Wednesday, 2024-11-20

opendevreviewTakashi Kajinami proposed openstack/keystone master: Replace deprecated FormatChecker.cls_checks  https://review.opendev.org/c/openstack/keystone/+/93568901:32
opendevreviewTakashi Kajinami proposed openstack/keystone master: Replace deprecated FormatChecker.cls_checks  https://review.opendev.org/c/openstack/keystone/+/93568901:35
opendevreviewTakashi Kajinami proposed openstack/keystone master: Replace deprecated FormatChecker.cls_checks  https://review.opendev.org/c/openstack/keystone/+/93568902:08
opendevreviewTakashi Kajinami proposed openstack/keystone master: Replace deprecated FormatChecker.cls_checks  https://review.opendev.org/c/openstack/keystone/+/93568902:13
*** mhen_ is now known as mhen02:27
*** __ministry is now known as Guest24304:26
*** __ministry is now known as Guest25306:54
*** tv1 is now known as Kvisle08:11
opendevreviewStephen Finucane proposed openstack/keystoneauth master: typing: Simplify some types, other TODOs  https://review.opendev.org/c/openstack/keystoneauth/+/93576411:34
opendevreviewStephen Finucane proposed openstack/keystoneauth master: typing: Remove unused AuthMethod.get_auth_data arguments  https://review.opendev.org/c/openstack/keystoneauth/+/93576511:34
opendevreviewStephen Finucane proposed openstack/keystoneauth master: typing: Remove unused BaseAuthPlugin.get_auth_ref kwargs  https://review.opendev.org/c/openstack/keystoneauth/+/93576611:34
opendevreviewStephen Finucane proposed openstack/keystoneauth master: typing: Remove unused _Rescoped.get_unscoped_auth_ref kwargs  https://review.opendev.org/c/openstack/keystoneauth/+/93576711:34
opendevreviewStephen Finucane proposed openstack/keystoneauth master: typing: Remove unused BaseAuthPlugin.get_headers kwargs  https://review.opendev.org/c/openstack/keystoneauth/+/93576811:34
opendevreviewStephen Finucane proposed openstack/keystoneauth master: typing: Remove unused BaseAuthPlugin.get_token kwargs  https://review.opendev.org/c/openstack/keystoneauth/+/93576911:34
opendevreviewStephen Finucane proposed openstack/keystoneauth master: WIP: typing: Deprecate use of AuthConstructor  https://review.opendev.org/c/openstack/keystoneauth/+/93577011:34
opendevreviewStephen Finucane proposed openstack/keystoneauth master: WIP: typing: Removing remaining used kwargs  https://review.opendev.org/c/openstack/keystoneauth/+/93577111:34
opendevreviewStephen Finucane proposed openstack/keystoneauth master: loading.opts: Add 'argparse_envvars' helper  https://review.opendev.org/c/openstack/keystoneauth/+/93311011:38
opendevreviewStephen Finucane proposed openstack/keystoneauth master: doc: Fix indentation  https://review.opendev.org/c/openstack/keystoneauth/+/93311111:38
opendevreviewStephen Finucane proposed openstack/keystoneauth master: docs: Rework plugin-options doc  https://review.opendev.org/c/openstack/keystoneauth/+/93311211:38
opendevreviewStephen Finucane proposed openstack/keystoneauth master: loading: Add blurb for most plugins  https://review.opendev.org/c/openstack/keystoneauth/+/93311311:38
opendevreviewStephen Finucane proposed openstack/keystoneauth master: docs: Document CLI options, envvars  https://review.opendev.org/c/openstack/keystoneauth/+/93311411:38
opendevreviewStephen Finucane proposed openstack/keystoneauth master: Fix misuse of assertTrue  https://review.opendev.org/c/openstack/keystoneauth/+/93577712:18
elodillesd34dh0r53: hi, could you please review this transition to unmaintained patch? https://review.opendev.org/c/openstack/releases/+/93449113:20
dmendiza[m]🙋‍♂️15:00
gtemawow, even before Dave?15:00
xeko/15:04
gtemao/ but is meeting started?15:04
* xek just saying hi :)15:05
gtemaah nice15:05
gtemapinging Dave Wilde (d34dh0r53) 15:05
gtemaguys, since you are here and the meeting has not started yet: https://review.opendev.org/c/openstack/keystone/+/935685 - this unblocks our gates15:07
d34dh0r53sorry15:12
d34dh0r53#startmeeting keystone15:12
opendevmeetMeeting started Wed Nov 20 15:12:21 2024 UTC and is due to finish in 60 minutes.  The chair is d34dh0r53. Information about MeetBot at http://wiki.debian.org/MeetBot.15:12
opendevmeetUseful Commands: #action #agreed #help #info #idea #link #topic #startvote.15:12
opendevmeetThe meeting name has been set to 'keystone'15:12
d34dh0r53Reminder: This meeting takes place under the OpenInfra Foundation Code of Conduct15:12
d34dh0r53#link https://openinfra.dev/legal/code-of-conduct15:12
d34dh0r53#topic roll call15:12
d34dh0r53admiyo, bbobrov, crisloma, d34dh0r53, dpar, dstanek, hrybacki, lbragstad, lwanderley, kmalloc, rodrigods, samueldmq, ruan_he, wxy, sonuk, vishakha, Ajay, rafaelwe, xek, gmann, zaitcev, reqa, dmendiza[m], dmendiza, mharley, jph, gtema, cardoe15:12
gtemao/15:12
d34dh0r53my bad, fell into an internet hole15:13
gtemaI feel into the dependency hell15:14
gtemafeel15:14
gtema * fell15:14
d34dh0r53#topic review past meeting work items15:15
d34dh0r53#link https://meetings.opendev.org/meetings/keystone/2024/keystone.2024-11-13-15.02.html15:15
d34dh0r53no action items from last week15:15
d34dh0r53#topic liaison updates15:15
d34dh0r53nothing from vmt or releases15:15
d34dh0r53I just approved the patch to move 2023.1 (Antelope) to unmaintained15:16
d34dh0r53next up15:16
dmendiza[m]Does that mean the gates are off for antelope?15:17
dmendiza[m]🤔15:17
d34dh0r53I don't think so15:18
dmendiza[m]cool15:18
d34dh0r53hmm, now you have me wondering15:20
d34dh0r53well, I'll see if I can find that answer after the meeting15:21
d34dh0r53moving on15:21
d34dh0r53#topic specification OAuth 2.0 (hiromu)15:21
d34dh0r53#link https://review.opendev.org/q/topic:bp%252Foauth2-client-credentials-ext15:21
d34dh0r53#link https://review.opendev.org/q/topic:bp%252Fenhance-oauth2-interoperability15:21
d34dh0r53External OAuth 2.0 Specification15:21
d34dh0r53#link https://review.opendev.org/c/openstack/keystone-specs/+/861554 (merged)15:21
d34dh0r53OAuth 2.0 Implementation15:21
d34dh0r53#link https://review.opendev.org/q/topic:bp%252Fsupport-oauth2-mtls15:21
d34dh0r53OAuth 2.0 Documentation15:22
d34dh0r53#link https://review.opendev.org/c/openstack/keystone/+/838108 (merged)15:22
d34dh0r53#link https://review.opendev.org/c/openstack/keystoneauth/+/838104 (merged)15:22
d34dh0r53no updates from me on this, I probably need to rebase the last remaining patches15:22
d34dh0r53maybe on Friday15:22
d34dh0r53#topic specification Secure RBAC (dmendiza[m])15:22
d34dh0r53#link https://governance.openstack.org/tc/goals/selected/consistent-and-secure-rbac.html#z-release-timeline_15:23
dmendiza[m]No updates this week....15:23
d34dh0r532024.1 Release Timeline15:23
d34dh0r53Update oslo.policy in keystone to enforce_new_defaults=True15:23
d34dh0r53Update oslo.policy in keystone to enforce_scope=True15:23
d34dh0r53Ok, can we update that section to reflect 2025.1 work?15:23
d34dh0r53dmendiza: ?15:25
dmendiza[m]Yeah, sure, I'll take a look at it after the meeting15:26
d34dh0r53Thanks!15:26
d34dh0r53#topic specification OpenAPI support (gtema)15:26
d34dh0r53#link https://review.opendev.org/q/topic:%22openapi%22+project:openstack/keystone15:26
d34dh0r53https://review.opendev.org/c/openstack/keystone/+/925020 could now also land to ease api-ref work15:26
gtemano updates due to working on unblocking gate (https://review.opendev.org/c/openstack/keystone/+/935685)15:27
gtemawhat worked on Monday does not work since yesterday15:27
gtemaand since it is anyway something what will need to be done anyway I decided to work on proper replacement rather then pinning fix15:28
d34dh0r53we have to update all of our graphs?15:28
gtemayes, I did so15:28
gtemamanually reimplemented them. Sadly graphviz doesn't support sequence diagrams natively15:28
gtemas/natively/nicely/15:28
d34dh0r53ack, thank you for doing that15:29
d34dh0r53Grzegorz Grasza and dmendiza please take a look at https://review.opendev.org/c/openstack/keystone/+/935685 to unblock the gates15:30
d34dh0r53next up15:30
d34dh0r53#topic specification domain manager (mhen)15:30
d34dh0r53still unmerged are:15:30
d34dh0r53documentation: https://review.opendev.org/c/openstack/keystone/+/92813515:30
d34dh0r53tempest tests: https://review.opendev.org/c/openstack/keystone-tempest-plugin/+/92422215:30
d34dh0r53#topic specification Type annotations (stephenfin)15:33
d34dh0r53#link https://review.opendev.org/q/project:openstack/keystoneauth+topic:typing15:33
d34dh0r53This is just pending reviews now. I will push the remaining patches as soon as a sufficient quantity of the current ones land.15:33
d34dh0r53#link https://review.opendev.org/c/openstack/keystone/+/931959 - ruffing the keystone misses +W15:33
d34dh0r53ruffing has merged :)15:33
gtemayes, I forgot to drop from agenda15:33
gtemathnks15:33
gtemaall open typing patches finaly merged after tons of rechecks15:33
d34dh0r53sweet!15:34
gtemastephen pushed few new changes, but we should update the release patch to bring those merged out into the wild for early testing15:34
d34dh0r53Yep, I'll update the SHA after this meeting15:35
gtemacool15:35
d34dh0r53#action d34dh0r53 Update SHA in https://review.opendev.org/c/openstack/releases/+/934599 to HEAD of keystoneauth15:35
d34dh0r53next up15:36
d34dh0r53#topic specification Include bad password details in audit messages (stanislav-z)15:36
d34dh0r53#link https://review.opendev.org/c/openstack/keystone-specs/+/91548215:36
d34dh0r53#link https://review.opendev.org/c/openstack/keystone/+/93242315:36
d34dh0r5320-Nov update: spec and implementation updated for HMAC-based hashing. Looking for reviews.15:36
* d34dh0r53 needs to look at those15:36
* gtema will look once the world is not burning 15:36
stanislav-zthanks!15:36
d34dh0r53#topic open discussion15:38
d34dh0r53pagination (gtema)15:38
d34dh0r53#link https://review.opendev.org/q/topic:%22pagination%22+project:openstack/keystone15:38
d34dh0r53it is bit more complex than I thought since all DB queries need to be executed with pagination while some internal calls right now expect to get ALL entries (i.e. list_domains/list_projects) 15:38
gtemaafter Friday I rebased on top of ruffing15:38
gtemaand found that broken gate stuff15:38
gtemabut anyway I thought about the feedback15:38
gtemaand decided not to log warning of using MAX15:38
gtemabecause this is going to be very similar to what we erased lately15:39
gtemaexception logging on 40415:39
gtemait will be present very often without operator being able to do anything with it15:39
gtemaand the reason is that by default in the internal (non-api) invocation the limit can not be set by the caller15:39
gtemaso with that the change is still good for review15:41
d34dh0r53ack15:41
d34dh0r53that makes sense15:41
gtemaignore the broken docs results now (this is the broken gate)15:41
d34dh0r53ok, I'll take a look15:41
gtemathanks15:41
d34dh0r53np, anything else for open discussion?15:42
tkajinamo/15:42
tkajinamlet me bring quick one15:42
tkajinamhttps://review.opendev.org/c/openstack/keystone-tempest-plugin/+/93427215:42
tkajinamstable/2023.1 is being transitioned to unmaintained/* so now most of devstack jobs in stable/2023.1 are broken15:43
tkajinamso can we merge that change to drop 2023.1 job asap while the CI is under control ?15:43
tkajinamthere is also another change to add 2024.2 job which is missing so I hope we can merge it soon (after merging removal of 2023.1 job) https://review.opendev.org/c/openstack/keystone-tempest-plugin/+/93082115:44
tkajinamthat's it15:44
d34dh0r53dmendiza: there's your answer :)15:44
d34dh0r53Ok, thanks tkajinam !15:45
d34dh0r53#topic bug review15:47
d34dh0r53#link https://bugs.launchpad.net/keystone/?orderby=-id&start=015:47
d34dh0r53we have a couple of new bugs for keystone15:47
d34dh0r53https://bugs.launchpad.net/keystone/+bug/208905115:47
d34dh0r53#link https://bugs.launchpad.net/keystone/+bug/208905115:47
d34dh0r53looks like this is being fixed with a requirements change15:47
d34dh0r53sorry, that's the other one, but this one is in progress as well15:48
tkajinamno that needs code update15:48
tkajinamhttps://review.opendev.org/c/openstack/keystone/+/93568915:48
tkajinamwhich is pending on broken doc job now15:48
gtemaeh, we should proceed with openapi since that updates all jsonschemas15:48
d34dh0r53ack15:49
tkajinamyeah ideally though we may want a quick fix.15:49
tkajinamI'll recheck/rebase it once the doc fix is merged15:49
gtemaabsolutely15:49
tkajinamthe same affects a few other projects, as is seen in the bug15:49
tkajinamjust fyi15:49
tkajinamI think I pushed fixes to all of these15:50
d34dh0r53Thank you tkajinam ping us if you need reviews15:51
d34dh0r53next up15:51
tkajinamwill do !15:51
d34dh0r53#link https://bugs.launchpad.net/keystone/+bug/208835515:51
d34dh0r53this one looks like it's fixed in releases15:51
d34dh0r53err requirements15:51
gtemathere are lots of awkward failures on noble caused by defaulting on py312 15:52
gtemaand pbr is still not supporting that properly (depending on how you use it)15:53
gtemawhich is precisely the case of the openstackdocstheme. We discussed this yesterday in TC meeting long15:54
gtemaso switching of openstack-tox-docs job to noble will be put on hold until a fix lands in pbr15:54
gtemathis is the dependency hell I meant in the beginning of the meeting15:55
d34dh0r53ahh, now I understand15:55
gtemabasically "import openstackdocstheme" under py312 doesn't work now15:55
d34dh0r53wow15:57
d34dh0r53#link https://bugs.launchpad.net/python-keystoneclient/?orderby=-id&start=015:57
d34dh0r53no new bugs in python-keystoneclient15:57
d34dh0r53#link https://bugs.launchpad.net/keystoneauth/+bugs?orderby=-id&start=015:57
d34dh0r53keystoneauth is good15:57
d34dh0r53#link https://bugs.launchpad.net/keystonemiddleware/+bugs?orderby=-id&start=015:57
d34dh0r53nothing new in keystonemiddleware15:58
d34dh0r53#link https://bugs.launchpad.net/pycadf/+bugs?orderby=-id&start=015:58
d34dh0r53pycadf is clean15:58
d34dh0r53#link https://bugs.launchpad.net/ldappool/+bugs?orderby=-id&start=015:58
d34dh0r53no new bugs in ldappool15:58
d34dh0r53#topic conclusion15:58
d34dh0r53nothing from me, thanks for everything!15:58
d34dh0r53apologies again for the late start :/15:59
d34dh0r53#endmeeting15:59
opendevmeetMeeting ended Wed Nov 20 15:59:20 2024 UTC.  Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)15:59
opendevmeetMinutes:        https://meetings.opendev.org/meetings/keystone/2024/keystone.2024-11-20-15.12.html15:59
opendevmeetMinutes (text): https://meetings.opendev.org/meetings/keystone/2024/keystone.2024-11-20-15.12.txt15:59
opendevmeetLog:            https://meetings.opendev.org/meetings/keystone/2024/keystone.2024-11-20-15.12.log.html15:59
d34dh0r53gtema (Artem Goncharov): https://review.opendev.org/c/openstack/releases/+/934599 has been updated16:03
gtemayes, I just got email :)16:03
gtemathks16:03
opendevreviewMerged openstack/keystone master: Replace sphinxcontrib-*diag  https://review.opendev.org/c/openstack/keystone/+/93568522:02

Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!