| *** mhen_ is now known as mhen | 02:39 | |
| *** blarnath is now known as d34dh0r53 | 15:01 | |
| d34dh0r53 | #startmeeting keystone | 15:01 |
|---|---|---|
| opendevmeet | Meeting started Wed Jan 10 15:01:25 2024 UTC and is due to finish in 60 minutes. The chair is d34dh0r53. Information about MeetBot at http://wiki.debian.org/MeetBot. | 15:01 |
| opendevmeet | Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. | 15:01 |
| opendevmeet | The meeting name has been set to 'keystone' | 15:01 |
| d34dh0r53 | #topic roll call | 15:01 |
| d34dh0r53 | admiyo, bbobrov, crisloma, d34dh0r53, dpar, dstanek, hrybacki, knikolla[m], lbragstad, lwanderley, kmalloc, rodrigods, samueldmq, ruan_he, wxy, sonuk, vishakha, Ajay, rafaelwe, xek, gmann, zaitcev, reqa, dmendiza[m], mharley | 15:01 |
| d34dh0r53 | o/ | 15:01 |
| d34dh0r53 | #topic review past meeting work items | 15:04 |
| d34dh0r53 | #link https://meetings.opendev.org/meetings/keystone/2024/keystone.2024-01-03-15.00.html | 15:04 |
| xek | o/ | 15:04 |
| Luzi | o/ | 15:04 |
| d34dh0r53 | both action items are mine, I've started looking at the Keystone docs so I can figure out the best way to add a known issues section, but I'm going to keep this on here as a reminder | 15:05 |
| d34dh0r53 | #action d34dh0r53 Look into adding/restoring a known issues section to our documentation | 15:05 |
| d34dh0r53 | and the second AI is dependent on the first | 15:05 |
| d34dh0r53 | d34dh0r53 add https://bugs.launchpad.net/keystone/+bug/1305950 to the known issues section of our documentation | 15:06 |
| d34dh0r53 | oops | 15:06 |
| d34dh0r53 | #action d34dh0r53 add https://bugs.launchpad.net/keystone/+bug/1305950 to the known issues section of our documentation | 15:06 |
| d34dh0r53 | next up | 15:06 |
| d34dh0r53 | #topic liaison updates | 15:06 |
| d34dh0r53 | nothing from VMT | 15:06 |
| d34dh0r53 | caracal-2 will be cut at the end of the week | 15:06 |
| d34dh0r53 | that's it from release | 15:06 |
| d34dh0r53 | moving on | 15:07 |
| d34dh0r53 | #topic specification OAuth 2.0 (hiromu) | 15:07 |
| d34dh0r53 | #link https://review.opendev.org/q/topic:bp%252Foauth2-client-credentials-ext | 15:08 |
| d34dh0r53 | #link https://review.opendev.org/q/topic:bp%252Fenhance-oauth2-interoperability | 15:08 |
| d34dh0r53 | External OAuth 2.0 Specification | 15:08 |
| d34dh0r53 | #link https://review.opendev.org/c/openstack/keystone-specs/+/861554 | 15:08 |
| d34dh0r53 | OAuth 2.0 Implementation | 15:08 |
| d34dh0r53 | #link https://review.opendev.org/q/topic:bp%252Fsupport-oauth2-mtls | 15:08 |
| d34dh0r53 | OAuth 2.0 Documentation | 15:08 |
| d34dh0r53 | #link https://review.opendev.org/c/openstack/keystone/+/838108 | 15:08 |
| d34dh0r53 | #link https://review.opendev.org/c/openstack/keystoneauth/+/838104 | 15:08 |
| d34dh0r53 | it doesn't look like hiromu is around | 15:08 |
| d34dh0r53 | #topic specification Secure RBAC (dmendiza[m]) | 15:09 |
| d34dh0r53 | #link https://governance.openstack.org/tc/goals/selected/consistent-and-secure-rbac.html#z-release-timeline_ | 15:09 |
| d34dh0r53 | 2024.1 Release Timeline | 15:09 |
| d34dh0r53 | Update oslo.policy in keystone to enforce_new_defaults=True | 15:09 |
| d34dh0r53 | Update oslo.policy in keystone to enforce_scope=True | 15:09 |
| d34dh0r53 | #link https://review.opendev.org/c/openstack/keystone/+/902730 | 15:09 |
| d34dh0r53 | #link https://review.opendev.org/c/openstack/keystone-tempest-plugin/+/903713 | 15:09 |
| d34dh0r53 | I'm going to review those patches this week | 15:10 |
| dmendiza[m] | 🙋♂️ | 15:11 |
| d34dh0r53 | 👋 | 15:11 |
| dmendiza[m] | (only kinda here. Waiting for my turn at the dentist) | 15:12 |
| d34dh0r53 | ack, any updates on the Secure RBAC things? | 15:12 |
| d34dh0r53 | guess not, no worries, all: please review the patches, I'd like to get them in early before we have to worry about c-3 | 15:15 |
| d34dh0r53 | moving on | 15:15 |
| d34dh0r53 | #topic specification Add schema version and support to "domain" attribute in mapping rules (gtema) | 15:15 |
| d34dh0r53 | #link https://review.opendev.org/c/openstack/keystone-specs/+/748042 (merged) | 15:15 |
| d34dh0r53 | #link https://review.opendev.org/c/openstack/keystone/+/739966 | 15:15 |
| gtema | should now be reviewed by cores. Functionality is working now | 15:16 |
| gtema | and we should get wider reviews before we can move to the next phase with dynamic projects mappings | 15:16 |
| d34dh0r53 | ack, thanks gtema, I'll take a look this week as well | 15:17 |
| d34dh0r53 | cores, please do the same | 15:17 |
| gtema | thanks | 15:18 |
| d34dh0r53 | #topic open discussion | 15:18 |
| Luzi | well hi I'm a colleague of mhen, and will work on the domain manager concept. I'm currently looking into the spec, that mhen proposed | 15:20 |
| d34dh0r53 | hi Luzi! Do you have a link handy? | 15:21 |
| Luzi | one moment | 15:21 |
| Luzi | https://review.opendev.org/c/openstack/keystone-specs/+/903172 | 15:21 |
| d34dh0r53 | #link https://review.opendev.org/c/openstack/keystone-specs/+/903172 | 15:22 |
| d34dh0r53 | thanks Luzi | 15:22 |
| d34dh0r53 | I ran a recheck and I'll take a look at this spec and possibly raise it during the reviewathon on Friday | 15:25 |
| Luzi | thank you | 15:25 |
| d34dh0r53 | np | 15:25 |
| d34dh0r53 | anything else for open discussion before we move on to bug review? | 15:25 |
| d34dh0r53 | #topic bug review | 15:28 |
| d34dh0r53 | #link https://bugs.launchpad.net/keystone/?orderby=-id&start=0 | 15:28 |
| d34dh0r53 | nothing new for keystone | 15:29 |
| d34dh0r53 | #link https://bugs.launchpad.net/python-keystoneclient/?orderby=-id&start=0 | 15:29 |
| d34dh0r53 | python-keystoneclient is good | 15:30 |
| d34dh0r53 | #link https://bugs.launchpad.net/keystoneauth/+bugs?orderby=-id&start=0 | 15:30 |
| d34dh0r53 | no new bugs in keystoneauth | 15:30 |
| d34dh0r53 | #link https://bugs.launchpad.net/keystonemiddleware/+bugs?orderby=-id&start=0 | 15:30 |
| d34dh0r53 | nor in keystonemiddleware | 15:30 |
| d34dh0r53 | #link https://bugs.launchpad.net/pycadf/+bugs?orderby=-id&start=0 | 15:31 |
| d34dh0r53 | pycadf is good | 15:31 |
| d34dh0r53 | #link https://bugs.launchpad.net/ldappool/+bugs?orderby=-id&start=0 | 15:31 |
| d34dh0r53 | so is ldappool | 15:31 |
| d34dh0r53 | that does it for bug review | 15:31 |
| d34dh0r53 | #topic conclusion | 15:31 |
| d34dh0r53 | Don't forget to vote for the for the OpenInfra elections, the deadline is 12-Jan-24 | 15:34 |
| d34dh0r53 | I've registered Keystone for the v-PTG 08-Apr - 12-Apr, registration info coming soon | 15:35 |
| d34dh0r53 | I'll try to get the agenda cut early so we have time to add things for 2024.2 | 15:36 |
| d34dh0r53 | Thanks folks! | 15:36 |
| d34dh0r53 | #endmeeting | 15:36 |
| opendevmeet | Meeting ended Wed Jan 10 15:36:41 2024 UTC. Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4) | 15:36 |
| opendevmeet | Minutes: https://meetings.opendev.org/meetings/keystone/2024/keystone.2024-01-10-15.01.html | 15:36 |
| opendevmeet | Minutes (text): https://meetings.opendev.org/meetings/keystone/2024/keystone.2024-01-10-15.01.txt | 15:36 |
| opendevmeet | Log: https://meetings.opendev.org/meetings/keystone/2024/keystone.2024-01-10-15.01.log.html | 15:36 |
| opendevreview | Josephine Seifert proposed openstack/keystone-specs master: Add identity spec for domain-manager role https://review.opendev.org/c/openstack/keystone-specs/+/903172 | 15:54 |
| *** jph4 is now known as jph | 23:48 | |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!