| *** dasm|off is now known as dasm | 11:00 | |
| *** dviroel|out is now known as dviroel | 11:19 | |
| dmendiza[m] | #startmeeting keystone | 15:00 |
|---|---|---|
| opendevmeet | Meeting started Tue Feb 15 15:00:15 2022 UTC and is due to finish in 60 minutes. The chair is dmendiza[m]. Information about MeetBot at http://wiki.debian.org/MeetBot. | 15:00 |
| opendevmeet | Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. | 15:00 |
| opendevmeet | The meeting name has been set to 'keystone' | 15:00 |
| dmendiza[m] | #topic Roll Call | 15:00 |
| dmendiza[m] | Courtesy ping for ayoung, bbobrov, crisloma, d34dh0r53, dpar, dstanek, gagehugo, hrybacki, knikolla, lamt, lbragstad, lwanderley, kmalloc, rodrigods, samueldmq, spilla, ruan_he, wxy, sonuk, vishakha,Ajay, rafaelweingartner, xek | 15:00 |
| d34dh0r53 | o/ | 15:00 |
| gagehugo | o/ | 15:00 |
| dmendiza[m] | Hi y'all! | 15:00 |
| dmendiza[m] | As usual the agenda is over here: | 15:01 |
| dmendiza[m] | #link https://etherpad.opendev.org/p/keystone-weekly-meeting | 15:01 |
| knikolla | o/ | 15:01 |
| dmendiza[m] | OK, let's get started | 15:03 |
| dmendiza[m] | #topic Review Past Meeting Action Items | 15:03 |
| dmendiza[m] | #link https://meetings.opendev.org/meetings/keystone/2022/keystone.2022-02-08-15.01.html | 15:03 |
| dmendiza[m] | We didn't have any | 15:03 |
| dmendiza[m] | #topic Liaison Updates | 15:04 |
| dmendiza[m] | knikolla: any updates this week? | 15:04 |
| knikolla | we're moving Keystone back to a PTL model since dmendiza[m] offered to be PTL | 15:06 |
| knikolla | governance change is tracked here https://review.opendev.org/c/openstack/governance/+/829037 | 15:07 |
| knikolla | thank you dmendiza[m] | 15:07 |
| d34dh0r53 | ++ | 15:07 |
| dmendiza[m] | 😁👍️ | 15:08 |
| dmendiza[m] | Yeah, hopefully we're still on time? I think nominations close today? | 15:09 |
| gagehugo | yeah | 15:11 |
| dmendiza[m] | Right on. I'll keep an eye out on that patch | 15:12 |
| dmendiza[m] | #link https://review.opendev.org/c/openstack/election/+/828927 | 15:13 |
| dmendiza[m] | ^^^ the PTL nomination patch | 15:13 |
| dmendiza[m] | OK, moving on ... | 15:13 |
| dmendiza[m] | #topic Specs | 15:14 |
| dmendiza[m] | First up the OAuth 2.0 spec | 15:14 |
| dmendiza[m] | #link https://review.opendev.org/c/openstack/keystone-specs/+/813152 | 15:14 |
| dmendiza[m] | Still just a +2 from knikolla | 15:14 |
| dmendiza[m] | gagehugostill needs to take a look | 15:15 |
| knikolla | gagehugo: can you please give that spec a review? it's basically allowing application credentials to serve as oauth 2.0 client secrets, and creates a REST API that implements the OAuth 2.0 client credentials part of the specification | 15:16 |
| gagehugo | sure | 15:16 |
| gagehugo | there is a comment chain that is about as long as the spec itself now though haha | 15:19 |
| knikolla | haha, well, that comment chain caused the spec to become that short | 15:21 |
| knikolla | early in Zed i'll be proposing more aspects of oauth/openid connect as specs | 15:22 |
| dmendiza[m] | nice | 15:23 |
| * dmendiza[m] will also take a look at spec | 15:24 | |
| dmendiza[m] | Next, the "service" role spec has more discussion happening | 15:24 |
| dmendiza[m] | please share thoughts/opinions if you can | 15:24 |
| dmendiza[m] | #link https://review.opendev.org/c/openstack/keystone-specs/+/818616 | 15:24 |
| knikolla | i've allocated some time to go through it today | 15:25 |
| dmendiza[m] | The "manager" role spec didn' tpass the gate | 15:25 |
| dmendiza[m] | #link https://review.opendev.org/c/openstack/keystone-specs/+/818603 | 15:25 |
| dmendiza[m] | I'll take a look at that today | 15:25 |
| dmendiza[m] | That's all for the active specs | 15:27 |
| dmendiza[m] | Moving on ... | 15:27 |
| dmendiza[m] | #topic PTG | 15:27 |
| dmendiza[m] | The next PTG is coming up in April | 15:27 |
| dmendiza[m] | We've tentatively picked a couple of time slots for Keystone discussions: | 15:27 |
| dmendiza[m] | #link https://ethercalc.openstack.org/7yxdas7suqnd | 15:27 |
| dmendiza[m] | Tuesday April 5 1500-1700 UTC | 15:28 |
| dmendiza[m] | and | 15:28 |
| dmendiza[m] | Thursday April 7 1500-1700 UTC | 15:28 |
| dmendiza[m] | Please let me know if we need to adjust those for any reason | 15:28 |
| gagehugo | Those work for me | 15:29 |
| dmendiza[m] | I've also started an etherpad to collect topics to be covered during the PTG | 15:30 |
| dmendiza[m] | #link https://etherpad.opendev.org/p/z-ptg-keystone | 15:30 |
| dmendiza[m] | Please feel free to add any topics you think would be good to discuss | 15:30 |
| dmendiza[m] | #topic Open Discussion | 15:31 |
| dmendiza[m] | Any other topics y'all want to talk about before we move on to Bug Review? | 15:32 |
| dmendiza[m] | OK, moving on | 15:35 |
| dmendiza[m] | #topic Bug Review | 15:35 |
| dmendiza[m] | #link https://bugs.launchpad.net/keystone/?orderby=-id&start=0 | 15:35 |
| dmendiza[m] | No new Keystone bugs | 15:35 |
| dmendiza[m] | #link https://bugs.launchpad.net/python-keystoneclient/?orderby=-id&start=0 | 15:36 |
| dmendiza[m] | No new python-keystoneclient bugs | 15:36 |
| dmendiza[m] | #link https://bugs.launchpad.net/keystoneauth/+bugs?orderby=-id&start=0 | 15:36 |
| dmendiza[m] | No new keystoneauth bugs | 15:36 |
| dmendiza[m] | #link https://bugs.launchpad.net/keystonemiddleware/+bugs?orderby=-id&start=0 | 15:36 |
| dmendiza[m] | No new keystonemiddleware bugs | 15:36 |
| dmendiza[m] | #link https://bugs.launchpad.net/pycadf/+bugs?orderby=-id&start=0 | 15:37 |
| dmendiza[m] | No new pycadf bugs | 15:37 |
| *** dviroel is now known as dviroel|lunch | 15:37 | |
| dmendiza[m] | https://bugs.launchpad.net/ldappool/+bugs?orderby=-id&start=0 | 15:37 |
| dmendiza[m] | And no new ldappool bugs | 15:37 |
| dmendiza[m] | whew, that's a lot of launchpads. 😅 | 15:38 |
| dmendiza[m] | #topic Review Requests | 15:38 |
| dmendiza[m] | Any reviews we should talk about now? | 15:38 |
| d34dh0r53 | https://review.opendev.org/c/openstack/keystone/+/828595 let me know what you think, I’m not sure how to fix this without making upgrades terrible | 15:40 |
| d34dh0r53 | This fix addresses the core of the bug in that it’s no longer silent but it’s not really a fix | 15:42 |
| knikolla | Maybe an addition to the keystone-manage doctor CLI to check for this would provide a better user experience | 15:44 |
| knikolla | Since this seem to be the case of a mismatch between desired max length, and supported max length by the algorithm | 15:45 |
| knikolla | seems* | 15:45 |
| d34dh0r53 | ahh, that’s a good idea | 15:45 |
| knikolla | This way we can push out a warning to operators "hey you want to support 200 char passwords, switch to this other algo" | 15:45 |
| d34dh0r53 | knikolla: right | 15:45 |
| d34dh0r53 | is that in python-keystoneclient? | 15:47 |
| knikolla | no, it's part of keystone https://github.com/openstack/keystone/tree/master/keystone/cmd | 15:47 |
| d34dh0r53 | awesome, thank you | 15:48 |
| knikolla | np :) | 15:48 |
| dmendiza[m] | Cool | 15:51 |
| dmendiza[m] | We've got just a few minutes left. | 15:51 |
| dmendiza[m] | OK, let's call it a day. | 15:54 |
| dmendiza[m] | Thanks for joining, everyone! | 15:54 |
| dmendiza[m] | #endmeeting | 15:54 |
| opendevmeet | Meeting ended Tue Feb 15 15:54:26 2022 UTC. Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4) | 15:54 |
| opendevmeet | Minutes: https://meetings.opendev.org/meetings/keystone/2022/keystone.2022-02-15-15.00.html | 15:54 |
| opendevmeet | Minutes (text): https://meetings.opendev.org/meetings/keystone/2022/keystone.2022-02-15-15.00.txt | 15:54 |
| opendevmeet | Log: https://meetings.opendev.org/meetings/keystone/2022/keystone.2022-02-15-15.00.log.html | 15:54 |
| gagehugo | dmendiza[m]: thanks! | 15:54 |
| d34dh0r53 | thank you dmendiza[m] | 15:56 |
| *** dviroel|lunch is now known as dviroel | 16:52 | |
| opendevreview | Merged openstack/keystone-specs master: OAuth2.0 Client Credentials Grant Flow Support https://review.opendev.org/c/openstack/keystone-specs/+/813152 | 19:26 |
| *** dviroel is now known as dviroel|out | 21:35 | |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!