opendevreview | Takashi Kajinami proposed openstack/keystone master: Replace deprecated FormatChecker.cls_checks https://review.opendev.org/c/openstack/keystone/+/935689 | 01:32 |
---|---|---|
opendevreview | Takashi Kajinami proposed openstack/keystone master: Replace deprecated FormatChecker.cls_checks https://review.opendev.org/c/openstack/keystone/+/935689 | 01:35 |
opendevreview | Takashi Kajinami proposed openstack/keystone master: Replace deprecated FormatChecker.cls_checks https://review.opendev.org/c/openstack/keystone/+/935689 | 02:08 |
opendevreview | Takashi Kajinami proposed openstack/keystone master: Replace deprecated FormatChecker.cls_checks https://review.opendev.org/c/openstack/keystone/+/935689 | 02:13 |
*** mhen_ is now known as mhen | 02:27 | |
*** __ministry is now known as Guest243 | 04:26 | |
*** __ministry is now known as Guest253 | 06:54 | |
*** tv1 is now known as Kvisle | 08:11 | |
opendevreview | Stephen Finucane proposed openstack/keystoneauth master: typing: Simplify some types, other TODOs https://review.opendev.org/c/openstack/keystoneauth/+/935764 | 11:34 |
opendevreview | Stephen Finucane proposed openstack/keystoneauth master: typing: Remove unused AuthMethod.get_auth_data arguments https://review.opendev.org/c/openstack/keystoneauth/+/935765 | 11:34 |
opendevreview | Stephen Finucane proposed openstack/keystoneauth master: typing: Remove unused BaseAuthPlugin.get_auth_ref kwargs https://review.opendev.org/c/openstack/keystoneauth/+/935766 | 11:34 |
opendevreview | Stephen Finucane proposed openstack/keystoneauth master: typing: Remove unused _Rescoped.get_unscoped_auth_ref kwargs https://review.opendev.org/c/openstack/keystoneauth/+/935767 | 11:34 |
opendevreview | Stephen Finucane proposed openstack/keystoneauth master: typing: Remove unused BaseAuthPlugin.get_headers kwargs https://review.opendev.org/c/openstack/keystoneauth/+/935768 | 11:34 |
opendevreview | Stephen Finucane proposed openstack/keystoneauth master: typing: Remove unused BaseAuthPlugin.get_token kwargs https://review.opendev.org/c/openstack/keystoneauth/+/935769 | 11:34 |
opendevreview | Stephen Finucane proposed openstack/keystoneauth master: WIP: typing: Deprecate use of AuthConstructor https://review.opendev.org/c/openstack/keystoneauth/+/935770 | 11:34 |
opendevreview | Stephen Finucane proposed openstack/keystoneauth master: WIP: typing: Removing remaining used kwargs https://review.opendev.org/c/openstack/keystoneauth/+/935771 | 11:34 |
opendevreview | Stephen Finucane proposed openstack/keystoneauth master: loading.opts: Add 'argparse_envvars' helper https://review.opendev.org/c/openstack/keystoneauth/+/933110 | 11:38 |
opendevreview | Stephen Finucane proposed openstack/keystoneauth master: doc: Fix indentation https://review.opendev.org/c/openstack/keystoneauth/+/933111 | 11:38 |
opendevreview | Stephen Finucane proposed openstack/keystoneauth master: docs: Rework plugin-options doc https://review.opendev.org/c/openstack/keystoneauth/+/933112 | 11:38 |
opendevreview | Stephen Finucane proposed openstack/keystoneauth master: loading: Add blurb for most plugins https://review.opendev.org/c/openstack/keystoneauth/+/933113 | 11:38 |
opendevreview | Stephen Finucane proposed openstack/keystoneauth master: docs: Document CLI options, envvars https://review.opendev.org/c/openstack/keystoneauth/+/933114 | 11:38 |
opendevreview | Stephen Finucane proposed openstack/keystoneauth master: Fix misuse of assertTrue https://review.opendev.org/c/openstack/keystoneauth/+/935777 | 12:18 |
elodilles | d34dh0r53: hi, could you please review this transition to unmaintained patch? https://review.opendev.org/c/openstack/releases/+/934491 | 13:20 |
dmendiza[m] | 🙋♂️ | 15:00 |
gtema | wow, even before Dave? | 15:00 |
xek | o/ | 15:04 |
gtema | o/ but is meeting started? | 15:04 |
* xek just saying hi :) | 15:05 | |
gtema | ah nice | 15:05 |
gtema | pinging Dave Wilde (d34dh0r53) | 15:05 |
gtema | guys, since you are here and the meeting has not started yet: https://review.opendev.org/c/openstack/keystone/+/935685 - this unblocks our gates | 15:07 |
d34dh0r53 | sorry | 15:12 |
d34dh0r53 | #startmeeting keystone | 15:12 |
opendevmeet | Meeting started Wed Nov 20 15:12:21 2024 UTC and is due to finish in 60 minutes. The chair is d34dh0r53. Information about MeetBot at http://wiki.debian.org/MeetBot. | 15:12 |
opendevmeet | Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. | 15:12 |
opendevmeet | The meeting name has been set to 'keystone' | 15:12 |
d34dh0r53 | Reminder: This meeting takes place under the OpenInfra Foundation Code of Conduct | 15:12 |
d34dh0r53 | #link https://openinfra.dev/legal/code-of-conduct | 15:12 |
d34dh0r53 | #topic roll call | 15:12 |
d34dh0r53 | admiyo, bbobrov, crisloma, d34dh0r53, dpar, dstanek, hrybacki, lbragstad, lwanderley, kmalloc, rodrigods, samueldmq, ruan_he, wxy, sonuk, vishakha, Ajay, rafaelwe, xek, gmann, zaitcev, reqa, dmendiza[m], dmendiza, mharley, jph, gtema, cardoe | 15:12 |
gtema | o/ | 15:12 |
d34dh0r53 | my bad, fell into an internet hole | 15:13 |
gtema | I feel into the dependency hell | 15:14 |
gtema | feel | 15:14 |
gtema | * fell | 15:14 |
d34dh0r53 | #topic review past meeting work items | 15:15 |
d34dh0r53 | #link https://meetings.opendev.org/meetings/keystone/2024/keystone.2024-11-13-15.02.html | 15:15 |
d34dh0r53 | no action items from last week | 15:15 |
d34dh0r53 | #topic liaison updates | 15:15 |
d34dh0r53 | nothing from vmt or releases | 15:15 |
d34dh0r53 | I just approved the patch to move 2023.1 (Antelope) to unmaintained | 15:16 |
d34dh0r53 | next up | 15:16 |
dmendiza[m] | Does that mean the gates are off for antelope? | 15:17 |
dmendiza[m] | 🤔 | 15:17 |
d34dh0r53 | I don't think so | 15:18 |
dmendiza[m] | cool | 15:18 |
d34dh0r53 | hmm, now you have me wondering | 15:20 |
d34dh0r53 | well, I'll see if I can find that answer after the meeting | 15:21 |
d34dh0r53 | moving on | 15:21 |
d34dh0r53 | #topic specification OAuth 2.0 (hiromu) | 15:21 |
d34dh0r53 | #link https://review.opendev.org/q/topic:bp%252Foauth2-client-credentials-ext | 15:21 |
d34dh0r53 | #link https://review.opendev.org/q/topic:bp%252Fenhance-oauth2-interoperability | 15:21 |
d34dh0r53 | External OAuth 2.0 Specification | 15:21 |
d34dh0r53 | #link https://review.opendev.org/c/openstack/keystone-specs/+/861554 (merged) | 15:21 |
d34dh0r53 | OAuth 2.0 Implementation | 15:21 |
d34dh0r53 | #link https://review.opendev.org/q/topic:bp%252Fsupport-oauth2-mtls | 15:21 |
d34dh0r53 | OAuth 2.0 Documentation | 15:22 |
d34dh0r53 | #link https://review.opendev.org/c/openstack/keystone/+/838108 (merged) | 15:22 |
d34dh0r53 | #link https://review.opendev.org/c/openstack/keystoneauth/+/838104 (merged) | 15:22 |
d34dh0r53 | no updates from me on this, I probably need to rebase the last remaining patches | 15:22 |
d34dh0r53 | maybe on Friday | 15:22 |
d34dh0r53 | #topic specification Secure RBAC (dmendiza[m]) | 15:22 |
d34dh0r53 | #link https://governance.openstack.org/tc/goals/selected/consistent-and-secure-rbac.html#z-release-timeline_ | 15:23 |
dmendiza[m] | No updates this week.... | 15:23 |
d34dh0r53 | 2024.1 Release Timeline | 15:23 |
d34dh0r53 | Update oslo.policy in keystone to enforce_new_defaults=True | 15:23 |
d34dh0r53 | Update oslo.policy in keystone to enforce_scope=True | 15:23 |
d34dh0r53 | Ok, can we update that section to reflect 2025.1 work? | 15:23 |
d34dh0r53 | dmendiza: ? | 15:25 |
dmendiza[m] | Yeah, sure, I'll take a look at it after the meeting | 15:26 |
d34dh0r53 | Thanks! | 15:26 |
d34dh0r53 | #topic specification OpenAPI support (gtema) | 15:26 |
d34dh0r53 | #link https://review.opendev.org/q/topic:%22openapi%22+project:openstack/keystone | 15:26 |
d34dh0r53 | https://review.opendev.org/c/openstack/keystone/+/925020 could now also land to ease api-ref work | 15:26 |
gtema | no updates due to working on unblocking gate (https://review.opendev.org/c/openstack/keystone/+/935685) | 15:27 |
gtema | what worked on Monday does not work since yesterday | 15:27 |
gtema | and since it is anyway something what will need to be done anyway I decided to work on proper replacement rather then pinning fix | 15:28 |
d34dh0r53 | we have to update all of our graphs? | 15:28 |
gtema | yes, I did so | 15:28 |
gtema | manually reimplemented them. Sadly graphviz doesn't support sequence diagrams natively | 15:28 |
gtema | s/natively/nicely/ | 15:28 |
d34dh0r53 | ack, thank you for doing that | 15:29 |
d34dh0r53 | Grzegorz Grasza and dmendiza please take a look at https://review.opendev.org/c/openstack/keystone/+/935685 to unblock the gates | 15:30 |
d34dh0r53 | next up | 15:30 |
d34dh0r53 | #topic specification domain manager (mhen) | 15:30 |
d34dh0r53 | still unmerged are: | 15:30 |
d34dh0r53 | documentation: https://review.opendev.org/c/openstack/keystone/+/928135 | 15:30 |
d34dh0r53 | tempest tests: https://review.opendev.org/c/openstack/keystone-tempest-plugin/+/924222 | 15:30 |
d34dh0r53 | #topic specification Type annotations (stephenfin) | 15:33 |
d34dh0r53 | #link https://review.opendev.org/q/project:openstack/keystoneauth+topic:typing | 15:33 |
d34dh0r53 | This is just pending reviews now. I will push the remaining patches as soon as a sufficient quantity of the current ones land. | 15:33 |
d34dh0r53 | #link https://review.opendev.org/c/openstack/keystone/+/931959 - ruffing the keystone misses +W | 15:33 |
d34dh0r53 | ruffing has merged :) | 15:33 |
gtema | yes, I forgot to drop from agenda | 15:33 |
gtema | thnks | 15:33 |
gtema | all open typing patches finaly merged after tons of rechecks | 15:33 |
d34dh0r53 | sweet! | 15:34 |
gtema | stephen pushed few new changes, but we should update the release patch to bring those merged out into the wild for early testing | 15:34 |
d34dh0r53 | Yep, I'll update the SHA after this meeting | 15:35 |
gtema | cool | 15:35 |
d34dh0r53 | #action d34dh0r53 Update SHA in https://review.opendev.org/c/openstack/releases/+/934599 to HEAD of keystoneauth | 15:35 |
d34dh0r53 | next up | 15:36 |
d34dh0r53 | #topic specification Include bad password details in audit messages (stanislav-z) | 15:36 |
d34dh0r53 | #link https://review.opendev.org/c/openstack/keystone-specs/+/915482 | 15:36 |
d34dh0r53 | #link https://review.opendev.org/c/openstack/keystone/+/932423 | 15:36 |
d34dh0r53 | 20-Nov update: spec and implementation updated for HMAC-based hashing. Looking for reviews. | 15:36 |
* d34dh0r53 needs to look at those | 15:36 | |
* gtema will look once the world is not burning | 15:36 | |
stanislav-z | thanks! | 15:36 |
d34dh0r53 | #topic open discussion | 15:38 |
d34dh0r53 | pagination (gtema) | 15:38 |
d34dh0r53 | #link https://review.opendev.org/q/topic:%22pagination%22+project:openstack/keystone | 15:38 |
d34dh0r53 | it is bit more complex than I thought since all DB queries need to be executed with pagination while some internal calls right now expect to get ALL entries (i.e. list_domains/list_projects) | 15:38 |
gtema | after Friday I rebased on top of ruffing | 15:38 |
gtema | and found that broken gate stuff | 15:38 |
gtema | but anyway I thought about the feedback | 15:38 |
gtema | and decided not to log warning of using MAX | 15:38 |
gtema | because this is going to be very similar to what we erased lately | 15:39 |
gtema | exception logging on 404 | 15:39 |
gtema | it will be present very often without operator being able to do anything with it | 15:39 |
gtema | and the reason is that by default in the internal (non-api) invocation the limit can not be set by the caller | 15:39 |
gtema | so with that the change is still good for review | 15:41 |
d34dh0r53 | ack | 15:41 |
d34dh0r53 | that makes sense | 15:41 |
gtema | ignore the broken docs results now (this is the broken gate) | 15:41 |
d34dh0r53 | ok, I'll take a look | 15:41 |
gtema | thanks | 15:41 |
d34dh0r53 | np, anything else for open discussion? | 15:42 |
tkajinam | o/ | 15:42 |
tkajinam | let me bring quick one | 15:42 |
tkajinam | https://review.opendev.org/c/openstack/keystone-tempest-plugin/+/934272 | 15:42 |
tkajinam | stable/2023.1 is being transitioned to unmaintained/* so now most of devstack jobs in stable/2023.1 are broken | 15:43 |
tkajinam | so can we merge that change to drop 2023.1 job asap while the CI is under control ? | 15:43 |
tkajinam | there is also another change to add 2024.2 job which is missing so I hope we can merge it soon (after merging removal of 2023.1 job) https://review.opendev.org/c/openstack/keystone-tempest-plugin/+/930821 | 15:44 |
tkajinam | that's it | 15:44 |
d34dh0r53 | dmendiza: there's your answer :) | 15:44 |
d34dh0r53 | Ok, thanks tkajinam ! | 15:45 |
d34dh0r53 | #topic bug review | 15:47 |
d34dh0r53 | #link https://bugs.launchpad.net/keystone/?orderby=-id&start=0 | 15:47 |
d34dh0r53 | we have a couple of new bugs for keystone | 15:47 |
d34dh0r53 | https://bugs.launchpad.net/keystone/+bug/2089051 | 15:47 |
d34dh0r53 | #link https://bugs.launchpad.net/keystone/+bug/2089051 | 15:47 |
d34dh0r53 | looks like this is being fixed with a requirements change | 15:47 |
d34dh0r53 | sorry, that's the other one, but this one is in progress as well | 15:48 |
tkajinam | no that needs code update | 15:48 |
tkajinam | https://review.opendev.org/c/openstack/keystone/+/935689 | 15:48 |
tkajinam | which is pending on broken doc job now | 15:48 |
gtema | eh, we should proceed with openapi since that updates all jsonschemas | 15:48 |
d34dh0r53 | ack | 15:49 |
tkajinam | yeah ideally though we may want a quick fix. | 15:49 |
tkajinam | I'll recheck/rebase it once the doc fix is merged | 15:49 |
gtema | absolutely | 15:49 |
tkajinam | the same affects a few other projects, as is seen in the bug | 15:49 |
tkajinam | just fyi | 15:49 |
tkajinam | I think I pushed fixes to all of these | 15:50 |
d34dh0r53 | Thank you tkajinam ping us if you need reviews | 15:51 |
d34dh0r53 | next up | 15:51 |
tkajinam | will do ! | 15:51 |
d34dh0r53 | #link https://bugs.launchpad.net/keystone/+bug/2088355 | 15:51 |
d34dh0r53 | this one looks like it's fixed in releases | 15:51 |
d34dh0r53 | err requirements | 15:51 |
gtema | there are lots of awkward failures on noble caused by defaulting on py312 | 15:52 |
gtema | and pbr is still not supporting that properly (depending on how you use it) | 15:53 |
gtema | which is precisely the case of the openstackdocstheme. We discussed this yesterday in TC meeting long | 15:54 |
gtema | so switching of openstack-tox-docs job to noble will be put on hold until a fix lands in pbr | 15:54 |
gtema | this is the dependency hell I meant in the beginning of the meeting | 15:55 |
d34dh0r53 | ahh, now I understand | 15:55 |
gtema | basically "import openstackdocstheme" under py312 doesn't work now | 15:55 |
d34dh0r53 | wow | 15:57 |
d34dh0r53 | #link https://bugs.launchpad.net/python-keystoneclient/?orderby=-id&start=0 | 15:57 |
d34dh0r53 | no new bugs in python-keystoneclient | 15:57 |
d34dh0r53 | #link https://bugs.launchpad.net/keystoneauth/+bugs?orderby=-id&start=0 | 15:57 |
d34dh0r53 | keystoneauth is good | 15:57 |
d34dh0r53 | #link https://bugs.launchpad.net/keystonemiddleware/+bugs?orderby=-id&start=0 | 15:57 |
d34dh0r53 | nothing new in keystonemiddleware | 15:58 |
d34dh0r53 | #link https://bugs.launchpad.net/pycadf/+bugs?orderby=-id&start=0 | 15:58 |
d34dh0r53 | pycadf is clean | 15:58 |
d34dh0r53 | #link https://bugs.launchpad.net/ldappool/+bugs?orderby=-id&start=0 | 15:58 |
d34dh0r53 | no new bugs in ldappool | 15:58 |
d34dh0r53 | #topic conclusion | 15:58 |
d34dh0r53 | nothing from me, thanks for everything! | 15:58 |
d34dh0r53 | apologies again for the late start :/ | 15:59 |
d34dh0r53 | #endmeeting | 15:59 |
opendevmeet | Meeting ended Wed Nov 20 15:59:20 2024 UTC. Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4) | 15:59 |
opendevmeet | Minutes: https://meetings.opendev.org/meetings/keystone/2024/keystone.2024-11-20-15.12.html | 15:59 |
opendevmeet | Minutes (text): https://meetings.opendev.org/meetings/keystone/2024/keystone.2024-11-20-15.12.txt | 15:59 |
opendevmeet | Log: https://meetings.opendev.org/meetings/keystone/2024/keystone.2024-11-20-15.12.log.html | 15:59 |
d34dh0r53 | gtema (Artem Goncharov): https://review.opendev.org/c/openstack/releases/+/934599 has been updated | 16:03 |
gtema | yes, I just got email :) | 16:03 |
gtema | thks | 16:03 |
opendevreview | Merged openstack/keystone master: Replace sphinxcontrib-*diag https://review.opendev.org/c/openstack/keystone/+/935685 | 22:02 |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!