lbragstadgerrty14:50
cmurphygertty14:50
lbragstadyeah ^14:51
cmurphy("tty")14:51
lbragstadcmurphy: do you use it?14:51
cmurphyno14:51
cmurphythe web ui has always been good enough for me14:52
lbragstadah - nevermind... i played with it for about a week, but i had a hard time not using vi key mappings, so it felt super alien to me14:52
cmurphyi think the selling point for gertty was doing offline reviews but I don't work in planes often enough to need it14:52
lbragstadyeah... i thought the same thing14:53
*** zzzeek has quit IRC14:53
ayoungIs it still maintained?  Wasn't Gertty a pet project of some core dev?14:55
*** zzzeek has joined #openstack-keystone14:55
cmurphyit's still maintained14:55
cmurphyit's jeblair's project14:56
ayoungI have a REST question if anyone cares to take a stab at it:  For the Policy Merge and editing tool,  I want to do things like "convert all rules that have `is_admin:1` to 'rule:is_admin'"  And apply it to all the lines of a document.  How should I represent that?14:56
ayoungI was thinkg the refactoring itslef becomes a top level object, call it an Operator, and then  some way of saying applying an Operator to all Rules.14:57
ayoungFeels vaguely like a visitor pattern from Gof4.14:57
openstackgerritLance Bragstad proposed openstack/oslo.policy master: Convert oslo.policy to using stestr  https://review.openstack.org/57929515:00
openstackgerritLance Bragstad proposed openstack/oslo.policy master: Pass dictionary as creds in policy tests  https://review.openstack.org/57899415:00
openstackgerritLance Bragstad proposed openstack/oslo.policy master: Teach Enforcer.enforce to deal with context objects  https://review.openstack.org/57899515:00
openstackgerritMerged openstack/oslo.policy master: Add blueprints and releasenotes link to README  https://review.openstack.org/57932915:05
openstackgerritGage Hugo proposed openstack/keystone master: Remove unused util function  https://review.openstack.org/57959415:12
openstackgerritGage Hugo proposed openstack/keystone master: Remove unused util function  https://review.openstack.org/57959415:14
openstackgerritGage Hugo proposed openstack/keystone master: Add note for usage of util function  https://review.openstack.org/57959415:49
*** gyee has joined #openstack-keystone15:58
*** mvk has quit IRC16:08
*** dklyle has joined #openstack-keystone16:10
*** ksavich has joined #openstack-keystone16:13
openstackgerritLance Bragstad proposed openstack/oslo.policy master: Bump sphinx to match lower requirements  https://review.openstack.org/57916916:21
openstackgerritLance Bragstad proposed openstack/oslo.policy master: Pass dictionary as creds in policy tests  https://review.openstack.org/57899416:21
openstackgerritLance Bragstad proposed openstack/oslo.policy master: Teach Enforcer.enforce to deal with context objects  https://review.openstack.org/57899516:21
*** ksavich has quit IRC16:32
*** xinran__ has quit IRC16:45
*** alex_xu has quit IRC16:50
*** sonuk_ has joined #openstack-keystone16:53
*** alex_xu has joined #openstack-keystone16:54
*** sonuk has quit IRC16:56
*** jrist has quit IRC17:00
*** tesseract has quit IRC17:02
*** jrist has joined #openstack-keystone17:06
*** peereb has joined #openstack-keystone17:14
*** vishakha has quit IRC17:27
openstackgerritLance Bragstad proposed openstack/oslo.policy master: Fix requirements and convert to stests  https://review.openstack.org/57916917:28
openstackgerritLance Bragstad proposed openstack/oslo.policy master: Pass dictionary as creds in policy tests  https://review.openstack.org/57899417:28
openstackgerritLance Bragstad proposed openstack/oslo.policy master: Teach Enforcer.enforce to deal with context objects  https://review.openstack.org/57899517:28
*** mvk has joined #openstack-keystone17:30
openstackgerritLance Bragstad proposed openstack/oslo.policy master: Fix requirements and convert to stestr  https://review.openstack.org/57916917:31
openstackgerritLance Bragstad proposed openstack/oslo.policy master: Pass dictionary as creds in policy tests  https://review.openstack.org/57899417:31
openstackgerritLance Bragstad proposed openstack/oslo.policy master: Teach Enforcer.enforce to deal with context objects  https://review.openstack.org/57899517:31
*** felipemonteiro has joined #openstack-keystone17:34
*** felipemonteiro has quit IRC17:38
*** felipemonteiro has joined #openstack-keystone17:39
*** vishakha has joined #openstack-keystone17:40
*** felipemonteiro has quit IRC17:45
*** fiddletwix has joined #openstack-keystone17:45
ayoungwhat is the command to generate the policy.json or policy.yaml file now?17:45
*** felipemonteiro has joined #openstack-keystone17:47
lbragstadtox -e genpolicy17:49
lbragstador you can use the endpoints oslo.policy exposese17:50
ayounglbragstad, TYVM17:50
lbragstadexposes*17:50
lbragstadoslopolicy-*17:50
ayoungERROR: tox version is 1.4.2, required is at least 2.3.117:51
ayoungand that is what I get for running RHEL 717:51
ayoungI think I might end up following dolphm's old pattern of having a venv with all the tooling17:51
lbragstadoslopolicy-policy-generator shouldn't require tox17:52
lbragstadjust pass it the keystone namespace17:52
ayoungHeh17:52
ayoungchicken and egg time17:52
ayoungI don't even have the openstack CLI installed on this machine yet17:53
lbragstadah -17:53
ayoungtrying to avoid installing tools into the global namespace17:53
lbragstadyeah, oslo.policy needs to be installed with keystone17:53
ayoungI can see why people depend on containers for development17:53
*** peereb has quit IRC18:07
openstackgerritGage Hugo proposed openstack/keystone master: Refactor _handle_shadow_and_local_users  https://review.openstack.org/57965718:09
*** raildo has quit IRC18:24
*** raildo has joined #openstack-keystone18:26
openstackgerritGage Hugo proposed openstack/keystone master: Refactor _handle_shadow_and_local_users  https://review.openstack.org/57965718:28
openstackgerritGage Hugo proposed openstack/keystone master: Add docs for case-insensitivity in keystone  https://review.openstack.org/57664018:34
*** pcichy has quit IRC18:38
*** AlexeyAbashkin has joined #openstack-keystone18:57
openstackgerritGage Hugo proposed openstack/keystone master: Refactor _handle_shadow_and_local_users  https://review.openstack.org/57965718:59
openstackgerritGage Hugo proposed openstack/keystone master: Add note for usage of util function  https://review.openstack.org/57959419:00
openstackgerritGage Hugo proposed openstack/keystone master: Refactor _set_domain_id_and_mapping functions  https://review.openstack.org/57967019:07
*** pcichy has joined #openstack-keystone19:11
*** AlexeyAbashkin has quit IRC19:17
*** felipemonteiro has quit IRC19:26
*** felipemonteiro has joined #openstack-keystone19:31
*** d0ugal has quit IRC19:34
* kmalloc glares at the ick we've implemented in the controller base.20:06
*** aojea has joined #openstack-keystone20:10
*** raildo has quit IRC20:18
*** blake has joined #openstack-keystone20:26
openstackgerritLance Bragstad proposed openstack/oslo.limit master: Convert tox.ini to using stestr  https://review.openstack.org/57968520:55
openstackgerritLance Bragstad proposed openstack/oslo.limit master: Implement ProjectClaim objects  https://review.openstack.org/57968620:55
openstackgerritLance Bragstad proposed openstack/oslo.limit master: Implement basic Enforcer context manager  https://review.openstack.org/57968720:55
*** felipemonteiro has quit IRC21:01
openstackgerritLance Bragstad proposed openstack/oslo.limit master: Add .zuul.yaml  https://review.openstack.org/57968821:07
*** felipemonteiro has joined #openstack-keystone21:18
*** nicolasbock has quit IRC21:24
*** dklyle has quit IRC21:24
*** dklyle has joined #openstack-keystone21:25
*** vishakha has quit IRC21:33
*** tonytan4ever has joined #openstack-keystone21:34
*** martinus__ has quit IRC21:35
*** vishakha has joined #openstack-keystone21:46
*** felipemonteiro has quit IRC22:03
*** tonytan4ever has quit IRC22:03
*** tonytan4ever_brb has joined #openstack-keystone22:03
*** rcernin has joined #openstack-keystone22:18
*** felipemonteiro has joined #openstack-keystone22:20
*** felipemonteiro has quit IRC22:23
*** dtruong_ has quit IRC22:27
*** dtruong has joined #openstack-keystone22:28
adriantcmurphy: what I mean by options: https://github.com/openstack/keystone/commit/ab9237f2c378eb2cf51b492ca9528327fa48b0b622:47
adriantwas unclear that I meant user options22:47
*** aojea has quit IRC22:50
adriantI couldn't easily find any docs on the MFA user options, yet along user options in general outside of the code itself22:50
adriantalone*, but I didn't look tooo hard for them22:51
adriantOk, so the API ref doesn't mention user options, but the sections in the docs that relate to those option for PCI do mention them: https://github.com/openstack/keystone/blob/master/doc/source/admin/identity-security-compliance.rst23:01
adriantJust no docs for the MFA related user options, but we can remedy that with a follow up that adds docs for auth receipts and MFA user options at the same time23:03
*** edmondsw has quit IRC23:05
*** edmondsw has joined #openstack-keystone23:06
*** edmondsw has quit IRC23:11
*** threestrands has joined #openstack-keystone23:43
*** gyee has quit IRC23:45
openstackgerritMerged openstack/keystone master: Added check to avoid keyerror "user['name']"  https://review.openstack.org/57643323:48
openstackgerritMerged openstack/keystone master: Remove token bind capabilities  https://review.openstack.org/57752423:48
*** mylu has joined #openstack-keystone23:51
« Sunday, 2018-07-01 Index Tuesday, 2018-07-03 »

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!