| *** mhen_ is now known as mhen | 01:39 | |
| *** __ministry is now known as Guest2419 | 02:21 | |
| opendevreview | OpenStack Proposal Bot proposed openstack/keystone master: Imported Translations from Zanata https://review.opendev.org/c/openstack/keystone/+/924460 | 03:28 |
|---|---|---|
| *** __ministry is now known as Guest2439 | 07:13 | |
| *** whoami-rajat_ is now known as whoami-rajat | 14:00 | |
| d34dh0r53 | #startmeeting keystone | 15:02 |
| opendevmeet | Meeting started Wed Sep 4 15:02:12 2024 UTC and is due to finish in 60 minutes. The chair is d34dh0r53. Information about MeetBot at http://wiki.debian.org/MeetBot. | 15:02 |
| opendevmeet | Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. | 15:02 |
| opendevmeet | The meeting name has been set to 'keystone' | 15:02 |
| xek | o/ | 15:02 |
| d34dh0r53 | #topic roll call | 15:02 |
| d34dh0r53 | admiyo, bbobrov, crisloma, d34dh0r53, dpar, dstanek, hrybacki, lbragstad, lwanderley, kmalloc, rodrigods, samueldmq, ruan_he, wxy, sonuk, vishakha, Ajay, rafaelwe, xek, gmann, zaitcev, reqa, dmendiza[m], mharley, jph, gtema | 15:02 |
| mhen | o/ | 15:02 |
| d34dh0r53 | o/ | 15:03 |
| mharley[m] | o/ | 15:03 |
| d34dh0r53 | #topic review past meeting work items | 15:04 |
| d34dh0r53 | #link https://meetings.opendev.org/meetings/keystone/2024/keystone.2024-08-28-15.04.html | 15:05 |
| d34dh0r53 | just one, for dmendiza | 15:05 |
| d34dh0r53 | dmendiza clean up the SRBAC Specification section of the weekly meeting etherpad | 15:05 |
| dmendiza[m] | I did not do that 😅 | 15:06 |
| gtema | Sorry, I am on a business trip, so not really here | 15:06 |
| d34dh0r53 | no worries dmendiza or gtema (Artem Goncharov) | 15:08 |
| d34dh0r53 | I'll re-add the action item | 15:08 |
| d34dh0r53 | #action dmendiza clean up the SRBAC Specification section of the weekly meeting etherpad | 15:09 |
| d34dh0r53 | #topic liaison updates | 15:09 |
| d34dh0r53 | nothing from VMT | 15:09 |
| d34dh0r53 | we're in feature freeze for dalmatian so bug fixes only | 15:09 |
| d34dh0r53 | that's it for liaison updates | 15:09 |
| d34dh0r53 | #topic specification OAuth 2.0 (hiromu) | 15:11 |
| d34dh0r53 | #link https://review.opendev.org/q/topic:bp%252Foauth2-client-credentials-ext | 15:11 |
| d34dh0r53 | #link https://review.opendev.org/q/topic:bp%252Fenhance-oauth2-interoperability | 15:11 |
| d34dh0r53 | External OAuth 2.0 Specification | 15:11 |
| d34dh0r53 | #link https://review.opendev.org/c/openstack/keystone-specs/+/861554 (merged) | 15:11 |
| d34dh0r53 | OAuth 2.0 Implementation | 15:11 |
| d34dh0r53 | #link https://review.opendev.org/q/topic:bp%252Fsupport-oauth2-mtls | 15:11 |
| d34dh0r53 | OAuth 2.0 Documentation | 15:11 |
| d34dh0r53 | #link https://review.opendev.org/c/openstack/keystone/+/838108 (merged) | 15:12 |
| d34dh0r53 | #link https://review.opendev.org/c/openstack/keystoneauth/+/838104 (merged) | 15:12 |
| d34dh0r53 | next up | 15:12 |
| d34dh0r53 | no updates | 15:12 |
| d34dh0r53 | #topic specification Secure RBAC (dmendiza[m]) | 15:12 |
| d34dh0r53 | #link https://governance.openstack.org/tc/goals/selected/consistent-and-secure-rbac.html#z-release-timeline_ | 15:12 |
| d34dh0r53 | 2024.1 Release Timeline | 15:12 |
| d34dh0r53 | Update oslo.policy in keystone to enforce_new_defaults=True | 15:12 |
| d34dh0r53 | Update oslo.policy in keystone to enforce_scope=True | 15:12 |
| d34dh0r53 | #link https://review.opendev.org/c/openstack/keystone/+/902730 (Merged) | 15:12 |
| d34dh0r53 | #link https://review.opendev.org/c/openstack/keystone-tempest-plugin/+/903713 (Merged) | 15:12 |
| d34dh0r53 | #link https://review.opendev.org/c/openstack/tempest/+/912489 (Merged) | 15:13 |
| d34dh0r53 | next up | 15:15 |
| d34dh0r53 | #topic specification OpenAPI support (gtema) | 15:16 |
| d34dh0r53 | #link https://review.opendev.org/q/topic:%22openapi%22+project:openstack/keystone | 15:16 |
| d34dh0r53 | gtema: changes awaiting review | 15:16 |
| d34dh0r53 | I'll try to review these, had a couple of fires to put out last week | 15:16 |
| gtema | 👍 | 15:17 |
| d34dh0r53 | next up | 15:18 |
| d34dh0r53 | #topic specification domain manager (mhen) | 15:18 |
| d34dh0r53 | #link https://review.opendev.org/q/topic:%22domain-manager%22 | 15:18 |
| d34dh0r53 | keystone patchset adjusted according to Douglas' review, keystone-tempest-plugin aligned accordingly | 15:18 |
| mhen | that is an old note | 15:18 |
| mhen | I replaced it but was too late ig | 15:19 |
| d34dh0r53 | oops | 15:19 |
| d34dh0r53 | tempest and keystone-tempest-plugin patchsets not merged yet | 15:19 |
| mhen | I've been wondering: how do the tempest tests relate to the release? | 15:19 |
| d34dh0r53 | were you able to get anyone from the QE team to review? | 15:20 |
| mhen | do we have a deadline here as well? | 15:20 |
| dmendiza[m] | No, tests for a feature that has already merged don't need to be held up by the FFE | 15:21 |
| dmendiza[m] | *Feature Freeze (no E) | 15:21 |
| mhen | okay good | 15:21 |
| mhen | I haven't been able to reach out yet because I was busy with other stuff and haven't really figured out yet how or where to reach to exactly | 15:22 |
| d34dh0r53 | I would do a ping in #openstack-qa asking for help with reviews on your tempest patch, once that is merged we can get the keystone-tempest-plugin one merged | 15:24 |
| mhen | d34dh0r53: alright, will do that, thanks for the hint about the IRC channel | 15:24 |
| d34dh0r53 | 👍️ and you're welcome | 15:26 |
| d34dh0r53 | #topic open discussion | 15:26 |
| d34dh0r53 | I don't have anything | 15:26 |
| mhen | small thing maybe | 15:28 |
| d34dh0r53 | #topic bug review | 15:28 |
| d34dh0r53 | #undo | 15:28 |
| opendevmeet | Removing item from minutes: #topic bug review | 15:28 |
| d34dh0r53 | go ahead mhen | 15:28 |
| mhen | would it be beneficial to have a guide on how to use the domain manager persona? e.g. how to create domain managers as an admin and as a domain manager how to manage resources in a domain? | 15:30 |
| mhen | if so, where would be the best place for this? | 15:30 |
| d34dh0r53 | I think it would be very helpful, as for the best place I'm not sure, dmendiza might know for sure | 15:31 |
| d34dh0r53 | maybe in the user guide | 15:32 |
| d34dh0r53 | #link https://docs.openstack.org/keystone/2024.1/user/ | 15:32 |
| d34dh0r53 | or here #link https://docs.openstack.org/operations-guide/ops-projects-users.html | 15:33 |
| d34dh0r53 | That's probably a better place for it, it's more operational than user facing | 15:33 |
| d34dh0r53 | or here #link https://docs.openstack.org/keystone/2024.1/admin/service-api-protection.html#domain-personas | 15:34 |
| mhen | I think the last one would not be intuitive if I were to put myself into a users/operators shoes and looking for documentation | 15:35 |
| dmendiza[m] | managers are users though, | 15:35 |
| dmendiza[m] | so the user guide makes the most sense to me | 15:36 |
| mhen | The last one is more like an overview of the very basics of main roles; plus it is already updated by the domain manager patchset | 15:36 |
| dmendiza[m] | option 2 would also make sense | 15:37 |
| d34dh0r53 | Yeah, I'm really not sure, so I'm fine with any of the three | 15:39 |
| mhen | strictly speaking, I think appointing domain managers as an admin would be part of 2 and usage of the domain manager persona by appointed users would be part of 1 | 15:39 |
| d34dh0r53 | Yeah, and the documentation of what they are in 3? | 15:40 |
| mhen | we already have 3 at home :) | 15:40 |
| mhen | it was part of the keystone patchset that we merged | 15:40 |
| mhen | if I'm not mistaken | 15:40 |
| mhen | https://review.opendev.org/c/openstack/keystone/+/924132/11/doc/source/admin/service-api-protection.rst | 15:41 |
| d34dh0r53 | I'm looking at the old release :/ | 15:42 |
| d34dh0r53 | Sorry for the confusion, yeah it's there | 15:43 |
| mhen | no worries :) | 15:44 |
| d34dh0r53 | cool | 15:46 |
| d34dh0r53 | ok, moving on | 15:46 |
| d34dh0r53 | #topic bug review | 15:46 |
| d34dh0r53 | #link https://bugs.launchpad.net/keystone/?orderby=-id&start=0 | 15:46 |
| d34dh0r53 | no new bugs for keystone | 15:46 |
| d34dh0r53 | #link https://bugs.launchpad.net/python-keystoneclient/?orderby=-id&start=0 | 15:46 |
| d34dh0r53 | python-keystoneclient is good | 15:46 |
| d34dh0r53 | #link https://bugs.launchpad.net/keystoneauth/+bugs?orderby=-id&start=0 | 15:46 |
| d34dh0r53 | keystoneauth has a new bug that is in progress | 15:47 |
| d34dh0r53 | #link https://bugs.launchpad.net/keystoneauth/+bug/2078437 | 15:47 |
| d34dh0r53 | There's a patch up here #link https://review.opendev.org/c/openstack/keystoneauth/+/927581 | 15:48 |
| d34dh0r53 | #link https://bugs.launchpad.net/keystonemiddleware/+bugs?orderby=-id&start=0 | 15:48 |
| d34dh0r53 | no new bugs for keystonemiddleware | 15:48 |
| d34dh0r53 | #link https://bugs.launchpad.net/pycadf/+bugs?orderby=-id&start=0 | 15:48 |
| d34dh0r53 | pycadf is good | 15:48 |
| d34dh0r53 | #link https://bugs.launchpad.net/ldappool/+bugs?ordterby=-id&start=0 | 15:48 |
| d34dh0r53 | ldappool is also good | 15:49 |
| d34dh0r53 | #topic conclusion | 15:49 |
| d34dh0r53 | Nothing else from me, thanks all! | 15:49 |
| d34dh0r53 | #endmeeting | 15:50 |
| opendevmeet | Meeting ended Wed Sep 4 15:50:10 2024 UTC. Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4) | 15:50 |
| opendevmeet | Minutes: https://meetings.opendev.org/meetings/keystone/2024/keystone.2024-09-04-15.02.html | 15:50 |
| opendevmeet | Minutes (text): https://meetings.opendev.org/meetings/keystone/2024/keystone.2024-09-04-15.02.txt | 15:50 |
| opendevmeet | Log: https://meetings.opendev.org/meetings/keystone/2024/keystone.2024-09-04-15.02.log.html | 15:50 |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!